Skip to content

v1.4.0-rc1

Pre-release
Pre-release
Compare
Choose a tag to compare
@alexmt alexmt released this 13 Jan 20:48
· 5373 commits to master since this release
v1.4.0-rc1
5af52f6

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v1.4.0-rc1/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v1.4.0-rc1/manifests/ha/install.yaml

The v1.4.0 is a stability release that brings multiple bug fixes, security, performance enhancements, and multiple usability improvements.

New Features

Security

A number of security enhancements and features have been implemented (thanks to @jannfis for driving it! ):

  • Repository Credential Templates Management UI/CLI. Now you can use Argo CD CLI or UI to configure
    credentials template for multiple repositories!
  • X-Frame-Options header on serving static assets. The X-Frame-Options prevents third party sites to trick users into interacting with the application.
  • Tighten AppProject RBAC enforcement. We've improved the enforcement of access rules specified in the
    application project configuration.

Namespace Isolation

With the namespace isolation feature, you are no longer have to give full read-only cluster access to the Argo CD. Instead, you can give access only to selected namespaces with-in
the cluster:

argocd cluster add <mycluster> --namespace <mynamespace1> --namespace <mynamespace2>

This feature is useful if you don't have full cluster access but still want to use Argo CD to manage some cluster namespaces. The feature also improves performance if Argo CD is
used to manage a few namespaces of a large cluster.

Reconciliation Performance

The Argo CD no longer fork/exec kubectl to apply resource changes in the target cluster or convert resource manifest to the required manifest version. This reduces
CPU and Memory usage of large Argo CD instances.

Resources Health based Hook Status

The existing Argo CD resource hooks feature allows running custom logic during the syncing process. You can mark
any Kubernetes resource as a hook and Argo CD assess hook status if resource is a Pod, Job or Argo Workflow. In the v1.4.0 release Argo CD is going to leverage resource
health assessment to get sync hook status. This allows using any custom CRD as a sync hook and leverage custom health
check logic.

Manifest Generation

  • Track Helm Charts By Semantic Version. You've been able to track charts hosted in Git repositories using branches to tags. This is now possible for Helm charts. You no longer
    need to choose the exact version, such as v1.4.0 ,instead you can use a semantic version constraint such as v1.4.* and the latest version that matches will be installed.
  • Build Environment Variables. Feature allows config management tool to get access to app details during manifest generation via
    environment variables.
  • Git submodules. Argo CD is going to automatically fetch sub-modules if your repository has .gitmodules directory.

UI and CLI

  • Improved Resource Tree View. The Application details page got even prettier. The resource view was tuned to fit more resources into the screen, include more information about
    each resource and don't lose usability at the same time.
  • New Account Management CLI Command. The CLI allows to check which actions are allowed for your account: argocd account can-i sync applications '*'

Maintenance Tools

The team put more effort into building tools that help to maintain Argo CD itself:

  • Bulk Project Editing. The argocd-util allows to add and remove permissions defined in multiple project roles using one command.
  • More Prometheus Metrics. A set of additional metrics that contains useful information managed clusters is exposed by application controller.

More documentation and tools are coming in patch releases.

Breaking Changes

The Argo CD deletes all in-flight hooks if you terminate running sync operation. The hook state assessment change implemented in this release the Argo CD enables detection of
an in-flight state for all Kubernetes resources including Deployment, PVC, StatefulSet, ReplicaSet etc. So if you terminate the sync operation that has, for example,
StatefulSet hook that is Progressing it will be deleted. The long-running jobs are not supposed to be used as a sync hook and you should consider using
Sync Waves instead.

Enhancements

  • feat: Add custom healthchecks for cert-manager v0.11.0 (#2689)
  • feat: add git submodule support (#2495)
  • feat: Add repository credential management API and CLI (addresses #2136) (#2207)
  • feat: add support for --additional-headers cli flag (#2467)
  • feat: Add support for ssh-with-port repo url (#2866) (#2948)
  • feat: Add Time to ApplicationCondition. (#2417)
  • feat: Adds argocd auth can-i command. Close #2255
  • feat: Adds revision history limit. Closes #2790 (#2818)
  • feat: Adds support for ARGO_CD_[TARGET_REVISION|REVISION] and pass to Custom Tool/Helm/Jsonnet
  • feat: Adds support for Helm charts to be a semver range. Closes #2552 (#2606)
  • feat: Adds tracing to key external invocations. (#2811)
  • feat: argocd-util should allow editing project policies in bulk (#2615)
  • feat: Displays controllerrevsion's revision in the UI. Closes #2306 (#2702)
  • feat: Issue #2559 - Add gauge Prometheus metric which represents the number of pending manifest requests. (#2658)
  • feat: Make ConvertToVersion maybe 1090% faster on average (#2820)
  • feat: namespace isolation (#2839)
  • feat: removes redundant mutex usage in controller cache and adds cluster cache metrics (#2898)
  • feat: Set X-Frame-Options on serving static assets (#2706) (#2711)
  • feat: Simplify using Argo CD without users/SSO/UI (#2688)
  • feat: Template Out Data Source in Grafana Dashboard (#2859)
  • feat: Updates UI icons. Closes #2625 and #2757 (#2653)
  • feat: use editor arguments in InteractiveEditor (#2833)
  • feat: Use kubectl apply library instead of forking binary (#2861)
  • feat: use resource health for hook status evaluation (#2938)

