docs: Clarifying override RBAC needs (#16964)

Signed-off-by: Ryan Shatford <ryan@shatford.com>
Signed-off-by: Dan Garfield <dan@codefresh.io>
Co-authored-by: Ryan Shatford <ryan@shatford.com>
Co-authored-by: Dan Garfield <dan@codefresh.io>

.github/workflows/ci-build.yaml

@@ -30,7 +30,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v1
         with:
-          go-version: '1.16.2'
+          go-version: '1.14.12'
       - name: Download all Go modules
         run: |
           go mod download
@@ -48,7 +48,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v1
         with:
-          go-version: '1.16.2'
+          go-version: '1.14.12'
       - name: Restore go build cache
         uses: actions/cache@v1
         with:
@@ -69,7 +69,7 @@ jobs:
       - name: Run golangci-lint
         uses: golangci/golangci-lint-action@v2
         with:
-          version: v1.38.0
+          version: v1.29
           args: --timeout 5m --exclude SA5011
 
   test-go:
@@ -87,7 +87,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v1
         with:
-          go-version: '1.16.2'
+          go-version: '1.14.12'
       - name: Install required packages
         run: |
           sudo apt-get install git -y
@@ -147,7 +147,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v1
         with:
-          go-version: '1.16.2'
+          go-version: '1.14.12'
       - name: Install required packages
         run: |
           sudo apt-get install git -y
@@ -196,7 +196,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v1
         with:
-          go-version: '1.16.2'
+          go-version: '1.14.12'
       - name: Create symlink in GOPATH
         run: |
           mkdir -p ~/go/src/github.com/argoproj
@@ -259,7 +259,6 @@ jobs:
           yarn build
         env:
           NODE_ENV: production
-          NODE_ONLINE_ENV: online
         working-directory: ui/
       - name: Run ESLint
         run: yarn lint
@@ -355,10 +354,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v1
         with:
-          go-version: '1.16.2'
-      - name: GH actions workaround - Kill XSP4 process
-        run: |
-          sudo pkill mono || true
+          go-version: '1.14.12'
       - name: Install K3S
         env:
           INSTALL_K3S_VERSION: ${{ matrix.k3s-version }}+k3s1
@@ -396,7 +392,7 @@ jobs:
         run: |
           docker pull quay.io/dexidp/dex:v2.25.0
           docker pull argoproj/argo-cd-ci-builder:v1.0.0
-          docker pull redis:6.2.4-alpine
+          docker pull redis:5.0.10-alpine
       - name: Create target directory for binaries in the build-process
         run: |
           mkdir -p dist

.github/workflows/image.yaml

@@ -13,7 +13,7 @@ jobs:
     steps:
       - uses: actions/setup-go@v1
         with:
-          go-version: '1.16.4'
+          go-version: '1.14.12'
       - uses: actions/checkout@master
         with:
           path: src/github.com/argoproj/argo-cd

.github/workflows/release.yaml

@@ -18,7 +18,7 @@ jobs:
       # The name of the tag as supplied by the GitHub event
       SOURCE_TAG: ${{ github.ref }}
       # The image namespace where Docker image will be published to
-      IMAGE_NAMESPACE: quay.io/argoproj
+      IMAGE_NAMESPACE: argoproj
       # Whether to create & push image and release assets
       DRY_RUN: false
       # Whether a draft release should be created, instead of public one
@@ -139,7 +139,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v1
         with:
-          go-version: '1.16.4'
+          go-version: '1.14.12'
 
       - name: Setup Git author information
         run: |
@@ -197,12 +197,11 @@ jobs:
           QUAY_TOKEN: ${{ secrets.RELEASE_QUAY_TOKEN }}
         run: |
           set -ue
-          docker login quay.io --username "${QUAY_USERNAME}" --password "${QUAY_TOKEN}"
-          docker push ${IMAGE_NAMESPACE}/argocd:v${TARGET_VERSION}
-          # Remove the following when Docker Hub is gone
           docker login --username "${DOCKER_USERNAME}" --password "${DOCKER_TOKEN}"
-          docker tag ${IMAGE_NAMESPACE}/argocd:v${TARGET_VERSION} argoproj/argocd:v${TARGET_VERSION}
-          docker push argoproj/argocd:v${TARGET_VERSION}
+          docker push ${IMAGE_NAMESPACE}/argocd:v${TARGET_VERSION}
+          docker login quay.io --username "${QUAY_USERNAME}" --password "${QUAY_TOKEN}"
+          docker tag ${IMAGE_NAMESPACE}/argocd:v${TARGET_VERSION} quay.io/${IMAGE_NAMESPACE}/argocd:v${TARGET_VERSION}
+          docker push quay.io/${IMAGE_NAMESPACE}/argocd:v${TARGET_VERSION}
         if: ${{ env.DRY_RUN != 'true' }}
 
