Currently, the usage of standard lua library is always disabled, making it difficult to implement complex health check scripts.
This feat allow admins to control the usage of standard library by setting "health.lua.useOpenLibs" (merged-keys convention)/"resource.customizations.useOpenLibs.<group_kind>"
(split-keys convention) field in argocd-cm ConfigMap.
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* fix: add helm dependecies with custom CA
Signed-off-by: Shubham Agarwal <shubhamagarawal19@gmail.com>
* fixed go lint error
Signed-off-by: Shubham Agarwal <shubhamagarawal19@gmail.com>
* ignore existing repos
Signed-off-by: Shubham Agarwal <shubhamagarawal19@gmail.com>
* fix: Enable helm OCI to work for lots of different URLs without having to create a repo for each one
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: Enable helm OCI to work for lots of different URLs without having to create a repo for each one
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: lint
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: lint
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: fix test code
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: dependency add for https and oci
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: go.sum and install.yaml
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: fix checking if repo exits
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: fix generated files
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: fix go.mod and go.sum
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: clean up code
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: rename RepoCreds to HelmRepoCreds
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: Added type for repoCreds.
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: checking in install.yaml
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: checking in install.yaml
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: checking in install.yaml
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: Makefile
Signed-off-by: May Zhang <may_zhang@intuit.com>
Co-authored-by: Shubham Agarwal <shubhamagarawal19@gmail.com>
* feat: support background propagation policy
Currently, Argo CD only supports foreground propagation policy ie. delete all the resources in the foreground and then delete the application in the end. This PR introduces a new flag `propagation-policy` to decide the type of policy when cascading is enabled. It also adds an annotation `propagation-policy.argocd.argoproj.io`, which is used by the application controller to decide the order of deletion.
Fixes: #5216
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* fix lint and doc errors
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* update logs to display the application name
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* address review comments
* remove application name from logs since it's already present
* update the propagation policy annotation key
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* Add radio buttons in the UI to select propagation policy
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* inject finalizers instead of annotations for specifying propagation policy
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* rebase branch on master
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* update the controller to set the policy only for application's resources
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* fix the label of policy radio button
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
* feat: get pod logs sequential
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: check in the md file
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: get pod logs
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix conflicts
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: added timeout for test
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: update doc
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: update test
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: add unit test
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: add unit test
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix merge conflict
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: add e2e test
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: clone query
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: rename tail-lines to tail
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix when to send last message status
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: retry on the client side
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: fix lint error
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: if --follow, keep retry
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: added two more flags for CLI
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: added two more flags for CLI
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: added two more flags for CLI
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: added two more flags for CLI
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: error return when there are more than 10 pods to render.
Signed-off-by: May Zhang <may_zhang@intuit.com>
* feat: if podname is present, use the same flow as if query by resource kind
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: controller should load application related nodes from target cluster
Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
* fix: make sure node capasity and pod requests are in same unit, improve unit formatting
Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
* fix: application hosts should include info about resources requested by app neighbors
Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
* apply reviewer notes
Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
* feat: Add autocomplete for repo Revisions
- Introduces api/v1/repositories/{repo}/refs which returns branches and tags
- Add new RevisionFormField component to Create and Edit Application pages
Signed-off-by: Tim Etchells <tetchell@redhat.com>
* Add "chown" to gpg/keys in "start-local" target that so that repo-server can access gpg keys.
* * Set -u uid:gid in the docker run commands so that test images are run under the current user.
* test Procfile processes will not need to perform "su" to default user (which has the current user's uid/gid)
* Remove chown in start-e2e-local
* clean up, remove "bash -c"
* Test containers are run as uid 0 which allows uid_entrypoint.sh to perform some user setup. uid_entrypoint.sh creates a non-root user (default) and enables passwordless sudo for that user. The container entry point command is run as the non-root user. "goreman start" does "sudo" to to the processes that need root permission including sshd, fcgiwrap, and nginix. The other processes are running as the non-root user.
* use /bin/bash
* change back to sh
* Docker image to create unpriveleged testuser and enable passwordless sudo for that user
* Use kustomize v3 to build ArgoCD manifests
* Update to test-tools-image v0.3.0
* Reorder patches so Kustomize v3 will properly find targets
* adding back these changes
* Use the generated files.
* changed the namespace
* changed kustomize version to 3.8.1 to be in sync with the one in tool-version.sh
* revert changes in makefile
* Re-run codegen
Co-authored-by: Zhang <may_zhang@intuit.com>
Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
This commit adds support for configurable Helm version either via
declarative syntax or via argocd cli.
