Skip to content
Compare
Choose a tag to compare

v2.4.0-rc1

Pre-release
Pre-release

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.0-rc1/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.0-rc1/manifests/ha/install.yaml

Web Terminal In Argo CD UI

Feature enables engineers to start a shell in the running application container without leaving the web interface. Just find the required Kubernetes
Pod using the Application Details page, click on it and select the Terminal tab. The shell starts automatically and enables you to execute the required
commands, and helps to troubleshoot the application state.

Access Control For Pod Logs & Web Terminal

Argo CD is used to manage the critical infrastructure of multiple organizations, which makes security the top priority of the project. We've listened to
your feedback and introduced additional access control settings that control access to Kubernetes Pod logs and the new Web Terminal feature.

OpenTelemetry Tracing Integration

The new feature allows emitting richer telemetry data that might make identifying performance bottlenecks easier. The new feature is available for argocd-server
and argocd-repo-server components and can be enabled using the --otlp-address flag.

Power PC and IBM Z Support

The list of supported architectures has been expanded, and now includes IBM Z (s390x) and PowerPC (ppc64le). Starting with the v2.4 release the official quay.io
repository is going to have images for amd64, arm64, ppc64le, and s390x architectures.

Other Notable Changes

Overall v2.4 release includes more than 300 hundred commits from nearly 90 contributors. Here is a short sample of the contributions:

  • Enforce the deployment to remote clusters only
  • Native support of GCP authentication for GKE
  • Secured Redis connection
  • ApplicationSet Gitea support

Features

  • feat: add --app-hard-resync flag to controller (#8928)
  • feat: add caching to application js bundle since it has a unique name (#9008)
  • feat: Add filter pathdoesntexist in scm generator (#9150)
  • feat: add gke auth command to argocd-k8s-auth (#9190)
  • feat: add printout of what has been deleted (#8894)
  • feat: add support for Bitbucket Server (SCM + PR); add filters for PR (#9049)
  • feat: Added option for cascading deletion while creation of app (#8645)
  • feat: allow cli to remove cluster by name (#8823)
  • feat: close sliding panel on escape key (#8465)
  • feat: dex subcommand logformat/loglevel flags (#8542)
  • feat: Exposing Default Metric Port for ApplicationSet Controller in Manifest Files. #8999 (#9000)
  • feat: Introduce RBAC based approach to pod logs #7211 (#8353)
  • feat: New SCM and pull request ApplicationSet generators for Gitea (#8989)
  • feat: populate Server field with destination name when destination server is empty (#8609)
  • feat: remove rbac when using argocd cluster rm (#8969)
  • feat: remove shared repo volume between repo-server and cmp-server (#8600)
  • feat: support opentelemetry for grpc tracing (#7539)
  • feat: support pod exec terminal via websockets (#8905)
  • feat: support swapping direction of truncation on resource names (#8671)
  • feature: adding kube-context flag (#8849)