       - name: Read release notes file

CHANGELOG.md

@@ -1,111 +1,6 @@
 # Changelog
 
-## v2.0.0 (Unreleased)
-
-> [Upgrade instructions](./docs/operator-manual/upgrading/1.8-2.0.md)
-
-### Pods View
-
-Pods View is particularly useful for applications that have hundreds of pods. Instead of visualizing all Kubernetes
-resources for the application, it only shows Kubernetes pods and closely related resources. The Pods View supports
-grouping related resources by Parent Resource, Top Level Parent, or by Node. Each way of grouping solves a particular
-use case. For example grouping by Top Level Parent allows you to quickly find how many pods your application is running
-and which resources created them. Grouping by Node allows to see how Pods are spread across the nodes and how many
-resources they requested.
-
-
-### Logs Viewer
-
-Argo CD provides a way to see live logs of pods, which is very useful for debugging and troubleshooting. In the v2.0
-release, the log visualization has been rewritten to support pagination, filtering, the ability to disable/enable log
-streaming, and even a dark mode for terminal lovers. Do you want to see aggregated logs of multiple deployment pods?
-Not a problem! Just click on the parent resource such as Deployment, ReplicaSet, or StatefulSet and navigate
-to the Logs tab.
-
-### Banner Feature
-
-Want to notify your Argo CD users of upcoming changes? Just specify the notification message and optional URL using the
-`ui.bannercontent` and `ui.bannerurl` attributes in the `argocd-cm` ConfigMap. 
-
-### Core Features
-
-* The new sync option `PrunePropagationPolicy=background` allows using background deletion during syncing
-* New application finalizer `resources-finalizer.argocd.argoproj.io:background` allows using background deletion when the application is deleted
-* The new sync option `ApplyOutOfSyncOnly=true` allows skipping syncing resources that are already in the desired state.
-* The new sync option `PruneLast=true` allows deferring resource pruning until the last synchronization phase after all other resources are synced and healthy.
-
-### The argocd-util CLI
-
-Argo CD Util is a CLI tool that contains useful commands for operators who manage Argo CD. Starting from this release
-the Argo CD Utility is published with every Argo CD release as a Homebrew installation.
-
-## v1.8.7 (2021-02-26)
-
-### Important note
-This release fixed a regression regarding which cluster resources are permitted on the AppProject level.
-Previous to this fix, after #3960 has been merged, all cluster resources were allowed on project level when neither of
-the allow or deny lists was defined. However, the correct behavior is to block all resources in this case.
-
-If you have Projects with empty allow and deny lists, but want the associated applications be able to sync cluster
-resources, you will have to adapt your cluster resources allow lists to explicitly allow the resources.
-
-- fix: redact sensitive data in logs (#5662)
-- fix: Properly escape HTML for error message from CLI SSO (#5563)
-- fix: Empty resource whitelist allowed all resources (#5540) (#5551)
-
-## v1.8.6 (2021-02-26)
-
-- fix: Properly escape HTML for error message from CLI SSO (#5563)
-- fix: API server should not print resource body when resource update fails (#5617)
-- fix: fix memory leak in application controller (#5604)
-
-## v1.8.5 (2021-02-19)
-
-- fix: 'argocd app wait --suspended' stuck if operation is in progress (#5511)
-- fix: Presync hooks stop working after namespace resource is added in a Helm chart #5522
-- docs: add the missing rbac resources to the documentation (#5476)
-- refactor: optimize argocd-application-controller redis usage (#5345)
-
-## v1.8.4 (2021-02-05)
-
-- feat: set X-XSS-Protection while serving static content (#5412)
-- fix: version info should be avaialble if anonymous access is enabled (#5422)
-- fix: disable jwt claim audience validation #5381 (#5413)
-- fix: /api/version should not return tools version for unauthenticated requests (#5415)
-- fix: account tokens should be rejected if required capability is disabled (#5414)
-- fix: tokens keep working after account is deactivated (#5402)
-- fix: a request which was using a revoked project token, would still be allowed to perform requests allowed by default policy (#5378)
-
-## v1.8.3 (2021-01-21)
-
-- fix: make sure JWT token time fields contain only integer values (#5228)
-
-## v1.8.2 (2021-01-09)
-
-### Bug Fixes
-
-- fix: updating cluster drops secret (#5220)
-- fix: remove invalid assumption about OCI helm chart path (#5179)
-- fix: Possible nil pointer dereference in repository API (#5128)
-- fix: Possible nil pointer dereference in repocreds API (#5130)
-- fix: use json serialization to store cache instead of github.com/vmihailenco/msgpack (#4965)
-- fix: add liveness probe to restart repo server if it fails to server tls requests (#5110) (#5119)
-- fix: Allow correct SSO redirect URL for CLI static client (#5098)
-- fix: add grpc health check (#5060)
-- fix: setting 'revision history limit' errors in UI (#5035)
-- fix: add api-server liveness probe that catches bad data in informer (#5026)
-
-### Refactoring
-
-- chore: Update Dex to v2.27.0 (#5058)
-- chore: Upgrade gorilla/handlers and gorilla/websocket (#5186)
-- chore: Upgrade jwt-go to 4.0.0-preview1 (#5184)
-
-## v1.8.1 (2020-12-09)
-
-- fix: sync retry is broken for multi-phase syncs (#5017)
-
-## v1.8.0 (2020-12-09)
+## v1.8.0 (Unreleased)
 
 ### Mono-Repository Improvements
 
@@ -1515,7 +1410,7 @@ running Dex (e.g. Okta, OneLogin, Auth0, Microsoft, etc...)
 The optional, [Dex IDP OIDC provider](https://github.com/dexidp/dex) is still bundled as part of the
 default installation, in order to provide a seamless out-of-box experience, enabling Argo CD to
 integrate with non-OIDC providers, and to benefit from Dex's full range of
-[connectors](https://dexidp.io/docs/connectors/).
+[connectors](https://github.com/dexidp/dex/tree/master/Documentation/connectors).
 
