marcel/argo-cd
1
0
Fork 0
mirror of https://github.com/argoproj/argo-cd.git synced 2026-02-20 01:28:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: disable gRPC service config DNS TXT lookups by default (#26077)

Browse Source 
Signed-off-by: Valentin Stoican <vstoican@ripe.net>
Co-authored-by: Valentin Stoican <vstoican@ripe.net>
This commit is contained in:
Valentin Stoican
2026-01-27 10:29:38 +01:00
committed by GitHub
parent 9c108cbaa0
commit c2e594c5f5
20 changed files with 360 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Dockerfile
View File

@@ -79,6 +79,12 @@ RUN mkdir -p tls && \
ENV USER=argocd
# Disable gRPC service config lookups via DNS TXT records to prevent excessive
# DNS queries for _grpc_config.<hostname> which can cause timeouts in dual-stack
# environments. This can be overridden via argocd-cmd-params-cm ConfigMap.
# See https://github.com/argoproj/argo-cd/issues/24991
ENV GRPC_ENABLE_TXT_SERVICE_CONFIG=false
USER $ARGOCD_USER_ID
WORKDIR /home/argocd

20
docs/operator-manual/argocd-cmd-params-cm.yaml
View File

@@ -102,6 +102,10 @@ data:
# will increase the speed at which Argo CD becomes aware of external cluster state. A higher value will reduce cluster
# cache lock contention and better handle high-churn clusters.
controller.cluster.cache.events.processing.interval: "100ms"
# Enable gRPC service config lookups via DNS TXT records (default "false"). By default, gRPC DNS TXT lookups for
# _grpc_config.<hostname> are disabled to prevent excessive DNS queries that can cause timeouts in dual-stack environments.
# See https://github.com/argoproj/argo-cd/issues/24991
controller.grpc.enable.txt.service.config: "false"
## Server properties
# Listen on given address for incoming connections (default "0.0.0.0")
@@ -168,6 +172,10 @@ data:
server.enable.proxy.extension: "false"
# Enables profile endpoint on the internal metrics port
server.profile.enabled: "false"
# Enable gRPC service config lookups via DNS TXT records (default "false"). By default, gRPC DNS TXT lookups for
# _grpc_config.<hostname> are disabled to prevent excessive DNS queries that can cause timeouts in dual-stack environments.
# See https://github.com/argoproj/argo-cd/issues/24991
server.grpc.enable.txt.service.config: "false"
## Repo-server properties
# Listen on given address for incoming connections (default "0.0.0.0")
@@ -225,6 +233,10 @@ data:
reposerver.enable.builtin.git.config: "true"
# Include hidden directories from Git
reposerver.include.hidden.directories: "false"
# Enable gRPC service config lookups via DNS TXT records (default "false"). By default, gRPC DNS TXT lookups for
# _grpc_config.<hostname> are disabled to prevent excessive DNS queries that can cause timeouts in dual-stack environments.
# See https://github.com/argoproj/argo-cd/issues/24991
reposerver.grpc.enable.txt.service.config: "false"
## Commit-server properties
# Listen on given address for incoming connections (default "0.0.0.0")
@@ -235,6 +247,10 @@ data:
commitserver.log.level: "info"
# Listen on given address for metrics (default "0.0.0.0")
commitserver.metrics.listen.address: "0.0.0.0"
# Enable gRPC service config lookups via DNS TXT records (default "false"). By default, gRPC DNS TXT lookups for
# _grpc_config.<hostname> are disabled to prevent excessive DNS queries that can cause timeouts in dual-stack environments.
# See https://github.com/argoproj/argo-cd/issues/24991
commitserver.grpc.enable.txt.service.config: "false"
# Set the logging format. One of: json|text (default "json")
dexserver.log.format: "json"
@@ -300,6 +316,10 @@ data:
applicationsetcontroller.status.max.resources.count: "5000"
# Enables profile endpoint on the internal metrics port
applicationsetcontroller.profile.enabled: "false"
# Enable gRPC service config lookups via DNS TXT records (default "false"). By default, gRPC DNS TXT lookups for
# _grpc_config.<hostname> are disabled to prevent excessive DNS queries that can cause timeouts in dual-stack environments.
# See https://github.com/argoproj/argo-cd/issues/24991
applicationsetcontroller.grpc.enable.txt.service.config: "false"
## Argo CD Notifications Controller Properties
# Set the logging level. One of: debug|info|warn|error (default "info")

