-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: more appset security docs #9466
docs: more appset security docs #9466
Conversation
Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>
Codecov Report
@@ Coverage Diff @@
## master #9466 +/- ##
=======================================
Coverage 45.71% 45.71%
=======================================
Files 221 221
Lines 26271 26271
=======================================
Hits 12009 12009
Misses 12606 12606
Partials 1656 1656
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice @crenshaw-dev 👍
Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>
It seems like most of the work for the mentioned issue below is done under the PR argoproj#9466 but from the issue description, it's probably worth to mention the example as added here. Related argoproj#9352 Signed-off-by: Sahdev Zala <spzala@us.ibm.com>
* Merge pull request from GHSA-pmjg-52h9-72qv Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> formatting Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fixes from comments Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix test Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-7943-82jg-wmw5 * add tests to demonstrate issue Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> more Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> docs Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> settings tests Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> tests for OIDC handlers, consolidating test helpers Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> consolidate Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> consolidate Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> docs Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix log message Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.5 * Bump version to 2.4.5 * test: check for error messages from CI env (argoproj#9953) test: check for error messages from CI env (argoproj#9953) Signed-off-by: CI <michael@crenshaw.dev> * docs: getting started notes on self-signed cert (argoproj#9429) (argoproj#9784) * Fix argoproj#9429: A couple of notes in the docs to explain that the default certificate is insecure. Signed-off-by: Jim Talbut <jim.talbut@groupgti.com> * Fixes argoproj#9429: More verbose, but complete, text for Getting Started. Signed-off-by: Jim Talbut <jim.talbut@groupgti.com> * docs: Document the possibility of rendering Helm charts with Kustomize (argoproj#9841) * Update kustomize.md Resolves argoproj#7835. Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * Removed unnecessary command flag from example. Minor text edits. Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * spelling Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * docs: small fix for plugin stream filtering (argoproj#9871) Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * argoproj#9429: Adding blank line so list is formatted correctly. (argoproj#9880) Signed-off-by: CI <michael@crenshaw.dev> * fix: argo-cd git submodule is using SSH auth instead of HTTPs (argoproj#3118) (argoproj#9821) * fix: argo-cd git submodule is using SSH auth instead of HTTPs (argoproj#3118) Signed-off-by: shunki-fujita <shunki-fujita@cybozu.co.jp> * Add submodule functions and unit tests Signed-off-by: shunki-fujita <shunki-fujita@cybozu.co.jp> * fix: Make change of tracking method work at runtime (argoproj#9820) * fix: Make change of tracking method work at runtime Signed-off-by: jannfis <jann@mistrust.net> * GetAppName() will figure tracking label or annotation on its own Signed-off-by: jannfis <jann@mistrust.net> * Correct test comments and add another test Signed-off-by: jannfis <jann@mistrust.net> * Add a read lock before getting cache settings Signed-off-by: jannfis <jann@mistrust.net> * fix: Check tracking annotation for being self-referencing (argoproj#9791) * fix: Check tracking annotation for being self-referencing Signed-off-by: jannfis <jann@mistrust.net> * Tweak isManagedLiveObj() logic Signed-off-by: jannfis <jann@mistrust.net> * Rename isManagedLiveResource to isSelfReferencedObj Signed-off-by: jannfis <jann@mistrust.net> * Add e2e test Signed-off-by: jannfis <jann@mistrust.net> * fix: add missing download CLI tool link for ppc64le, s390x (argoproj#9649) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * fix: NotAfter is not set when ValidFor is set (argoproj#9911) Signed-off-by: yongguangl <1363186473@qq.com> * fix: CMP manifest generation fails with ENHANCE_YOUR_CALM if over 40s (argoproj#9922) * fix: CMP manifest generation fails with ENHANCE_YOUR_CALM if over 40s Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * fix timeouts across all gRPC servers Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * use common consts Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * fix: argocd login just hangs on 2.4.0 argoproj#9679 (argoproj#9935) Signed-off-by: Xiao Yang <muma.378@163.