* feat: adding disable-validation for app create and app set
* feat: adding disable-validation for app create and app set
* feat: change test func name
* feat: added support of app unset and app edit in addition to app create and app set.
* feat: remove extra space.
* Include sub and and iat in PermissionDenied message
* iat fromat changing
* Adding MapClaims convertion
* Adding Orphaned exception list
* Adding group kind label
* Fixed lint errors
* Method rename
* fix: permission denied due to NormalizeProjs failed to get list of projects
* fix: permission denied due to NormalizeProjs failed to get list of projects
* fix: return error if normalization failed.
* fix: return error if normalization failed.
* fix: return error if normalization failed.
* fix: in GetJWTToken, remove normalize. It causes issue with delete token.
* Moved get project to only when apierr.IsConflict(err)
* jwtTokens are reset when applying AppProjects
* fix unit tests in server_test.go
checking in generated.pb.go
* fix unit tests in rbackpolicy_test.go
* fix yarnl lint errors
* fix delete token in both spec and status
* add tests
* fixing failed test
* fixing failed test
* retry 3 times during update
* renamed CRD fields.
Updated nomalize method.
* fixed UI
* fixing merge conflicts
* fixing merge conflicts
* removed unused variables in UI
renamed a CRD field
updated combineToken logic using map
* Only update project which needs normalize token.
* Changed logging.
* check for nil
* Fix UI
* added project role get tests
* rename variables
* clean up
* fixing failed tests
* fixing failed tests
* fixing error handling for remove token
* log err when we have retried 3 times
* sort tokens
* sort tokens
* Add initial primitives and tests for GPG related operations
* More tests and test documentation
* Move gpg primitives to own module
* Add initial primitives for running git verify-commit and tests
* Improve and better comment test
* Implement VerifyCommitSignature() primitive for metrics wrapper
* More commentary
* Make reposerver verify gpg signatures when generating manifests
* Make signature validation optional
* Forbid use of local manifests when signature verification is enabled
* Introduce new signatureKeys field in project CRD
* Initial support for only syncing against signed revisions
* Updates to GnuPG primitives and more test cases
* Move signature verification to correct place and add tests
* Add signature verification result to revision metadata and display it in UI
* Add more primitives and move out some stuff to common module
* Add more testdata
* Add key management primitives to ArgoDB
* Move type GnuPGPublicKey to appsv1 package
* Add const ArgoCDGPGKeysConfigMapName
* Handle key operations with appsv1.GnuPGPublicKey
* Add initial API for managing GPG keys
* Remove deprecated code
* Add primitives for adding public keys to configuration
* Change semantics of ValidateGPGKeys to return more key information
* Add key import functionality to public key API
* Fix code quirks reported by linter
* More code quirks fixes
* Fix test
* Add primitives for deleting keys from configuration
* Add delete key operation to API and CLI
* Cosmetics
* Implement logic to sync configuration to keyring in repo-server
* Add IsGPGEnabled() primitive and also update trustdb on ownertrust changes
* Use gpg.IsGPGEnabled() instead of custom test
* Remove all keyring manipulating methods from DB
* Cosmetics/comments
* Require grpc methods from argoproj pkg
* Enable setting config path via ARGOCD_GPG_DATA_PATH
* Allow "no" and any cases in ARGOCD_GPG_ENABLED
* Enable GPG feature on start and start-e2e and set required environment
* Cosmetics/comments
* Cosmetics and commentary
* Update API documentation
* Fix comment
* Only run GPG related operations if GPG is enabled
* Allow setting ARGOCD_GPG_ENABLE from the environment
* Create GPG ConfigMap resource during installation
* Use function instead of constant to get the watcher path
* Re-watch source path in case it gets recreated. Also, error on finish
* Add End-to-End tests for GPG commit verification
* Introduce SignatureKey type for AppProject CRD
* Fix merge error from previous commit
* Adapt test for additional manifest (argocd-gpg-keys-cm.yaml)
* Fix linter issues
* Adapt CircleCI configuration to enable running tests
* Add wrapper scripts for git and gpg
* Sigh.
* Display gpg version in CircleCI
* Install gnupg2 and link it to gpg in CI
* Try to install gnupg2 in CircleCI image
* More CircleCI tweaks
* # This is a combination of 10 commits.
# This is the 1st commit message:
Containerize tests - test cycle
# This is the commit message #2:
adapt working directory
# This is the commit message #3:
Build before running tests (so we might have a cache)
# This is the commit message #4:
Test limiting parallelism
# This is the commit message #5:
Remove unbound variable
# This is the commit message #6:
Decrease parallelism to find out limit
# This is the commit message #7:
Use correct flag
# This is the commit message #8:
Update Docker image
# This is the commit message #9:
Remove build phase and increase parallelism
# This is the commit message #10:
Further increase parallelism
* Dockerize toolchain
* Add new targets to Makefile
* Codegen
* Properly handle permissions for E2E tests
* Remove gnupg2 installation from CircleCI configuration
* Limit parallelism of build
* Fix Yarn lint
* Retrigger CI for possible flaky test
* Codegen
* Remove duplicate target in Makefile
* Pull in pager from dep ensure -v
* Adapt to gitops-engine changes and codegen
* Use new health package for health status constants
* Add GPG methods to ArgoDB mock module
* Fix possible nil pointer dereference
* Fix linter issue in imports
* Introduce RBAC resource type 'gpgkeys' and adapt policies
* Use ARGOCD_GNUPGHOME instead of GNUPGHOME for subsystem configuration
Also remove some deprecated unit tests.