New helm option 'Version' added to the ApplicationSourceHelm
struct which can be either 'v2' or 'v3'.
Argocd app create accepts '--helm-version' that also looks for the
same Helm versions as above.
* docs: add `namespace` field to cluster secret documentation
This feature for connecting with clusters where you only are (or can) watch a set of namespaces. Also useful when connecting argo with several clusters to avoid having the controller watching every single kind from every single api group from every single cluster.
https://github.com/argoproj/argo-cd/pull/2839
* fix: typo in the cluster namespaces description
* feat: add resource creation time to api response
* feat: add creation time to model
* feat: add resource's age to app detail page
* feat: add created_at to resource summary page
* feat: added Libs field to ApplicationSourceJsonnet
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* feat: codegen
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* feat: implemented jsonnet jpath arguments
- Implement the `-J` command line flag for jsonnet
- adapt test to include a nested library for testing the VM
functionality
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* feat: jsonnet import path relative to the repoRoot
- adapted testCase to make use of a jpath
- join repoRoot and provided jpath attributes
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* fix: added checking for out-of-repoRoot references
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* feat: Added CLI option for passing jsonnet libs
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* feat: Updated jsonnet docs
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* fix: renamed function
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* feat: Expose --local-repo-root flag
Allows passing a "virtal" git repository root when using the local sync
mode with --local.
Provides backwardscompatible with the previous default value ("/")
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* fix: added missing command
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* Remove obsolete line out of docs
Signed-off-by: Matthias Riegler <matthias.riegler@taotesting.com>
* Include sub and and iat in PermissionDenied message
* iat fromat changing
* Adding MapClaims convertion
* Adding Orphaned exception list
* Adding group kind label
* Fixed lint errors
* Method rename
* jwtTokens are reset when applying AppProjects
* fix unit tests in server_test.go
checking in generated.pb.go
* fix unit tests in rbackpolicy_test.go
* fix yarnl lint errors
* fix delete token in both spec and status
* add tests
* fixing failed test
* fixing failed test
* retry 3 times during update
* renamed CRD fields.
Updated nomalize method.
* fixed UI
* fixing merge conflicts
* fixing merge conflicts
* removed unused variables in UI
renamed a CRD field
updated combineToken logic using map
* Only update project which needs normalize token.
* Changed logging.
* check for nil
* Fix UI
* added project role get tests
* rename variables
* clean up
* fixing failed tests
* fixing failed tests
* fixing error handling for remove token
* log err when we have retried 3 times
* sort tokens
* sort tokens
* Add initial primitives and tests for GPG related operations
* More tests and test documentation
* Move gpg primitives to own module
* Add initial primitives for running git verify-commit and tests
* Improve and better comment test
* Implement VerifyCommitSignature() primitive for metrics wrapper
* More commentary
* Make reposerver verify gpg signatures when generating manifests
* Make signature validation optional
* Forbid use of local manifests when signature verification is enabled
* Introduce new signatureKeys field in project CRD
* Initial support for only syncing against signed revisions
* Updates to GnuPG primitives and more test cases
* Move signature verification to correct place and add tests
* Add signature verification result to revision metadata and display it in UI
* Add more primitives and move out some stuff to common module
* Add more testdata
* Add key management primitives to ArgoDB
* Move type GnuPGPublicKey to appsv1 package
* Add const ArgoCDGPGKeysConfigMapName
* Handle key operations with appsv1.GnuPGPublicKey
* Add initial API for managing GPG keys
* Remove deprecated code
* Add primitives for adding public keys to configuration
* Change semantics of ValidateGPGKeys to return more key information
* Add key import functionality to public key API
* Fix code quirks reported by linter
* More code quirks fixes
* Fix test
* Add primitives for deleting keys from configuration
* Add delete key operation to API and CLI
* Cosmetics
* Implement logic to sync configuration to keyring in repo-server
* Add IsGPGEnabled() primitive and also update trustdb on ownertrust changes
* Use gpg.IsGPGEnabled() instead of custom test
* Remove all keyring manipulating methods from DB
* Cosmetics/comments
* Require grpc methods from argoproj pkg
* Enable setting config path via ARGOCD_GPG_DATA_PATH
* Allow "no" and any cases in ARGOCD_GPG_ENABLED
* Enable GPG feature on start and start-e2e and set required environment
* Cosmetics/comments
* Cosmetics and commentary
* Update API documentation
* Fix comment
* Only run GPG related operations if GPG is enabled
* Allow setting ARGOCD_GPG_ENABLE from the environment
* Create GPG ConfigMap resource during installation
* Use function instead of constant to get the watcher path
* Re-watch source path in case it gets recreated. Also, error on finish
* Add End-to-End tests for GPG commit verification
* Introduce SignatureKey type for AppProject CRD
* Fix merge error from previous commit
* Adapt test for additional manifest (argocd-gpg-keys-cm.yaml)
* Fix linter issues
* Adapt CircleCI configuration to enable running tests
* Add wrapper scripts for git and gpg
* Sigh.