Bug Fixes

  • fix: Add Content-Security-Policy configuration option (#8943)
  • fix: add sh256 hashes for arm on osx for m1 cpus (#9186)
  • fix: add writable /tmp mount for the applicationset controller (#9183)
  • fix: Added github and gitlab token into env (#8933)
  • fix: allow cli/ui to follow logs (#8987)
  • fix: allow URLs with encoded path (#8809)
  • fix: cleanup argocd unknown flag errors (#8723)
  • fix: consistent forms for UI (#8922)
  • fix: Correctly calculate diffs for CRDs with ignore overrides (#9092)
  • fix: detect applicationset webhook events for Matrix and Merge generators (#8998)
  • fix: do not unset passCredentials when it's not specified (#9102) (#9104)
  • fix: don't include exec as part of the default read-only role (#9249)
  • fix: ensure appset git generator works with private repo (#9179)
  • fix: env var values with equal sign ignored (#8793)
  • fix: fall back to only branch if default branch is missing in gitea (#9228)
  • fix: fix broken monaco editor collapse icons (#8709)
  • fix: Gitlab Generator PathExists for files (#8997)
  • fix: Helm OCI repositories with custom CAs (#8508)
  • fix: hide managed fields by default in UI (#8932)
  • fix: Horizontal Scrolling doesn't appear until page end (#8298) (#8462)
  • fix: improve timeout.reconciliation error handling (#8964)
  • fix: Make zoom level a user preference (#7183) (#8460)
  • fix: Minor cleanup for app errors #5273 (#8623)
  • fix: Move pod logs containers to dropdown in pod logs toolbar (#8607)
  • fix: Prevent cluster privilege warning for cluster add cmd (#8972)
  • fix: Prevent crash on server reload if opentelemetry is not enabled (#9270)
  • fix: remove cookie module from ui (#9088)
  • fix: Remove orphan static-files volume from ArgoCD server deployment manifest - Fixes #8714 (#9013)
  • fix: Retry checkbox unchecked unexpectedly; Sync up with YAML (#8682) (#8720)
  • fix: return revision from getGitGeneratorInfo (#8979)
  • fix: Set QPS and burst rate for resource ops client (#8915)
  • fix: throw better error if default branch is missing in gitea (#9228)
  • fix: typo in namespace param (#8770)
  • fix: Update account.proto annotaion for gen grpc gateway (#6684)
  • fix: upgrade react-svg-piechart from 2.4.0 to 2.4.2 (#9188)
  • fix: use deepMerge to populate partial user settings with default values
  • fix: use new applicationset controller command (#8940)
  • fix!: added security contexts in manifests to secure argocd component configurations (#9087)
  • fix(ui): Applications page incorrectly resets to tiles view. Fixes #8702 (#8718)
  • fix(ui): Unscrollable error message when saving YAML (#4152) (#4195)
  • refactor: replace aws CLI with argocd-k8s-auth (#8032)
  • ui: Fix delete radio labels/ids (#9218)

Other

  • chore: add permission check to argocd-cli (#9057)
  • chore: bump helm version to 3.8.1 (#8804)
  • chore: disable webpack dev-server compression (#9285)
  • chore: Support build on s390x and ppc64le (follow #6441) (#8890)
  • chore: Update dockerized toolchain to use Redis v7.0.0 (#9269)
  • chore: Upgrade to Golang 1.18 (#9066)
  • chore!: Helm2 removal (#8313)
Compare
Choose a tag to compare

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.3.3/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.3.3/manifests/ha/install.yaml

Bug Fixes

  • fix: prevent excessive repo-server disk usage for large repos (#8845) (#8897)
  • fix: Set QPS and burst rate for resource ops client (#8915)
Compare
Choose a tag to compare

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.3.2/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.3.2/manifests/ha/install.yaml

Special notes

This release contains the fix for a security issue with critical severity. We recommend users on the 2.3 release branch to update to this release as soon as possible.

More information can be found in the related
security advisory.

Changes

As part of the security fix, the Argo CD UI no longer automatically presents child resources of allow-listed resources unless the child resources are also allow-listed. For example, Pods are not going to show up if only Deployment is added to the allow-list.

If you have projects configured with allow-lists, make sure the allow-lists include all the resources you want users to be able to view/manage through the UI. For example, if your project allows Deployments, you would add ReplicaSets and Pods.

Bug Fixes

  • fix: application resource APIs must enforce project restrictions
Compare
Choose a tag to compare

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.2.8/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.2.8/manifests/ha/install.yaml

Special notes

This release contains the fix for a security issue with critical severity. We recommend users on the 2.2 release branch to update to this release as soon as possible.

More information can be found in the related
security advisory.

Changes

As part of the security fix, the Argo CD UI no longer automatically presents child resources of allow-listed resources unless the child resources are also allow-listed. For example, Pods are not going to show up if only Deployment is added to the allow-list.

If you have projects configured with allow-lists, make sure the allow-lists include all the resources you want users to be able to view/manage through the UI. For example, if your project allows Deployments, you would add ReplicaSets and Pods.

