deps: update dependency argoproj/argo-cd to v2.6.1

[renovate]

This PR contains the following updates:

Package	Update	Change
argoproj/argo-cd	minor	v2.5.10 -> v2.6.1

---

Release Notes

argoproj/argo-cd

v2.6.1

Compare Source

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.6.1/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.6.1/manifests/ha/install.yaml

Release signatures

All Argo CD container images and CLI binaries are signed by cosign. See the documentation on how to verify the signatures.

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEesHEB7vX5Y2RxXypjMy1nI1z7iRG
JI9/gt/sYqzpsa65aaNP4npM43DDxoIy/MQBo9s/mxGxmA+8UXeDpVC9vw==
-----END PUBLIC KEY-----

Upgrading

If upgrading from a different minor version, be sure to read the upgrading documentation.

Changes

This release includes 1 contributions from 1 contributors with 0 features and 1 bug fixes.

Security (1)

• MEDIUM: Argo CD leaks repository credentials in user-facing error messages and in logs (GHSA-mv6w-j4xc-qpfw)

v2.6.0

Compare Source

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.6.0/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.6.0/manifests/ha/install.yaml

Release signatures

All Argo CD container images and CLI binaries are signed by cosign. See the documentation on how to verify the signatures.

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEesHEB7vX5Y2RxXypjMy1nI1z7iRG
JI9/gt/sYqzpsa65aaNP4npM43DDxoIy/MQBo9s/mxGxmA+8UXeDpVC9vw==
-----END PUBLIC KEY-----

Upgrading

If upgrading from a different minor version, be sure to read the upgrading documentation.

Changes

This release includes 235 contributions from 94 contributors (54 of them new) with 39 features and 34 bug fixes.

Features (39)

• feat: make discovery field optional in plugins (#​12073)
• feat: Allow force of basic auth for HTTP repositories (#​11983)
• feat(security): require the aud claim from OIDC providers by default (#​12187)
• feat: add health checks for keptn resources (#​11716)
• feat: Extend Cluster.cluster.x-k8s.io health check (#​11705)
• feat: support Knative Serving 1.5 Custom Health Checks (#​9719)
• feat: AppSet Progressive Rollouts with RollingSync (#​9437) (#​10048)
• feat: Multiple sources for applications (#​2789) (#​10432)
• feat: add google cloud source repo support (#​7534) (#​11618)
• feat: ApplicationSet add create-delete policy #​9101 (#​11107)
• feat: Allow Matrix generator to have two Git child generators without conflict (#​10522) (#​10523)
• feat: expose deep links in UI (#​11680)
• feat: show cmpv2 plugins in create app wizard (#​11615)
• feat: pull request labels exposed in Pull Request generator template (#​10204) (#​11397)
• feat: add deny sources (#​11639) (#​11646)
• feat: Add support for proxy extensions (#​11307)
• feat: added deep links backend changes (#​11401)
• feat: Allow proxy to be saved when creating repoCreds (#​11351) (#​11425)
• feat: show app age in application list view (#​11209) (#​11502)
• feat: add support for plugin name in CMPv2 (#​11290) (#​11341)
• feat: parameterized config management plugins (#​9135) (#​9216)
• feat: Add wildcard support in OCI Helm Repositories targetRevision (#​6686) (#​10641)
• feat(ui): add a filter for auto sync (#​11357)
• feat: Implement karmada CRD health checks (#​11192)
• feature: allow a custom labels on any resource to surface in the UI (tree view node tags) (#​11153)
• feat: display auto sync status in application details view (#​11200)
• feat: Shared custom health check for multiple resources (#​4212) (#​10885)
• feat: Add new admin command to print Argo CD initial password (11117) (#​11155)
• feat: enable metadata to be set on namespaces (#​10672)
• feat: add labels and annotations to cluster details page (#​9707)
• feat: sort resource list by created_at, add message to AnalysisRun and replicas to ReplicaSet (#​10613)
• feat: UI Add copy to clipboard shortcut (#​10958)
• feat: directory app include/exclude fields in UI (#​10880)
• feat: make applicationset controller configurable in argocd-cmd-params (#​10961)
• feat: add bcrypt support for argocd CLI (#​10934)
• feat: link path directly to the path in repo (#​10568) (#​10860)
• feat: make ARGOCD_GIT_MODULES_ENABLED configurable in argocd-cmd-params (#​10931)
• feat: Implement MachineHealthCheck CRD health check (#​10846)
• feat: Implement SecretStore health check (#​10847)

