docs(proposal): decoupling app sync from control plane user w/ impersonation #14255
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #14255 +/- ##
==========================================
- Coverage 49.26% 49.25% -0.02%
==========================================
Files 274 274
Lines 48158 48170 +12
==========================================
- Hits 23727 23724 -3
- Misses 22085 22099 +14
- Partials 2346 2347 +1 ☔ View full report in Codecov by Sentry. |
anandf
force-pushed
the
proposal_app_sync_impersonation
branch
2 times, most recently
from
c21ab55 to
3670f94
Compare
| - '*' | ||
| destinations: | ||
| - namespace: guestbook | ||
| server: https://kubernetes.default.svc |
There was a problem hiding this comment.
Could we not have the defaultServiceAccountName in the destinations list instead? Then we'd have the possibility of doing something like below:
destinations:
- namespace: guestbook
server: https://kubernetes.default.svc
defaultServiceAccountName: foo
- namespace: guestbook-2
server: https://kubernetes.default.svc
defaultServiceAccountName: bar
- namespace: other-namespaces*
server: https://kubernetes.default.svc
defaultServiceAccountName: batThere was a problem hiding this comment.
With this there shouldn't be a need to allow users to set serviceAccountName directly in the Application CRD. This would mean that this can be more tightly controlled by the Argo CD admins.
There was a problem hiding this comment.
This could perhaps be extended by adding allowedServiceAccounts, so that a destinations block could look as below:
destinations:
- namespace: guestbook
server: https://kubernetes.default.svc
defaultServiceAccountName: foo
allowedServiceAccounts:
- foo
- bar
- bat
- namespace: guestbook-2
server: https://kubernetes.default.svc
defaultServiceAccountName: bar
allowedServiceAccounts:
- foo
- bar
- bat
- namespace: other-namespaces*
server: https://kubernetes.default.svc
defaultServiceAccountName: bat
allowedServiceAccounts:
- foo
- bar
- batThere was a problem hiding this comment.
Thanks @blakepettersson for all your review comments and the doc fixes (which I missed) :-)
We too, had similar internal discussions of restricting the service account config only at the AppProject. Allowing it at the Application level was to give more flexibility to users to handle scenarios where there is a need to have 1 service account per Application. But, since we need to restrict the service account specified in the Application, it probably makes sense to have all the control in the AppProject itself. I like the idea of having it part of the destinations array as it allows us to specify 1 per destination target. Let me see what others think about this approach and then make the change in the proposal.
| - '*' | ||
| destinations: | ||
| - namespace: guestbook | ||
| server: https://kubernetes.default.svc |
There was a problem hiding this comment.
With this there shouldn't be a need to allow users to set serviceAccountName directly in the Application CRD. This would mean that this can be more tightly controlled by the Argo CD admins.
This was referenced Jun 30, 2023
|
@anandf the proposal as it stands is 👨🍳 💋, LGTM! Could you remove the |
anandf
force-pushed
the
proposal_app_sync_impersonation
branch
from
c40369f to
ed0706f
Compare
crenshaw-dev
requested changes
Aug 2, 2023
There was a problem hiding this comment.
Thanks for the proposal, @gpaul! Most of my questions are just asking for clarification.
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
| - Update the User Guide and other documentation where the CLI option usages are explained. | ||
|
|
||
|
|
||
| ### Detailed examples |
There was a problem hiding this comment.
I think it would be helpful to add a "how-to" example. Basically a step-by-step guide for a user to take advantage of this hypothetical feature. e.g.
- Create an AppProject for team A
- Add a destination for team A's cluster, https://team-a.kubernetes.svc
- Add a serviceAccountName
team-a-service-accountto the destination - Create a cluster config that looks like X and do Y to allow that cluster config to impersonate
team-a-service-accounton the destination cluster - etc...
I'm not super familiar with the mechanics of impersonation, so the more detailed drill-down will help me imagine exactly how this feature will work.
There was a problem hiding this comment.
Also, how would the service account itself be managed? I suspect there'll need to be an impersonation opt-out (something like an annotation on the relevant manifest itself perhaps?), otherwise the service account would not be able to be managed in a Gitops-manner.
There was a problem hiding this comment.
Have added details on how to install argocd, setting up the feature flag for enabling this feature, create separate namespace, service account and rbac policies for trying out this feature. Let me know
There was a problem hiding this comment.
@blakepettersson The namespace, serviceaccount, and the related RBAC policies would be created separately as part of the tenant provisioning process is what I am thinking.
| destinations: | ||
| - namespace: * | ||
| server: https://kubernetes.default.svc | ||
| serviceAccountName: generic-deployer |
There was a problem hiding this comment.
One question that just came to me is what happens if there are multiple potential matches, i.e there are several potential serviceaccounts that gets returned? Does the first match win, or should this be an error?
There was a problem hiding this comment.
The one with the closest match should be used. If there is an exact match of namespace and server, then that must be given the highest priority. The section matching with wildcard charcter * must have the lowest priority.
There was a problem hiding this comment.
How should negated destinations be ranked? For example if we have a destination looking like
destinations:
- namespace: !something*
server: !https://kubernetes.default.svc
serviceAccountName: generic-deployer
- namespace: not-something
server: https://server-1
serviceAccountName: some-other-deployer
How should that be ranked?
There was a problem hiding this comment.
I am not sure how we should handle negative matches. Can that be prioritized the least ? or is it better to keep it simple and throw an error if there are multiple matches ?
There was a problem hiding this comment.
IMO I think it's better to keep it simple and throw an error on multiple matches, WDYT @crenshaw-dev?
There was a problem hiding this comment.
Keeping the logic to throw error if there are multiple matches either through regex or an exact match of the destination.
There was a problem hiding this comment.
I think it might actually be kinda weird to have the destinations field serve two purposes: allowing/denying clusters/namespaces and also associating service account names with clusters.
What if we just add a new field called clusterServiceAccounts?
clusterServiceAccounts:
- server: https://kubernetes.default.svc # ! negation is not allowed here
serviceAccountName: in-cluster
- server: * # Fallback, first match wins
serviceAccountName: argocd-default-saI don't wanna overload the destinations field with too much functionality. Causes confusion.
anandf
force-pushed
the
proposal_app_sync_impersonation
branch
from
77060c2 to
c73a4e7
Compare
anandf
commented
Aug 25, 2023
| - Update the User Guide and other documentation where the CLI option usages are explained. | ||
|
|
||
|
|
||
| ### Detailed examples |
There was a problem hiding this comment.
Have added details on how to install argocd, setting up the feature flag for enabling this feature, create separate namespace, service account and rbac policies for trying out this feature. Let me know
| - Update the User Guide and other documentation where the CLI option usages are explained. | ||
|
|
||
|
|
||
| ### Detailed examples |
There was a problem hiding this comment.
@blakepettersson The namespace, serviceaccount, and the related RBAC policies would be created separately as part of the tenant provisioning process is what I am thinking.
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
|
A question on the proposal, how would this help with fixing issues like #15027, #10897, #9606 and #9515. I see this proposal being mentioned as the fix, but I can't figure out how as all examples point to ArgoCD managing the same cluster where it is also deployed and not remote clusters. I think #12755 goes into a better direction to fix the mentioned issues, as long as Argo can differentiate clusters with the same cluster url. Isn't it also assuming that ArgoCD will have the permission to impersonate all the needed service accounts which might be difficult in multi-tenant clusters where the cluster is managed by a team different than the team managing ArgoCD. The examples in the docs do not really setup the permissions, so am I missing something here? Don't you have to grant the |
I see the issues #15027, #10897, #9606 and #9515 are all about managing multiple cluster URLs with different namespace. Probably one namespace per tenant and each tenant having its own set of cluster secrets. Though this proposal might not directly address, it might help to remove the need for adding multiple cluster secrets per namespace. You can login to the remote cluster as |
That is exactly the problem in our case and I assume for a lot of other people judging by the feedback on the linked issues. I do not own the multi-tenant cluster, so I am not able to get a cluster-admin service account to setup in Argo. Tenants get a service account that has privileges in their own namespace only. Due to this, I don't see this proposal as a solution for that particular issue at least. The proposal in #12755 (or similar) should still be implemented as that allows for least-privilege principle to be implemented in an easy way. Impersonation can still be used as needed, whether with a cluster-admin SA or a namespace SA. |
akram
reviewed
Sep 11, 2023
| ## Proposal | ||
|
|
||
| Enable ArgoCD Admin to specify a `serviceAccountName` in `AppProjects` CR on a per `destination` basis. | ||
| When applications gets synced, based on its destination, the `serviceAccountName` configured in the `AppProject` will be chosen and used for impersonation when executing the kubectl apply/create commands. There could either be a regex based match of the destination or an exact match of the destination. If there are multiple possible options, then an error would be thrown during the sync operation. |
There was a problem hiding this comment.
As this may be quite complex to comprehend and to implement, and it may degrade user experience, should we really allow regex for destination?
Instead, can it be thought to have an annotation on the destination?
There was a problem hiding this comment.
If we are going to throw an error upon multiple matches, would it make more sense to make it exact match for destination instead of regex?
There was a problem hiding this comment.
The idea to support regex was to allow some kind of convention, where a standard service account name is used for all the deployments. In that case, users can configure same service account for all destinations and then ensure that the service account is created for each namespace. For instance use the service account name argocd-deployer for all namespaces for all clusters. Also regex is already supported for namespace field.
There was a problem hiding this comment.
That makes sense. Can we consider the first matching destination only and ignore the rest instead of throwing an error?
There was a problem hiding this comment.
If there is a glob pattern match and an exact match, we can give priority to the exact match and not throw any error. But if there are multiple glob pattern matches or multiple exact matches, its better to throw an error and make sure that the admin user corrects the configuration. wdyt ?
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
|
|
||
| #### Component: ArgoCD Application Controller | ||
|
|
||
| - Provide a configuration in argocd-cm which can be modified to enable the Impersonation feature. Set `applicationcontroller.enable.impersonation: true` in the Argo CD ConfigMap. |
There was a problem hiding this comment.
can we detail here how to get the legacy behaviour or an equivalent of it?
And what is or will be the default behaviour? The one with impersonation or without?
There was a problem hiding this comment.
Impersonation would be disabled by default. Users have to opt-in by explicitly enabling this feature. I will add the default behaviour in this statement for better clarity.
docs/proposals/decouple-application-sync-user-using-impersonation
Outdated
Show resolved
Hide resolved
| ``` | ||
| kubectl ctx remote-cluster | ||
| kubectl create serviceaccount argocd-admin | ||
| kubectl create clusterrole argocd-admin-role --verb=impersonate --resource="users,groups" |
There was a problem hiding this comment.
ok, that was something like this that I was mentioning previously. Is it required for the previous examples as well? isn'it?
There was a problem hiding this comment.
When you add a cluster using argocd cluster add without providing any specific service account, ArgoCD creates a service account argocd-manager, ClusterRole called argocd-manager-role with cluster-admin level of access and binds it using a ClusterRoleBinding named argocd-manager-role-binding. That is why it was not required in the previous example.
| ## Proposal | ||
|
|
||
| Enable ArgoCD Admin to specify a `serviceAccountName` in `AppProjects` CR on a per `destination` basis. | ||
| When applications gets synced, based on its destination, the `serviceAccountName` configured in the `AppProject` will be chosen and used for impersonation when executing the kubectl apply/create commands. There could either be a regex based match of the destination or an exact match of the destination. If there are multiple possible options, then an error would be thrown during the sync operation. |
There was a problem hiding this comment.
If we are going to throw an error upon multiple matches, would it make more sense to make it exact match for destination instead of regex?
| serviceAccountName: guestbook-deployer | ||
| ``` | ||
|
|
||
| #### Example 4: Remote destination with cluster-admin access and using different service account for the sync operation |
There was a problem hiding this comment.
This seems to be same as example 3. Can you be more explicit about the difference in both the examples?
There was a problem hiding this comment.
I have modified the title. Copy-Paste error. Example 4 is where the default service account argocd-manager is not created on the remote cluster and instead, only a restrictive service account is provided.
anandf
force-pushed
the
proposal_app_sync_impersonation
branch
from
9ec64f3 to
5880d07
Compare
reegnz
reviewed
Sep 20, 2023
| serviceAccountName: guestbook-dev-deployer | ||
| - namespace: guestbook-stage | ||
| server: https://kubernetes.default.svc | ||
| serviceAccountName: guestbook-stage-deployer |
There was a problem hiding this comment.
Additionally supporting full principal name would be preferable, eg. system:serviceaccount:guestbook-stage:guestbook-stage-deployer, eg whatever you would pass on to in the --as flag.
This allows easier understanding of what flag it gets translated to.
Also supports use-cases when you want to put the deployer service accounts in a separate namespace, not the same namespace that you're targeting.
Eg. SA is in 'deployer' namespace, but targeting 'guestbook-stage'.
There was a problem hiding this comment.
We want to restrict users from being able to use service account from a different namespace. This is also the convention followed even for pods where you can just specify the serviceAccountName and it will be looked up in the pod's namespace.
There was a problem hiding this comment.
If you go for the pod serviceAccountName analogy then approject should only use SA from the same namespace and use the serviceAccountName field name.
The proposal however seems to follow semantics that are much closer to role binding semantics, which allows for what I described.
Also a single service account could be used to deploy across namespaces, and the cross namespace permissions are more natural to represent in RBAC.
But the proposal currently forces the use of switching between multiple service accounts if an app targets multiple namespaces, and thereby the cross namespace role binding aspect of RBAC is not utilized, instead it bleeds into the spec and the argocd implementation, and argocd has to implement conscious selection of SA per namespace during the sync of a single app.
If you leave that to RBAC (eg single SA, role bindings to that SA per Target namespace) then the implementation becomes trivial as it only requires a single impersonate API call with no additional logic to determine when to switch SA-s within an application sync.
Just using a single impersonation seems less hassle to implement as it delegates these concerns completely to RBAC for the entire sync operation.
There was a problem hiding this comment.
Some other problems I'm finding:
- how does the audit trail in the k8s audit logs look like if a single application deployment touching multiple namespaces is switching between multiple SA-s? IMHO that would be somewhat chaotic.
- how do you control deploying cluster-scoped resources?
