Skip to content

Commit

Permalink
Merge branch 'main' into fix-redis-secret
Browse files Browse the repository at this point in the history
  • Loading branch information
@yu-croco
yu-croco committed Aug 8, 2024
2 parents 903d8e2 + 2251079 commit 1927a49
Show file tree
Hide file tree
Showing 17 changed files with 244 additions and 182 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/publish.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ jobs:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

- name: Login to GHCR
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/renovate.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,11 +26,11 @@ jobs:
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Self-hosted Renovate
uses: renovatebot/github-action@042670e39b8d7335e992c3fa526ecbfbd52ef57b # v40.2.2
uses: renovatebot/github-action@0c94129d48b4e92addf23686b8a735b3057a0448 # v40.2.5
with:
configurationFile: .github/configs/renovate-config.js
# renovate: datasource=docker depName=ghcr.io/renovatebot/renovate
renovate-version: 37.421.4
renovate-version: 38.18.0
token: '${{ steps.get_token.outputs.token }}'
env:
LOG_LEVEL: 'debug'
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scorecard.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -60,14 +60,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
with:
sarif_file: results.sarif
6 changes: 3 additions & 3 deletions charts/argo-cd/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: v2.11.5
kubeVersion: ">=1.23.0-0"
appVersion: v2.12.0
kubeVersion: ">=1.25.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 7.3.10
version: 7.4.2
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources:
Expand Down
2 changes: 1 addition & 1 deletion charts/argo-cd/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -647,7 +647,7 @@ server:

## Prerequisites

- Kubernetes: `>=1.23.0-0`
- Kubernetes: `>=1.25.0-0`
- We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach.
- Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info.
- Helm v3.0.0+
Expand Down
2 changes: 2 additions & 0 deletions charts/argo-cd/templates/argocd-applicationset/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ rules:
- appprojects
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
Expand Down
6 changes: 6 additions & 0 deletions charts/argo-cd/templates/argocd-repo-server/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -290,6 +290,12 @@ spec:
key: reposerver.revision.cache.lock.timeout
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_INCLUDE_HIDDEN_DIRECTORIES
valueFrom:
configMapKeyRef:
key: reposerver.include.hidden.directories
name: argocd-cmd-params-cm
optional: true
{{- if .Values.repoServer.useEphemeralHelmWorkingDir }}
- name: HELM_CACHE_HOME
value: /helm-working-dir
Expand Down
271 changes: 132 additions & 139 deletions charts/argo-cd/templates/crds/crd-application.yaml
View file

Large diffs are not rendered by default.