* Also register GPG keys API with gRPC-GW
* Update from codegen
* Update GPG key API
* Add web UI to manage GPG keys
* Lint updates
* Change wording
* Add some plausibility checks for supplied data on key creation
* Update from codegen
* Re-allow binary keys and move check for ASCII armoured to UI
* Make yarn lint happy
* Add editing signature keys for projects in UI
* Add ability to configure signature keys for project in CLI
* Change default value to use for GNUPGHOME
* Do not include data section in default gpg keys CM
* Adapt Docker image for GnuPG feature
* Add required configuration to installation manifests
* Add add-signature-key and remove-signature-key commands to project CLI
* Fix typo
* Add initial user documentation for GnuPG verification
* Fix role name - oops
* Mention required RBAC roles in docs
* Support GPG verification of git annotated tags as well
* Ensure CLI can build succesfully
* Better support verification on tags
* Print key type in upper case
* Update user documentation
* Correctly disable GnuPG verification if ARGOCD_GPG_ENABLE=false
* Clarify that this feature is only available with Git repositories
* codegen
* Move verification code to own function
* Remove deprecated check
* Make things more developer friendly when running locally
* Enable GPG feature by default, and don't require ARGOCD_GNUPGHOME to be set
* Revert changes to manifests to reflect default enable state
* Codegen
* feat: Allow --local with automatic sync for --dry-run
Signed-off-by: darshanime <deathbullet@gmail.com>
* feat: add e2e test for local sync with dry run
Signed-off-by: darshanime <deathbullet@gmail.com>
* Move utils packages that are required for gitops engine under engine/pkg/utils package.
Following changes were implemented:
* util/health package is split into two parts: resource health assessement & resource health assessement and moved into engine/pkg/utils
* utils packages moved: Closer and Close method of util package moved into engine/pkg/utils/io package
* packages diff, errors, exec, json, kube and tracing moved into engine/pkg/utils
* Move single cluster caching into engine/kube/cache package
* move sync functionality to engine/kube/sync package
* remove dependency on metrics package from engine/pkg/utils/kube/cache
* move annotation label definitions into engine/pkg/utils/kube/sync
* make sure engine/pkg has no dependencies on other argo-cd packages
* allow importing engine as a go module
* implement a high-level interface that might be consumed by flux
* fix deadlock caused by cluster cache event handler
* ClusterCache should return error if requested group kind not found
* remove obsolete tests
* apply reviewer notes
* fix: Updating to jsonnet v1.15.0 fix issue #3277
* feat: Changes from codegen, adding a repository gt service
* feat: Adding a get repository command
* Retrigger CI pipeline
* refactor: delete deprecated option on Get
refactor printing getcommand result
Getrepository() dependent on rbac enforcement
* fix: setting Get repo command to get
* added path to cookie
* additional changes to support rootpath:
1. when using https, redirect to the right URL.
2. when rootpath is set, handle healthz, swagger, etc.
* additional changes to support rootpath:
1. when using https, redirect to the right URL.
2. when rootpath is set, handle healthz only.
* additional changes to support rootpath:
1. when using https, redirect to the right URL.
2. when rootpath is set, handle healthz only.
* Fixed for swagger-ui with rootpath
* Fixed for swagger test
* Fixed for redirect path
* Fixed for redirect path
* Set root path
* updated http mux if --rootpath is set during server startup.
updated baseHRef if --rootpath is set.
added --grpc-web-root-path for CLI.
* added rootpath as part of config context name
* clean up not used variables.
* fix: Add initial implementation for rate limiting failed logins
* Trigger test build
* Remove deprecated code and fix new project tests
* move cache related code from sessionmanager to cache access wrapper
* avoid using sleep in sessionmanager tests
* mention SECONDS in session manager environment variables to make it easier to understand meaning of each variable
* Login button should be disabled while user is waiting for login result
* prevent timing-based user enumeration attack
* reject too many failed attempts; always compute hash and introduce random delay
* remove unused constants
* fix linter errors
Co-authored-by: Alexander Matyushentsev <amatyushentsev@gmail.com>
* feat: Let user to define meaningful unique JWT token name
* Update sessionmanager.go
* Update server_test.go
* Update sessionmanager_test.go
* Adding get JWTToken by id if not then by issued time
* Adding relate tests
* Adding relate tests
* Retrigger the build
* feat: Let user to define meaningful unique JWT token name
* Update sessionmanager.go
* Update server_test.go
* Update sessionmanager_test.go
* Adding get JWTToken by id if not then by issued time
* Adding relate tests
* Retrigger the build
* feat: Let user to define meaningful unique JWT token name
* Adding get JWTToken by id if not then by issued time
* Adding relate tests
* Adding UI change
* add yarn lint
* Fixing could not find plugin issue when app sync and app diff
* Fixing codegen error
* Revert "Fixing codegen error"
This reverts commit b2dcfb81
* Fixing codegen error
* If user is logged in, settings API would return ConfigManagementPlugins