From an audit-trail story IMHO it would be a cleaner story if the approject has a clean audit-identity by a 1:1 mapping of AppProject to ServiceAccount (or even better would be App to ServiceAccount).
There was a problem hiding this comment.
Created an example so its clear what particular deployment model I'm talking about:
https://gist.github.com/reegnz/e83a5958be0d92698061c318f893120e
You have some helm chart, that deploys into one or more namespaces, plus it also deploys cluster-scoped resources.
From an audit perspective you likely don't want the deployment of this particular application to be split between multiple principals. Also you want it to be able to deploy clusterscoped resources and control which clusterscoped resources the app is allowed to deploy.
This kind of deployment works today with flux helm controller where you can define a single SA for an individual helm chart to control what service account it can use to deploy, and the semantics of serviceAccountName pick up the SA from the same namespace as the CRD is defined in.
There was a problem hiding this comment.
I guess with this proposal the granularity I'm looking for is likely achieved with a 1:1 mapping of AppProject to App for most use-cases. Except that I'm tied to placing the SA into the target namespace if I'm just targeting one namespace.
However it would still be preferable to not assume the deployer SA is in the same namespace as the application, just as we don't assume the AppProject has to reside in the same namespace.
Ideally deployer SA should be allowed to live next to the AppProject IMHO. Otherwise I feel like RedHat Openshift-like opinionated SA structures start leaking into ArgoCD (which I assume where the proposal assumptions on SA placement is coming from).
One use-case of mine is where I create namespaces from an argocd app, and the same app is deploying quotas limitranges and serviceaccounts into all of the newly created namespaces.
To achieve that use-case I'd need something that doesn't assume which namespace the SA lives in.
tl;dr - the audit-trail for multi-namespace deployments is still highly problematic IMHO, also tying to the target namespace doesn't make sense if there is no target namespace (eg. when bootstrapping namespaces). IMHO if you'd allow for a 'default' serviceAccountName for resources that don't match any of the other configured namespace rules I'd be good.
eg.
defaultDestination:
namespace: argocd
server: https://kubernetes.default.svc
serviceAccountName: my-deployerThere was a problem hiding this comment.
how does the audit trail in the k8s audit logs look like if a single application deployment touching multiple namespaces is switching between multiple SA-s? IMHO that would be somewhat chaotic.
Do you have an example of an Application deployment touching multiple namespaces?
also tying to the target namespace doesn't make sense if there is no target namespace (eg. when bootstrapping namespaces)
I'm inclined to agree on this one, I'm having trouble understanding how this would work in a Gitops context to create namespaces which do not already exist.
I'd be for amending the destinations array to take a full principal name instead of a service account name.
There was a problem hiding this comment.
One example of mine is an application that sets up namespaces + their quotas, limitranges, etc. Essentially bootstrapping the namespaces themselves. It wouldn't make sense splitting them into multiple applications TBQH. We also don't have service accounts available inside the namespaces in the beginning, so it's a chicken and egg problem.
I wouldn't want to provision them outside argocd, but manage all with argocd after an initial manual bootstrap of the argocd namespace and argocd deployments.
I also still want to ensure I follow principle of least privilege and when deploying namespaces I still want to enforce that the app only touches namespaces, quotas, limitranges, and likely roles+rolebindings. (maybe clusterrole bindings in case I want to set up an SA to provision cluster-scoped resources in another app).
There was a problem hiding this comment.
Another use-case is, when you provision the really critical parts of your cluster, eg. setting up cluster roles to be used by deployer service accounts. You likely want to treat that as a separate app, because creating clusterroles is a VERY sensitive issue. What namespace do I target with that, it's not a namespaced resource.
I might have separation of duties in my application teams, where a dedicated security team manages the service accounts, roles and rolebindings, and application teams have no business in provisioning them. I might have m:n mapping of apps to namespaces with m<n that the security team manages.
I think not allowing flexibility on using one principal touching multiple namespaces in a one-to-many manner is a problem in itself (eg. from an audit trail perspective it is just unnecessarily complicated to hunt down who deployed what)
The CD tool shouldn't be opinionated about anybody's security model, instead it should provide the most flexibility on how one ties it together with RBAC. Leave the job of being opinionated to the user.
Allowing the basic as semantics we have in kubeconfigs and kubectl for impersonation makes the most sense as it is the least opinionated approach on one's security model.
I can easily say several more examples if someone wants them. In enterprise contexts there's a ton of non-trivial cases and not everyone uses OpenShift-like RBAC with per-namespace deployer SA-s, which this proposal smells like it's opinionated towards (probably unintentionally).
reegnz
reviewed
Sep 20, 2023
|
|
||
| #### Component: ArgoCD API | ||
|
|
||
| - Support new property `serviceAccountName` in `ApplicationDestination` section of `AppProject` |
There was a problem hiding this comment.
To leave it flexible, next to serviceAccountName I'd also expose the feature with as and asGroups attributes, to match kubectl flags and kubecontext configuration.
It would make sense to try and match the 1st party kubernetes semantics around impersonation behaviour, it'd be much easier for the user to connect the behaviour to how kubectl behaves.
See https://kubernetes.io/docs/reference/config-api/kubeconfig.v1/#AuthInfo and https://kubernetes.io/docs/reference/kubectl/kubectl/#options
anandf
force-pushed
the
proposal_app_sync_impersonation
branch
2 times, most recently
from
eb23146 to
19b96d1
Compare
Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com>
Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com>
Signed-off-by: anandf <anjoseph@redhat.com>
…approach Signed-off-by: anandf <anjoseph@redhat.com>
Signed-off-by: anandf <anjoseph@redhat.com>
…access Signed-off-by: anandf <anjoseph@redhat.com>
Signed-off-by: anandf <anjoseph@redhat.com>
Signed-off-by: anandf <anjoseph@redhat.com>
… swell Signed-off-by: anandf <anjoseph@redhat.com>
Signed-off-by: anandf <anjoseph@redhat.com>
Signed-off-by: anandf <anjoseph@redhat.com>
…amespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com>
…ceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com>
Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com>
anandf
force-pushed
the
proposal_app_sync_impersonation
branch
from
8e67d83 to
10b3f76
Compare
Signed-off-by: anandf <anjoseph@redhat.com>
…dence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com>
crenshaw-dev
approved these changes
Feb 6, 2024
JulienFuix
pushed a commit
to JulienFuix/argo-cd
that referenced
this pull request
Feb 12, 2024
…onation (argoproj#14255) * Proposal for decoupling application sync from control plane user using impersonation Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Moved the proposal document to the right directory Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Modified the proposal to have control in AppProjects alone instead of Application and AppProject Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Removed proposal placed in wrong directory and corrected examples Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Addressed review comments Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Additional corrections Signed-off-by: anandf <anjoseph@redhat.com> * Fixed alternative proposals section to include only AppProject based approach Signed-off-by: anandf <anjoseph@redhat.com> * Added information on impersonation and added related links Signed-off-by: anandf <anjoseph@redhat.com> * Added examples for remote cluster destination with the required RBAC access Signed-off-by: anandf <anjoseph@redhat.com> * Fixed clusterrole and clusterrolebinding creation commands Signed-off-by: anandf <anjoseph@redhat.com> * Addressed review comments from Akram Signed-off-by: anandf <anjoseph@redhat.com> * Corrected RBAC to include serviceaccounts that can be impersonated as swell Signed-off-by: anandf <anjoseph@redhat.com> * Address few more review comments from Ishita, Akram Signed-off-by: anandf <anjoseph@redhat.com> * Fixed a typo and updated the last updated date field Signed-off-by: anandf <anjoseph@redhat.com> * Added information of the sync hook behaviour and also corrected the namespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Changed proposal to meet the latest api design using destinationServiceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Fixed proposal document to use destinationServiceAccounts struct Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Renamed proposal file to have .md extension Signed-off-by: anandf <anjoseph@redhat.com> * Using glob pattern instead of regex, and corrected the order of precedence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com> --------- Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> Signed-off-by: anandf <anjoseph@redhat.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
clement-heetch
pushed a commit
to clement-heetch/argo-cd
that referenced
this pull request
Feb 12, 2024
…onation (argoproj#14255) * Proposal for decoupling application sync from control plane user using impersonation Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Moved the proposal document to the right directory Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Modified the proposal to have control in AppProjects alone instead of Application and AppProject Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Removed proposal placed in wrong directory and corrected examples Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Addressed review comments Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Additional corrections Signed-off-by: anandf <anjoseph@redhat.com> * Fixed alternative proposals section to include only AppProject based approach Signed-off-by: anandf <anjoseph@redhat.com> * Added information on impersonation and added related links Signed-off-by: anandf <anjoseph@redhat.com> * Added examples for remote cluster destination with the required RBAC access Signed-off-by: anandf <anjoseph@redhat.com> * Fixed clusterrole and clusterrolebinding creation commands Signed-off-by: anandf <anjoseph@redhat.com> * Addressed review comments from Akram Signed-off-by: anandf <anjoseph@redhat.com> * Corrected RBAC to include serviceaccounts that can be impersonated as swell Signed-off-by: anandf <anjoseph@redhat.com> * Address few more review comments from Ishita, Akram Signed-off-by: anandf <anjoseph@redhat.com> * Fixed a typo and updated the last updated date field Signed-off-by: anandf <anjoseph@redhat.com> * Added information of the sync hook behaviour and also corrected the namespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Changed proposal to meet the latest api design using destinationServiceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Fixed proposal document to use destinationServiceAccounts struct Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Renamed proposal file to have .md extension Signed-off-by: anandf <anjoseph@redhat.com> * Using glob pattern instead of regex, and corrected the order of precedence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com> --------- Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> Signed-off-by: anandf <anjoseph@redhat.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
adriananeci
pushed a commit
to adriananeci/argo-cd
that referenced
this pull request
Feb 25, 2024
…onation (argoproj#14255) * Proposal for decoupling application sync from control plane user using impersonation Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Moved the proposal document to the right directory Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Modified the proposal to have control in AppProjects alone instead of Application and AppProject Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Removed proposal placed in wrong directory and corrected examples Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Addressed review comments Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Additional corrections Signed-off-by: anandf <anjoseph@redhat.com> * Fixed alternative proposals section to include only AppProject based approach Signed-off-by: anandf <anjoseph@redhat.com> * Added information on impersonation and added related links Signed-off-by: anandf <anjoseph@redhat.com> * Added examples for remote cluster destination with the required RBAC access Signed-off-by: anandf <anjoseph@redhat.com> * Fixed clusterrole and clusterrolebinding creation commands Signed-off-by: anandf <anjoseph@redhat.com> * Addressed review comments from Akram Signed-off-by: anandf <anjoseph@redhat.com> * Corrected RBAC to include serviceaccounts that can be impersonated as swell Signed-off-by: anandf <anjoseph@redhat.com> * Address few more review comments from Ishita, Akram Signed-off-by: anandf <anjoseph@redhat.com> * Fixed a typo and updated the last updated date field Signed-off-by: anandf <anjoseph@redhat.com> * Added information of the sync hook behaviour and also corrected the namespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Changed proposal to meet the latest api design using destinationServiceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Fixed proposal document to use destinationServiceAccounts struct Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Renamed proposal file to have .md extension Signed-off-by: anandf <anjoseph@redhat.com> * Using glob pattern instead of regex, and corrected the order of precedence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com> --------- Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> Signed-off-by: anandf <anjoseph@redhat.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Adrian Aneci <aneci@adobe.com>
penglongli
pushed a commit
to penglongli/argo-cd
that referenced
this pull request
Mar 6, 2024
…onation (argoproj#14255) * Proposal for decoupling application sync from control plane user using impersonation Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Moved the proposal document to the right directory Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Modified the proposal to have control in AppProjects alone instead of Application and AppProject Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Removed proposal placed in wrong directory and corrected examples Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Addressed review comments Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Additional corrections Signed-off-by: anandf <anjoseph@redhat.com> * Fixed alternative proposals section to include only AppProject based approach Signed-off-by: anandf <anjoseph@redhat.com> * Added information on impersonation and added related links Signed-off-by: anandf <anjoseph@redhat.com> * Added examples for remote cluster destination with the required RBAC access Signed-off-by: anandf <anjoseph@redhat.com> * Fixed clusterrole and clusterrolebinding creation commands Signed-off-by: anandf <anjoseph@redhat.com> * Addressed review comments from Akram Signed-off-by: anandf <anjoseph@redhat.com> * Corrected RBAC to include serviceaccounts that can be impersonated as swell Signed-off-by: anandf <anjoseph@redhat.com> * Address few more review comments from Ishita, Akram Signed-off-by: anandf <anjoseph@redhat.com> * Fixed a typo and updated the last updated date field Signed-off-by: anandf <anjoseph@redhat.com> * Added information of the sync hook behaviour and also corrected the namespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Changed proposal to meet the latest api design using destinationServiceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Fixed proposal document to use destinationServiceAccounts struct Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Renamed proposal file to have .md extension Signed-off-by: anandf <anjoseph@redhat.com> * Using glob pattern instead of regex, and corrected the order of precedence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com> --------- Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> Signed-off-by: anandf <anjoseph@redhat.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: penglongli <pelenli@tencent.com>
14 tasks
lyda
pushed a commit
to lyda/argo-cd
that referenced
this pull request
Mar 28, 2024