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * test: Use dedicated multi-arch workloads in e2e tests (argoproj#9921) * test: Use dedicated multi-arch workloads in e2e tests Signed-off-by: jannfis <jann@mistrust.net> * Use correct tag Signed-off-by: jannfis <jann@mistrust.net> * feat: Treat connection reset as a retryable error (argoproj#9739) Signed-off-by: Yuan Tang <terrytangyuan@gmail.com> * fix: 'unexpected reserved bits' breaking web terminal (argoproj#9605) (argoproj#9895) * fix: 'unexpected reserved bits' breaking web terminal (argoproj#9605) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * make things more like they were originally, since the mutex fixes the problem Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix typo, don't pass around a pointer when it isn't necessary Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * apply suggestions Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * docs: add terminal documentation (argoproj#9948) Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * docs: fix typo in Generators-Git.md (argoproj#9949) `ApplictionSet` --> `ApplicationSet` Signed-off-by: CI <michael@crenshaw.dev> * chore: fix build error Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.6 * Bump version to 2.4.6 * docs: supported versions (argoproj#9876) * docs: supported versions Signed-off-by: Kostis Kapelonis <kostis@codefresh.io> * docs: supported versions feedback Signed-off-by: Kostis Kapelonis <kostis@codefresh.io> * fix: add missing download CLI tool URL response for ppc64le, s390x (argoproj#9983) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * fix: e2e test to use func from clusterauth instead creating one with old logic (argoproj#9989) Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * fix: updated all a tags to Link tags in app summary (argoproj#9777) * fix: updated all a tags to Link tags Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * fix: revert external links to a tags Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * fix: linting Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * docs: simplify Docker toolchain docs (argoproj#9966) (argoproj#10006) * docs: simplify Docker toolchain docs (argoproj#9966) Signed-off-by: CI <michael@crenshaw.dev> * to be or not to be Signed-off-by: CI <michael@crenshaw.dev> * pin dependencies to avoid absurdity Signed-off-by: CI <michael@crenshaw.dev> * docs: document directory app include/exclude fields (argoproj#9997) Signed-off-by: CI <michael@crenshaw.dev> * fix: terminal websocket write lock to avoid races (argoproj#10011) * fix: protect terminal WriteMessage with a lock Signed-off-by: CI <michael@crenshaw.dev> * give write its own lock Signed-off-by: CI <michael@crenshaw.dev> * docs: use quotes to emphasize that ConfigMap value is a string (argoproj#9995) Signed-off-by: CI <michael@crenshaw.dev> * Support files in argocd.argoproj.io/manifest-generate-paths annotation (argoproj#9908) Signed-off-by: Jim Wright <jmwri93@gmail.com> * chore: upgrade parse-url to avoid SNYK-JS-PARSEURL-2936249 (argoproj#9826) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.7 * Bump version to 2.4.7 * chore: update haproxy to 2.0.29 for redis-ha (argoproj#10045) Signed-off-by: Justin Marquis <34fathombelow@protonmail.com> * chore: update redis to avoid CVE-2022-2097 (argoproj#10031) * chore: update redis to avoid CVE-2022-2097 Signed-off-by: CI <michael@crenshaw.dev> * codegen Signed-off-by: CI <michael@crenshaw.dev> * chore: upgrade Dex to 2.32.0 (argoproj#10036) (argoproj#10042) Signed-off-by: CI <michael@crenshaw.dev> * docs: add argocd-server grpc metric usage (argoproj#10007) Signed-off-by: Ashutosh <mail.ashutosh8@gmail.com> Co-authored-by: Ashutosh <mail.ashutosh8@gmail.com> Signed-off-by: CI <michael@crenshaw.dev> * chore: update redis to 7.0.4 avoid CVE-2022-30065 (argoproj#10059) Signed-off-by: Justin Marquis <34fathombelow@protonmail.com> * fix: Set HOST_ARCH for yarn build from platform (argoproj#10018) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * docs: add api field example in the appset security doc (argoproj#10087) It seems like most of the work for the mentioned issue below is done under the PR argoproj#9466 but from the issue description, it's probably worth to mention the example as added here. Related argoproj#9352 Signed-off-by: Sahdev Zala <spzala@us.ibm.com> * chore: update parse-url (argoproj#10101) * chore: upgrade parse-url Signed-off-by: CI <michael@crenshaw.dev> * edit a generated file, because that's smart Signed-off-by: CI <michael@crenshaw.dev> * fix: avoid CVE-2022-28948 (argoproj#10093) Signed-off-by: CI <michael@crenshaw.dev> * docs: add OpenSSH breaking change notes (argoproj#10104) Signed-off-by: CI <michael@crenshaw.dev> * fix: skip redirect url validation when it's the base href (argoproj#10058) (argoproj#10116) * fix: skip redirect url validation when it's the base href (argoproj#10058) Signed-off-by: CI <michael@crenshaw.dev> nicer way of doing it Signed-off-by: CI <michael@crenshaw.dev> * fix missin arg Signed-off-by: CI <michael@crenshaw.dev> * fix: upgrade moment