 #### OIDC group bindings to Project Roles
 OIDC group claims from an OAuth2 provider can now be bound to a Argo CD project roles. Previously,

Dockerfile

@@ -4,7 +4,7 @@ ARG BASE_IMAGE=ubuntu:20.10
 # Initial stage which pulls prepares build dependencies and CLI tooling we need for our final image
 # Also used as the image in CI jobs so needs all dependencies
 ####################################################################################################
-FROM golang:1.16.4 as builder
+FROM golang:1.14.12 as builder
 
 RUN echo 'deb http://deb.debian.org/debian buster-backports main' >> /etc/apt/sources.list
 
@@ -97,12 +97,12 @@ ADD ["ui/", "."]
 
 ARG ARGO_VERSION=latest
 ENV ARGO_VERSION=$ARGO_VERSION
-RUN NODE_ENV='production' NODE_ONLINE_ENV='online' yarn build
+RUN NODE_ENV='production' yarn build
 
 ####################################################################################################
 # Argo CD Build stage which performs the actual build of Argo CD binaries
 ####################################################################################################
-FROM golang:1.16.0 as argocd-build
+FROM golang:1.14.12 as argocd-build
 
 COPY --from=builder /usr/local/bin/packr /usr/local/bin/packr
 

Makefile

@@ -1,4 +1,4 @@
-PACKAGE=github.com/argoproj/argo-cd/v2/common
+PACKAGE=github.com/argoproj/argo-cd/common
 CURRENT_DIR=$(shell pwd)
 DIST_DIR=${CURRENT_DIR}/dist
 CLI_NAME=argocd
@@ -45,7 +45,6 @@ ARGOCD_E2E_REPOSERVER_PORT?=8081
 ARGOCD_E2E_REDIS_PORT?=6379
 ARGOCD_E2E_DEX_PORT?=5556
 ARGOCD_E2E_YARN_HOST?=localhost
-ARGOCD_E2E_DISABLE_AUTH?=
 
 ARGOCD_IN_CI?=false
 ARGOCD_TEST_E2E?=true
@@ -74,7 +73,6 @@ define run-in-test-server
 		-e ARGOCD_IN_CI=$(ARGOCD_IN_CI) \
 		-e ARGOCD_E2E_TEST=$(ARGOCD_E2E_TEST) \
 		-e ARGOCD_E2E_YARN_HOST=$(ARGOCD_E2E_YARN_HOST) \
-		-e ARGOCD_E2E_DISABLE_AUTH=$(ARGOCD_E2E_DISABLE_AUTH) \
 		-v ${DOCKER_SRC_MOUNT} \
 		-v ${GOPATH}/pkg/mod:/go/pkg/mod${VOLUME_MOUNT} \
 		-v ${GOCACHE}:/tmp/go-build-cache${VOLUME_MOUNT} \
@@ -309,7 +307,7 @@ mod-download: test-tools-image
 
 .PHONY: mod-download-local
 mod-download-local:
-	go mod download && go mod tidy # go mod download changes go.sum https://github.com/golang/go/issues/42970
+	go mod download
 
 .PHONY: mod-vendor
 mod-vendor: test-tools-image

OWNERS

@@ -5,12 +5,13 @@ owners:
 approvers:
 - alexec
 - alexmt
+- dthomson25
 - jannfis
 - jessesuen
-- jgwest
 - mayzhang2000
+- rachelwang20
 
 reviewers:
-- dthomson25
-- tetchel
+- jgwest
 - wtam2018
+- tetchel

Procfile

@@ -1,7 +1,7 @@
 controller: sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-application-controller go run ./cmd/main.go --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081}"
 api-server: sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-server go run ./cmd/main.go --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --disable-auth=${ARGOCD_E2E_DISABLE_AUTH:-'true'} --insecure --dex-server http://localhost:${ARGOCD_E2E_DEX_PORT:-5556} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --port ${ARGOCD_E2E_APISERVER_PORT:-8080} --staticassets ui/dist/app"
-dex: sh -c "ARGOCD_BINARY_NAME=argocd-dex go run github.com/argoproj/argo-cd/v2/cmd gendexcfg -o `pwd`/dist/dex.yaml && docker run --rm -p ${ARGOCD_E2E_DEX_PORT:-5556}:${ARGOCD_E2E_DEX_PORT:-5556} -v `pwd`/dist/dex.yaml:/dex.yaml ghcr.io/dexidp/dex:v2.27.0 serve /dex.yaml"
-redis: docker run --rm --name argocd-redis -i -p ${ARGOCD_E2E_REDIS_PORT:-6379}:${ARGOCD_E2E_REDIS_PORT:-6379} redis:6.2.4-alpine --save "" --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}
+dex: sh -c "ARGOCD_BINARY_NAME=argocd-dex go run github.com/argoproj/argo-cd/cmd gendexcfg -o `pwd`/dist/dex.yaml && docker run --rm -p ${ARGOCD_E2E_DEX_PORT:-5556}:${ARGOCD_E2E_DEX_PORT:-5556} -v `pwd`/dist/dex.yaml:/dex.yaml ghcr.io/dexidp/dex:v2.27.0 serve /dex.yaml"
+redis: docker run --rm --name argocd-redis -i -p ${ARGOCD_E2E_REDIS_PORT:-6379}:${ARGOCD_E2E_REDIS_PORT:-6379} redis:5.0.10-alpine --save "" --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}
 repo-server: sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_GNUPGHOME=${ARGOCD_GNUPGHOME:-/tmp/argocd-local/gpg/keys} ARGOCD_GPG_DATA_PATH=${ARGOCD_GPG_DATA_PATH:-/tmp/argocd-local/gpg/source} ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-repo-server go run ./cmd/main.go --loglevel debug --port ${ARGOCD_E2E_REPOSERVER_PORT:-8081} --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379}"
 ui: sh -c 'cd ui && ${ARGOCD_E2E_YARN_CMD:-yarn} start'
 git-server: test/fixture/testrepos/start-git.sh

README.md

@@ -28,24 +28,8 @@ Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
 To learn more about Argo CD [go to the complete documentation](https://argo-cd.readthedocs.io/).
 Check live demo at https://cd.apps.argoproj.io/.
 