…onation (argoproj#14255) * Proposal for decoupling application sync from control plane user using impersonation Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Moved the proposal document to the right directory Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Modified the proposal to have control in AppProjects alone instead of Application and AppProject Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Removed proposal placed in wrong directory and corrected examples Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Addressed review comments Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Additional corrections Signed-off-by: anandf <anjoseph@redhat.com> * Fixed alternative proposals section to include only AppProject based approach Signed-off-by: anandf <anjoseph@redhat.com> * Added information on impersonation and added related links Signed-off-by: anandf <anjoseph@redhat.com> * Added examples for remote cluster destination with the required RBAC access Signed-off-by: anandf <anjoseph@redhat.com> * Fixed clusterrole and clusterrolebinding creation commands Signed-off-by: anandf <anjoseph@redhat.com> * Addressed review comments from Akram Signed-off-by: anandf <anjoseph@redhat.com> * Corrected RBAC to include serviceaccounts that can be impersonated as swell Signed-off-by: anandf <anjoseph@redhat.com> * Address few more review comments from Ishita, Akram Signed-off-by: anandf <anjoseph@redhat.com> * Fixed a typo and updated the last updated date field Signed-off-by: anandf <anjoseph@redhat.com> * Added information of the sync hook behaviour and also corrected the namespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Changed proposal to meet the latest api design using destinationServiceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Fixed proposal document to use destinationServiceAccounts struct Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Renamed proposal file to have .md extension Signed-off-by: anandf <anjoseph@redhat.com> * Using glob pattern instead of regex, and corrected the order of precedence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com> --------- Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> Signed-off-by: anandf <anjoseph@redhat.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Kevin Lyda <kevin@lyda.ie>
NagendraOpsmx
added a commit
to OpsMx/argo-cd
that referenced
this pull request
Apr 2, 2024
* docs: Update signed-release-assets.md (#16755) Missing \ in example Signed-off-by: mfreeman451 <mfreeman451@gmail.com> * Document restarting argocd after modifying argocd-cm (#12405) Signed-off-by: Lie Ryan <lie.1296@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * fix: support specifying username/password for redis holding manifests in argocd-server (#16786) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * fix: add list permission deployments (#16785) * add list permissions for deployments to application controller Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * revert redis-ha chart changes Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * revert redis-ha chart changes Signed-off-by: ishitasequeira <ishiseq29@gmail.com> --------- Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * chore(manifests): add ClsuterRole/ClusterRoleBinding for applicationset controller. (#16699) Closes https://github.com/argoproj/argo-cd/issues/16698. Signed-off-by: mugioka <okamugi0722@gmail.com> * Added socks5 proxy support for ssh based git URL, upgraded go-git to 5.10.1 (#15864) Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Added Openkruise workload integration health check scripts (#16238) Signed-off-by: Mahesh <maheshkasbe010@gmail.com> Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> * fix: allow to run codegen outside GOPATH (#16511) * fix: allow to run codegen outside GOPATH Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * clientgen Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * openapigen Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * remove ensure-gopath Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix: Use the cache for sharding (#15237) * feat(sharding): use a cache Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * cluster cmd Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * - Assign shard 0 to in-cluster cluster and nil check updates - Caching clusters while sharding: Fixing unit tests - Update generated docs - Debug e2e tests - Default the shardNumber to the number of replicas if it is calculated to a higher value - defered Unlock only when a lock is set - Disabling temporarly other versions of k3s to check if e2e passes - Do not fail if hostname format is not abc-n - Fix unit test and skip some e2e - Skip TestGitSubmoduleHTTPSSupport test - Remove breaking defer c.lock.Unlock() - Reverting testing all k3s version - Default sharding fix Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * fixes related to code review: renaming structure param, moving db initialisation Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Code review Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Set default shard to 0 Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Set different default value for Sts and Deployment mode Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Expose ClusterShardingCache Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Removing use of argoDB.db for DistributionFunction Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Update generated documentation Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Fix comment about NoShardingDistributionFunction and NoShardingAlgorithm Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> Co-authored-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix(manifests): applicationset-controller dir is not added to cluster-rbac/kustomization.yaml. (#16810) * fix(manifests): applicationset-controller dir is not added to cluster-rbac/kustomization.yaml. Related PR: https://github.com/argoproj/argo-cd/pull/16699. I missed adding a new folder(applicationset-controller) to kustomization.yaml. So, i addressed it. Signed-off-by: mugioka <okamugi0722@gmail.com> * chore: exec `make manifests`. Signed-off-by: mugioka <okamugi0722@gmail.com> * chore: exec `make manifests`. Signed-off-by: mugioka <okamugi0722@gmail.com> --------- Signed-off-by: mugioka <okamugi0722@gmail.com> * typo in comment (#16834) Signed-off-by: eddimull <eddimull@gmail.com> * feat: adding option to specify an aws profile to use by the argocd-server when adding a EKS cluster (#16767) useful for argocd-servers which are not running in AWS and want to add multiple EKS clusters using separate keys instead of assuming roles #16766 Signed-off-by: Isaac Gaskin <isaac.gaskin@circle.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> * fix: enforce content type header for API requests (#16860) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * adding tests for githandlers (#16678) Signed-off-by: zhaque44 <haque.zubair@gmail.com> * fix: added logging if repo credentials collide (#16833) Signed-off-by: doxsch <28098153+doxsch@users.noreply.github.com> * fix(cli): add support for Application in any namespace for app wait (argoproj#16812) (#16816) Use fully qualified application names in ApplicationWaitCommand Closes: #16812 Signed-off-by: Sergiy Kulanov <sergiy_kulanov@epam.com> * docs: Add LinkedIn badge to README.md (#16889) Signed-off-by: Yuan Tang <terrytangyuan@gmail.com> * update follow-redirects to 1.15.5 (#16899) Signed-off-by: Regina Scott <rescott@redhat.com> * chore: allow @approvers-docs to approve readme.md (#16897) Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * Adding CNCF blog to readme file (#16893) Signed-off-by: Chetan Deshmukh <cdeshmukh@infracloud.io> * docs: Update Azure AD to Entra ID (#16869) * Update Azure AD to Entra ID https://learn.microsoft.com/en-us/entra/fundamentals/new-name Signed-off-by: Ryan Flynn <mr.ryanflynn@gmail.com> * Add formerly known as azuread Signed-off-by: Ryan Flynn <mr.ryanflynn@gmail.com> --------- Signed-off-by: Ryan Flynn <mr.ryanflynn@gmail.com> * chore: Preventing runnings jobs when updating documentation (#16706) * Preventing runnings jobs when updating documentation Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@cimpress.com> * Empty line added to .md file Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@cimpress.com> --------- Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@cimpress.com> Co-authored-by: Aymen Ben Tanfous <aymen.bentanfous@cimpress.com> * chore(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.11.0 (#16711) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.8.1 to 5.11.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.8.1...v5.11.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(cli): add support for Application in any namespace for `app delete` cmd (#16898) Use fully qualified application names when operate with Applications Closes: #16896 Signed-off-by: Sergiy Kulanov <sergiy_kulanov@epam.com> * docs: Fixed Slugify doc in GoTemplate.md (#16685) * docs: Fixed Slugify doc in GoTemplate.md Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@gmail.com> * Update docs/operator-manual/applicationset/GoTemplate.md Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@gmail.com> * Update docs/operator-manual/applicationset/GoTemplate.md Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@gmail.com> --------- Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * Initialize & send forceHttpBasicAuth & enableOCI params correctly during repo update from UI (#16794) * feat(health): support for distribution aws.crossplane.io resource (#16827) Signed-off-by: nueavv <nuguni@kakao.com> * fix(ui): set content-type for certain UI requests (#16923) (#16930) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * feat(controller): add sync jitter(#14241) (#16820) * feat(controller): add sync jitter Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * convert to duration for simplicity Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * docs Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * add config to manifests Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix tests Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix(action): Add validation for Kustomize Build Options white space (#16704) Signed-off-by: Sergey Lanzman <sergeylanz@gmail.com> * Revert "chore: Preventing runnings jobs when updating documentation (#16706)" (#16943) This reverts commit 65869a3860c7555b3ea7a962db44cc9b05f7e333. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * feat: Add PITS Globale Datenrettungsdienste to user list (#16765) * Add PITS Globale Datenrettungsdienste to user list Signed-off-by: Arnold <87698848+arnoldberlin@users.noreply.github.com> * Update USERS.md Signed-off-by: Arnold <87698848+arnoldberlin@users.noreply.github.com> --------- Signed-off-by: Arnold <87698848+arnoldberlin@users.noreply.github.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> * separate application controller roles into a separate manifests directory (#16884) Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * fix(ui): fix display banner when not explicit set position (#16741) Signed-off-by: linghaoSu <linghao.su@daocloud.io> * fix(appcontroller): Uptake fix in gitops engine which fixes application sync with auto create ns and server side apply (#16942) * Uptake fix in gitops engine to fix auto create ns with server side apply Signed-off-by: anandf <anjoseph@redhat.com> * Moved the new e2e test to different location Signed-off-by: anandf <anjoseph@redhat.com> * Fix test name to be less than 63 char for creating ns Signed-off-by: anandf <anjoseph@redhat.com> * update gitops-engine with latest master Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> --------- Signed-off-by: anandf <anjoseph@redhat.com> Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> Co-authored-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * docs: Update argocd-cm.yaml bannerposition description (#16961) (#16962) Signed-off-by: Keith Chong <kykchong@redhat.com> * docs: Added an example of downloading the latest stable version (#16968) * added an example of downloading the latest stable version Signed-off-by: Christian Hernandez <christian@chernand.io> * Update docs/cli_installation.md Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> Signed-off-by: Christian Hernandez <christianh814@users.noreply.github.com> --------- Signed-off-by: Christian Hernandez <christian@chernand.io> Signed-off-by: Christian Hernandez <christianh814@users.noreply.github.com> Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> * feat(health): support for resourcerecordsets aws.crossplane.io resource (#16823) Signed-off-by: nueavv <nuguni@kakao.com> * chore(deps): rm go-jose Cxb6dee8d5-b814 high vuln (#16947) Signed-off-by: fengshunli <1171313930@qq.com> * fix(server): allow disabling content-type check (#16959) * fix(server): allow disabling content-type check Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * fix spacing Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * Clean up repeated package import (#16987) Signed-off-by: Zechun Chen <zechun.chen@daocloud.io> * docs(helm): add example of public oci chart (#17000) There doesn't appear to be an example of using an OCI helm chart repository, so this adds a simple declarative example. This is a common question from the community. Signed-off-by: Nicholas Morey <nicholas@morey.tech> * Badge for apps in any namespace (#16739) Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> Co-authored-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * docs(helm): fix yaml formatting on code block (#17001) Signed-off-by: Nicholas Morey <nicholas@morey.tech> * fix(redis): go-redis v9 regression missing metrics and reconnect hook (#13415) (#15275) * fix(redis): go-redis v9 regression missing metrics and reconnect hook Signed-off-by: phanama <yudiandreanp@gmail.com> * fix: golangci lint return values not checked in tests Signed-off-by: phanama <yudiandreanp@gmail.com> * chore: move dnsError var locally into func Signed-off-by: phanama <yudiandreanp@gmail.com> --------- Signed-off-by: phanama <yudiandreanp@gmail.com> * Fix typo in documentation (#17022) Signed-off-by: saeedhosseini <saeedhosseini21@gmail.com> * feat: Prune resources in reverse order of syncwave during sync (#15074) (#16748) * Add e2e & doc for prune order during sync Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> * Point gitops-engine to fork with reverse prune changes Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> * Fix ci linting failures Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> * Update gitops-engine commit ref Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> --------- Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> * docs(applicationset): explain impact of empty spec in templatePatch (#17042) * docs: explain impact of empty spec in templatePatch Signed-off-by: Nicholas Morey <nicholas@morey.tech> * fix: not conditional helm values Signed-off-by: Nicholas Morey <nicholas@morey.tech> --------- Signed-off-by: Nicholas Morey <nicholas@morey.tech> * docs(kustomize): add components yaml example (#17043) Signed-off-by: Nicholas Morey <nicholas@morey.tech> * docs(argocd-cm): add timeout.reconciliation.jitter example (#17044) Signed-off-by: Nicholas Morey <nicholas@morey.tech> * docs(hooks): add postdelete to table (#17048) Add `PostDelete` to the hooks table, and clean up wording and old availability statement (all the way back to v1, probably irrelevant). Signed-off-by: Nicholas Morey <nicholas@morey.tech> * Corrected certificate managment for OCI helm charts (#16656) Signed-off-by: Andrew Block <andy.block@gmail.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> * chore: use kubernetes 1.29.0 in CI (#17050) Keeping 1.25 for now. Signed-off-by: Shyukri Shyukriev <shukera@gmail.com> * chore(deps): bump Helm to 3.14.0 (#17031) (#17032) * bump helm to 3.14.0 Signed-off-by: Simon HEGE <simonhege@gmail.com> * Add a note about helm bump in upgrade instructions Signed-off-by: Simon HEGE <simonhege@gmail.com> --------- Signed-off-by: Simon HEGE <simonhege@gmail.com> * chore(deps): bump github.com/evanphx/json-patch (#17021) Bumps [github.com/evanphx/json-patch](https://github.com/evanphx/json-patch) from 5.6.0+incompatible to 5.9.0+incompatible. - [Release notes](https://github.com/evanphx/json-patch/releases) - [Commits](https://github.com/evanphx/json-patch/compare/v5.6.0...v5.9.0) --- updated-dependencies: - dependency-name: github.com/evanphx/json-patch dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Upgrade aws-sdk-go to support eks pod identity (#17063) * chore: Upgrade aws-sdk-go to support eks pod identity --------- Signed-off-by: Carlos Santana <carrlos@amazon.com> Co-authored-by: Mathieu Bruneau <brunemat@amazon.com> * add cogen for notifications Signed-off-by: Carlos Santana <carrlos@amazon.com> --------- Signed-off-by: Carlos Santana <carrlos@amazon.com> Co-authored-by: Mathieu Bruneau <brunemat@amazon.com> * fix: removed pkce code challange check for WebUI (#16730) Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * chore(ci): bump k3s versions to latest patches (#17060) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * feat: add prometheus metrics around proxy extension requests (#17012) * feat: add prometheus metrics around proxy extension requests Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * update go.mod Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix metrics bugs Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix unit-test Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * Add unit suffix in the duration metric Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * update doc Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> --------- Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix(ci): correct helm checksum path (#17081) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * fix(controller): fix application controller deployment crashing (#16984) * fix application controller deployment crashing and update manifests Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * remove environment variable ARGOCD_ENABLE_DYNAMIC_CLUSTER_DISTRIBUTION Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * fix auto-generated docs Signed-off-by: ishitasequeira <ishiseq29@gmail.com> --------- Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * chore: improve error logs (#10592) (#17089) Signed-off-by: Bardia Heydari <az.bardia13@gmail.com> * DOC: add Fly Security and Telavita in USERS.md (#17076) Signed-off-by: Gustavo Esser <esser1997@hotmail.com> * fix(ui): prevent app name too long hide open icon (#16983) * fix(ui): prevent app name too long hide open icon Signed-off-by: linghaoSu <linghao.su@daocloud.io> * fix(ui): fix app resource list lint Signed-off-by: linghaoSu <linghao.su@daocloud.io> --------- Signed-off-by: linghaoSu <linghao.su@daocloud.io> * fix: log all token verification failures (#16625) * fix: log all token verification failures Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * better Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * feat: add health-checks for eck elastic beat (#16563) * feat: add health-checks for eck elastic beat Signed-off-by: ebuildy <ebuildy@gmail.com> * fix tests Signed-off-by: ebuildy <ebuildy@gmail.com> --------- Signed-off-by: ebuildy <ebuildy@gmail.com> * docs(proposal): decoupling app sync from control plane user w/ impersonation (#14255) * Proposal for decoupling application sync from control plane user using impersonation Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Moved the proposal document to the right directory Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Modified the proposal to have control in AppProjects alone instead of Application and AppProject Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Removed proposal placed in wrong directory and corrected examples Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Addressed review comments Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Additional corrections Signed-off-by: anandf <anjoseph@redhat.com> * Fixed alternative proposals section to include only AppProject based approach Signed-off-by: anandf <anjoseph@redhat.com> * Added information on impersonation and added related links Signed-off-by: anandf <anjoseph@redhat.com> * Added examples for remote cluster destination with the required RBAC access Signed-off-by: anandf <anjoseph@redhat.com> * Fixed clusterrole and clusterrolebinding creation commands Signed-off-by: anandf <anjoseph@redhat.com> * Addressed review comments from Akram Signed-off-by: anandf <anjoseph@redhat.com> * Corrected RBAC to include serviceaccounts that can be impersonated as swell Signed-off-by: anandf <anjoseph@redhat.com> * Address few more review comments from Ishita, Akram Signed-off-by: anandf <anjoseph@redhat.com> * Fixed a typo and updated the last updated date field Signed-off-by: anandf <anjoseph@redhat.com> * Added information of the sync hook behaviour and also corrected the namespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Changed proposal to meet the latest api design using destinationServiceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Fixed proposal document to use destinationServiceAccounts struct Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Renamed proposal file to have .md extension Signed-off-by: anandf <anjoseph@redhat.com> * Using glob pattern instead of regex, and corrected the order of precedence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com> --------- Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> Signed-off-by: anandf <anjoseph@redhat.