from 2.29.2 to 2.29.3 (argoproj#9330) Snyk has created this PR to upgrade moment from 2.29.2 to 2.29.3. See this package in npm: See this project in Snyk: https://app.snyk.io/org/argoproj/project/d2931792-eef9-4d7c-b9d6-c0cbd2bd4dbe?utm_source=github&utm_medium=referral&page=upgrade-pr Signed-off-by: CI <michael@crenshaw.dev> * chore(deps): bump moment from 2.29.3 to 2.29.4 in /ui (argoproj#9897) Bumps [moment](https://github.com/moment/moment) from 2.29.3 to 2.29.4. - [Release notes](https://github.com/moment/moment/releases) - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.3...2.29.4) Signed-off-by: CI <michael@crenshaw.dev> --- updated-dependencies: - dependency-name: moment dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: support multiple extensions per resource group/kind (argoproj#9834) * feat: support multiple extensions per resource group/kind Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * apply reviewers suggestions Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * apply reviewer notes: stream extension files one by one Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * wrap errors Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * skip symlinks Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * feat: support application level extensions (argoproj#9923) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * fix: extensions is not loading for ConfigMap/Pods (argoproj#10010) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * Bump version to 2.4.8 * Bump version to 2.4.8 * docs: Fixed indentation Error (argoproj#10123) * Fixed indentation Error Signed-off-by: iflan7744 <iflan_mohamed@yahoo.com> * Fixed indentation Error for top-level data key Signed-off-by: iflan7744 <iflan_mohamed@yahoo.com> Co-authored-by: iflan7744 <iflan_mohamed@yahoo.com> Signed-off-by: CI <michael@crenshaw.dev> * docs: fix kustomize namePrefix misconception in application.yaml (argoproj#10162) * Update docs/operator-manual/application.yaml - Removed comment about what namePrefix does. (i.e. it does not add a prefix to the image) - Added examples of other supported transformers. (based on looking at the source code) - Added link to the kustomize docs where the transormers are described in more detail. * Update kustomize casing to be consistent Signed-off-by: whyvez <yves@premise.com> * docs: improve Installation.md (argoproj#10173) Signed-off-by: xin.li <xin.li@daocloud.io> * docs: Use ConfigMap to disable TLS (argoproj#10106) * docs: Use ConfigMap to disable TLS Signed-off-by: Renaud Guerin <renaud@renaudguerin.net> * Fix typo Signed-off-by: Renaud Guerin <renaud@renaudguerin.net> * docs: correct the api field description for the GitLab example (argoproj#10081) The api field description for the GitLab example seems mistakenly copied from the GitHub example. Signed-off-by: Sahdev Zala <spzala@us.ibm.com> * fix: Ignore non-self-referencing resources while pruning (argoproj#10198) * fix: Ignore non-self-referencing resources while pruning Signed-off-by: jannfis <jann@mistrust.net> * fix: UI part for logs RBAC - do not display the logs tab when no RBAC in place (argoproj#7211) (argoproj#9828) * show logs tab only upon explicit rbac allow policy Signed-off-by: reggie-k <reginakagan@gmail.com> * 2.4.7 docs edit Signed-off-by: reggie-k <reginakagan@gmail.com> * fix: Drop all references to exec unless the feature is enabled (argoproj#9920) (argoproj#10187) * fix: Drop all references to exec unless the feature is enabled argoproj#9920 Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * fixed tslint issues Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * docs(applicationset): fix layout matrix/merge generator restrictions (argoproj#10246) Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com> * docs: fix microsoft user management mapping role (argoproj#10251) Signed-off-by: CI <michael@crenshaw.dev> * docs: Document ignoreAggregatedRoles setting (argoproj#10206) Signed-off-by: Brandon High <highb@users.noreply.github.com> * docs: fix version reference for logs UI fix (argoproj#10245) Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.9 * Bump version to 2.4.9 * docs: clusterResources in declarative cluster config (argoproj#10219) * docs: clusterResources in declarative cluster config Signed-off-by: CI <michael@crenshaw.dev> * add article Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: respect ARGOCD_GIT_MODULES_ENABLED in the appset controller (argoproj#10285) (argoproj#10287) * fix: respect ARGOCD_GIT_MODULES_ENABLED in the appset controller (argoproj#10285) Signed-off-by: CI <michael@crenshaw.dev> * remove duplicate line Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: Suppressed ssh scheme url warn log (argoproj#9836) * Fixed ssh scheme warn log degrade by argoproj#8508 Signed-off-by: kenchan0130 <tt.tanishi100@gmail.com> * Expanded repository type getCAPath testing Signed-off-by: kenchan0130 <tt.tanishi100@gmail.com> * docs: Document safe concurrent processing of sidecar CMP (argoproj#10336) Signed-off-by: jsmcnair <john.mcnair@yellowdog.co> Signed-off-by: jsmcnair <john.mcnair@yellowdog.co> * docs: Add "Create Namespace" to sync options doc (argoproj#3490) (argoproj#10326) * Add create namespace to the sync options doc Signed-off-by: JesseBot <jessebot@linux.com> * Update docs/user-guide/sync-options.md Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: JesseBot <jessebot@linux.