Bug Fixes

  • fix: application resource APIs must enforce project restrictions
Compare
Choose a tag to compare

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.1.14/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.1.14/manifests/ha/install.yaml

Special notes

This release contains the fix for a security issue with critical severity. We recommend users on the 2.1 release branch to update to this release as soon as possible.

More information can be found in the related
security advisory.

Changes

As part of the security fix, the Argo CD UI no longer automatically presents child resources of allow-listed resources unless the child resources are also allow-listed. For example, Pods are not going to show up if only Deployment is added to the allow-list.

If you have projects configured with allow-lists, make sure the allow-lists include all the resources you want users to be able to view/manage through the UI. For example, if your project allows Deployments, you would add ReplicaSets and Pods.

Bug Fixes

  • fix: application resource APIs must enforce project restrictions
Compare
Choose a tag to compare

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.3.1/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.3.1/manifests/ha/install.yaml

Bug Fixes

  • fix: Retry checkbox unchecked unexpectedly; Sync up with YAML (#8682) (#8720)
  • chore: Bump stable version of application set addon (#8744)
  • fix: correct jsonnet paths resolution (#8721)
  • fix(ui): Applications page incorrectly resets to tiles view. Fixes #8702 (#8718)
Compare
Choose a tag to compare

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.2.7/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.2.7/manifests/ha/install.yaml

Bug Fixes

  • fix: correct jsonnet paths resolution (#8721)
Compare
Choose a tag to compare

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.1.12/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.1.12/manifests/ha/install.yaml

Bug Fixes

  • fix: correct jsonnet paths resolution (#8721)
Compare
Choose a tag to compare

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.3.0/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.3.0/manifests/ha/install.yaml

Release Blog

Upgrade instructions

Argo CD ApplicationSet and Notifications are now part of Argo CD

Two popular Argoproj Labs projects Argo CD ApplicationSet and
Argo CD Notifications are now part of Argo CD! The default Argo CD installation manifests now
bundle both projects out of the box. Going forward you can expect more tightened integration of these projects into Argo CD.

New sync and diff strategies

Users can now configure the Application resource to instruct Argo CD to consider the ignore difference setup during the sync process.
In order to do so, add the new sync option RespectIgnoreDifferences=true in the Application resource. Once the sync option is added,
Argo CD won't change ignored fields during the syncing process.

Configuring ignored fields is also easier now. Instead of listing fields one by one users can now leverage the
managedFields metadata to instruct Argo CD about trusted managers and automatically ignore any fields owned by them. A new diff customization
(managedFieldsManagers) is now available allowing users to specify managers the application should trust and to ignore all fields owned by those managers.
Read more about these changes at New sync and diff strategies in ArgoCD blog post.

ARM Images

An officially supported ARM 64 image is now available. Enjoy running Argo CD on your Raspberry Pi! Additionally, the image size was reduced by nearly ~50%
and is only 200MB now. The ARM version of argocd CLI is also available and published as a Github release artifact.

Compact Tree View And Click Application Navigation

The application details page now supports compact application resources tree visualization. Using the "Group Nodes" button, you can collapse the similar resources
into a single group node to remove the clutter and make it easier to understand the state of application resources. You still can get detailed information about the collapsed resources by clicking on the group node. The list of collapsed resources will be available in a sliding panel. Compact resource tree is still too big?
You can use the zoom in and zoom out feature to make it smaller - or even larger!

You no longer need to move back and forth between the application details page and the application list page. Instead you can navigate directly to the required application by clicking the search icon in the application details page title.