Bug Fixes

  • fix: Adds support for /api/v1/account* via HTTP. Fixes #2664 (#2701)
  • fix: Allow '@'-character in SSH usernames when connecting a repository (#2612)
  • fix: Allow dot in project policy. Closes #2724 (#2755)
  • fix: Allow you to sync local Helm apps. Fixes #2741 (#2747)
  • fix: Allows Helm parameters that contains arrays or maps. (#2525)
  • fix: application-controller doesn't deal with rm/add same cluster gracefully (x509 unknown) (#2389)
  • fix: diff local ignore kustomize build options (#2942)
  • fix: Ensures that Helm charts are correctly resolved before sync. Fixes #2758 (#2760)
  • fix: Fix 'Open application' link when using basehref (#2729)
  • fix: fix a bug with cluster add when token secret is not first in list. (#2744)
  • fix: fix bug where manifests are not cached. Fixes #2770 (#2771)
  • fix: Fixes bug whereby retry does not work for CLI. Fixes #2767 (#2768)
  • fix: git contention leads applications into Unknown state (#2877)
  • fix: Issue #1944 - Gracefully handle missing cached app state (#2464)
  • fix: Issue #2668 - Delete a specified context (#2669)
  • fix: Issue #2683 - Make sure app update don't fail due to concurrent modification (#2852)
  • fix: Issue #2721 Optimize helm repo querying (#2816)
  • fix: Issue #2853 - Improve application env variables/labels editing (#2856)
  • fix: Issue 2848 - Application Deployment history panel shows incorrect info for recent releases (#2849)
  • fix: Make BeforeHookCreation the default. Fixes #2754 (#2759)
  • fix: No error on argocd app create in CLI if --revision is omitted #2665
  • fix: Only delete resources during app delete cascade if permitted to (fixes #2693) (#2695)
  • fix: prevent user from seeing/deleting resources not permitted in project (#2908) (#2910)
  • fix: self-heal should retry syncing an application after specified delay
  • fix: stop logging dex config secrets #(2904) (#2937)
  • fix: stop using jsondiffpatch on clientside to render resource difference (#2869)
  • fix: Target Revision truncated #2736
  • fix: UI should re-trigger SSO login if SSO JWT token expires (#2891)
  • fix: update argocd-util import was not working properly (#2939)

Contributors

  • Aalok Ahluwalia
  • Aananth K
  • Abhishek Jaisingh
  • Adam Johnson
  • Alan Tang
  • Alex Collins
  • Alexander Matyushentsev
  • Andrew Waters
  • Byungjin Park
  • Christine Banek
  • Daniel Helfand
  • David Hong
  • David J. M. Karlsen
  • David Maciel
  • Devan Goodwin
  • Devin Stein
  • dthomson25
  • Gene Liverman
  • Gregor Krmelj
  • Guido Maria Serra
  • Ilir Bekteshi
  • Imran Ismail
  • INOUE BANJI
  • Isaac Gaskin
  • jannfis
  • Jeff Hastings
  • Jesse Suen
  • John Girvan
  • Konstantin
  • Lev Aminov
  • Manatsawin Hanmongkolchai
  • Marco Schmid
  • Masayuki Ishii
  • Michael Bridgen
  • Naoki Oketani
  • niqdev
  • nitinpatil1992
  • Olivier Boukili
  • Olivier Lemasle
  • Omer Kahani
  • Paul Brit
  • Qingbo Zhou
  • Saradhi Sreegiriraju
  • Scott Cabrinha
  • shlo
  • Simon Behar
  • stgarf
  • Yujun Zhang
  • Zoltán Reegn
Assets 4
Loading