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> * fix: missing actions (argoproj#10327) (argoproj#10359) Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.10 * Bump version to 2.4.10 * docs: fix typo in upgrade notes (argoproj#10377) Signed-off-by: Xijun Dai <daixijun1990@gmail.com> Signed-off-by: Xijun Dai <daixijun1990@gmail.com> * fix: Correctly assume cluster-scoped resources to be self-referenced (argoproj#10390) Signed-off-by: jannfis <jann@mistrust.net> Signed-off-by: jannfis <jann@mistrust.net> * Pin gitops-engine to v0.7.3 Signed-off-by: jannfis <jann@mistrust.net> * Bump version to 2.4.11 * Bump version to 2.4.11 * docs: Changes for v2.4.11 Updated the CHANGES.md to represent what changes the pull request will introduce. Contributes to: automation-saas/native-AWS#2523 Signed-off-by: Sujeily Fonseca <sujeily.fonseca@ibm.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Co-authored-by: argo-bot <argoproj@gmail.com> Co-authored-by: YaytayAtWork <jim.talbut@groupgti.com> Co-authored-by: Didrik Finnøy <djfinnoy@protonmail.com> Co-authored-by: Jake <86763948+notfromstatefarm@users.noreply.github.com> Co-authored-by: Shunki <75064402+shunki-fujita@users.noreply.github.com> Co-authored-by: jannfis <jann@mistrust.net> Co-authored-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> Co-authored-by: yongguangl <1363186473@qq.com> Co-authored-by: Xiao Yang <muma.378@163.com> Co-authored-by: Yuan Tang <terrytangyuan@gmail.com> Co-authored-by: taksenov <TAksenov@users.noreply.github.com> Co-authored-by: Kostis (Codefresh) <39800303+kostis-codefresh@users.noreply.github.com> Co-authored-by: rishabh625 <43094970+rishabh625@users.noreply.github.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> Co-authored-by: Jim Wright <jmwri@users.noreply.github.com> Co-authored-by: 34FathomBelow <34fathombelow@protonmail.com> Co-authored-by: Ashutosh <11219262+ashutosh16@users.noreply.github.com> Co-authored-by: Ashutosh <mail.ashutosh8@gmail.com> Co-authored-by: Sahdev Zala <spzala@us.ibm.com> Co-authored-by: Snyk bot <snyk-bot@snyk.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Mohamed Iflan <55939511+iflan7744@users.noreply.github.com> Co-authored-by: iflan7744 <iflan_mohamed@yahoo.com> Co-authored-by: Yves Richard <yves@klaodlabs.com> Co-authored-by: my-git9 <xin.li@daocloud.io> Co-authored-by: Renaud Guérin <renaud@renaudguerin.net> Co-authored-by: reggie-k <reginakagan@gmail.com> Co-authored-by: Kerwood <patrick@kerwood.dk> Co-authored-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com> Co-authored-by: César M. Cristóbal <cesar@callepuzzle.com> Co-authored-by: Brandon High <highb@users.noreply.github.com> Co-authored-by: Tadayuki Onishi <tt.tanishi100@gmail.com> Co-authored-by: jsmcnair <john@jsmcnair.com> Co-authored-by: JesseBot <jessebot@linux.com> Co-authored-by: Xijun Dai <daixijun1990@gmail.com>
* Merge pull request from GHSA-pmjg-52h9-72qv Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> formatting Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fixes from comments Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix test Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-7943-82jg-wmw5 * add tests to demonstrate issue Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> more Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> docs Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> settings tests Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> tests for OIDC handlers, consolidating test helpers Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> consolidate Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> consolidate Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> docs Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix log message Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.5 * Bump version to 2.4.5 * test: check for error messages from CI env (argoproj#9953) test: check for error messages from CI env (argoproj#9953) Signed-off-by: CI <michael@crenshaw.dev> * docs: getting started notes on self-signed cert (argoproj#9429) (argoproj#9784) * Fix argoproj#9429: A couple of notes in the docs to explain that the default certificate is insecure. Signed-off-by: Jim Talbut <jim.talbut@groupgti.com> * Fixes argoproj#9429: More verbose, but complete, text for Getting Started. Signed-off-by: Jim Talbut <jim.talbut@groupgti.com> * docs: Document the possibility of rendering Helm charts with Kustomize (argoproj#9841) * Update kustomize.md Resolves argoproj#7835. Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * Removed unnecessary command flag from example. Minor text edits. Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * spelling Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * docs: small fix for plugin stream filtering (argoproj#9871) Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * argoproj#9429: Adding blank line so list is formatted correctly. (argoproj#9880) Signed-off-by: CI <michael@crenshaw.dev> * fix: argo-cd git submodule is using SSH auth instead of HTTPs (argoproj#3118) (argoproj#9821) * fix: argo-cd git submodule is using SSH auth instead of HTTPs (argoproj#3118) Signed-off-by: shunki-fujita <shunki-fujita@cybozu.co.jp> * Add submodule functions and unit tests Signed-off-by: shunki-fujita <shunki-fujita@cybozu.co.jp> * fix: Make change of tracking method work at runtime (argoproj#9820) * fix: Make change of tracking method work at runtime Signed-off-by: jannfis <jann@mistrust.net> * GetAppName() will figure tracking label or annotation on its own Signed-off-by: jannfis <jann@mistrust.net> * Correct test comments and add another test Signed-off-by: jannfis <jann@mistrust.net> * Add a read lock before getting cache settings Signed-off-by: jannfis <jann@mistrust.net> * fix: Check tracking annotation for being self-referencing (argoproj#9791) * fix: Check tracking annotation for being self-referencing Signed-off-by: jannfis <jann@mistrust.net> * Tweak isManagedLiveObj() logic Signed-off-by: jannfis <jann@mistrust.net> * Rename isManagedLiveResource to isSelfReferencedObj Signed-off-by: jannfis <jann@mistrust.net> * Add e2e test Signed-off-by: jannfis <jann@mistrust.net> * fix: add missing download CLI tool link for ppc64le, s390x (argoproj#9649) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * fix: NotAfter is not set when ValidFor is set (argoproj#9911) Signed-off-by: yongguangl <1363186473@qq.com> * fix: CMP manifest generation fails with ENHANCE_YOUR_CALM if over 40s (argoproj#9922) * fix: CMP manifest generation fails with ENHANCE_YOUR_CALM if over 40s Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * fix timeouts across all gRPC servers Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * use common consts Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * fix: argocd login just hangs on 2.4.0 argoproj#9679 (argoproj#9935) Signed-off-by: Xiao Yang <muma.378@163.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * test: Use dedicated multi-arch workloads in e2e tests (argoproj#9921) * test: Use dedicated multi-arch workloads in e2e tests Signed-off-by: jannfis <jann@mistrust.net> * Use correct tag Signed-off-by: jannfis <jann@mistrust.net> * feat: Treat connection reset as a retryable error (argoproj#9739) Signed-off-by: Yuan Tang <terrytangyuan@gmail.com> * fix: 'unexpected reserved bits' breaking web terminal (argoproj#9605) (argoproj#9895) * fix: 'unexpected reserved bits' breaking web terminal (argoproj#9605) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * make things more like they were originally, since the mutex fixes the problem Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix typo, don't pass around a pointer when it isn't necessary Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * apply suggestions Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * docs: add terminal documentation (argoproj#9948) Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * docs: fix typo in Generators-Git.md (argoproj#9949) `ApplictionSet` --> `ApplicationSet` Signed-off-by: CI <michael@crenshaw.dev> * chore: fix build error Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.6 * Bump version to 2.4.6 * docs: supported versions (argoproj#9876) * docs: supported versions Signed-off-by: Kostis Kapelonis <kostis@codefresh.io> * docs: supported versions feedback Signed-off-by: Kostis Kapelonis <kostis@codefresh.io> * fix: add missing download CLI tool URL response for ppc64le, s390x (argoproj#9983) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * fix: e2e test to use func from clusterauth instead creating one with old logic (argoproj#9989) Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * fix: updated all a tags to Link tags in app summary (argoproj#9777) * fix: updated all a tags to Link tags Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * fix: revert external links to a tags Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * fix: linting Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * docs: simplify Docker toolchain docs (argoproj#9966) (argoproj#10006) * docs: simplify Docker toolchain docs (argoproj#9966) Signed-off-by: CI <michael@crenshaw.dev> * to be or not to be Signed-off-by: CI <michael@crenshaw.dev> * pin dependencies to avoid absurdity Signed-off-by: CI <michael@crenshaw.dev> * docs: document directory app include/exclude fields (argoproj#9997) Signed-off-by: CI <michael@crenshaw.dev> * fix: terminal websocket write lock to avoid races (argoproj#10011) * fix: protect terminal WriteMessage with a lock Signed-off-by: CI <michael@crenshaw.dev> * give write