-## Community
+## Community Blogs and Presentations
 
-### Contribution, Discussion and Support
-
- You can reach the Argo CD community and developers via the following channels:
-
-* Q & A : [Github Discussions](https://github.com/argoproj/argo-cd/discussions)
-* Chat : [The #argo-cd Slack channel](https://argoproj.github.io/community/join-slack)
-* Contributors Office Hours: [Every Thursday](https://calendar.google.com/calendar/u/0/embed?src=argoproj@gmail.com) | [Agenda](https://docs.google.com/document/d/1ttgw98MO45Dq7ZUHpIiOIEfbyeitKHNfMjbY5dLLMKQ)
-* User Community meeting: [Every other Wednesday](https://calendar.google.com/calendar/u/0/embed?src=argoproj@gmail.com) | [Agenda](https://docs.google.com/document/d/1xkoFkVviB70YBzSEa4bDnu-rUZ1sIFtwKKG1Uw8XsY8)
-
-
-Participation in the Argo CD project is governed by the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md)
-
-
-### Blogs and Presentations
-
-1. [Couchbase - How To Run a Database Cluster in Kubernetes Using Argo CD](https://youtu.be/nkPoPaVzExY)
 1. [Automation of Everything - How To Combine Argo Events, Workflows & Pipelines, CD, and Rollouts](https://youtu.be/XNXJtxkUKeY)
 1. [Environments Based On Pull Requests (PRs): Using Argo CD To Apply GitOps Principles On Previews](https://youtu.be/cpAaI8p4R60)
 1. [Argo CD: Applying GitOps Principles To Manage Production Environment In Kubernetes](https://youtu.be/vpWQeoaiRM4)
@@ -60,10 +44,10 @@ Participation in the Argo CD project is governed by the [CNCF Code of Conduct](h
 1. [Machine Learning as Code](https://www.youtube.com/watch?v=VXrGp5er1ZE&t=0s&index=135&list=PLj6h78yzYM2PZf9eA7bhWnIh_mK1vyOfU). Among other things, describes how Kubeflow uses Argo CD to implement GitOPs for ML
 1. [Argo CD - GitOps Continuous Delivery for Kubernetes](https://www.youtube.com/watch?v=aWDIQMbp1cc&feature=youtu.be&t=1m4s)
 1. [Introduction to Argo CD : Kubernetes DevOps CI/CD](https://www.youtube.com/watch?v=2WSJF7d8dUg&feature=youtu.be)
-1. [GitOps Deployment and Kubernetes - using Argo CD](https://medium.com/riskified-technology/gitops-deployment-and-kubernetes-f1ab289efa4b)
+1. [GitOps Deployment and Kubernetes - using ArgoCD](https://medium.com/riskified-technology/gitops-deployment-and-kubernetes-f1ab289efa4b)
 1. [Deploy Argo CD with Ingress and TLS in Three Steps: No YAML Yak Shaving Required](https://itnext.io/deploy-argo-cd-with-ingress-and-tls-in-three-steps-no-yaml-yak-shaving-required-bc536d401491)
 1. [GitOps Continuous Delivery with Argo and Codefresh](https://codefresh.io/events/cncf-member-webinar-gitops-continuous-delivery-argo-codefresh/)
-1. [Stay up to date with Argo CD and Renovate](https://mjpitz.com/blog/2020/12/03/renovate-your-gitops/)
+1. [Stay up to date with ArgoCD and Renovate](https://mjpitz.com/blog/2020/12/03/renovate-your-gitops/)
 1. [Setting up Argo CD with Helm](https://www.arthurkoziel.com/setting-up-argocd-with-helm/)
-1. [Applied GitOps with Argo CD](https://thenewstack.io/applied-gitops-with-argocd/)
+1. [Applied GitOps with ArgoCD](https://thenewstack.io/applied-gitops-with-argocd/)
 1. [Solving configuration drift using GitOps with Argo CD](https://www.cncf.io/blog/2020/12/17/solving-configuration-drift-using-gitops-with-argo-cd/)

USERS.md

@@ -8,7 +8,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [3Rein](https://www.3rein.com/)
 1. [7shifts](https://www.7shifts.com/)
 1. [Adevinta](https://www.adevinta.com/)
-1. [Ambassador Labs](https://www.getambassador.io/)
 1. [ANSTO - Australian Synchrotron](https://www.synchrotron.org.au/)
 1. [AppDirect](https://www.appdirect.com)
 1. [Arctiq Inc.](https://www.arctiq.ca)
@@ -39,7 +38,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Future PLC](https://www.futureplc.com/)
 1. [Garner](https://www.garnercorp.com)
 1. [GMETRI](https://gmetri.com/)
-1. [Gojek](https://www.gojek.io/)
 1. [Greenpass](https://www.greenpass.com.br/)
 1. [Healy](https://www.healyworld.net)
 1. [hipages](https://hipages.com.au/)
@@ -91,7 +89,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Robotinfra](https://www.robotinfra.com)
 1. [Saildrone](https://www.saildrone.com/)
 1. [Saloodo! GmbH](https://www.saloodo.com)
-1. [Schwarz IT](https://jobs.schwarz/it-mission)
 1. [Speee](https://speee.jp/)
 1. [Spendesk](https://spendesk.com/)
 1. [Sumo Logic](https://sumologic.com/)
@@ -120,5 +117,4 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [WeMo Scooter](https://www.wemoscooter.com/)
 1. [Whitehat Berlin](https://whitehat.berlin) by Guido Maria Serra +Fenaroli
 1. [Yieldlab](https://www.yieldlab.de/)
-1. [Sap Labs](http://sap.com)
-1. [Smilee.io](https://smilee.io)
+1. [Sap Labs] (http://sap.com)