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * chore(ci): run ci checks conditionally (#16982) * chore(ci): run ci checks conditionally This should prevent docs changes from having the need to run e2e tests etc, and prevent backend changes from needing to run ui tests, and vice versa. This is similar to previous attempts (see #16706 and #13507), with the difference here that we add the if checks on each _step_ rather than each _job_ - the reason being that most of these jobs are required, and if we skip whole jobs any PR which does this will be left hanging indefinitely, so Github forces us to do this on a step level instead. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * chore(ci): run ci checks conditionally Try conditional jobs, according to https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/troubleshooting-required-status-checks#handling-skipped-but-required-checks Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * chore(ci): add composite test-e2e action This is a workaround for the e2e tests which do not run yet report `pending` when they are actually skipped. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> --------- Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Remington Breeze <remington@breeze.software> Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> * fix(ui): Change path to "root" when path is root directory (#14949) * change path to display root Signed-off-by: Eshwar Hebbur Shivakumar <eshwar1011235@gmail.com> * Fix inequality typo Signed-off-by: Eshwar Hebbur Shivakumar <eshwar1011235@gmail.com> * Fix lint issues Signed-off-by: Eshwar Hebbur Shivakumar <eshwar1011235@gmail.com> --------- Signed-off-by: Eshwar Hebbur Shivakumar <eshwar1011235@gmail.com> * typo `registires` -> `registries` (#17099) Signed-off-by: Adam Huganir <adam@huganir.com> * Updated otelgrpc to remediate CVE found by JFrog Xray (#17084) Signed-off-by: Tal Yitzhak <taly@lightrun.com> Co-authored-by: Tal Yitzhak <taly@lightrun.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * docs(webhook): use real cm name instead of placeholder (#17002) The document says I should registed configMap named argocd-notifications-cm but then uses placeholder in examples. Signed-off-by: Petr Studeny <studenyp@gmail.com> * docs: Update Okta OIDC SSO docs (#13811) * Update the Okta SSO docs * fill out the OIDC section with step-by-step instructions on using Okta with custom authorization servers * adjust outdated docs about updating the docs Signed-off-by: Jonas Courteau <jonas.courteau@abcellera.com> * Add the Okta version that these docs are written against Signed-off-by: Jonas Courteau <jonas.courteau@abcellera.com> --------- Signed-off-by: Jonas Courteau <jonas.courteau@abcellera.com> Signed-off-by: Dan Garfield <dan@codefresh.io> Co-authored-by: Dan Garfield <dan@codefresh.io> * Add a description for using contour httpproxy CRD (#14614) Which allows you to reuse the same hostname. Co-authored-by: Boris Smidt <boris.smidt@restore.eu> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix: ci failures (#17107) Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * chore(deps): bump library/golang from 1.21.3 to 1.22.0 in /test/remote (#17111) Bumps library/golang from 1.21.3 to 1.22.0. --- updated-dependencies: - dependency-name: library/golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump yarn from 1.22.10 to 1.22.13 in /ui-test (#17092) Bumps [yarn](https://github.com/yarnpkg/yarn) from 1.22.10 to 1.22.13. - [Release notes](https://github.com/yarnpkg/yarn/releases) - [Changelog](https://github.com/yarnpkg/yarn/blob/master/CHANGELOG.md) - [Commits](https://github.com/yarnpkg/yarn/compare/1.22.10...v1.22.13) --- updated-dependencies: - dependency-name: yarn dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/redis from 7.0.11 to 7.2.4 in /test/container (#16806) Bumps library/redis from 7.0.11 to 7.2.4. --- updated-dependencies: - dependency-name: library/redis dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps-dev): bump yarn from 1.22.10 to 1.22.21 in /ui (#17096) Bumps [yarn](https://github.com/yarnpkg/yarn) from 1.22.10 to 1.22.21. - [Release notes](https://github.com/yarnpkg/yarn/releases) - [Changelog](https://github.com/yarnpkg/yarn/blob/master/CHANGELOG.md) - [Commits](https://github.com/yarnpkg/yarn/compare/1.22.10...v1.22.21) --- updated-dependencies: - dependency-name: yarn dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix the typo (#17116) * chore(deps): bump library/node from 20.6.1 to 21.6.1 (#17053) Bumps library/node from 20.6.1 to 21.6.1. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/node from 20.7.0 to 21.6.1 (#17065) Signed-off-by: fengshunli <1171313930@qq.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix(kustomize): set build dir (#15057) #16229 #16652 (#16653) * use repo root, not app path Signed-off-by: Prune <prune@lecentre.net> correct patch Signed-off-by: Prune <prune@lecentre.net> * use Getwd to find the root path for diff commands Signed-off-by: Prune <prune@lecentre.net> * set dot a default for argo app commands Signed-off-by: Prune <prune@lecentre.net> * revert default values Signed-off-by: Prune <prune@lecentre.net> * patch diff in TestNamespacedResourceDiffing Signed-off-by: Prune <prune@lecentre.net> * patching some diff and sync Signed-off-by: Prune <prune@lecentre.net> * patch remaining diff in error Signed-off-by: Prune <prune@lecentre.net> --------- Signed-off-by: Prune <prune@lecentre.net> * chore(ci): tweak backend filters (#17134) The existing backend filters get triggered even on frontend-only or docs-only changes, which should not be the case. The reason for this seems to be the fact that each filter line is ORed rather than ANDed. To remedy this, we put all the filters on the same line. I tried the filter out in a REPL (https://runkit.com/blakepettersson/65c3daba99653f0008c74eda). This is a filter using picomatch (the same library `dorny/paths-filter` uses). Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * docs: fix error in toolchain setup (#17154) Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * chore(dex): 2.37.0 to 2.38.0 (#17157) Signed-off-by: asingh51 <ashutosh_singh@intuit.com> Co-authored-by: asingh51 <ashutosh_singh@intuit.com> * feat: Add support for passing Redis Sentinel username(ACL) and password (#17168) * Add support for passing Sentinel username and password Signed-off-by: ShlomiTubul <shlomi.tubul@placer.ai> * fix align with var naming Signed-off-by: ShlomiTubul <shlomi.tubul@placer.ai> * fix align with var naming Signed-off-by: ShlomiTubul <shlomi.tubul@placer.ai> --------- Signed-off-by: ShlomiTubul <shlomi.tubul@placer.ai> Co-authored-by: ShlomiTubul <shlomi.tubul@placer.ai> * fix: stop initializing deployment informer if dynamic sharding is disabled (#17097) * fix: stop initializing deployment informer if dynamic sharding is disabled Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * feat: updated sharding cache getter func Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> --------- Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * feat: query escape function for notifications (#16343) Signed-off-by: Jan Schumann <js@schumann-it.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * Update triggers doc to fix typo (#17185) Signed-off-by: David Grizzanti <dgrizzanti@users.noreply.github.com> * docs: fixes Template.md targetRevision typo (#17190) * Template.md targetRevision typo fixed Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> * retrigger checks Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> * sign off Signed-off-by: chidambaram27 <chidambaramk.27@gmail.com> Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> * sign off Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> --------- Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> Signed-off-by: chidambaram27 <chidambaramk.27@gmail.com> * docs: Private-helm-repo section target added to helm.md (#16697) * helm-repo Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * Update docs/user-guide/helm.md Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> --------- Signed-off-by: Surajyadav <harrypotter1108@gmail.com> Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * fix: infer correct shard in statefulset setup (#17124, #17016) (#17167) * fix: infer correct shard in statefulset setup Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix the case if only a single replica Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: resolving pointer on shard compare Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: add readlock for cluster accessor Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: use defer to protect access of 'shard' Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: revert locking in getclusteraccessor Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: handle nil shard case Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: handle any nil shard value as false Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: handle nil case and fix another missing pointer dereference Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * revert Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: added tests and fixed some behaviour bugs Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * test: add test to validate that Shard value is not overriden Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: added tests and fixe the case when server is changed inside a secret Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * tests: add test cases for infering the shard logic Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> --------- Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * feat: wait until resources are deleted #6085 (#16733) * feat: wait until resources are deleted Signed-off-by: MichaelMorris <michael.morris@est.tech> * Added unit and e2e test Signed-off-by: MichaelMorris <michael.morris@est.tech> --------- Signed-off-by: MichaelMorris <michael.morris@est.tech> * fix(controller): add missing workqueue metrics (#16315) (#17013) * fix(controller): add missing kubernetes metrics Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * validate workqueue metrics are present Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * use newer metrics registry Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix duplicated Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * init runtime controller in test to have correct metrics Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix lint error Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * update controller-runtime to remove metrics with high cardinality Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * chore(deps): upgrade helm to 3.14.1 (#17213) * chore(deps): upgrade helm to 3.14.1 Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * move files to folder...... Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * docs: Add PayIt to USERS.md (#17215) * docs: Add PayIt to USERS.md Signed-off-by: Matt Menzenski <matt@payitgov.com> * docs: Add PayIt to USERS.md Signed-off-by: Matt Menzenski <matt@payitgov.com> --------- Signed-off-by: Matt Menzenski <matt@payitgov.com> * docs: Add Nextbasket to USERS.md (#17228) Signed-off-by: NextBasket-Petyo <100193556+NextBasket-Petyo@users.noreply.github.com> * fix: Permission Denied error when calling GetAppDetails API (#17221) (#17229) Signed-off-by: Keith Chong <kykchong@redhat.com> * Count git checkout failures (#15657) Signed-off-by: Mikołaj Przybysz <1093404+mikolajprzybysz@users.noreply.github.com> Co-authored-by: Mikołaj Przybysz <1093404+mikolajprzybysz@users.noreply.github.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * chore(deps): bump library/node from 21.6.1 to 21.6.2 in /ui-test (#17226) Bumps library/node from 21.6.1 to 21.6.2. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/node from 21.6.1 to 21.6.2 (#17223) Bumps library/node from 21.6.1 to 21.6.2. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/golang in /test/remote (#17138) Bumps library/golang from `094e47e` to `ef61a20`. --- updated-dependencies: - dependency-name: library/golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * feat(grafana-dashboard): Update example dashboard, add AppSet Telemetry (#17232) Signed-off-by: lukepatrick <lukephilips@gmail.com> * chore(deps): bump library/node from `6fb1883` to `65998e3` in /ui-test (#17245) Bumps library/node from `6fb1883` to `65998e3`. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump library/golang in /test/remote (#17244) Bumps library/golang from `ef61a20` to `7b297d9`. --- updated-dependencies: - dependency-name: library/golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add `AppName` to the RepoServerAppDetailsQuery for notification-controller (#17233) Signed-off-by: Dong Wang <wd@wdicc.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/node from `50703e6` to `65998e3` (#17243) Bumps library/node from `50703e6` to `65998e3`. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * docs: Update USERS.md (#17248) * Update USERS.md Signed-off-by: itayvolo <72027444+itayvolo@users.noreply.github.com> * Update USERS.md Signed-off-by: itayvolo <72027444+itayvolo@users.noreply.github.com> * Update USERS.md Signed-off-by: itayvolo <72027444+itayvolo@users.noreply.github.com> --------- Signed-off-by: itayvolo <72027444+itayvolo@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * docs(metrics): add release label to haproxy (#17264) Add missing `release` label to `argocd-redis-haproxy-metrics` ServiceMonitor example. Signed-off-by: Gaston Festari <cilindrox@gmail.com> * docs: Fix typo in notifications example (#17250) * Fix typo in notifications example I'm not too sure what the example should look like, so I'm taking a guess here. Signed-off-by: Adrian Moisey <adrian@changeover.za.net> * Update docs/operator-manual/notifications/troubleshooting.md Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> Signed-off-by: Adrian Moisey <adrian@changeover.za.net> --------- Signed-off-by: Adrian Moisey <adrian@changeover.za.net> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> * Update contributors-quickstart.md (#17266) Signed-off-by: Dan Garfield <dan@codefresh.io> * reduce unnecessary unmarshal (#17187) Signed-off-by: Wilson Wang <wilson.wang@bytedance.com> * fix typo (#17272) Signed-off-by: Oscar Wieman <oscar@oscarr.nl> * docs: Added examples for alternate EKS cluster authentication methods (#17270) * Added examples for alternate EKS cluster authentication methods Signed-off-by: Damon Edstrom <dedstrom@venerated.io> * Update docs/operator-manual/declarative-setup.md Signed-off-by: Dan Garfield <dan@codefresh.io> Signed-off-by: Dan Garfield <dan@codefresh.io> --------- Signed-off-by: Dan Garfield <dan@codefresh.io> Co-authored-by: Dan Garfield <dan@codefresh.io> * docs for PR #9791 (#16021) Signed-off-by: mzain <zainawan89@gmail.com> * chore(ci): use changed files action (#17180) `dorny/paths-filter` doesn't seem to handle (multiple) negations well. Therefore, this PR switches to `tj-actions/changed-files`, since it is already successfully used in argo-workflows. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * fix(ui): Include application name in status badge (#17126) * Added application name to badge Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Rever svg change Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Doc for disabling application name Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Flag to not display application name Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Added tests Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Make no app name the default Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Have enable app name as a query parameter Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Have enable app name as a query parameter Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * argocd to original Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Update docs/user-guide/status-badge.md Signed-off-by: Dan Garfield <dan@codefresh.io> Signed-off-by: Dan Garfield <dan@codefresh.io> --------- Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> Signed-off-by: Dan Garfield <dan@codefresh.io> Co-authored-by: sshenoy6 <sonamkaup_shenoy@intuit.com> Co-authored-by: Dan Garfield <dan@codefresh.io> * fix: Update test image ssl/crypto libs (#17303) Signed-off-by: Carlos Santana <csantana23@gmail.com> * chore(deps-dev): bump postcss from 8.2.13 to 8.4.35 in /ui (#17140) Bumps [postcss](https://github.com/postcss/postcss) from 8.2.13 to 8.4.35. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.2.13...8.4.35) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/redis in /test/container (#17137) Bumps library/redis from `cc8b0b8` to `11c3e41`. --- updated-dependencies: - dependency-name: library/redis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump react-helmet and @types/react-helmet in /ui (#11556) Bumps [react-helmet](https://github.com/nfl/react-helmet) and [@types/react-helmet](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-helmet). These dependencies needed to be updated together. Updates `react-helmet` from 5.2.1 to 6.1.0 - [Release notes](https://github.com/nfl/react-helmet/releases) - [Changelog](https://github.com/nfl/react-helmet/blob/master/CHANGELOG.md) - [Commits](https://github.com/nfl/react-helmet/commits/6.1.0) Updates `@types/react-helmet` from 5.0.19 to 6.1.6 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-helmet) --- updated-dependencies: - dependency-name: react-helmet dependency-type: direct:production update-type: version-update:semver-major - dependency-name: "@types/react-helmet" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump bitnami/kubectl in /test/container (#14220) Bumps bitnami/kubectl from `670fe3f` to `14ab746`. --- updated-dependencies: - dependency-name: bitnami/kubectl dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore: add Rocket.Chat to users (#17306) Signed-off-by: Debdut Chakraborty <debdutdeb@outlook.com> * chore(deps): bump library/ubuntu in /test/container (#13409) Bumps library/ubuntu from `9a0bdde` to `67211c1`. --- updated-dependencies: - dependency-name: library/ubuntu dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump library/redis in /test/container (#17309) Bumps library/redis from `11c3e41` to `e647cfe`. --- updated-dependencies: - dependency-name: library/redis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump library/registry in /test/container (#13050) Bumps library/registry from `41f413c` to `b209a41`. --- updated-dependencies: - dependency-name: library/registry dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/busybox in /test/e2e/multiarch-container (#14592) Bumps library/busybox from `2376a0c` to `3fbc632`. --- updated-dependencies: - dependency-name: library/busybox dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix: use simple python image to build mkdocs (#17313) * fix: use simple python image to build mkdocs Signed-off-by: Carlos Santana <csantana23@gmail.com> * use python 3.7 Signed-off-by: Carlos Santana <csantana23@gmail.com> --------- Signed-off-by: Carlos Santana <csantana23@gmail.com> * chore(deps): bump library/registry in /test/container (#17317) Bumps library/registry from `b209a41` to `f4e1b87`. --- updated-dependencies: - dependency-name: library/registry dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs: fixed name of environment variable and config map property enabling scm providers for applicationsets (#17326) Signed-off-by: Juliusz <juliusz.jaksa@xylem.com> Co-authored-by: Juliusz <juliusz.jaksa@xylem.com> * fix(ui): Added dashed line between collapsed sections in Compact-diff (#17173) * dashed-line-breaker Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * dark-mode Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * dark-mode-text-fix Signed-off-by: Surajyadav <harrypotter1108@gmail.com> --------- Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * fix: multi-source app breaks application parameters UI (#16910) (#17033) Signed-off-by: Keith Chong <kykchong@redhat.com> * chore(deps): upgrade helm to 3.14.2 (#17330) * chore(deps): upgrade helm to 3.14.2 Signed-off-by: David Bunn <david.bunn@prodigygame.com> * Signing commit Signed-off-by: David Bunn <david.bunn@prodigygame.com> --------- Signed-off-by: David Bunn <david.bunn@prodigygame.com> * chore(deps): bump library/node from 21.6.1 to 21.6.2 in /test/container (#17316) Bumps library/node from 21.6.1 to 21.6.2. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix: The argocd server api-content-type flag does not allow empty content-type header (#17331) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * fix(ui): The tiles in Applications List are too wide #17220 (#17340) * fix(ui): The tiles in Applications List are too wide Signed-off-by: Rafal Pelczar <rafal@akuity.io> * change min width of app tiles Signed-off-by: Rafal Pelczar <rafal@akuity.io> --------- Signed-off-by: Rafal Pelczar <rafal@akuity.io> * chore(notifications): remove unneeded operations from templates (#17307) * chore(deps): bump library/ubuntu in /test/container (#13409) Bumps library/ubuntu from `9a0bdde` to `67211c1`. --- updated-dependencies: - dependency-name: library/ubuntu dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Michael Firestone <mike.firestone@electriphi.ai> * rm unneeded operations from templates Signed-off-by: Michael Firestone <firestonem@gmail.com> Signed-off-by: Michael Firestone <mike.firestone@electriphi.ai> * rm more unneeded ops Signed-off-by: Michael Firestone <mike.firestone@electriphi.ai> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Michael Firestone <mike.firestone@electriphi.ai> Signed-off-by: Michael Firestone <firestonem@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michael Firestone <mike.firestone@electriphi.ai> * feat: allow webhook settings to be referenced by external secret (#16262) Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@ledger.fr> * feat: Add app data to sharding cache to allow sharding by apps (#17014) * Adding app list to sharding cache Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Add shard by apps test Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Fix lint Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Add coverage to test Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Fix lint Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Converted cluster/app accesors to private, add apps-in-any-namespace suport in shardingcache init, added read lock to GetAppDistribution Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Fix tests Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> --------- Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * docs: Update USERS.md (#17371) Hi, I added IABAI as using officially ArgoCD Signed-off-by: Andrea Sannuto <andrea@iab.ai> * feat: add cli commands to add/delete sourceNamespaces from AppProject (#17337) * Add cli to add/delete sourceNamespaces Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update command/comments Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update command/comments(1) Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update user-guide docs Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * Retrigger CI pipeline Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * add check for '*' & rename command to remove-source-namespace Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update command/comments(2) Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update command/comments(3) Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * Retrigger CI pipeline Signed-off-by: Raghavi Shirur <rshirur@redhat.com> --------- Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * feat: add ability to auto label clusters from k8s clusterinfo (#17289) * feat: add ability to auto label clusters This gives the ability to automatically label cluster secrets on a cluster-by-cluster basis. If `enableClusterInfoLabels` is set on a cluster secret, the controller will (eventually) label the cluster secret with the current k8s version detected by the cluster info. This needs documentation, e2e tests, as well as CLI/UI additions. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * refactor: use labels instead of secret data This is easier to work with, especially in the context where we need this feature. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * docs: add description on how to use dynamic labeling Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> --------- Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * chore(ci): free up disk space for goreleaser (#17373) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * fix(ui): Dark-mode-enhancements (#17241) * dark-mode-enhancements Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * monaco Signed-off-by: Surajyadav <harrypotter1108@gmail.com> --------- Signed-off-by: Surajyadav <harrypotter1108@gmail.com> Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> * feat: add cli commands to add/remove sources for multi-source applications (#17310) * Initial commit Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * add cli commands to add/remove sources for multi-source app Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * add checks Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * add docs Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * refactor code and update tests Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * add removed additional switch case Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * fix suggested nits Signed-off-by: ishitasequeira <ishiseq29@gmail.com> --------- Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * feat: enable users to run commands related to Argo Applications in any namespace (#17360) * enable --app-namespace falg for application get command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application diff command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application wait command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application rollback command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application patch command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application edit command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application history command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application sync command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application delete command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * cli doc generated Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> --------- Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> * fix: preserve escape codes in repo url of git webhook payload (#17376) Signed-off-by: Eric Bissonnette <ebisso.dev@gmail.com> * fix: disable rate limiting sompletely by default (#17355) Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * docs: use service-name instead of service-id (#17389) * use service-name instead of service-id Signed-off-by: DongHo Jung <dongho971220@gmail.com> * trigger CICD Signed-off-by: DongHo Jung <dongho971220@gmail.com> --------- Signed-off-by: DongHo Jung <dongho971220@gmail.com> * feat: Allow Kustomize common labels to not apply to selectors (#17329) * modify crds Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * cmd opts and test Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * kustomize build and test Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * fix option order and add ancestry to users Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * fix users format Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * generated files Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * set flag value Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * modify crds Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * chore(deps): bump library/registry in /test/container (#17317) Bumps library/registry from `b209a41` to `f4e1b87`. --- updated-dependencies: - dependency-name: library/registry dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * generated files Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * add docs Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * fix doc Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * remove debug prints Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * fix autogen docs Signed-off-by: lets-call-n-walk <cw404@hotmail.com> --------- Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Collin Walker <10523817+lets-call-n-walk@users.noreply.github.com> Co-authored-by: Collin <cwalker@ancestry.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(ui): Highlight failing containers in the UI (#17143) * failing container icon added Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * lint-fix Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * .. Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * tried yarn lint-fix Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * margin Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * running Signed-off-by: Surajyadav <harrypotter1108@gmail.com> --------- Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * fix(ui): application-summary-help-icon fix (#17385) * Update application-summary.tsx revision-history icon fix Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> * icons Signed-off-by: Surajyadav <harrypotter1108@gmail.com> --------- Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * chore: add more unit tests around useDiffCache function (#17404) * chore: add more unit tests around useDiffCache function Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix doc Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> --------- Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix(grpcproxy): parse headers contain colon (#13274) (#14294) * fix(grpcproxy): parse headers contain colon Signed-off-by: bogay <pojay11523@gmail.com> * test(apiclient): headers in wrong format Signed-off-by: bogay <pojay11523@gmail.com> --------- Signed-off-by: bogay <pojay11523@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * docs: Fix some awkward phrasing in `core.md` (#17412) Signed-off-by: Nate Douglas <ndouglas@users.noreply.github.com> * docs (aks cluster): update workloadidentity documentation (#17401) Signed-off-by: duncan485 <bakkerduncan@gmail.com> * docs: remove repetitive words (#17430) Signed-off-by: hishope <csqiye@126.com> * feat(cli): enable --app-namespace flag for argocd app subcommand (#17437) * add --app-namespace flag for set/unset command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * add --app-namespace flag for add-source/remove-source command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * fix bug, handle array out of-bound when --source-index=len(source) Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * add documentation Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> --------- Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * docs: Clarify for `valueFiles` behaviour with `path` field (#17431) This commit adds clarification by explaining that `valueFiles` must be a relative path to the root of sources, even if the `path` field is set. Signed-off-by: Takahiro Suzuki <tkasuz.dev@gmail.com> Signed-off-by: tkasuz <takahiro.suzuki@hennge.com> * docs: Small edits to `docs/user-guide/application-set.md` (#17434) * Update application-set.md Signed-off-by: Nate Douglas <ndouglas@users.noreply.github.com> * Make example code consistent with examples elsewhere. Signed-off-by: Nathan Douglas <github@darkdell.net> --------- Signed-off-by: Nate Douglas <ndouglas@users.noreply.github.com> Signe…
NagendraOpsmx
added a commit
to OpsMx/argo-cd
that referenced
this pull request
Apr 2, 2024