its own lock Signed-off-by: CI <michael@crenshaw.dev> * docs: use quotes to emphasize that ConfigMap value is a string (argoproj#9995) Signed-off-by: CI <michael@crenshaw.dev> * Support files in argocd.argoproj.io/manifest-generate-paths annotation (argoproj#9908) Signed-off-by: Jim Wright <jmwri93@gmail.com> * chore: upgrade parse-url to avoid SNYK-JS-PARSEURL-2936249 (argoproj#9826) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.7 * Bump version to 2.4.7 * chore: update haproxy to 2.0.29 for redis-ha (argoproj#10045) Signed-off-by: Justin Marquis <34fathombelow@protonmail.com> * chore: update redis to avoid CVE-2022-2097 (argoproj#10031) * chore: update redis to avoid CVE-2022-2097 Signed-off-by: CI <michael@crenshaw.dev> * codegen Signed-off-by: CI <michael@crenshaw.dev> * chore: upgrade Dex to 2.32.0 (argoproj#10036) (argoproj#10042) Signed-off-by: CI <michael@crenshaw.dev> * docs: add argocd-server grpc metric usage (argoproj#10007) Signed-off-by: Ashutosh <mail.ashutosh8@gmail.com> Co-authored-by: Ashutosh <mail.ashutosh8@gmail.com> Signed-off-by: CI <michael@crenshaw.dev> * chore: update redis to 7.0.4 avoid CVE-2022-30065 (argoproj#10059) Signed-off-by: Justin Marquis <34fathombelow@protonmail.com> * fix: Set HOST_ARCH for yarn build from platform (argoproj#10018) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * docs: add api field example in the appset security doc (argoproj#10087) It seems like most of the work for the mentioned issue below is done under the PR argoproj#9466 but from the issue description, it's probably worth to mention the example as added here. Related argoproj#9352 Signed-off-by: Sahdev Zala <spzala@us.ibm.com> * chore: update parse-url (argoproj#10101) * chore: upgrade parse-url Signed-off-by: CI <michael@crenshaw.dev> * edit a generated file, because that's smart Signed-off-by: CI <michael@crenshaw.dev> * fix: avoid CVE-2022-28948 (argoproj#10093) Signed-off-by: CI <michael@crenshaw.dev> * docs: add OpenSSH breaking change notes (argoproj#10104) Signed-off-by: CI <michael@crenshaw.dev> * fix: skip redirect url validation when it's the base href (argoproj#10058) (argoproj#10116) * fix: skip redirect url validation when it's the base href (argoproj#10058) Signed-off-by: CI <michael@crenshaw.dev> nicer way of doing it Signed-off-by: CI <michael@crenshaw.dev> * fix missin arg Signed-off-by: CI <michael@crenshaw.dev> * fix: upgrade moment from 2.29.2 to 2.29.3 (argoproj#9330) Snyk has created this PR to upgrade moment from 2.29.2 to 2.29.3. See this package in npm: See this project in Snyk: https://app.snyk.io/org/argoproj/project/d2931792-eef9-4d7c-b9d6-c0cbd2bd4dbe?utm_source=github&utm_medium=referral&page=upgrade-pr Signed-off-by: CI <michael@crenshaw.dev> * chore(deps): bump moment from 2.29.3 to 2.29.4 in /ui (argoproj#9897) Bumps [moment](https://github.com/moment/moment) from 2.29.3 to 2.29.4. - [Release notes](https://github.com/moment/moment/releases) - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.3...2.29.4) Signed-off-by: CI <michael@crenshaw.dev> --- updated-dependencies: - dependency-name: moment dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: support multiple extensions per resource group/kind (argoproj#9834) * feat: support multiple extensions per resource group/kind Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * apply reviewers suggestions Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * apply reviewer notes: stream extension files one by one Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * wrap errors Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * skip symlinks Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * feat: support application level extensions (argoproj#9923) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * fix: extensions is not loading for ConfigMap/Pods (argoproj#10010) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * Bump version to 2.4.8 * Bump version to 2.4.8 * docs: Fixed indentation Error (argoproj#10123) * Fixed indentation Error Signed-off-by: iflan7744 <iflan_mohamed@yahoo.com> * Fixed indentation Error for top-level data key Signed-off-by: iflan7744 <iflan_mohamed@yahoo.com> Co-authored-by: iflan7744 <iflan_mohamed@yahoo.com> Signed-off-by: CI <michael@crenshaw.dev> * docs: fix kustomize namePrefix misconception in application.yaml (argoproj#10162) * Update docs/operator-manual/application.yaml - Removed comment about what namePrefix does. (i.e. it does not add a prefix to the image) - Added examples of other supported transformers. (based on looking at the source code) - Added link to the kustomize docs where the transormers are described in more detail. * Update kustomize casing to be consistent Signed-off-by: whyvez <yves@premise.com> * docs: improve Installation.md (argoproj#10173) Signed-off-by: xin.li <xin.li@daocloud.io> * docs: Use ConfigMap to disable TLS (argoproj#10106) * docs: Use ConfigMap to disable TLS Signed-off-by: Renaud Guerin <renaud@renaudguerin.net> * Fix