VERSION

@@ -1 +1 @@
-2.0.5
+1.9.0

cmd/argocd-application-controller/commands/argocd_application_controller.go

@@ -2,7 +2,6 @@ package commands
 
 import (
 	"context"
-	"fmt"
 	"math"
 	"time"
 
@@ -13,21 +12,20 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/controller"
-	"github.com/argoproj/argo-cd/v2/controller/sharding"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	cacheutil "github.com/argoproj/argo-cd/v2/util/cache"
-	appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/env"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	kubeutil "github.com/argoproj/argo-cd/v2/util/kube"
-	"github.com/argoproj/argo-cd/v2/util/settings"
-	"github.com/argoproj/argo-cd/v2/util/tls"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/controller"
+	"github.com/argoproj/argo-cd/controller/sharding"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appclientset "github.com/argoproj/argo-cd/pkg/client/clientset/versioned"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	cacheutil "github.com/argoproj/argo-cd/util/cache"
+	appstatecache "github.com/argoproj/argo-cd/util/cache/appstate"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/env"
+	"github.com/argoproj/argo-cd/util/errors"
+	kubeutil "github.com/argoproj/argo-cd/util/kube"
+	"github.com/argoproj/argo-cd/util/settings"
 )
 
 const (
@@ -52,8 +50,6 @@ func NewCommand() *cobra.Command {
 		kubectlParallelismLimit  int64
 		cacheSrc                 func() (*appstatecache.Cache, error)
 		redisClient              *redis.Client
-		repoServerPlaintext      bool
-		repoServerStrictTLS      bool
 	)
 	var command = cobra.Command{
 		Use:               cliName,
@@ -76,26 +72,7 @@ func NewCommand() *cobra.Command {
 			errors.CheckError(err)
 
 			resyncDuration := time.Duration(appResyncPeriod) * time.Second
-			tlsConfig := apiclient.TLSConfiguration{
-				DisableTLS:       repoServerPlaintext,
-				StrictValidation: repoServerStrictTLS,
-			}
-
-			// Load CA information to use for validating connections to the
-			// repository server, if strict TLS validation was requested.
-			if !repoServerPlaintext && repoServerStrictTLS {
-				pool, err := tls.LoadX509CertPool(
-					fmt.Sprintf("%s/controller/tls/tls.crt", env.StringFromEnv(common.EnvAppConfigPath, common.DefaultAppConfigPath)),
-					fmt.Sprintf("%s/controller/tls/ca.crt", env.StringFromEnv(common.EnvAppConfigPath, common.DefaultAppConfigPath)),
-				)
-				if err != nil {
-					log.Fatalf("%v", err)
-				}
-				tlsConfig.Certificates = pool
-			}
-
-			repoClientset := apiclient.NewRepoServerClientset(repoServerAddress, repoServerTimeoutSeconds, tlsConfig)
-
+			repoClientset := apiclient.NewRepoServerClientset(repoServerAddress, repoServerTimeoutSeconds)
 			ctx, cancel := context.WithCancel(context.Background())
 			defer cancel()
 
@@ -149,8 +126,6 @@ func NewCommand() *cobra.Command {
 	command.Flags().DurationVar(&metricsCacheExpiration, "metrics-cache-expiration", 0*time.Second, "Prometheus metrics cache expiration (disabled  by default. e.g. 24h0m0s)")
 	command.Flags().IntVar(&selfHealTimeoutSeconds, "self-heal-timeout-seconds", 5, "Specifies timeout between application self heal attempts")
 	command.Flags().Int64Var(&kubectlParallelismLimit, "kubectl-parallelism-limit", 20, "Number of allowed concurrent kubectl fork/execs. Any value less the 1 means no limit.")
-	command.Flags().BoolVar(&repoServerPlaintext, "repo-server-plaintext", false, "Disable TLS on connections to repo server")
-	command.Flags().BoolVar(&repoServerStrictTLS, "repo-server-strict-tls", false, "Whether to use strict validation of the TLS cert presented by the repo server")
 	cacheSrc = appstatecache.AddCacheFlagsToCmd(&command, func(client *redis.Client) {
 		redisClient = client
 	})

cmd/argocd-dex/commands/argocd_dex.go

@@ -14,11 +14,11 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/dex"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/settings"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/dex"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/settings"
 )
 
