Skip to content

chore(deps): update dependency argoproj/argo-cd to v2.4.7

Renovate Bot requested to merge renovate/argoproj-argo-cd-2.x into master

This MR contains the following updates:

Package Type Update Change
argoproj/argo-cd Kustomization patch v2.4.3 -> v2.4.7

Release Notes

argoproj/argo-cd

v2.4.7

Compare Source

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.7/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.7/manifests/ha/install.yaml
Bug fixes

fix: Support files in argocd.argoproj.io/manifest-generate-paths annotation (#​9908) fix: terminal websocket write lock to avoid races (#​10011) fix: updated all a tags to Link tags in app summary (#​9777) fix: e2e test to use func from clusterauth instead creating one with old logic (#​9989) fix: add missing download CLI tool URL response for ppc64le, s390x (#​9983)

Other

chore: upgrade parse-url to avoid SNYK-JS-PARSEURL-2936249 (#​9826) docs: use quotes to emphasize that ConfigMap value is a string (#​9995) docs: document directory app include/exclude fields (#​9997) docs: simplify Docker toolchain docs (#​9966) (#​10006) docs: supported versions (#​9876)

v2.4.6

Compare Source

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.6/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.6/manifests/ha/install.yaml
Features
  • feat: Treat connection reset as a retryable error (#​9739)
Bug fixes
  • fix: 'unexpected reserved bits' breaking web terminal (#​9605) (#​9895)
  • fix: argocd login just hangs on 2.4.0 #​9679 (#​9935)
  • fix: CMP manifest generation fails with ENHANCE_YOUR_CALM if over 40s (#​9922)
  • fix: NotAfter is not set when ValidFor is set (#​9911)
  • fix: add missing download CLI tool link for ppc64le, s390x (#​9649)
  • fix: Check tracking annotation for being self-referencing (#​9791)
  • fix: Make change of tracking method work at runtime (#​9820)
  • fix: argo-cd git submodule is using SSH auth instead of HTTPs (#​3118) (#​9821)
Other
  • docs: fix typo in Generators-Git.md (#​9949)
  • docs: add terminal documentation (#​9948)
  • test: Use dedicated multi-arch workloads in e2e tests (#​9921)
  • docs: Adding blank line so list is formatted correctly (#​9880)
  • docs: small fix for plugin stream filtering (#​9871)
  • docs: Document the possibility of rendering Helm charts with Kustomize (#​9841)
  • docs: getting started notes on self-signed cert (#​9429) (#​9784)
  • test: check for error messages from CI env (#​9953)

v2.4.5

Compare Source

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.5/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.5/manifests/ha/install.yaml
Security fixes
Potentially-breaking changes

The fix for GHSA-7943-82jg-wmw5 enables TLS certificate validation by default for connections to OIDC providers. If connections to your OIDC provider fails validation, SSO will be broken for your Argo CD instance. You should test 2.4.5 before upgrading it to production. From the new documentation:

By default, all connections made by the API server to OIDC providers (either external providers or the bundled Dex instance) must pass certificate validation. These connections occur when getting the OIDC provider's well-known configuration, when getting the OIDC provider's keys, and when exchanging an authorization code or verifying an ID token as part of an OIDC login flow.

Disabling certificate verification might make sense if:

  • You are using the bundled Dex instance and your Argo CD instance has TLS configured with a self-signed certificate and you understand and accept the risks of skipping OIDC provider cert verification.
  • You are using an external OIDC provider and that provider uses an invalid certificate and you cannot solve the problem by setting oidcConfig.rootCA and you understand and accept the risks of skipping OIDC provider cert verification.

If either of those two applies, then you can disable OIDC provider certificate verification by setting oidc.tls.insecure.skip.verify to "true" in the argocd-cm ConfigMap.

Bug fixes
  • fix: webhook typo in case of error in GetManifests (#​9671)

v2.4.4

Compare Source

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.4/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.4/manifests/ha/install.yaml
Bug fixes
  • fix: missing path segments for git file generator (#​9839)
  • fix: make sure api server informer does not stop after setting change (#​9842)
  • fix: support resource logs and exec (#​9833)
  • fix: configurable CMP tar exclusions (#​9675) (#​9789)
  • fix: prune any deleted refs before fetching (#​9504)
Other
  • test: Remove circular symlinks from testdata (#​9886)
  • docs: custom secret must be labeled (#​9835)
  • docs: update archlinux install with official package (#​9718)
  • docs: explain rightmost git generator path parameter behavior (#​9799)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, click this checkbox.

This MR has been generated by Renovate Bot.

Edited by Renovate Bot

Merge request reports