45 changes: 45 additions & 0 deletions charts/argo-cd/templates/crds/crd-applicationset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ spec:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
name:
type: string
requeueAfterSeconds:
Expand Down Expand Up @@ -668,6 +669,7 @@ spec:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
template:
properties:
metadata:
Expand Down Expand Up @@ -2430,6 +2432,7 @@ spec:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
name:
type: string
requeueAfterSeconds:
Expand Down Expand Up @@ -3026,6 +3029,7 @@ spec:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
template:
properties:
metadata:
Expand Down Expand Up @@ -6891,6 +6895,7 @@ spec:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
type: object
type: array
template:
Expand Down Expand Up @@ -7487,6 +7492,7 @@ spec:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
name:
type: string
requeueAfterSeconds:
Expand Down Expand Up @@ -8083,6 +8089,7 @@ spec:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
template:
properties:
metadata:
Expand Down Expand Up @@ -11948,6 +11955,7 @@ spec:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
type: object
type: array
mergeKeys:
Expand Down Expand Up @@ -14648,6 +14656,7 @@ spec:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
type: object
type: array
goTemplate:
Expand Down Expand Up @@ -15306,11 +15315,16 @@ spec:
type: string
step:
type: string
targetRevisions:
items:
type: string
type: array
required:
- application
- message
- status
- step
- targetRevisions
type: object
type: array
conditions:
Expand All @@ -15334,6 +15348,37 @@ spec:
- type
type: object
type: array
resources:
items:
properties:
group:
type: string
health:
properties:
message:
type: string
status:
type: string
type: object
hook:
type: boolean
kind:
type: string
name:
type: string
namespace:
type: string
requiresPruning:
type: boolean
status:
type: string
syncWave:
format: int64
type: integer
version:
type: string
type: object
type: array
type: object
required:
- metadata
Expand Down
60 changes: 33 additions & 27 deletions charts/argo-cd/templates/crds/crd-project.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,22 +31,28 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: 'AppProject provides a logical grouping of applications, providing
controls for: * where the apps may deploy to (cluster whitelist) * what
may be deployed (repository whitelist, resource whitelist/blacklist) * who
can access these applications (roles, OIDC group claims bindings) * and
what they can do (RBAC policies) * automation access to these roles (JWT
tokens)'
description: |-
AppProject provides a logical grouping of applications, providing controls for:
* where the apps may deploy to (cluster whitelist)
* what may be deployed (repository whitelist, resource whitelist/blacklist)
* who can access these applications (roles, OIDC group claims bindings)
* and what they can do (RBAC policies)
* automation access to these roles (JWT tokens)
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
Expand All @@ -57,9 +63,9 @@ spec:
description: ClusterResourceBlacklist contains list of blacklisted
cluster level resources
items:
description: GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
description: |-
GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying
concepts during lookup stages without having partially valid types
properties:
group:
type: string
Expand All @@ -74,9 +80,9 @@ spec:
description: ClusterResourceWhitelist contains list of whitelisted
cluster level resources
items:
description: GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
description: |-
GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying
concepts during lookup stages without having partially valid types
properties:
group:
type: string
Expand All @@ -103,9 +109,9 @@ spec:
not set.
type: string
namespace:
description: Namespace specifies the target namespace for the
application's resources. The namespace will only be set for
namespace-scoped resources that have not set a value for .metadata.namespace
description: |-
Namespace specifies the target namespace for the application's resources.
The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace
type: string
server:
description: Server specifies the URL of the target cluster's
Expand All @@ -118,9 +124,9 @@ spec:
description: NamespaceResourceBlacklist contains list of blacklisted
namespace level resources
items:
description: GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
description: |-
GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying
concepts during lookup stages without having partially valid types
properties:
group:
type: string
Expand All @@ -135,9 +141,9 @@ spec:
description: NamespaceResourceWhitelist contains list of whitelisted
namespace level resources
items:
description: GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
description: |-
GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying
concepts during lookup stages without having partially valid types
properties:
group:
type: string
Expand Down
1 change: 1 addition & 0 deletions charts/argo-cd/templates/redis-secret-init/job.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ metadata:
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }}
spec:
ttlSecondsAfterFinished: 60
template:
metadata:
labels:
Expand Down
4 changes: 2 additions & 2 deletions charts/argo-rollouts/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
appVersion: v1.7.1
description: A Helm chart for Argo Rollouts
name: argo-rollouts
version: 2.37.2
version: 2.37.3
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
keywords:
Expand All @@ -19,4 +19,4 @@ annotations:
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: added
description: Added traefik.io apiGroup to Role and ClusterRole
description: Added setting to disable creation of the notifications ConfigMap
1 change: 1 addition & 0 deletions charts/argo-rollouts/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ For full list of changes please check ArtifactHub [changelog].
| keepCRDs | bool | `true` | Keep CRD's on helm uninstall |
| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests |
| nameOverride | string | `nil` | String to partially override "argo-rollouts.fullname" template |
| notifications.configmap.create | bool | `true` | Whether to create notifications configmap |
| notifications.notifiers | object | `{}` | Configures notification services |
| notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret |
| notifications.secret.create | bool | `false` | Whether to create notifications secret |
Expand Down
2 changes: 2 additions & 0 deletions ...es/controller/notifcations-configmap.yaml → ...s/controller/notifications-configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{ if .Values.notifications.configmap.create }}
apiVersion: v1
kind: ConfigMap
metadata:
Expand All @@ -20,3 +21,4 @@ data:
subscriptions: |
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
4 changes: 4 additions & 0 deletions charts/argo-rollouts/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -449,6 +449,10 @@ dashboard:
volumeMounts: []

notifications:
configmap:
# -- Whether to create notifications configmap
create: true

secret:
# -- Whether to create notifications secret
create: false
Expand Down
6 changes: 3 additions & 3 deletions charts/argo-workflows/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: v3.5.8
appVersion: v3.5.10
name: argo-workflows
description: A Helm chart for Argo Workflows
type: application
version: 0.41.11
version: 0.41.14
icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png
home: https://github.com/argoproj/argo-helm
sources:
Expand All @@ -17,4 +17,4 @@ annotations:
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: fixed
description: Add `app:` label to components to match upstream
description: Avoid empty namespace in role binding when singleNamespace is true
Loading

0 comments on commit 1927a49

Please sign in to comment.