 const (

cmd/argocd-repo-server/commands/argocd_repo_server.go

@@ -14,21 +14,21 @@ import (
 	"github.com/spf13/cobra"
 	"google.golang.org/grpc/health/grpc_health_v1"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/reposerver"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	reposervercache "github.com/argoproj/argo-cd/v2/reposerver/cache"
-	"github.com/argoproj/argo-cd/v2/reposerver/metrics"
-	"github.com/argoproj/argo-cd/v2/reposerver/repository"
-	cacheutil "github.com/argoproj/argo-cd/v2/util/cache"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/env"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/gpg"
-	"github.com/argoproj/argo-cd/v2/util/healthz"
-	ioutil "github.com/argoproj/argo-cd/v2/util/io"
-	"github.com/argoproj/argo-cd/v2/util/tls"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/reposerver"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	reposervercache "github.com/argoproj/argo-cd/reposerver/cache"
+	"github.com/argoproj/argo-cd/reposerver/metrics"
+	"github.com/argoproj/argo-cd/reposerver/repository"
+	cacheutil "github.com/argoproj/argo-cd/util/cache"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/env"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/gpg"
+	"github.com/argoproj/argo-cd/util/healthz"
+	ioutil "github.com/argoproj/argo-cd/util/io"
+	"github.com/argoproj/argo-cd/util/tls"
 )
 
 const (
@@ -67,10 +67,8 @@ func NewCommand() *cobra.Command {
 		listenPort             int
 		metricsPort            int
 		cacheSrc               func() (*reposervercache.Cache, error)
-		tlsConfigCustomizer    tls.ConfigCustomizer
 		tlsConfigCustomizerSrc func() (tls.ConfigCustomizer, error)
 		redisClient            *redis.Client
-		disableTLS             bool
 	)
 	var command = cobra.Command{
 		Use:               cliName,
@@ -81,11 +79,8 @@ func NewCommand() *cobra.Command {
 			cli.SetLogFormat(cmdutil.LogFormat)
 			cli.SetLogLevel(cmdutil.LogLevel)
 
-			if !disableTLS {
-				var err error
-				tlsConfigCustomizer, err = tlsConfigCustomizerSrc()
-				errors.CheckError(err)
-			}
+			tlsConfigCustomizer, err := tlsConfigCustomizerSrc()
+			errors.CheckError(err)
 
 			cache, err := cacheSrc()
 			errors.CheckError(err)
@@ -109,7 +104,7 @@ func NewCommand() *cobra.Command {
 					// connect to itself to make sure repo server is able to serve connection
 					// used by liveness probe to auto restart repo server
 					// see https://github.com/argoproj/argo-cd/issues/5110 for more information
-					conn, err := apiclient.NewConnection(fmt.Sprintf("localhost:%d", listenPort), 60, &apiclient.TLSConfiguration{DisableTLS: disableTLS})
+					conn, err := apiclient.NewConnection(fmt.Sprintf("localhost:%d", listenPort), 60)
 					if err != nil {
 						return err
 					}
@@ -157,7 +152,6 @@ func NewCommand() *cobra.Command {
 	command.Flags().Int64Var(&parallelismLimit, "parallelismlimit", 0, "Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit.")
 	command.Flags().IntVar(&listenPort, "port", common.DefaultPortRepoServer, "Listen on given port for incoming connections")
 	command.Flags().IntVar(&metricsPort, "metrics-port", common.DefaultPortRepoServerMetrics, "Start metrics server on given port")
-	command.Flags().BoolVar(&disableTLS, "disable-tls", false, "Disable TLS on the gRPC endpoint")
 
 	tlsConfigCustomizerSrc = tls.AddTLSFlagsToCmd(&command)
 	cacheSrc = reposervercache.AddCacheFlagsToCmd(&command, func(client *redis.Client) {

cmd/argocd-server/commands/argocd_server.go

@@ -2,7 +2,6 @@ package commands
 
 import (
 	"context"
-	"fmt"
 	"time"
 
 	"github.com/argoproj/pkg/stats"
@@ -12,18 +11,18 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	"github.com/argoproj/argo-cd/v2/server"
-	servercache "github.com/argoproj/argo-cd/v2/server/cache"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/env"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/kube"
-	"github.com/argoproj/argo-cd/v2/util/tls"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appclientset "github.com/argoproj/argo-cd/pkg/client/clientset/versioned"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	"github.com/argoproj/argo-cd/server"
+	servercache "github.com/argoproj/argo-cd/server/cache"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/env"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/kube"
+	"github.com/argoproj/argo-cd/util/tls"
 )
 
 const (
@@ -61,8 +60,6 @@ func NewCommand() *cobra.Command {
 		tlsConfigCustomizerSrc   func() (tls.ConfigCustomizer, error)
 		cacheSrc                 func() (*servercache.Cache, error)
 		frameOptions             string
-		repoServerPlaintext      bool
-		repoServerStrictTLS      bool
 	)
 	var command = &cobra.Command{
 		Use:               cliName,
@@ -96,25 +93,8 @@ func NewCommand() *cobra.Command {
 				appclientsetConfig = kube.AddFailureRetryWrapper(appclientsetConfig, failureRetryCount, failureRetryPeriodMilliSeconds)
 			}
 			appclientset := appclientset.NewForConfigOrDie(appclientsetConfig)
-			tlsConfig := apiclient.TLSConfiguration{
-				DisableTLS:       repoServerPlaintext,
-				StrictValidation: repoServerStrictTLS,
-			}
+			repoclientset := apiclient.NewRepoServerClientset(repoServerAddress, repoServerTimeoutSeconds)
 