typo Signed-off-by: Renaud Guerin <renaud@renaudguerin.net> * docs: correct the api field description for the GitLab example (argoproj#10081) The api field description for the GitLab example seems mistakenly copied from the GitHub example. Signed-off-by: Sahdev Zala <spzala@us.ibm.com> * fix: Ignore non-self-referencing resources while pruning (argoproj#10198) * fix: Ignore non-self-referencing resources while pruning Signed-off-by: jannfis <jann@mistrust.net> * fix: UI part for logs RBAC - do not display the logs tab when no RBAC in place (argoproj#7211) (argoproj#9828) * show logs tab only upon explicit rbac allow policy Signed-off-by: reggie-k <reginakagan@gmail.com> * 2.4.7 docs edit Signed-off-by: reggie-k <reginakagan@gmail.com> * fix: Drop all references to exec unless the feature is enabled (argoproj#9920) (argoproj#10187) * fix: Drop all references to exec unless the feature is enabled argoproj#9920 Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * fixed tslint issues Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * docs(applicationset): fix layout matrix/merge generator restrictions (argoproj#10246) Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com> * docs: fix microsoft user management mapping role (argoproj#10251) Signed-off-by: CI <michael@crenshaw.dev> * docs: Document ignoreAggregatedRoles setting (argoproj#10206) Signed-off-by: Brandon High <highb@users.noreply.github.com> * docs: fix version reference for logs UI fix (argoproj#10245) Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.9 * Bump version to 2.4.9 * docs: clusterResources in declarative cluster config (argoproj#10219) * docs: clusterResources in declarative cluster config Signed-off-by: CI <michael@crenshaw.dev> * add article Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: respect ARGOCD_GIT_MODULES_ENABLED in the appset controller (argoproj#10285) (argoproj#10287) * fix: respect ARGOCD_GIT_MODULES_ENABLED in the appset controller (argoproj#10285) Signed-off-by: CI <michael@crenshaw.dev> * remove duplicate line Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: Suppressed ssh scheme url warn log (argoproj#9836) * Fixed ssh scheme warn log degrade by argoproj#8508 Signed-off-by: kenchan0130 <tt.tanishi100@gmail.com> * Expanded repository type getCAPath testing Signed-off-by: kenchan0130 <tt.tanishi100@gmail.com> * docs: Document safe concurrent processing of sidecar CMP (argoproj#10336) Signed-off-by: jsmcnair <john.mcnair@yellowdog.co> Signed-off-by: jsmcnair <john.mcnair@yellowdog.co> * docs: Add "Create Namespace" to sync options doc (argoproj#3490) (argoproj#10326) * Add create namespace to the sync options doc Signed-off-by: JesseBot <jessebot@linux.com> * Update docs/user-guide/sync-options.md Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: JesseBot <jessebot@linux.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> * fix: missing actions (argoproj#10327) (argoproj#10359) Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.10 * Bump version to 2.4.10 * docs: fix typo in upgrade notes (argoproj#10377) Signed-off-by: Xijun Dai <daixijun1990@gmail.com> Signed-off-by: Xijun Dai <daixijun1990@gmail.com> * fix: Correctly assume cluster-scoped resources to be self-referenced (argoproj#10390) Signed-off-by: jannfis <jann@mistrust.net> Signed-off-by: jannfis <jann@mistrust.net> * Pin gitops-engine to v0.7.3 Signed-off-by: jannfis <jann@mistrust.net> * Bump version to 2.4.11 * Bump version to 2.4.11 * fix: invalid error handling (argoproj#10384) (argoproj#10385) os.IsNotExist only supports errors returned by the os package Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com> Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com> * fix: appset controller should preserve argocd refresh annotation (argoproj#10510) Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: Added mock for gitea response in appset PR,SCM generator (argoproj#9400) * fix: Added mock for gitea response Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * applied reviewers comment Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * test: fix flaky gitea tests (argoproj#10354) * test: fix flaky gitea tests Signed-off-by: CI <michael@crenshaw.dev> * embed test data Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: added github and gitlab response mock and replaced external calls (argoproj#9305) * Added mock for gitlab and github for Unit test Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * Added missing mock endpoint Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * removed println and aserted for 1 master branch Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * removed auth header assertion Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * procfile to run binaries instead go run Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * procfile to run binaries instead go run Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * reverted unintentional testdata change Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * Added