* Display gpg version in CircleCI
* Install gnupg2 and link it to gpg in CI
* Try to install gnupg2 in CircleCI image
* More CircleCI tweaks
* # This is a combination of 10 commits.
# This is the 1st commit message:
Containerize tests - test cycle
# This is the commit message #2:
adapt working directory
# This is the commit message #3:
Build before running tests (so we might have a cache)
# This is the commit message #4:
Test limiting parallelism
# This is the commit message #5:
Remove unbound variable
# This is the commit message #6:
Decrease parallelism to find out limit
# This is the commit message #7:
Use correct flag
# This is the commit message #8:
Update Docker image
# This is the commit message #9:
Remove build phase and increase parallelism
# This is the commit message #10:
Further increase parallelism
* Dockerize toolchain
* Add new targets to Makefile
* Codegen
* Properly handle permissions for E2E tests
* Remove gnupg2 installation from CircleCI configuration
* Limit parallelism of build
* Fix Yarn lint
* Retrigger CI for possible flaky test
* Codegen
* Remove duplicate target in Makefile
* Pull in pager from dep ensure -v
* Adapt to gitops-engine changes and codegen
* Use new health package for health status constants
* Add GPG methods to ArgoDB mock module
* Fix possible nil pointer dereference
* Fix linter issue in imports
* Introduce RBAC resource type 'gpgkeys' and adapt policies
* Use ARGOCD_GNUPGHOME instead of GNUPGHOME for subsystem configuration
Also remove some deprecated unit tests.
* Also register GPG keys API with gRPC-GW
* Update from codegen
* Update GPG key API
* Add web UI to manage GPG keys
* Lint updates
* Change wording
* Add some plausibility checks for supplied data on key creation
* Update from codegen
* Re-allow binary keys and move check for ASCII armoured to UI
* Make yarn lint happy
* Add editing signature keys for projects in UI
* Add ability to configure signature keys for project in CLI
* Change default value to use for GNUPGHOME
* Do not include data section in default gpg keys CM
* Adapt Docker image for GnuPG feature
* Add required configuration to installation manifests
* Add add-signature-key and remove-signature-key commands to project CLI
* Fix typo
* Add initial user documentation for GnuPG verification
* Fix role name - oops
* Mention required RBAC roles in docs
* Support GPG verification of git annotated tags as well
* Ensure CLI can build succesfully
* Better support verification on tags
* Print key type in upper case
* Update user documentation
* Correctly disable GnuPG verification if ARGOCD_GPG_ENABLE=false
* Clarify that this feature is only available with Git repositories
* codegen
* Move verification code to own function
* Remove deprecated check
* Make things more developer friendly when running locally
* Enable GPG feature by default, and don't require ARGOCD_GNUPGHOME to be set
* Revert changes to manifests to reflect default enable state
* Codegen
* feat: add time taken to complete deployment
Signed-off-by: darshanime <deathbullet@gmail.com>
* feat: add test for adding deploy started at time
Signed-off-by: darshanime <deathbullet@gmail.com>
* feat: use hourglass for time to deploy
Signed-off-by: darshanime <deathbullet@gmail.com>
* feat: add comments to RevisionHistory fields
Signed-off-by: darshanime <deathbullet@gmail.com>
* support partial sync with namespace.
* corrected test folder name
* Trying to fix lint error
* 1. in test, delete ns after test
2. in test, created new methods for ResourceSyncStatusWithNamespaceIs and ResourceHealthWithNamespaceIs.
* reformat imports
* simplify code
* remove timeout
* chore: Migrate CI to GitHub actions
* Do not install golangci-lint, we use the action
* Integrate codecov.io upload
* Use some better names for analyze job & steps
* go mod tidy
* Update tools
* Disable CircleCI completely
* Satisfy CircleCI with a dummy step until it's disabled
* chore: Migrate to Go modules
* Update CircleCI config
* Fix path
* Attach vendor for test step correctly
* restore_vendor -> attach_vendor
* Update cache path
* Checkout code before attaching vendor
* Move checkout to even earlier in job
* Don't restore cache for e2e step
* .