-			// Load CA information to use for validating connections to the
-			// repository server, if strict TLS validation was requested.
-			if !repoServerPlaintext && repoServerStrictTLS {
-				pool, err := tls.LoadX509CertPool(
-					fmt.Sprintf("%s/server/tls/tls.crt", env.StringFromEnv(common.EnvAppConfigPath, common.DefaultAppConfigPath)),
-					fmt.Sprintf("%s/server/tls/ca.crt", env.StringFromEnv(common.EnvAppConfigPath, common.DefaultAppConfigPath)),
-				)
-				if err != nil {
-					log.Fatalf("%v", err)
-				}
-				tlsConfig.Certificates = pool
-			}
-
-			repoclientset := apiclient.NewRepoServerClientset(repoServerAddress, repoServerTimeoutSeconds, tlsConfig)
 			if rootPath != "" {
 				if baseHRef != "" && baseHRef != rootPath {
 					log.Warnf("--basehref and --rootpath had conflict: basehref: %s rootpath: %s", baseHRef, rootPath)
@@ -173,8 +153,6 @@ func NewCommand() *cobra.Command {
 	command.Flags().IntVar(&metricsPort, "metrics-port", common.DefaultPortArgoCDAPIServerMetrics, "Start metrics on given port")
 	command.Flags().IntVar(&repoServerTimeoutSeconds, "repo-server-timeout-seconds", 60, "Repo server RPC call timeout seconds.")
 	command.Flags().StringVar(&frameOptions, "x-frame-options", "sameorigin", "Set X-Frame-Options header in HTTP responses to `value`. To disable, set to \"\".")
-	command.Flags().BoolVar(&repoServerPlaintext, "repo-server-plaintext", false, "Use a plaintext client (non-TLS) to connect to repository server")
-	command.Flags().BoolVar(&repoServerStrictTLS, "repo-server-strict-tls", false, "Perform strict validation of TLS certificates when connecting to repo server")
 	tlsConfigCustomizerSrc = tls.AddTLSFlagsToCmd(command)
 	cacheSrc = servercache.AddCacheFlagsToCmd(command, func(client *redis.Client) {
 		redisClient = client

cmd/argocd-util/commands/apps.go

@@ -10,6 +10,8 @@ import (
 	"sort"
 	"time"
 
+	appstatecache "github.com/argoproj/argo-cd/util/cache/appstate"
+
 	"github.com/ghodss/yaml"
 	"github.com/spf13/cobra"
 	apiv1 "k8s.io/api/core/v1"
@@ -20,98 +22,37 @@ import (
 	kubecache "k8s.io/client-go/tools/cache"
 	"k8s.io/client-go/tools/clientcmd"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/controller"
-	"github.com/argoproj/argo-cd/v2/controller/cache"
-	"github.com/argoproj/argo-cd/v2/controller/metrics"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned"
-	appinformers "github.com/argoproj/argo-cd/v2/pkg/client/informers/externalversions"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	cacheutil "github.com/argoproj/argo-cd/v2/util/cache"
-	appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/config"
-	"github.com/argoproj/argo-cd/v2/util/db"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	kubeutil "github.com/argoproj/argo-cd/v2/util/kube"
-	"github.com/argoproj/argo-cd/v2/util/settings"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/controller"
+	"github.com/argoproj/argo-cd/controller/cache"
+	"github.com/argoproj/argo-cd/controller/metrics"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appclientset "github.com/argoproj/argo-cd/pkg/client/clientset/versioned"
+	appinformers "github.com/argoproj/argo-cd/pkg/client/informers/externalversions"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	cacheutil "github.com/argoproj/argo-cd/util/cache"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/config"
+	"github.com/argoproj/argo-cd/util/db"
+	"github.com/argoproj/argo-cd/util/errors"
+	kubeutil "github.com/argoproj/argo-cd/util/kube"
+	"github.com/argoproj/argo-cd/util/settings"
 )
 
-func NewAppCommand() *cobra.Command {
+func NewAppsCommand() *cobra.Command {
 	var command = &cobra.Command{
-		Use:   "app",
-		Short: "Manage applications configuration",
+		Use:   "apps",
+		Short: "Utility commands operate on ArgoCD applications",
 		Run: func(c *cobra.Command, args []string) {
 			c.HelpFunc()(c, args)
 		},
 	}
 
-	command.AddCommand(NewGenAppSpecCommand())
 	command.AddCommand(NewReconcileCommand())
 	command.AddCommand(NewDiffReconcileResults())
 	return command
 }
 