Bug fixes (34)

• fix: remove argocd-cm plugin warnings (#​11740)
• fix: multi-source app refresh (#​11772) (#​12217)
• fix: don't dump SSG to server logs, change deprecation notice to v2.7 (#​12285)
• fix: AppSet Progressive sync fixes, docs, and logging improvements (#​11924) (#​12103)
• fix: disable edit button on App Details Summary and Parameters tabs multi-source apps (#​12048)
• fix: return nil if reading application set was successful (#​12261)
• fix: repo-server - prevent locked state after unclean git checkout (#​7898) (#​11805)
• fix: Upgrade gopkg.in/yaml.v2 to v2.4.0 [release-2.6] (#​12245)
• fix: disable More button for multiple sources (#​11760) (#​11971)
• fix: create separate API to load configured plugins (#​12164)
• fix: values should always be visible, even when they are empty (#​11676) (#​11681)
• fix: pathParamPrefix is optional (#​11796) (#​11943)
• fix: parsed url is not exposed (#​11816) (#​11916)
• fix: upgrade qs to avoid CVE-2022-24999 (#​11743)
• fix: Applications with suspended jobs now marked "Suspended" instead of "Progressing" (#​11603) (#​11626)
• fix: disable rollback button for apps with multiple sources (#​11785)
• fix: set Path as empty if path is not specified for a source in multiple sources (#​11756) (#​11774)
• fix: sources.ref allow hyphen and underscore (#​11775)
• fix: support for enabling progressive rollouts from argocd-cmd-params-cm (#​11776)
• fix: support relative links in OCI tags query response (#​11708)
• fix: rollback react to known working version (#​11703)
• fix: Unknown sync operation state on app list page (#​11621)
• fix: only add baseURL in github_app client for GHE client (#​11622)
• fix: set baseURL in github_app client (#​11613)
• fix: misc css fixes for mobile (#​5705) (#​11508)
• fix: upgrade golang.org/x/net vuln (#​11447)
• fix: incorrect can-i documentation (#​11463)
• fix: application list api is very slow when fields query parameter is supplied (#​11250)
• fix: add check for trailing/leading whitespace in project role group names (#​10919) (#​10988)
• fix(ui): show orphaned as gray. fixes: #​11180 (#​11218)
• fix: point gitops-engine to current master (#​11230)
• fix: do not mutate live when managed namespace enabled (#​11197)
• fix: defaulting to in-cluster is misleading for disconnected clusters (#​10132)
• fix: trim whitespace from auth token (#​10539)

Documentation (32)

• docs: update config management plugin docs (#​11690)
• docs: add 2.5->2.6 upgrade notes to list (#​12283)
• docs: sign up for 1.8 release (#​12266)
• docs: release cycle refresh (#​11137)
• docs: Fix heading to not include a v for the second version (#​12218)
• docs: add destination.name example (#​12242)
• docs: custom health check resource group wildcard (#​4212)
• docs: added deep links doc (#​11888)
• docs: Update bullet formatting on Progressive Rollouts.md (#​11777)
• docs: bump elasticsearch version to 8.5.1 (#​11771)
• docs: add appset progressive rollout strategy proposal (#​9979)
• docs: fix web terminal step list numbering (#​11590)
• docs: clarify finalizer effect and link to app-of-apps (#​11272)
• docs: update remote-debugging-docs (#​11424)
• docs: update contributor meeting times (#​11294)
• docs: Use new Google Analytics 4 ID (#​11291)
• docs: add info about sync interval (#​11281)
• docs: fix formatting (#​11245)
• docs(user-guide): update link to Helm hooks documentation (#​11045)
• docs: fix typo in declarative-setup.md (#​11190)
• docs: debugging CMPs (#​11142)
• docs: add ui banner options in docs (#​10907)
• docs: Add AirQo to users list (#​11160)
• docs: Add SI Analytics to ArgoCD Users list (#​11110)
• docs: message is no longer truncated (#​10962)
• docs: add reverse proxy proposal for enhanced UI extensions (#​10435)
• docs: fix link in auth0.md (#​10531)
• docs: update debugging remote argocd environment (#​10811)
• docs: Add Gepardec to users (#​10840)
• docs: add dtag to users (#​10845)
• docs: #argo-contributors instead of #argo-dev in FAQ
• docs: add declarative syntax examples for helm (#​10764)

Other (105)