Bug Fixes and Performance Enhancements

  • Config management tools enhancements:
  • The skipCrds flag and ability to ignore missing values files for Helm (#8012, #8003)
  • Additional environment variables for Kustomize (#8096)
  • Argo CD CLI follows the XDG Base directory standard (#7638)
  • Redis is no longer used during SSO login (#8241)

Features

  • feat: add RespectIgnoreDifferences sync option to UI (#8390)
  • feat: Allow fine-tuning of K8s rest client connection properties (#8404)
  • feat: expose cluster sync retry duration (#8481)
  • feat: Make cluster cache sync more robust (#8438)
  • feat: support custom helm values file schemes (#8535)
  • feat: support disabling manifest generation using config management tools (#8514)
  • feat(cli): Allow to view previously terminated container logs (#8582)
  • feat: Add app list and details page views to navigation history (#7776) (#7937)
  • feat: add skipCrds flag for helm charts (#8012)
  • feat: add visual indicator for newly created pods (#8006)
  • feat: added a new Helm option ignoreMissingValueFiles (#7767) (#8003)
  • feat: Allow configuring system wide ignore differences for all resources (#8224)
  • feat: Allow escaping dollar in Envsubst (#7961)
  • feat: Allow external links on Application (#3487) (#8231)
  • feat: allow selecting application on detail page (#8176)
  • feat: bundle applicationset-controller with argocd (#8148)
  • feat: enable specifying root ca for oidc (#6712)
  • feat: Expose ARGOCD_APP_NAME to the kustomize build command (#8096)
  • feat: Ignore differences owned by trusted managers from managedFields (#7869)
  • feat: new sync option to use ignore diff configs during sync (#8078)
  • feat: Provide address flag for admin dashboard command (#8095)
  • feat: store "Group Nodes" button state in application details preferences (#8036)
  • feat: support specifying cluster by name in addition to API server URL in Cluster API (#8077)
  • feat: Support XDG Base directory standard (#7638) (#7791)
  • feat: Use encrypted cookie to store OAuth2 state nonce (instead of redis) (#8241)
  • feat: build images on PR and conditionally build arm64 image on push (#8108)

Bug Fixes

  • fix: Add "Restarting MinIO" status to MiniO Tenant health check (#8191)
  • fix: add all resources in list view (#7295)
  • fix: adding pagination to grouped nodes sliding panel#7837 (#7915)
  • fix: Allow all resources to add external links (#7923)
  • fix: always call ValidateDestination (#7976)
  • fix: application exist panic when execute api call (#8188)
  • fix: application-icons-alignment (#8054)
  • fix: Controller panics if resource manifest has incorrect annotation (#8022)
  • fix: correctly handle project field during partial cluster update (#7994)
  • fix: Default value for retry validation #8055 (#8064)
  • fix: Fix a possible crash when parsing RBAC (#8165)
  • fix: Grouped node list missing resources on Compact resources view #8014 (#8018)
  • fix: issue with headless installation (#7958)
  • fix: issue with project scoped resources (#8048)
  • fix: Kubernetes labels normalization for Prometheus (#7925)
  • fix: Nested Refresh dropdown does not work on Application Details page #1524 (#7950)
  • fix: network line colors and menu icon alignment (#8059)
  • fix: Opening app details shows UI error on some apps (#8016) (#8019)
  • fix: Parse to correct uint32 type (#8177)
  • fix: Prevent possible nil-pointer deref in normalizer (#8185)
  • fix: Prevent possible out-of-bounds access when loading policies (#8186)
  • fix: provide a semantic version parsed version for KUBE_VERSION (#8250)
  • fix: refreshing label toast (#7979)
  • fix: resource details page crashes when resource is not deployed and hide managed fields is selected (#7971)
  • fix: retry disabled text (#8004)
  • fix: route health check stuck in 'Progressing' (#8170)
  • fix: sync window panel is crashed if resource name not contain letters (#8053)
  • fix: targetervision compatible without prefix refs/heads or refs/tags (#7939)
  • fix: Trailing line in Filter Dropdown Menus #7821 (#8001)
  • fix: webhook URL matching edge cases (#7981)
  • fix(ui): use consistent case for diff modes (#7945)
  • fix: Use gRPC timeout for sidecar CMPs (#8131) (#8236)
  • fix: add labels to sidecar CMP manifests (#8243) (#8367)
  • fix: Adjust z-index for newly added tree view toolbar (#8422) (#8423)
  • fix: Allow quoted RBAC group names in API (#8650)
  • fix: applications page is crashing if nothing marked as favorites (#8356)
  • fix: build ui as part of 'make release-cli' command (#8536)
  • fix: check for issuing condition on Certificate (#7217)
  • fix: fix deployment config health status (#8376)
  • fix: fix example in project scoped repositories (#8357)
  • fix: Health status bar button does not re-render properly. Fixes #8569 (#8668)
  • fix: make sure release workflow publish image with "v" in front of version (#8335)
  • fix: prevent file traversal using helm file values param and application details api (#8606)
  • fix: refreshing label is hidden by resource tree (#8391)
  • fix: register controller workqueue metrics correctly (#8318)
  • fix: reload ArgoCD config if OIDC config changes (#8350)
  • fix: Resolve symlinked value files correctly (#8387)
  • fix: Return early on error when updating clusters (#8526)
  • fix: UI: Favorite star icon is cut off (#8556)
  • fix: Upgrade monaco-editor from 0.15.6 to 0.27.0 (#8590)
  • fix!: enforce app create/update privileges when getting repo details (#8558)
  • fix(cli): argo app diff passes --api-versions to helm template (#8371)