* Explicitly set GOPATH
* Restore Build cache
* Fix permissions
* Set correct environment for docker env
* Uncache everything
* Fix permissions
* Use workspace for caching Go code
* .
* go mod tidy
* Try to speed up builds
* Make mod target implicit dependencies
* Do not call make mod-download or mod-vendor
* Fix permissions
* Don't have modules dependendencies on test-e2e-local
* Fix confgi
* Bye bye
* Remove test parallelism
* Get max test parallelism back in, but with lower value
* Move utils packages that are required for gitops engine under engine/pkg/utils package.
Following changes were implemented:
* util/health package is split into two parts: resource health assessement & resource health assessement and moved into engine/pkg/utils
* utils packages moved: Closer and Close method of util package moved into engine/pkg/utils/io package
* packages diff, errors, exec, json, kube and tracing moved into engine/pkg/utils
* Move single cluster caching into engine/kube/cache package
* move sync functionality to engine/kube/sync package
* remove dependency on metrics package from engine/pkg/utils/kube/cache
* move annotation label definitions into engine/pkg/utils/kube/sync
* make sure engine/pkg has no dependencies on other argo-cd packages
* allow importing engine as a go module
* implement a high-level interface that might be consumed by flux
* fix deadlock caused by cluster cache event handler
* ClusterCache should return error if requested group kind not found
* remove obsolete tests
* apply reviewer notes
* fix: Updating to jsonnet v1.15.0 fix issue #3277
* feat: Changes from codegen, adding a repository gt service
* feat: Adding a get repository command
* Retrigger CI pipeline
* refactor: delete deprecated option on Get
refactor printing getcommand result
Getrepository() dependent on rbac enforcement
* fix: setting Get repo command to get
* feat: Let user to define meaningful unique JWT token name
* Update sessionmanager.go
* Update server_test.go
* Update sessionmanager_test.go
* Adding get JWTToken by id if not then by issued time
* Adding relate tests
* Adding relate tests
* Retrigger the build
* feat: Let user to define meaningful unique JWT token name
* Update sessionmanager.go
* Update server_test.go
* Update sessionmanager_test.go
* Adding get JWTToken by id if not then by issued time
* Adding relate tests
* Retrigger the build
* feat: Let user to define meaningful unique JWT token name
* Adding get JWTToken by id if not then by issued time
* Adding relate tests
* Adding UI change
* add yarn lint
* Fixing could not find plugin issue when app sync and app diff
* Fixing codegen error
* Revert "Fixing codegen error"
This reverts commit b2dcfb81
* Fixing codegen error
* If user is logged in, settings API would return ConfigManagementPlugins
Necessary STDIN changes to support Windows
Added support for SE Linux
Informational message about linting OOM
Updated due to latest helm stable being 3.x
* Add maintenance windows for applications, configured at the project level
* move maintenance window check out of autoSync(), fix imports and error checking
* fix ui lint
* add some more tests for maintenance
* patch after pre-commit
* Add more tests for maintenance windows
* Remove Dockerfile as it was added by mistake
* Allow Helm parameters to force ambiguously-typed values to be strings
* Fix protobud issue for ForceString field
* Ran pre-commit checks
* Revert "Ran pre-commit checks"
This reverts commit b384d16e46.
* Ran pre-commit checks
* Revert "Ran pre-commit checks"
This reverts commit dc9e31567b.
* Ran pre-commit checks
* Deprecate componentParameterOverrides in favor of source specific config
* Support rollback when application source changes
* Removes the legacy spec.source.environment and spec.source.valuesFiles which were deprecated in v0.11
* Fix issue where argocd app create APPNAME --file didn't fail when there were name conflicts
* Fix issue where auto-sync and app deletion would cause infighting
* Added a recurse option for directorys. Fixes 1083
* Linting
* Makes manifests minimally valid
* Adds tests for VerifyOneSourceType
* Adds recurse field to ManifestRequest
* Fixes spelling
* Adds --directory-recurse option to local diff
* Adds omitempty to recurse flag
* Uses paths to join path
* Use filepath.Walk
* Supports --directory-recurse when adding/setting apps from the CLI
* Fixes problem with recurse
* Updates API to surface directory.recurse
* Nil directory if recurse is false