• chore: rename 'progressive rollouts' to 'progressive syncs' (#​12265)
• chore: upgrade cookiejar to avoid CVE-2022-25901 (#​12030)
• chore: upgrade net/http2 to avoid CVE-2022-41717 (#​11616)
• bug: fix url parsing for non git urls (oci://, no protocol etc) (#​11819)
• chore: change logging level to Debug (#​11773)
• chore: add kustomize project for testing param CMP locally (#​11265)
• chore: upgrade minimatch to avoid CVE-2022-3517 (#​11745)
• chore: upgrade git-url-parse to avoid CVE-2022-2900 (#​11744)
• chore: add Voyager Digital to USERS.md (#​11735)
• chore: Add Cloud Scale to USERS.md (#​11731)
• chore: Add Getyourguide to USERS.md (#​11704)
• chore: add Mercedes-Benz Tech Innovation to user list (#​11682)
• chore(deps): bump github.com/ktrysmt/go-bitbucket from 0.9.54 to 0.9.55 (#​11678)
• chore(deps-dev): bump @​types/cookie from 0.3.3 to 0.5.1 in /ui (#​11659)
• chore: downgrade React to v17 (#​11653)
• chore(deps): bump github.com/casbin/casbin/v2 from 2.59.0 to 2.60.0 (#​11656)
• chore(deps): bump express from 4.17.1 to 4.18.2 in /ui (#​11591)
• chore(deps-dev): bump tslint-react from 3.6.0 to 5.0.0 in /ui (#​11559)
• chore(deps): bump react-paginate from 6.5.0 to 8.1.4 in /ui (#​11558)
• chore: Bump version in master to 2.6.0 (#​11641)
• includeKinds for APIVersions in cluster info cache (#​11241)
• chore(deps): bump github.com/aws/aws-sdk-go from 1.44.129 to 1.44.156 (#​11629)
• chore: add Trusting Social users list (#​11584)
• chore(deps): bump github.com/casbin/casbin/v2 from 2.57.1 to 2.59.0 (#​11607)
• chore(deps): bump github.com/go-redis/redis/v8 from 8.11.3 to 8.11.5 (#​11606)
• chore(deps): bump github.com/Masterminds/semver/v3 from 3.1.1 to 3.2.0 (#​11605)
• chore(deps): bump github.com/go-openapi/loads from 0.19.4 to 0.21.2 (#​11569)
• chore(deps): bump sigs.k8s.io/structured-merge-diff/v4 (#​11580)
• chore: add Vinted to users list (#​11214)
• chore(deps): bump github.com/go-openapi/runtime from 0.19.4 to 0.25.0 (#​11568)
• add otel interceptor (#​11561)
• chore(deps): bump github.com/imdario/mergo from 0.3.12 to 0.3.13 (#​11555)
• chore(deps): bump github.com/ktrysmt/go-bitbucket from 0.9.40 to 0.9.54 (#​11554)
• chore(deps): bump github.com/valyala/fasttemplate from 1.2.1 to 1.2.2 (#​11552)
• chore: Update notifications-engine dependency (#​11479)
• [Hack] Add concurrency to cluster creation in resource generator. (#​11266)
• chore(deps-dev): bump babel-jest from 24.9.0 to 26.6.3 in /ui (#​11483)
• chore(deps-dev): bump @​babel/preset-react from 7.7.0 to 7.18.6 in /ui (#​11489)
• chore(deps-dev): bump @​types/prop-types from 15.7.1 to 15.7.5 in /ui (#​11487)
• chore(deps): bump github.com/google/go-jsonnet from 0.18.0 to 0.19.1 (#​11484)
• chore(deps): bump github.com/mattn/go-zglob from 0.0.3 to 0.0.4 (#​11486)
• chore: upgrade React version (#​11467)
• chore(deps-dev): bump @​types/lodash-es from 4.17.5 to 4.17.6 in /ui (#​11488)
• chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.4.3 (#​11485)
• chore(deps): bump github.com/alicebob/miniredis/v2 from 2.14.2 to 2.23.1 (#​11481)
• chore(deps): bump github.com/evanphx/json-patch (#​11482)
• chore: Update to v3 of the sprig library for ApplicationSets (#​11277) (#​11292)
• chore: dependabot for npm (#​11474)
• chore(deps): bump github.com/bradleyfalzon/ghinstallation/v2 (#​11469)
• chore(deps): bump google.golang.org/grpc from 1.45.0 to 1.51.0 (#​11454)
• chore(deps): bump github.com/gosimple/slug from 1.12.0 to 1.13.1 (#​11452)
• chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.2.0 to 4.4.2 (#​11468)
• chore(deps): bump github.com/itchyny/gojq from 0.12.3 to 0.12.9 (#​11471)
• chore: update otel libraries to 1.11.1 (#​11461)
• chore:remove redundant parentheses (#​11436)
• chore(deps): bump gopkg.in/go-playground/webhooks.v5 (#​11369)
• chore(deps): bump github.com/prometheus/client_golang (#​11366)