Other

  • chore: bump go-jsonnet to v0.18.0 (#8011)
  • chore: escape proj in regex (#7985)
  • chore: exclude argocd-server rbac for core-install (#8234)
  • chore: Log out the resource triggering reconciliation (#8192)
  • chore: Migrate to use golang-jwt/jwt v4.2.0 (#8136)
  • chore: move resolveRevision from api-server to repo-server (#7966)
  • chore: update notifications version (#8267)
  • chore: update slack version (#8299)
  • chore: Update to Redis 6.2.4 (#8157)
  • chore: upgrade awscli to 2.4.6 and remove python deps (#7947)
  • chore: upgrade base image to ubuntu:21.10 (#8230)
  • chore: upgrade dex to v2.30.2 (dexidp/dex#2326) (#8237)
  • chore: upgrade gitops engine (#8288)
  • chore: upgrade golang to 1.17.6 (#8229)
  • chore: upgrade helm to most recent version (v3.7.2) (#8226)
  • chore: upgrade k8s client to v1.23 (#8213)
  • chore: upgrade kustomize to most recent version (v4.4.1) (#8227)
  • chore: automate bundling argocd addons during release process (#8336)
  • chore: bump redoc vesion to avoid CVE-2021-23820 (#8604)
  • chore: fix broken TestHelmIgnoreMissingValueFiles test (#8368)
  • chore: generate and upload sbom during release (#8332)
  • chore: generate sbom for the released docker image (#8338)
  • chore: Generate spdx for the UI project (#8385)
  • chore: pass submodulesEnabled explicitly to avoid implicit parameter (#8337)
  • chore: update actions/setup-go to v2 (#8349)
  • chore: update protoc to 3.17.3 and make install portable (#7932)
  • chore: upgrade Helm to v3.8.0 (#8301)
  • chore: upgrade redoc (#8573)
  • chore: use go install instead of deprecated go get (#8333)
  • chore: Use go install to add spdx-sbom-generator (#8346)
  • chore(deps): bump mkdocs from 1.1.2 to 1.2.3 in /docs (#8588)
  • refactor: introduce 'byClusterName' secret index to speedup cluster server URL lookup (#8133)
  • refactor: move project filtering to server side (#8102)
  • refactor: update gitops-engine version to v0.6.0
  • refactor: use argocd-git-ask-pass to pass git credentials to git/kustomize (#8516)
  • test: Support e2e tests and improve robustness on k8s v1.21-v1.23 (#8431)
  • refactor: Unique repo path and permissions (#8517)
  • refactor: Update Argo CD V2.3 to ApplicationSet v0.4.0 (#8416)
Compare
Choose a tag to compare

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.2.6/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.2.6/manifests/ha/install.yaml

Bug Fixes

  • fix: prevent file traversal using helm file values param and application details api (#8606)
  • fix!: enforce app create/update privileges when getting repo details (#8558)
  • feat: support custom helm values file schemes (#8535)