* docs: Update signed-release-assets.md (#16755) Missing \ in example Signed-off-by: mfreeman451 <mfreeman451@gmail.com> * Document restarting argocd after modifying argocd-cm (#12405) Signed-off-by: Lie Ryan <lie.1296@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * fix: support specifying username/password for redis holding manifests in argocd-server (#16786) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * fix: add list permission deployments (#16785) * add list permissions for deployments to application controller Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * revert redis-ha chart changes Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * revert redis-ha chart changes Signed-off-by: ishitasequeira <ishiseq29@gmail.com> --------- Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * chore(manifests): add ClsuterRole/ClusterRoleBinding for applicationset controller. (#16699) Closes https://github.com/argoproj/argo-cd/issues/16698. Signed-off-by: mugioka <okamugi0722@gmail.com> * Added socks5 proxy support for ssh based git URL, upgraded go-git to 5.10.1 (#15864) Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Added Openkruise workload integration health check scripts (#16238) Signed-off-by: Mahesh <maheshkasbe010@gmail.com> Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> * fix: allow to run codegen outside GOPATH (#16511) * fix: allow to run codegen outside GOPATH Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * clientgen Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * openapigen Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * remove ensure-gopath Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix: Use the cache for sharding (#15237) * feat(sharding): use a cache Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * cluster cmd Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * - Assign shard 0 to in-cluster cluster and nil check updates - Caching clusters while sharding: Fixing unit tests - Update generated docs - Debug e2e tests - Default the shardNumber to the number of replicas if it is calculated to a higher value - defered Unlock only when a lock is set - Disabling temporarly other versions of k3s to check if e2e passes - Do not fail if hostname format is not abc-n - Fix unit test and skip some e2e - Skip TestGitSubmoduleHTTPSSupport test - Remove breaking defer c.lock.Unlock() - Reverting testing all k3s version - Default sharding fix Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * fixes related to code review: renaming structure param, moving db initialisation Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Code review Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Set default shard to 0 Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Set different default value for Sts and Deployment mode Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Expose ClusterShardingCache Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Removing use of argoDB.db for DistributionFunction Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Update generated documentation Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> * Fix comment about NoShardingDistributionFunction and NoShardingAlgorithm Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> Signed-off-by: Akram Ben Aissi <akram.benaissi@gmail.com> Co-authored-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix(manifests): applicationset-controller dir is not added to cluster-rbac/kustomization.yaml. (#16810) * fix(manifests): applicationset-controller dir is not added to cluster-rbac/kustomization.yaml. Related PR: https://github.com/argoproj/argo-cd/pull/16699. I missed adding a new folder(applicationset-controller) to kustomization.yaml. So, i addressed it. Signed-off-by: mugioka <okamugi0722@gmail.com> * chore: exec `make manifests`. Signed-off-by: mugioka <okamugi0722@gmail.com> * chore: exec `make manifests`. Signed-off-by: mugioka <okamugi0722@gmail.com> --------- Signed-off-by: mugioka <okamugi0722@gmail.com> * typo in comment (#16834) Signed-off-by: eddimull <eddimull@gmail.com> * feat: adding option to specify an aws profile to use by the argocd-server when adding a EKS cluster (#16767) useful for argocd-servers which are not running in AWS and want to add multiple EKS clusters using separate keys instead of assuming roles #16766 Signed-off-by: Isaac Gaskin <isaac.gaskin@circle.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> * fix: enforce content type header for API requests (#16860) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * adding tests for githandlers (#16678) Signed-off-by: zhaque44 <haque.zubair@gmail.com> * fix: added logging if repo credentials collide (#16833) Signed-off-by: doxsch <28098153+doxsch@users.noreply.github.com> * fix(cli): add support for Application in any namespace for app wait (argoproj#16812) (#16816) Use fully qualified application names in ApplicationWaitCommand Closes: #16812 Signed-off-by: Sergiy Kulanov <sergiy_kulanov@epam.com> * docs: Add LinkedIn badge to README.md (#16889) Signed-off-by: Yuan Tang <terrytangyuan@gmail.com> * update follow-redirects to 1.15.5 (#16899) Signed-off-by: Regina Scott <rescott@redhat.com> * chore: allow @approvers-docs to approve readme.md (#16897) Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * Adding CNCF blog to readme file (#16893) Signed-off-by: Chetan Deshmukh <cdeshmukh@infracloud.io> * docs: Update Azure AD to Entra ID (#16869) * Update Azure AD to Entra ID https://learn.microsoft.com/en-us/entra/fundamentals/new-name Signed-off-by: Ryan Flynn <mr.ryanflynn@gmail.com> * Add formerly known as azuread Signed-off-by: Ryan Flynn <mr.ryanflynn@gmail.com> --------- Signed-off-by: Ryan Flynn <mr.ryanflynn@gmail.com> * chore: Preventing runnings jobs when updating documentation (#16706) * Preventing runnings jobs when updating documentation Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@cimpress.com> * Empty line added to .md file Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@cimpress.com> --------- Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@cimpress.com> Co-authored-by: Aymen Ben Tanfous <aymen.bentanfous@cimpress.com> * chore(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.11.0 (#16711) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.8.1 to 5.11.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.8.1...v5.11.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(cli): add support for Application in any namespace for `app delete` cmd (#16898) Use fully qualified application names when operate with Applications Closes: #16896 Signed-off-by: Sergiy Kulanov <sergiy_kulanov@epam.com> * docs: Fixed Slugify doc in GoTemplate.md (#16685) * docs: Fixed Slugify doc in GoTemplate.md Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@gmail.com> * Update docs/operator-manual/applicationset/GoTemplate.md Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@gmail.com> * Update docs/operator-manual/applicationset/GoTemplate.md Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@gmail.com> --------- Signed-off-by: Aymen Ben Tanfous <aymen.bentanfous@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * Initialize & send forceHttpBasicAuth & enableOCI params correctly during repo update from UI (#16794) * feat(health): support for distribution aws.crossplane.io resource (#16827) Signed-off-by: nueavv <nuguni@kakao.com> * fix(ui): set content-type for certain UI requests (#16923) (#16930) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * feat(controller): add sync jitter(#14241) (#16820) * feat(controller): add sync jitter Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * convert to duration for simplicity Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * docs Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * add config to manifests Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix tests Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix(action): Add validation for Kustomize Build Options white space (#16704) Signed-off-by: Sergey Lanzman <sergeylanz@gmail.com> * Revert "chore: Preventing runnings jobs when updating documentation (#16706)" (#16943) This reverts commit 65869a3860c7555b3ea7a962db44cc9b05f7e333. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * feat: Add PITS Globale Datenrettungsdienste to user list (#16765) * Add PITS Globale Datenrettungsdienste to user list Signed-off-by: Arnold <87698848+arnoldberlin@users.noreply.github.com> * Update USERS.md Signed-off-by: Arnold <87698848+arnoldberlin@users.noreply.github.com> --------- Signed-off-by: Arnold <87698848+arnoldberlin@users.noreply.github.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> * separate application controller roles into a separate manifests directory (#16884) Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * fix(ui): fix display banner when not explicit set position (#16741) Signed-off-by: linghaoSu <linghao.su@daocloud.io> * fix(appcontroller): Uptake fix in gitops engine which fixes application sync with auto create ns and server side apply (#16942) * Uptake fix in gitops engine to fix auto create ns with server side apply Signed-off-by: anandf <anjoseph@redhat.com> * Moved the new e2e test to different location Signed-off-by: anandf <anjoseph@redhat.com> * Fix test name to be less than 63 char for creating ns Signed-off-by: anandf <anjoseph@redhat.com> * update gitops-engine with latest master Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> --------- Signed-off-by: anandf <anjoseph@redhat.com> Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> Co-authored-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * docs: Update argocd-cm.yaml bannerposition description (#16961) (#16962) Signed-off-by: Keith Chong <kykchong@redhat.com> * docs: Added an example of downloading the latest stable version (#16968) * added an example of downloading the latest stable version Signed-off-by: Christian Hernandez <christian@chernand.io> * Update docs/cli_installation.md Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> Signed-off-by: Christian Hernandez <christianh814@users.noreply.github.com> --------- Signed-off-by: Christian Hernandez <christian@chernand.io> Signed-off-by: Christian Hernandez <christianh814@users.noreply.github.com> Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> * feat(health): support for resourcerecordsets aws.crossplane.io resource (#16823) Signed-off-by: nueavv <nuguni@kakao.com> * chore(deps): rm go-jose Cxb6dee8d5-b814 high vuln (#16947) Signed-off-by: fengshunli <1171313930@qq.com> * fix(server): allow disabling content-type check (#16959) * fix(server): allow disabling content-type check Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * fix spacing Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * Clean up repeated package import (#16987) Signed-off-by: Zechun Chen <zechun.chen@daocloud.io> * docs(helm): add example of public oci chart (#17000) There doesn't appear to be an example of using an OCI helm chart repository, so this adds a simple declarative example. This is a common question from the community. Signed-off-by: Nicholas Morey <nicholas@morey.tech> * Badge for apps in any namespace (#16739) Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> Co-authored-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * docs(helm): fix yaml formatting on code block (#17001) Signed-off-by: Nicholas Morey <nicholas@morey.tech> * fix(redis): go-redis v9 regression missing metrics and reconnect hook (#13415) (#15275) * fix(redis): go-redis v9 regression missing metrics and reconnect hook Signed-off-by: phanama <yudiandreanp@gmail.com> * fix: golangci lint return values not checked in tests Signed-off-by: phanama <yudiandreanp@gmail.com> * chore: move dnsError var locally into func Signed-off-by: phanama <yudiandreanp@gmail.com> --------- Signed-off-by: phanama <yudiandreanp@gmail.com> * Fix typo in documentation (#17022) Signed-off-by: saeedhosseini <saeedhosseini21@gmail.com> * feat: Prune resources in reverse order of syncwave during sync (#15074) (#16748) * Add e2e & doc for prune order during sync Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> * Point gitops-engine to fork with reverse prune changes Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> * Fix ci linting failures Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> * Update gitops-engine commit ref Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> --------- Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com> * docs(applicationset): explain impact of empty spec in templatePatch (#17042) * docs: explain impact of empty spec in templatePatch Signed-off-by: Nicholas Morey <nicholas@morey.tech> * fix: not conditional helm values Signed-off-by: Nicholas Morey <nicholas@morey.tech> --------- Signed-off-by: Nicholas Morey <nicholas@morey.tech> * docs(kustomize): add components yaml example (#17043) Signed-off-by: Nicholas Morey <nicholas@morey.tech> * docs(argocd-cm): add timeout.reconciliation.jitter example (#17044) Signed-off-by: Nicholas Morey <nicholas@morey.tech> * docs(hooks): add postdelete to table (#17048) Add `PostDelete` to the hooks table, and clean up wording and old availability statement (all the way back to v1, probably irrelevant). Signed-off-by: Nicholas Morey <nicholas@morey.tech> * Corrected certificate managment for OCI helm charts (#16656) Signed-off-by: Andrew Block <andy.block@gmail.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> * chore: use kubernetes 1.29.0 in CI (#17050) Keeping 1.25 for now. Signed-off-by: Shyukri Shyukriev <shukera@gmail.com> * chore(deps): bump Helm to 3.14.0 (#17031) (#17032) * bump helm to 3.14.0 Signed-off-by: Simon HEGE <simonhege@gmail.com> * Add a note about helm bump in upgrade instructions Signed-off-by: Simon HEGE <simonhege@gmail.com> --------- Signed-off-by: Simon HEGE <simonhege@gmail.com> * chore(deps): bump github.com/evanphx/json-patch (#17021) Bumps [github.com/evanphx/json-patch](https://github.com/evanphx/json-patch) from 5.6.0+incompatible to 5.9.0+incompatible. - [Release notes](https://github.com/evanphx/json-patch/releases) - [Commits](https://github.com/evanphx/json-patch/compare/v5.6.0...v5.9.0) --- updated-dependencies: - dependency-name: github.com/evanphx/json-patch dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Upgrade aws-sdk-go to support eks pod identity (#17063) * chore: Upgrade aws-sdk-go to support eks pod identity --------- Signed-off-by: Carlos Santana <carrlos@amazon.com> Co-authored-by: Mathieu Bruneau <brunemat@amazon.com> * add cogen for notifications Signed-off-by: Carlos Santana <carrlos@amazon.com> --------- Signed-off-by: Carlos Santana <carrlos@amazon.com> Co-authored-by: Mathieu Bruneau <brunemat@amazon.com> * fix: removed pkce code challange check for WebUI (#16730) Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * chore(ci): bump k3s versions to latest patches (#17060) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * feat: add prometheus metrics around proxy extension requests (#17012) * feat: add prometheus metrics around proxy extension requests Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * update go.mod Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix metrics bugs Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix unit-test Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * Add unit suffix in the duration metric Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * update doc Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> --------- Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix(ci): correct helm checksum path (#17081) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * fix(controller): fix application controller deployment crashing (#16984) * fix application controller deployment crashing and update manifests Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * remove environment variable ARGOCD_ENABLE_DYNAMIC_CLUSTER_DISTRIBUTION Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * fix auto-generated docs Signed-off-by: ishitasequeira <ishiseq29@gmail.com> --------- Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * chore: improve error logs (#10592) (#17089) Signed-off-by: Bardia Heydari <az.bardia13@gmail.com> * DOC: add Fly Security and Telavita in USERS.md (#17076) Signed-off-by: Gustavo Esser <esser1997@hotmail.com> * fix(ui): prevent app name too long hide open icon (#16983) * fix(ui): prevent app name too long hide open icon Signed-off-by: linghaoSu <linghao.su@daocloud.io> * fix(ui): fix app resource list lint Signed-off-by: linghaoSu <linghao.su@daocloud.io> --------- Signed-off-by: linghaoSu <linghao.su@daocloud.io> * fix: log all token verification failures (#16625) * fix: log all token verification failures Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * better Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * feat: add health-checks for eck elastic beat (#16563) * feat: add health-checks for eck elastic beat Signed-off-by: ebuildy <ebuildy@gmail.com> * fix tests Signed-off-by: ebuildy <ebuildy@gmail.com> --------- Signed-off-by: ebuildy <ebuildy@gmail.com> * docs(proposal): decoupling app sync from control plane user w/ impersonation (#14255) * Proposal for decoupling application sync from control plane user using impersonation Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Moved the proposal document to the right directory Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Modified the proposal to have control in AppProjects alone instead of Application and AppProject Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Removed proposal placed in wrong directory and corrected examples Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Addressed review comments Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Additional corrections Signed-off-by: anandf <anjoseph@redhat.com> * Fixed alternative proposals section to include only AppProject based approach Signed-off-by: anandf <anjoseph@redhat.com> * Added information on impersonation and added related links Signed-off-by: anandf <anjoseph@redhat.com> * Added examples for remote cluster destination with the required RBAC access Signed-off-by: anandf <anjoseph@redhat.com> * Fixed clusterrole and clusterrolebinding creation commands Signed-off-by: anandf <anjoseph@redhat.com> * Addressed review comments from Akram Signed-off-by: anandf <anjoseph@redhat.com> * Corrected RBAC to include serviceaccounts that can be impersonated as swell Signed-off-by: anandf <anjoseph@redhat.com> * Address few more review comments from Ishita, Akram Signed-off-by: anandf <anjoseph@redhat.com> * Fixed a typo and updated the last updated date field Signed-off-by: anandf <anjoseph@redhat.com> * Added information of the sync hook behaviour and also corrected the namespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Changed proposal to meet the latest api design using destinationServiceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Fixed proposal document to use destinationServiceAccounts struct Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Renamed proposal file to have .md extension Signed-off-by: anandf <anjoseph@redhat.com> * Using glob pattern instead of regex, and corrected the order of precedence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com> --------- Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> Signed-off-by: anandf <anjoseph@redhat.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * chore(ci): run ci checks conditionally (#16982) * chore(ci): run ci checks conditionally This should prevent docs changes from having the need to run e2e tests etc, and prevent backend changes from needing to run ui tests, and vice versa. This is similar to previous attempts (see #16706 and #13507), with the difference here that we add the if checks on each _step_ rather than each _job_ - the reason being that most of these jobs are required, and if we skip whole jobs any PR which does this will be left hanging indefinitely, so Github forces us to do this on a step level instead. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * chore(ci): run ci checks conditionally Try conditional jobs, according to https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/troubleshooting-required-status-checks#handling-skipped-but-required-checks Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * chore(ci): add composite test-e2e action This is a workaround for the e2e tests which do not run yet report `pending` when they are actually skipped. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> --------- Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Remington Breeze <remington@breeze.software> Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> * fix(ui): Change path to "root" when path is root directory (#14949) * change path to display root Signed-off-by: Eshwar Hebbur Shivakumar <eshwar1011235@gmail.com> * Fix inequality typo Signed-off-by: Eshwar Hebbur Shivakumar <eshwar1011235@gmail.com> * Fix lint issues Signed-off-by: Eshwar Hebbur Shivakumar <eshwar1011235@gmail.com> --------- Signed-off-by: Eshwar Hebbur Shivakumar <eshwar1011235@gmail.com> * typo `registires` -> `registries` (#17099) Signed-off-by: Adam Huganir <adam@huganir.com> * Updated otelgrpc to remediate CVE found by JFrog Xray (#17084) Signed-off-by: Tal Yitzhak <taly@lightrun.com> Co-authored-by: Tal Yitzhak <taly@lightrun.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * docs(webhook): use real cm name instead of placeholder (#17002) The document says I should registed configMap named argocd-notifications-cm but then uses placeholder in examples. Signed-off-by: Petr Studeny <studenyp@gmail.com> * docs: Update Okta OIDC SSO docs (#13811) * Update the Okta SSO docs * fill out the OIDC section with step-by-step instructions on using Okta with custom authorization servers * adjust outdated docs about updating the docs Signed-off-by: Jonas Courteau <jonas.courteau@abcellera.com> * Add the Okta version that these docs are written against Signed-off-by: Jonas Courteau <jonas.courteau@abcellera.com> --------- Signed-off-by: Jonas Courteau <jonas.courteau@abcellera.com> Signed-off-by: Dan Garfield <dan@codefresh.io> Co-authored-by: Dan Garfield <dan@codefresh.io> * Add a description for using contour httpproxy CRD (#14614) Which allows you to reuse the same hostname. Co-authored-by: Boris Smidt <boris.smidt@restore.eu> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix: ci failures (#17107) Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * chore(deps): bump library/golang from 1.21.3 to 1.22.0 in /test/remote (#17111) Bumps library/golang from 1.21.3 to 1.22.0. --- updated-dependencies: - dependency-name: library/golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump yarn from 1.22.10 to 1.22.13 in /ui-test (#17092) Bumps [yarn](https://github.com/yarnpkg/yarn) from 1.22.10 to 1.22.13. - [Release notes](https://github.com/yarnpkg/yarn/releases) - [Changelog](https://github.com/yarnpkg/yarn/blob/master/CHANGELOG.md) - [Commits](https://github.com/yarnpkg/yarn/compare/1.22.10...v1.22.13) --- updated-dependencies: - dependency-name: yarn dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/redis from 7.0.11 to 7.2.4 in /test/container (#16806) Bumps library/redis from 7.0.11 to 7.2.4. --- updated-dependencies: - dependency-name: library/redis dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps-dev): bump yarn from 1.22.10 to 1.22.21 in /ui (#17096) Bumps [yarn](https://github.com/yarnpkg/yarn) from 1.22.10 to 1.22.21. - [Release notes](https://github.com/yarnpkg/yarn/releases) - [Changelog](https://github.com/yarnpkg/yarn/blob/master/CHANGELOG.md) - [Commits](https://github.com/yarnpkg/yarn/compare/1.22.10...v1.22.21) --- updated-dependencies: - dependency-name: yarn dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix the typo (#17116) * chore(deps): bump library/node from 20.6.1 to 21.6.1 (#17053) Bumps library/node from 20.6.1 to 21.6.1. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/node from 20.7.0 to 21.6.1 (#17065) Signed-off-by: fengshunli <1171313930@qq.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix(kustomize): set build dir (#15057) #16229 #16652 (#16653) * use repo root, not app path Signed-off-by: Prune <prune@lecentre.net> correct patch Signed-off-by: Prune <prune@lecentre.net> * use Getwd to find the root path for diff commands Signed-off-by: Prune <prune@lecentre.net> * set dot a default for argo app commands Signed-off-by: Prune <prune@lecentre.net> * revert default values Signed-off-by: Prune <prune@lecentre.net> * patch diff in TestNamespacedResourceDiffing Signed-off-by: Prune <prune@lecentre.net> * patching some diff and sync Signed-off-by: Prune <prune@lecentre.net> * patch remaining diff in error Signed-off-by: Prune <prune@lecentre.net> --------- Signed-off-by: Prune <prune@lecentre.net> * chore(ci): tweak backend filters (#17134) The existing backend filters get triggered even on frontend-only or docs-only changes, which should not be the case. The reason for this seems to be the fact that each filter line is ORed rather than ANDed. To remedy this, we put all the filters on the same line. I tried the filter out in a REPL (https://runkit.com/blakepettersson/65c3daba99653f0008c74eda). This is a filter using picomatch (the same library `dorny/paths-filter` uses). Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * docs: fix error in toolchain setup (#17154) Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * chore(dex): 2.37.0 to 2.38.0 (#17157) Signed-off-by: asingh51 <ashutosh_singh@intuit.com> Co-authored-by: asingh51 <ashutosh_singh@intuit.com> * feat: Add support for passing Redis Sentinel username(ACL) and password (#17168) * Add support for passing Sentinel username and password Signed-off-by: ShlomiTubul <shlomi.tubul@placer.ai> * fix align with var naming Signed-off-by: ShlomiTubul <shlomi.tubul@placer.ai> * fix align with var naming Signed-off-by: ShlomiTubul <shlomi.tubul@placer.ai> --------- Signed-off-by: ShlomiTubul <shlomi.tubul@placer.ai> Co-authored-by: ShlomiTubul <shlomi.tubul@placer.ai> * fix: stop initializing deployment informer if dynamic sharding is disabled (#17097) * fix: stop initializing deployment informer if dynamic sharding is disabled Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * feat: updated sharding cache getter func Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> --------- Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * feat: query escape function for notifications (#16343) Signed-off-by: Jan Schumann <js@schumann-it.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * Update triggers doc to fix typo (#17185) Signed-off-by: David Grizzanti <dgrizzanti@users.noreply.github.com> * docs: fixes Template.md targetRevision typo (#17190) * Template.md targetRevision typo fixed Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> * retrigger checks Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> * sign off Signed-off-by: chidambaram27 <chidambaramk.27@gmail.com> Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> * sign off Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> --------- Signed-off-by: Ajay Chidambaram <105060495+chidambaram27@users.noreply.github.com> Signed-off-by: chidambaram27 <chidambaramk.27@gmail.com> * docs: Private-helm-repo section target added to helm.md (#16697) * helm-repo Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * Update docs/user-guide/helm.md Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> --------- Signed-off-by: Surajyadav <harrypotter1108@gmail.com> Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * fix: infer correct shard in statefulset setup (#17124, #17016) (#17167) * fix: infer correct shard in statefulset setup Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix the case if only a single replica Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: resolving pointer on shard compare Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: add readlock for cluster accessor Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: use defer to protect access of 'shard' Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: revert locking in getclusteraccessor Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: handle nil shard case Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: handle any nil shard value as false Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: handle nil case and fix another missing pointer dereference Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * revert Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: added tests and fixed some behaviour bugs Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * test: add test to validate that Shard value is not overriden Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * fix: added tests and fixe the case when server is changed inside a secret Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * tests: add test cases for infering the shard logic Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> --------- Signed-off-by: Lukas Wöhrl <lukas.woehrl@plentymarkets.com> * feat: wait until resources are deleted #6085 (#16733) * feat: wait until resources are deleted Signed-off-by: MichaelMorris <michael.morris@est.tech> * Added unit and e2e test Signed-off-by: MichaelMorris <michael.morris@est.tech> --------- Signed-off-by: MichaelMorris <michael.morris@est.tech> * fix(controller): add missing workqueue metrics (#16315) (#17013) * fix(controller): add missing kubernetes metrics Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * validate workqueue metrics are present Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * use newer metrics registry Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix duplicated Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * init runtime controller in test to have correct metrics Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> * fix lint error Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * update controller-runtime to remove metrics with high cardinality Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com> Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * chore(deps): upgrade helm to 3.14.1 (#17213) * chore(deps): upgrade helm to 3.14.1 Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * move files to folder...... Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> --------- Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com> * docs: Add PayIt to USERS.md (#17215) * docs: Add PayIt to USERS.md Signed-off-by: Matt Menzenski <matt@payitgov.com> * docs: Add PayIt to USERS.md Signed-off-by: Matt Menzenski <matt@payitgov.com> --------- Signed-off-by: Matt Menzenski <matt@payitgov.com> * docs: Add Nextbasket to USERS.md (#17228) Signed-off-by: NextBasket-Petyo <100193556+NextBasket-Petyo@users.noreply.github.com> * fix: Permission Denied error when calling GetAppDetails API (#17221) (#17229) Signed-off-by: Keith Chong <kykchong@redhat.com> * Count git checkout failures (#15657) Signed-off-by: Mikołaj Przybysz <1093404+mikolajprzybysz@users.noreply.github.com> Co-authored-by: Mikołaj Przybysz <1093404+mikolajprzybysz@users.noreply.github.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * chore(deps): bump library/node from 21.6.1 to 21.6.2 in /ui-test (#17226) Bumps library/node from 21.6.1 to 21.6.2. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/node from 21.6.1 to 21.6.2 (#17223) Bumps library/node from 21.6.1 to 21.6.2. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/golang in /test/remote (#17138) Bumps library/golang from `094e47e` to `ef61a20`. --- updated-dependencies: - dependency-name: library/golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * feat(grafana-dashboard): Update example dashboard, add AppSet Telemetry (#17232) Signed-off-by: lukepatrick <lukephilips@gmail.com> * chore(deps): bump library/node from `6fb1883` to `65998e3` in /ui-test (#17245) Bumps library/node from `6fb1883` to `65998e3`. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump library/golang in /test/remote (#17244) Bumps library/golang from `ef61a20` to `7b297d9`. --- updated-dependencies: - dependency-name: library/golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add `AppName` to the RepoServerAppDetailsQuery for notification-controller (#17233) Signed-off-by: Dong Wang <wd@wdicc.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/node from `50703e6` to `65998e3` (#17243) Bumps library/node from `50703e6` to `65998e3`. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * docs: Update USERS.md (#17248) * Update USERS.md Signed-off-by: itayvolo <72027444+itayvolo@users.noreply.github.com> * Update USERS.md Signed-off-by: itayvolo <72027444+itayvolo@users.noreply.github.com> * Update USERS.md Signed-off-by: itayvolo <72027444+itayvolo@users.noreply.github.com> --------- Signed-off-by: itayvolo <72027444+itayvolo@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * docs(metrics): add release label to haproxy (#17264) Add missing `release` label to `argocd-redis-haproxy-metrics` ServiceMonitor example. Signed-off-by: Gaston Festari <cilindrox@gmail.com> * docs: Fix typo in notifications example (#17250) * Fix typo in notifications example I'm not too sure what the example should look like, so I'm taking a guess here. Signed-off-by: Adrian Moisey <adrian@changeover.za.net> * Update docs/operator-manual/notifications/troubleshooting.md Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> Signed-off-by: Adrian Moisey <adrian@changeover.za.net> --------- Signed-off-by: Adrian Moisey <adrian@changeover.za.net> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> * Update contributors-quickstart.md (#17266) Signed-off-by: Dan Garfield <dan@codefresh.io> * reduce unnecessary unmarshal (#17187) Signed-off-by: Wilson Wang <wilson.wang@bytedance.com> * fix typo (#17272) Signed-off-by: Oscar Wieman <oscar@oscarr.nl> * docs: Added examples for alternate EKS cluster authentication methods (#17270) * Added examples for alternate EKS cluster authentication methods Signed-off-by: Damon Edstrom <dedstrom@venerated.io> * Update docs/operator-manual/declarative-setup.md Signed-off-by: Dan Garfield <dan@codefresh.io> Signed-off-by: Dan Garfield <dan@codefresh.io> --------- Signed-off-by: Dan Garfield <dan@codefresh.io> Co-authored-by: Dan Garfield <dan@codefresh.io> * docs for PR #9791 (#16021) Signed-off-by: mzain <zainawan89@gmail.com> * chore(ci): use changed files action (#17180) `dorny/paths-filter` doesn't seem to handle (multiple) negations well. Therefore, this PR switches to `tj-actions/changed-files`, since it is already successfully used in argo-workflows. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * fix(ui): Include application name in status badge (#17126) * Added application name to badge Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Rever svg change Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Doc for disabling application name Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Flag to not display application name Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Added tests Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Make no app name the default Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Have enable app name as a query parameter Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Have enable app name as a query parameter Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * argocd to original Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> * Update docs/user-guide/status-badge.md Signed-off-by: Dan Garfield <dan@codefresh.io> Signed-off-by: Dan Garfield <dan@codefresh.io> --------- Signed-off-by: sshenoy6 <sonamkaup_shenoy@intuit.com> Signed-off-by: Dan Garfield <dan@codefresh.io> Co-authored-by: sshenoy6 <sonamkaup_shenoy@intuit.com> Co-authored-by: Dan Garfield <dan@codefresh.io> * fix: Update test image ssl/crypto libs (#17303) Signed-off-by: Carlos Santana <csantana23@gmail.com> * chore(deps-dev): bump postcss from 8.2.13 to 8.4.35 in /ui (#17140) Bumps [postcss](https://github.com/postcss/postcss) from 8.2.13 to 8.4.35. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.2.13...8.4.35) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/redis in /test/container (#17137) Bumps library/redis from `cc8b0b8` to `11c3e41`. --- updated-dependencies: - dependency-name: library/redis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump react-helmet and @types/react-helmet in /ui (#11556) Bumps [react-helmet](https://github.com/nfl/react-helmet) and [@types/react-helmet](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-helmet). These dependencies needed to be updated together. Updates `react-helmet` from 5.2.1 to 6.1.0 - [Release notes](https://github.com/nfl/react-helmet/releases) - [Changelog](https://github.com/nfl/react-helmet/blob/master/CHANGELOG.md) - [Commits](https://github.com/nfl/react-helmet/commits/6.1.0) Updates `@types/react-helmet` from 5.0.19 to 6.1.6 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-helmet) --- updated-dependencies: - dependency-name: react-helmet dependency-type: direct:production update-type: version-update:semver-major - dependency-name: "@types/react-helmet" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump bitnami/kubectl in /test/container (#14220) Bumps bitnami/kubectl from `670fe3f` to `14ab746`. --- updated-dependencies: - dependency-name: bitnami/kubectl dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore: add Rocket.Chat to users (#17306) Signed-off-by: Debdut Chakraborty <debdutdeb@outlook.com> * chore(deps): bump library/ubuntu in /test/container (#13409) Bumps library/ubuntu from `9a0bdde` to `67211c1`. --- updated-dependencies: - dependency-name: library/ubuntu dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump library/redis in /test/container (#17309) Bumps library/redis from `11c3e41` to `e647cfe`. --- updated-dependencies: - dependency-name: library/redis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump library/registry in /test/container (#13050) Bumps library/registry from `41f413c` to `b209a41`. --- updated-dependencies: - dependency-name: library/registry dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * chore(deps): bump library/busybox in /test/e2e/multiarch-container (#14592) Bumps library/busybox from `2376a0c` to `3fbc632`. --- updated-dependencies: - dependency-name: library/busybox dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix: use simple python image to build mkdocs (#17313) * fix: use simple python image to build mkdocs Signed-off-by: Carlos Santana <csantana23@gmail.com> * use python 3.7 Signed-off-by: Carlos Santana <csantana23@gmail.com> --------- Signed-off-by: Carlos Santana <csantana23@gmail.com> * chore(deps): bump library/registry in /test/container (#17317) Bumps library/registry from `b209a41` to `f4e1b87`. --- updated-dependencies: - dependency-name: library/registry dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs: fixed name of environment variable and config map property enabling scm providers for applicationsets (#17326) Signed-off-by: Juliusz <juliusz.jaksa@xylem.com> Co-authored-by: Juliusz <juliusz.jaksa@xylem.com> * fix(ui): Added dashed line between collapsed sections in Compact-diff (#17173) * dashed-line-breaker Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * dark-mode Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * dark-mode-text-fix Signed-off-by: Surajyadav <harrypotter1108@gmail.com> --------- Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * fix: multi-source app breaks application parameters UI (#16910) (#17033) Signed-off-by: Keith Chong <kykchong@redhat.com> * chore(deps): upgrade helm to 3.14.2 (#17330) * chore(deps): upgrade helm to 3.14.2 Signed-off-by: David Bunn <david.bunn@prodigygame.com> * Signing commit Signed-off-by: David Bunn <david.bunn@prodigygame.com> --------- Signed-off-by: David Bunn <david.bunn@prodigygame.com> * chore(deps): bump library/node from 21.6.1 to 21.6.2 in /test/container (#17316) Bumps library/node from 21.6.1 to 21.6.2. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> * fix: The argocd server api-content-type flag does not allow empty content-type header (#17331) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * fix(ui): The tiles in Applications List are too wide #17220 (#17340) * fix(ui): The tiles in Applications List are too wide Signed-off-by: Rafal Pelczar <rafal@akuity.io> * change min width of app tiles Signed-off-by: Rafal Pelczar <rafal@akuity.io> --------- Signed-off-by: Rafal Pelczar <rafal@akuity.io> * chore(notifications): remove unneeded operations from templates (#17307) * chore(deps): bump library/ubuntu in /test/container (#13409) Bumps library/ubuntu from `9a0bdde` to `67211c1`. --- updated-dependencies: - dependency-name: library/ubuntu dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Michael Firestone <mike.firestone@electriphi.ai> * rm unneeded operations from templates Signed-off-by: Michael Firestone <firestonem@gmail.com> Signed-off-by: Michael Firestone <mike.firestone@electriphi.ai> * rm more unneeded ops Signed-off-by: Michael Firestone <mike.firestone@electriphi.ai> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Michael Firestone <mike.firestone@electriphi.ai> Signed-off-by: Michael Firestone <firestonem@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michael Firestone <mike.firestone@electriphi.ai> * feat: allow webhook settings to be referenced by external secret (#16262) Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@ledger.fr> * feat: Add app data to sharding cache to allow sharding by apps (#17014) * Adding app list to sharding cache Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Add shard by apps test Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Fix lint Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Add coverage to test Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Fix lint Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Converted cluster/app accesors to private, add apps-in-any-namespace suport in shardingcache init, added read lock to GetAppDistribution Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * Fix tests Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> --------- Signed-off-by: Andrew Lee <andrewkl@enclavenet.com> * docs: Update USERS.md (#17371) Hi, I added IABAI as using officially ArgoCD Signed-off-by: Andrea Sannuto <andrea@iab.ai> * feat: add cli commands to add/delete sourceNamespaces from AppProject (#17337) * Add cli to add/delete sourceNamespaces Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update command/comments Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update command/comments(1) Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update user-guide docs Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * Retrigger CI pipeline Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * add check for '*' & rename command to remove-source-namespace Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update command/comments(2) Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * update command/comments(3) Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * Retrigger CI pipeline Signed-off-by: Raghavi Shirur <rshirur@redhat.com> --------- Signed-off-by: Raghavi Shirur <rshirur@redhat.com> * feat: add ability to auto label clusters from k8s clusterinfo (#17289) * feat: add ability to auto label clusters This gives the ability to automatically label cluster secrets on a cluster-by-cluster basis. If `enableClusterInfoLabels` is set on a cluster secret, the controller will (eventually) label the cluster secret with the current k8s version detected by the cluster info. This needs documentation, e2e tests, as well as CLI/UI additions. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * refactor: use labels instead of secret data This is easier to work with, especially in the context where we need this feature. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * docs: add description on how to use dynamic labeling Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> --------- Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> * chore(ci): free up disk space for goreleaser (#17373) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * fix(ui): Dark-mode-enhancements (#17241) * dark-mode-enhancements Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * monaco Signed-off-by: Surajyadav <harrypotter1108@gmail.com> --------- Signed-off-by: Surajyadav <harrypotter1108@gmail.com> Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> * feat: add cli commands to add/remove sources for multi-source applications (#17310) * Initial commit Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * add cli commands to add/remove sources for multi-source app Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * add checks Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * add docs Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * refactor code and update tests Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * add removed additional switch case Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * fix suggested nits Signed-off-by: ishitasequeira <ishiseq29@gmail.com> --------- Signed-off-by: ishitasequeira <ishiseq29@gmail.com> * feat: enable users to run commands related to Argo Applications in any namespace (#17360) * enable --app-namespace falg for application get command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application diff command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application wait command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application rollback command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application patch command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application edit command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application history command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application sync command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * enable --app-namespace falg for application delete command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * cli doc generated Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> --------- Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> * fix: preserve escape codes in repo url of git webhook payload (#17376) Signed-off-by: Eric Bissonnette <ebisso.dev@gmail.com> * fix: disable rate limiting sompletely by default (#17355) Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * docs: use service-name instead of service-id (#17389) * use service-name instead of service-id Signed-off-by: DongHo Jung <dongho971220@gmail.com> * trigger CICD Signed-off-by: DongHo Jung <dongho971220@gmail.com> --------- Signed-off-by: DongHo Jung <dongho971220@gmail.com> * feat: Allow Kustomize common labels to not apply to selectors (#17329) * modify crds Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * cmd opts and test Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * kustomize build and test Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * fix option order and add ancestry to users Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * fix users format Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * generated files Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * set flag value Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * modify crds Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * chore(deps): bump library/registry in /test/container (#17317) Bumps library/registry from `b209a41` to `f4e1b87`. --- updated-dependencies: - dependency-name: library/registry dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * generated files Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * add docs Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * fix doc Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * remove debug prints Signed-off-by: lets-call-n-walk <cw404@hotmail.com> * fix autogen docs Signed-off-by: lets-call-n-walk <cw404@hotmail.com> --------- Signed-off-by: Collin <cwalker@ancestry.com> Signed-off-by: lets-call-n-walk <cw404@hotmail.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Collin Walker <10523817+lets-call-n-walk@users.noreply.github.com> Co-authored-by: Collin <cwalker@ancestry.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(ui): Highlight failing containers in the UI (#17143) * failing container icon added Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * lint-fix Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * .. Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * tried yarn lint-fix Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * margin Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * running Signed-off-by: Surajyadav <harrypotter1108@gmail.com> --------- Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * fix(ui): application-summary-help-icon fix (#17385) * Update application-summary.tsx revision-history icon fix Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> * icons Signed-off-by: Surajyadav <harrypotter1108@gmail.com> --------- Signed-off-by: Suraj yadav <harrypotter1108@gmail.com> Signed-off-by: Surajyadav <harrypotter1108@gmail.com> * chore: add more unit tests around useDiffCache function (#17404) * chore: add more unit tests around useDiffCache function Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix doc Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> --------- Signed-off-by: Leonardo Luz Almeida <leonardo_almeida@intuit.com> * fix(grpcproxy): parse headers contain colon (#13274) (#14294) * fix(grpcproxy): parse headers contain colon Signed-off-by: bogay <pojay11523@gmail.com> * test(apiclient): headers in wrong format Signed-off-by: bogay <pojay11523@gmail.com> --------- Signed-off-by: bogay <pojay11523@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * docs: Fix some awkward phrasing in `core.md` (#17412) Signed-off-by: Nate Douglas <ndouglas@users.noreply.github.com> * docs (aks cluster): update workloadidentity documentation (#17401) Signed-off-by: duncan485 <bakkerduncan@gmail.com> * docs: remove repetitive words (#17430) Signed-off-by: hishope <csqiye@126.com> * feat(cli): enable --app-namespace flag for argocd app subcommand (#17437) * add --app-namespace flag for set/unset command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * add --app-namespace flag for add-source/remove-source command Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * fix bug, handle array out of-bound when --source-index=len(source) Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * add documentation Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> --------- Signed-off-by: Mangaal <angommeeteimangaal@gmail.com> * docs: Clarify for `valueFiles` behaviour with `path` field (#17431) This commit adds clarification by explaining that `valueFiles` must be a relative path to the root of sources, even if the `path` field is set. Signed-off-by: Takahiro Suzuki <tkasuz.dev@gmail.com> Signed-off-by: tkasuz <takahiro.suzuki@hennge.com> * docs: Small edits to `docs/user-guide/application-set.md` (#17434) * Update application-set.md Signed-off-by: Nate Douglas <ndouglas@users.noreply.github.com> * Make example code consistent with examples elsewhere. Signed-off-by: Nathan Douglas <github@darkdell.net> --------- Signed-off-by: Nate Douglas <ndouglas@users.noreply.github.com> Signed-off-by: Natha…
mkieweg
pushed a commit
to mkieweg/argo-cd
that referenced
this pull request
Jun 11, 2024
…onation (argoproj#14255) * Proposal for decoupling application sync from control plane user using impersonation Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Moved the proposal document to the right directory Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Modified the proposal to have control in AppProjects alone instead of Application and AppProject Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Removed proposal placed in wrong directory and corrected examples Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Addressed review comments Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Additional corrections Signed-off-by: anandf <anjoseph@redhat.com> * Fixed alternative proposals section to include only AppProject based approach Signed-off-by: anandf <anjoseph@redhat.com> * Added information on impersonation and added related links Signed-off-by: anandf <anjoseph@redhat.com> * Added examples for remote cluster destination with the required RBAC access Signed-off-by: anandf <anjoseph@redhat.com> * Fixed clusterrole and clusterrolebinding creation commands Signed-off-by: anandf <anjoseph@redhat.com> * Addressed review comments from Akram Signed-off-by: anandf <anjoseph@redhat.com> * Corrected RBAC to include serviceaccounts that can be impersonated as swell Signed-off-by: anandf <anjoseph@redhat.com> * Address few more review comments from Ishita, Akram Signed-off-by: anandf <anjoseph@redhat.com> * Fixed a typo and updated the last updated date field Signed-off-by: anandf <anjoseph@redhat.com> * Added information of the sync hook behaviour and also corrected the namespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Changed proposal to meet the latest api design using destinationServiceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Fixed proposal document to use destinationServiceAccounts struct Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Renamed proposal file to have .md extension Signed-off-by: anandf <anjoseph@redhat.com> * Using glob pattern instead of regex, and corrected the order of precedence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com> --------- Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> Signed-off-by: anandf <anjoseph@redhat.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Hariharasuthan99
pushed a commit
to AmadeusITGroup/argo-cd
that referenced
this pull request
Jun 16, 2024
…onation (argoproj#14255) * Proposal for decoupling application sync from control plane user using impersonation Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Moved the proposal document to the right directory Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/decouple-application-sync-user-using-impersonation Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Modified the proposal to have control in AppProjects alone instead of Application and AppProject Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Removed proposal placed in wrong directory and corrected examples Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Update docs/proposals/decouple-application-sync-user-using-impersonation Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> * Addressed review comments Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Additional corrections Signed-off-by: anandf <anjoseph@redhat.com> * Fixed alternative proposals section to include only AppProject based approach Signed-off-by: anandf <anjoseph@redhat.com> * Added information on impersonation and added related links Signed-off-by: anandf <anjoseph@redhat.com> * Added examples for remote cluster destination with the required RBAC access Signed-off-by: anandf <anjoseph@redhat.com> * Fixed clusterrole and clusterrolebinding creation commands Signed-off-by: anandf <anjoseph@redhat.com> * Addressed review comments from Akram Signed-off-by: anandf <anjoseph@redhat.com> * Corrected RBAC to include serviceaccounts that can be impersonated as swell Signed-off-by: anandf <anjoseph@redhat.com> * Address few more review comments from Ishita, Akram Signed-off-by: anandf <anjoseph@redhat.com> * Fixed a typo and updated the last updated date field Signed-off-by: anandf <anjoseph@redhat.com> * Added information of the sync hook behaviour and also corrected the namespace to match that of destination Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Changed proposal to meet the latest api design using destinationServiceAccounts Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Fixed proposal document to use destinationServiceAccounts struct Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> * Renamed proposal file to have .md extension Signed-off-by: anandf <anjoseph@redhat.com> * Using glob pattern instead of regex, and corrected the order of precedence when multiple matches are available Signed-off-by: anandf <anjoseph@redhat.com> --------- Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com> Signed-off-by: Anand Francis Joseph <anandfrancis.joseph@gmail.com> Signed-off-by: anandf <anjoseph@redhat.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
6 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposal for decoupling the application sync process from the Application controller service account.
Addresses issue #7689
Note on DCO:
If the DCO action in the integration test fails, one or more of your commits are not signed off. Please click on the Details link next to the DCO action for instructions on how to resolve this.
Checklist:
Please see Contribution FAQs if you have questions about your pull-request.