• chore(deps): bump github.com/casbin/casbin/v2 from 2.39.1 to 2.57.1 (#​11420)
• chore: push GHCR image to repo scope (#​11394)
• chore: add Liatrio to the official users list (#​11377)
• proposal: Deep Links (#​10278)
• bug(ui): fix incomplete drop-down resource acctions (#​11384)
• chore: fix username for ghcr.io (#​11373)
• chore: Include error when dex config unmarshal fails (#​11349)
• chore: add user to list (#​11336)
• chore: add Wolffun Game to USERS (#​11342)
• chore: grant packages.write for image workflow (#​11358)
• chore: Enable dependabot for automatic dependency updates (#​8339)
• chore: Add Divistant to Users list (#​11298)
• chore(docs): fix build, prepare for google analytics v4 (#​10850) (#​11248)
• chore: add Pigment to list of users (#​11127)
• Action menu: sort items, show in resource details page (#​11008)
• chore: Add Envoy to Users list (#​11169)
• chore: beta.kubernetes.io/arch has been deprecated in 1.14 (#​11016)
• chore: add Objective to USERS.md (#​11202)
• chore: Add Amadeus to user list (#​11177)
• chore: update owners file from membership meeting (#​11184)
• chore: Add retry to cluster generation for testing in hack folder (#​11067)
• chore: fix misleading error message in the e2e tests (#​11085)
• chore: migrate import statements from es5 to es6 (#​11042)
• test: simplify bcrypt test (#​11013)
• chore: increase liveness timeout (#​10730)
• chore: wrap errors with message (#​10592) (#​10986)
• test: add unit test for server version (#​10720)
• chore: update error message to provide context (#​10978)
• chore: decreased indent level in setApplicationHealth (#​10980)
• chore: updated error message to include context (#​10592) (#​10960)
• chore: Enhance title & description for Certificates on settings page (#​7560) (#​10956)
• chore: improve error logs (#​10944)
• chore: wrap error objects to include context (#​10592) (#​10940)
• chore: delete old snyk reports, 2nd attempt (#​10950)
• chore: rewording of misleading message (#​10407)
• chore: delete old snyk reports (#​10938)
• chore: fix wrong annotation in function (#​10923)
• chore: improve error logs (#​10933)
• chore: improve log in argo-cd/applicationset/generators/generator_spec_processor.go (#​10906)
• chore: fix git push command in Snyk update workflow (#​10920)
• chore: open a PR instead of pushing for Snyk updates (#​10889)
• chore: wrap error objects to include context (#​10904)
• chore: wrap error objects to include context (#​10592) (#​10871)
• chore: add security logs to webhook verification failures (#​10372)
• chore: use appv1 prefix everywhere (#​10621)
• chore: wrap error objects to include context (#​10592) (#​10859)
• chore: Added artifact hub badge (#​10854)
• chore: update robfig/cron to v3 (#​10588)

---

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" in timezone Europe/Vienna, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[codecov]

Codecov Report

Merging #816 (f5fac34) into main (68f188e) will decrease coverage by 0.14%.
The diff coverage is n/a.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #816      +/-   ##
==========================================
- Coverage   58.61%   58.48%   -0.14%     
==========================================
  Files          97       97              
  Lines        7542     7542              
==========================================
- Hits         4421     4411      -10     
- Misses       2932     2939       +7     
- Partials      189      192       +3     

Impacted Files	Coverage Δ
...ptnworkloadinstance/reconcile_prepostevaluation.go	81.81% <0.00%> (-9.10%)	⬇️
...lers/lifecycle/keptnworkloadinstance/controller.go	79.82% <0.00%> (-3.14%)	⬇️

Flag	Coverage Δ
component-tests	42.07% <ø> (-0.32%)	⬇️
keptn-lifecycle-operator	54.67% <ø> (ø)
klt-cert-manager	67.50% <ø> (ø)
scheduler	21.17% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information

[thschue]

lgtm