diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index eeea7755..de804f3f 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@f24426972367551f3391720e34317783a92fd32b # v41.0.8 + uses: renovatebot/github-action@3f10d7a25cf0aa7b37519aa771ed9143fcbb5da5 # v41.0.10 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0205ce8c..231f25c1 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 + uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1 with: sarif_file: results.sarif diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1e799493..05c614ff 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.14 +version: 7.7.17 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added `tpl` function support for `server.ingress`. + - kind: fixed + description: Address ingress regression of PR #3081, use toString before tpl function diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3b2b999a..2b223a6f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -191,7 +191,7 @@ server: alb.ingress.kubernetes.io/scheme: internal alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/backend-protocol: HTTP - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' + alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]' alb.ingress.kubernetes.io/ssl-redirect: '443' aws: serviceType: ClusterIP # <- Used with target-type: ip @@ -789,6 +789,7 @@ NAME: my-release | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | | configs.tls.annotations | object | `{}` | Annotations to be added to argocd-tls-certs-cm configmap | | configs.tls.certificates | object | `{}` (See [values.yaml]) | TLS certificates for Git repositories | +| configs.tls.create | bool | `true` | Specifies if the argocd-tls-certs-cm configmap should be created by Helm. | ## Argo CD Controller diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index bd63c755..0520c40f 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -190,7 +190,7 @@ server: alb.ingress.kubernetes.io/scheme: internal alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/backend-protocol: HTTP - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' + alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]' alb.ingress.kubernetes.io/ssl-redirect: '443' aws: serviceType: ClusterIP # <- Used with target-type: ip diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index db582e6d..3aad4011 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -1,3 +1,4 @@ +{{- if .Values.configs.tls.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -15,3 +16,4 @@ metadata: data: {{- toYaml . | nindent 2 }} {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 88c2f99a..8724baa7 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -14,7 +14,7 @@ metadata: {{- with .Values.server.ingress.annotations }} annotations: {{- range $key, $value := . }} - {{ $key }}: {{ tpl $value $ | quote }} + {{ $key }}: {{ tpl (toString $value) $ | quote }} {{- end }} {{- end }} spec: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d5056840..c5dcf150 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -412,6 +412,9 @@ configs: # ... # -----END CERTIFICATE----- + # -- Specifies if the argocd-tls-certs-cm configmap should be created by Helm. + create: true + # ConfigMap for Config Management Plugins # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/ cmp: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 55a7bd51..a184cb91 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.9.4 +appVersion: v1.9.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.12 +version: 2.4.13 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-events to v1.9.4 + description: Bump argo-events to v1.9.5 diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 658d613f..be8df0c6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.6.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.3 +version: 0.45.4 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Support ephemeral credentials for s3 artifact repository + description: Support configuring workflow events in the controller diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 6a82eb5f..323524c2 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -239,6 +239,7 @@ Fields to note: | controller.volumeMounts | list | `[]` | Additional volume mounts to the controller main container | | controller.volumes | list | `[]` | Additional volumes to the controller pod | | controller.workflowDefaults | object | `{}` | Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. Only valid for 2.7+ | +| controller.workflowEvents.enabled | bool | `true` | Enable to emit events on workflow status changes. | | controller.workflowNamespaces | list | `["default"]` | Specify all namespaces where this workflow controller instance will manage workflows. This controls where the service account and RBAC resources will be created. Only valid when singleNamespace is false. | | controller.workflowRestrictions | object | `{}` | Restricts the Workflows that the controller will process. Only valid for 2.9+ | | controller.workflowTTLWorkers | string | `nil` | Number of workflow TTL workers | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index a269f6e5..49616768 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -200,6 +200,8 @@ data: {{- end }} nodeEvents: enabled: {{ .Values.controller.nodeEvents.enabled }} + workflowEvents: + enabled: {{ .Values.controller.workflowEvents.enabled }} {{- with .Values.controller.kubeConfig }} kubeConfig: {{- toYaml . | nindent 6 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 035945d2..cf9b08d8 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -402,6 +402,12 @@ controller: ## "Unable to create audit event: etcdserver: mvcc: database space exceeded" enabled: true + workflowEvents: + # -- Enable to emit events on workflow status changes. + ## This can take up a lot of space in k8s (typically etcd), resulting in errors when trying to create new events: + ## "Unable to create audit event: etcdserver: mvcc: database space exceeded" + enabled: true + # -- Configure when workflow controller runs in a different k8s cluster with the workflow workloads, # or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. # @default -- `{}` (See [values.yaml])