test for branch do not exists Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * fix: hide terminal on the non-pod resource kind (argoproj#9980) (argoproj#10556) Signed-off-by: ashutosh16 <11219262+ashutosh16@users.noreply.github.com> Signed-off-by: ashutosh16 <11219262+ashutosh16@users.noreply.github.com> * docs: remove duplicate word in user-management doc (argoproj#10546) Signed-off-by: Mickaël Canévet <mickael.canevet@jellysmack.com> Signed-off-by: Mickaël Canévet <mickael.canevet@jellysmack.com> * fix: update deploymentConfig's healthcheck to wait for replicationController to be Available (argoproj#10462) * update deploymentConfig's healthcheck to wait for replicationController to be available Signed-off-by: Roncajolo Gerald <groncajolo@softwaymedical.fr> * Add Softway Medical to users Signed-off-by: Roncajolo Gerald <groncajolo@softwaymedical.fr> Signed-off-by: Roncajolo Gerald <groncajolo@softwaymedical.fr> * docs: Fix Broken Link in Getting Started Docs (argoproj#10585) * Fix Broken Link Signed-off-by: Greg Knoblauch <knoblauch.greg@gmail.com> * Update docs/getting_started.md Co-authored-by: asingh <11219262+ashutosh16@users.noreply.github.com> Signed-off-by: Greg Knoblauch <knoblauch.greg@gmail.com> Signed-off-by: Greg Knoblauch <knoblauch.greg@gmail.com> Co-authored-by: asingh <11219262+ashutosh16@users.noreply.github.com> * docs: update description of policy.csv example in rbac.md (argoproj#10565) Signed-off-by: Minchao <minchao.220@gmail.com> Signed-off-by: Minchao <minchao.220@gmail.com> * fix: add skip-test-tls flag to optionally skip testing for tls (argoproj#9679) (argoproj#10484) * feat: add skip-test-tls flag to optionally skip testing for tls, fixes argoproj#9679 Signed-off-by: msvechla <m.svechla@gmail.com> * docs: update cli documentation Signed-off-by: msvechla <m.svechla@gmail.com> Signed-off-by: msvechla <m.svechla@gmail.com> * docs: decision about logs RBAC enforcement in release notes for 2.4 (argoproj#10564) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.12 * Bump version to 2.4.12 * docs: Changes for v2.4.12 Updated the CHANGES.md to represent what changes the pull request will introduce. Contributes to: automation-saas/native-AWS#2523 Signed-off-by: Sujeily Fonseca <sujeily.fonseca@ibm.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Co-authored-by: argo-bot <argoproj@gmail.com> Co-authored-by: YaytayAtWork <jim.talbut@groupgti.com> Co-authored-by: Didrik Finnøy <djfinnoy@protonmail.com> Co-authored-by: Jake <86763948+notfromstatefarm@users.noreply.github.com> Co-authored-by: Shunki <75064402+shunki-fujita@users.noreply.github.com> Co-authored-by: jannfis <jann@mistrust.net> Co-authored-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> Co-authored-by: yongguangl <1363186473@qq.com> Co-authored-by: Xiao Yang <muma.378@163.com> Co-authored-by: Yuan Tang <terrytangyuan@gmail.com> Co-authored-by: taksenov <TAksenov@users.noreply.github.com> Co-authored-by: Kostis (Codefresh) <39800303+kostis-codefresh@users.noreply.github.com> Co-authored-by: rishabh625 <43094970+rishabh625@users.noreply.github.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> Co-authored-by: Jim Wright <jmwri@users.noreply.github.com> Co-authored-by: 34FathomBelow <34fathombelow@protonmail.com> Co-authored-by: Ashutosh <11219262+ashutosh16@users.noreply.github.com> Co-authored-by: Ashutosh <mail.ashutosh8@gmail.com> Co-authored-by: Sahdev Zala <spzala@us.ibm.com> Co-authored-by: Snyk bot <snyk-bot@snyk.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Mohamed Iflan <55939511+iflan7744@users.noreply.github.com> Co-authored-by: iflan7744 <iflan_mohamed@yahoo.com> Co-authored-by: Yves Richard <yves@klaodlabs.com> Co-authored-by: my-git9 <xin.li@daocloud.io> Co-authored-by: Renaud Guérin <renaud@renaudguerin.net> Co-authored-by: reggie-k <reginakagan@gmail.com> Co-authored-by: Kerwood <patrick@kerwood.dk> Co-authored-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com> Co-authored-by: César M. Cristóbal <cesar@callepuzzle.com> Co-authored-by: Brandon High <highb@users.noreply.github.com> Co-authored-by: Tadayuki Onishi <tt.tanishi100@gmail.com> Co-authored-by: jsmcnair <john@jsmcnair.com> Co-authored-by: JesseBot <jessebot@linux.com> Co-authored-by: Xijun Dai <daixijun1990@gmail.com> Co-authored-by: Takumi Sue <23391543+mikutas@users.noreply.github.com> Co-authored-by: Jesse Suen <jessesuen@users.noreply.github.com> Co-authored-by: Mickaël Canévet <mickael.canevet@jellysmack.com> Co-authored-by: Gerald Roncajolo <grc@necol.org> Co-authored-by: Greg Knoblauch <knoblauch.greg@gmail.com> Co-authored-by: Minchao <minchao.220@gmail.com> Co-authored-by: msvechla <m.svechla@gmail.com>
Most of the changes are self-explanatory.
I've changed several instances of using the
default
project in examples to usingmy-example
. I want to encourage folks to consider which project they actually need to use for the appset, since thedefault
project has full permissions by default.