34
docs/operator-manual/upgrading/3.3-3.4.md
View File

@@ -17,3 +17,37 @@ The behavior of Application health status has changed to be more consistent and
- Applications with some missing resources will now show the health of their existing resources (e.g., `Healthy`, `Progressing`, `Degraded`) instead of `Missing`
- Automation relying on the Application Health status to detect missing resources should now check the Sync status for `OutOfSync` instead, and optionally inspect individual resource health if needed.
- Users can now distinguish between an Application that has never been synced (all resources missing = `Missing` health) vs. an Application with some resources deleted (shows health of remaining resources)
## gRPC Service Config DNS Lookups Disabled by Default
ArgoCD components now disable gRPC service config lookups via DNS TXT records by default to prevent excessive DNS queries and timeouts in dual-stack (IPv4+IPv6) Kubernetes environments.
**Background:**
gRPC clients by default attempt to discover service configuration by querying DNS TXT records for `_grpc_config.<hostname>`. In dual-stack environments, these lookups can result in excessive DNS queries and timeouts, causing repo-server crashes and sync failures.
**New behavior:**
- The environment variable `GRPC_ENABLE_TXT_SERVICE_CONFIG` is now set to `false` by default for all ArgoCD components
- This prevents gRPC from attempting DNS TXT record lookups for service configuration
- Most users do not use DNS TXT records for gRPC service configuration
**Impact:**
- **Positive**: Eliminates excessive DNS queries in dual-stack environments, preventing timeouts and improving reliability
- **Minimal**: The vast majority of users do not use DNS TXT records for gRPC service configuration and will see no functional change
- **Re-enablement**: Users who do rely on gRPC service config via DNS TXT records can re-enable this feature by setting the parameter `controller.grpc.enable.txt.service.config: "true"` in the `argocd-cmd-params-cm` ConfigMap
**Example to re-enable (if needed):**
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-cmd-params-cm
namespace: argocd
data:
controller.grpc.enable.txt.service.config: "true"
```
**Related Issue**: https://github.com/argoproj/argo-cd/issues/24991

6
manifests/base/application-controller-deployment/argocd-application-controller-deployment.yaml
View File

@@ -25,6 +25,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: controller.grpc.enable.txt.service.config
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:

6
manifests/base/application-controller/argocd-application-controller-statefulset.yaml
View File

@@ -26,6 +26,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: controller.grpc.enable.txt.service.config
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

6
manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml
View File

@@ -27,6 +27,12 @@ spec:
- containerPort: 8080
name: metrics
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: applicationsetcontroller.grpc.enable.txt.service.config
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:

6
manifests/base/commit-server/argocd-commit-server-deployment.yaml
View File

@@ -24,6 +24,12 @@ spec:
args:
- /usr/local/bin/argocd-commit-server
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: commitserver.grpc.enable.txt.service.config
optional: true
- name: ARGOCD_COMMIT_SERVER_LISTEN_ADDRESS
valueFrom:
configMapKeyRef:

6
manifests/base/repo-server/argocd-repo-server-deployment.yaml
View File

@@ -29,6 +29,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: reposerver.grpc.enable.txt.service.config
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:

6
manifests/base/server/argocd-server-deployment.yaml
View File

@@ -28,6 +28,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: server.grpc.enable.txt.service.config
optional: true
- name: ARGOCD_SERVER_INSECURE
valueFrom:
configMapKeyRef:

24
manifests/core-install-with-hydrator.yaml generated
View File

@@ -31117,6 +31117,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -31388,6 +31394,12 @@ spec:
- args:
- /usr/local/bin/argocd-commit-server
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: commitserver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_COMMIT_SERVER_LISTEN_ADDRESS
valueFrom:
configMapKeyRef:
@@ -31609,6 +31621,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -31994,6 +32012,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

18
manifests/core-install.yaml generated
View File

@@ -31085,6 +31085,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -31443,6 +31449,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -31828,6 +31840,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

30
manifests/ha/install-with-hydrator.yaml generated
View File

@@ -32483,6 +32483,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -32754,6 +32760,12 @@ spec:
- args:
- /usr/local/bin/argocd-commit-server
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: commitserver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_COMMIT_SERVER_LISTEN_ADDRESS
valueFrom:
configMapKeyRef:
@@ -33244,6 +33256,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -33629,6 +33647,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: server.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_SERVER_INSECURE
valueFrom:
configMapKeyRef:
@@ -34039,6 +34063,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

24
manifests/ha/install.yaml generated
View File

@@ -32453,6 +32453,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -33080,6 +33086,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -33465,6 +33477,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: server.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_SERVER_INSECURE
valueFrom:
configMapKeyRef:
@@ -33875,6 +33893,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

30
manifests/ha/namespace-install-with-hydrator.yaml generated
View File

@@ -1731,6 +1731,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -2002,6 +2008,12 @@ spec:
- args:
- /usr/local/bin/argocd-commit-server
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: commitserver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_COMMIT_SERVER_LISTEN_ADDRESS
valueFrom:
configMapKeyRef:
@@ -2492,6 +2504,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -2877,6 +2895,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: server.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_SERVER_INSECURE
valueFrom:
configMapKeyRef:
@@ -3287,6 +3311,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

24
manifests/ha/namespace-install.yaml generated
View File

@@ -1701,6 +1701,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -2328,6 +2334,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -2713,6 +2725,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: server.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_SERVER_INSECURE
valueFrom:
configMapKeyRef:
@@ -3123,6 +3141,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

30
manifests/install-with-hydrator.yaml generated
View File

@@ -31561,6 +31561,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -31832,6 +31838,12 @@ spec:
- args:
- /usr/local/bin/argocd-commit-server
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: commitserver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_COMMIT_SERVER_LISTEN_ADDRESS
valueFrom:
configMapKeyRef:
@@ -32274,6 +32286,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -32657,6 +32675,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: server.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_SERVER_INSECURE
valueFrom:
configMapKeyRef:
@@ -33067,6 +33091,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

24
manifests/install.yaml generated
View File

@@ -31529,6 +31529,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -32108,6 +32114,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -32491,6 +32503,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: server.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_SERVER_INSECURE
valueFrom:
configMapKeyRef:
@@ -32901,6 +32919,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

30
manifests/namespace-install-with-hydrator.yaml generated
View File

@@ -809,6 +809,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -1080,6 +1086,12 @@ spec:
- args:
- /usr/local/bin/argocd-commit-server
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: commitserver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_COMMIT_SERVER_LISTEN_ADDRESS
valueFrom:
configMapKeyRef:
@@ -1522,6 +1534,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -1905,6 +1923,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: server.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_SERVER_INSECURE
valueFrom:
configMapKeyRef:
@@ -2315,6 +2339,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

24
manifests/namespace-install.yaml generated
View File

@@ -777,6 +777,12 @@ spec:
- args:
- /usr/local/bin/argocd-applicationset-controller
env:
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
@@ -1356,6 +1362,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: reposerver.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
@@ -1739,6 +1751,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: server.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_SERVER_INSECURE
valueFrom:
configMapKeyRef:
@@ -2149,6 +2167,12 @@ spec:
secretKeyRef:
key: auth
name: argocd-redis
- name: GRPC_ENABLE_TXT_SERVICE_CONFIG
valueFrom:
configMapKeyRef:
key: controller.grpc.enable.txt.service.config
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_CONTROLLER_REPLICAS
value: "1"
- name: ARGOCD_RECONCILIATION_TIMEOUT

6
test/container/Dockerfile
View File

@@ -54,6 +54,12 @@ ENV PATH=/dist:/go/bin:/usr/local/go/bin:/go/src/github.com/argoproj/argo-cd/dis
ENV GOROOT=/usr/local/go
ENV GOPATH=/go
# Disable gRPC service config lookups via DNS TXT records to prevent excessive
# DNS queries for _grpc_config.<hostname> which can cause timeouts in dual-stack
# environments. This can be overridden via argocd-cmd-params-cm ConfigMap.
# See https://github.com/argoproj/argo-cd/issues/24991
ENV GRPC_ENABLE_TXT_SERVICE_CONFIG=false
# Install build and test dependencies
COPY hack/install.sh hack/tool-versions.sh go.* ./
COPY hack/installers installers