-// NewGenAppSpecCommand generates declarative configuration file for given application
-func NewGenAppSpecCommand() *cobra.Command {
-	var (
-		appOpts      cmdutil.AppOptions
-		fileURL      string
-		appName      string
-		labels       []string
-		outputFormat string
-	)
-	var command = &cobra.Command{
-		Use:   "generate-spec APPNAME",
-		Short: "Generate declarative config for an application",
-		Example: `
-	# Generate declarative config for a directory app
-	argocd-util app generate-spec guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --directory-recurse
-
-	# Generate declarative config for a Jsonnet app
-	argocd-util app generate-spec jsonnet-guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path jsonnet-guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --jsonnet-ext-str replicas=2
-
-	# Generate declarative config for a Helm app
-	argocd-util app generate-spec helm-guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path helm-guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --helm-set replicaCount=2
-
-	# Generate declarative config for a Helm app from a Helm repo
-	argocd-util app generate-spec nginx-ingress --repo https://kubernetes-charts.storage.googleapis.com --helm-chart nginx-ingress --revision 1.24.3 --dest-namespace default --dest-server https://kubernetes.default.svc
-
-	# Generate declarative config for a Kustomize app
-	argocd-util app generate-spec kustomize-guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path kustomize-guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --kustomize-image gcr.io/heptio-images/ks-guestbook-demo:0.1
-
-	# Generate declarative config for a app using a custom tool:
-	argocd-util app generate-spec ksane --repo https://github.com/argoproj/argocd-example-apps.git --path plugins/kasane --dest-namespace default --dest-server https://kubernetes.default.svc --config-management-plugin kasane
-`,
-		Run: func(c *cobra.Command, args []string) {
-			app, err := cmdutil.ConstructApp(fileURL, appName, labels, args, appOpts, c.Flags())
-			errors.CheckError(err)
-
-			if app.Name == "" {
-				c.HelpFunc()(c, args)
-				os.Exit(1)
-			}
-
-			var printResources []interface{}
-			printResources = append(printResources, app)
-			errors.CheckError(cmdutil.PrintResources(printResources, outputFormat))
-		},
-	}
-	command.Flags().StringVar(&appName, "name", "", "A name for the app, ignored if a file is set (DEPRECATED)")
-	command.Flags().StringVarP(&fileURL, "file", "f", "", "Filename or URL to Kubernetes manifests for the app")
-	command.Flags().StringArrayVarP(&labels, "label", "l", []string{}, "Labels to apply to the app")
-	command.Flags().StringVarP(&outputFormat, "output", "o", "yaml", "Output format. One of: json|yaml")
-
-	// Only complete files with appropriate extension.
-	err := command.Flags().SetAnnotation("file", cobra.BashCompFilenameExt, []string{"json", "yaml", "yml"})
-	errors.CheckError(err)
-
-	cmdutil.AddAppFlags(command, &appOpts)
-	return command
-}
-
 type appReconcileResult struct {
 	Name       string                          `json:"name"`
 	Health     *v1alpha1.HealthStatus          `json:"health"`
@@ -251,7 +192,7 @@ func NewReconcileCommand() *cobra.Command {
 					errors.CheckError(err)
 					repoServerAddress = fmt.Sprintf("localhost:%d", repoServerPort)
 				}
-				repoServerClient := apiclient.NewRepoServerClientset(repoServerAddress, 60, apiclient.TLSConfiguration{DisableTLS: false, StrictValidation: false})
+				repoServerClient := apiclient.NewRepoServerClientset(repoServerAddress, 60)
 
 				appClientset := appclientset.NewForConfigOrDie(cfg)
 				kubeClientset := kubernetes.NewForConfigOrDie(cfg)

cmd/argocd-util/commands/apps_test.go

@@ -3,7 +3,7 @@ package commands
 import (
 	"testing"
 
-	"github.com/argoproj/argo-cd/v2/test"
+	"github.com/argoproj/argo-cd/test"
 
 	clustermocks "github.com/argoproj/gitops-engine/pkg/cache/mocks"
 	"github.com/argoproj/gitops-engine/pkg/health"
@@ -16,16 +16,16 @@ import (
 	kubefake "k8s.io/client-go/kubernetes/fake"
 	"k8s.io/client-go/tools/cache"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	statecache "github.com/argoproj/argo-cd/v2/controller/cache"
-	cachemocks "github.com/argoproj/argo-cd/v2/controller/cache/mocks"
-	"github.com/argoproj/argo-cd/v2/controller/metrics"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appfake "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient/mocks"
-	"github.com/argoproj/argo-cd/v2/util/db"
-	"github.com/argoproj/argo-cd/v2/util/settings"
+	"github.com/argoproj/argo-cd/common"
+	statecache "github.com/argoproj/argo-cd/controller/cache"
+	cachemocks "github.com/argoproj/argo-cd/controller/cache/mocks"
+	"github.com/argoproj/argo-cd/controller/metrics"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appfake "github.com/argoproj/argo-cd/pkg/client/clientset/versioned/fake"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	"github.com/argoproj/argo-cd/reposerver/apiclient/mocks"
+	"github.com/argoproj/argo-cd/util/db"
+	"github.com/argoproj/argo-cd/util/settings"
 )
 
 func TestGetReconcileResults(t *testing.T) {

cmd/argocd-util/commands/argocd_util.go

@@ -1,23 +1,34 @@
 package commands
 
 import (
+	"bufio"
+	"context"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
 	"reflect"
 
+	"github.com/argoproj/gitops-engine/pkg/utils/kube"
 	"github.com/ghodss/yaml"
+	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	apiv1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/client-go/dynamic"
+	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/settings"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/db"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/settings"
 )
 
 const (
@@ -51,19 +62,162 @@ func NewCommand() *cobra.Command {
 	}
 
 	command.AddCommand(cli.NewVersionCmd(cliName))
-	command.AddCommand(NewClusterCommand(pathOpts))
-	command.AddCommand(NewProjectsCommand())
-	command.AddCommand(NewSettingsCommand())
-	command.AddCommand(NewAppCommand())
-	command.AddCommand(NewRepoCommand())
 	command.AddCommand(NewImportCommand())
 	command.AddCommand(NewExportCommand())
+	command.AddCommand(NewClusterConfig())
+	command.AddCommand(NewProjectsCommand())
+	command.AddCommand(NewSettingsCommand())
+	command.AddCommand(NewAppsCommand())
+	command.AddCommand(NewRBACCommand())
+	command.AddCommand(NewGenerateConfigCommand(pathOpts))
 
 	command.Flags().StringVar(&cmdutil.LogFormat, "logformat", "text", "Set the logging format. One of: text|json")
 	command.Flags().StringVar(&cmdutil.LogLevel, "loglevel", "info", "Set the logging level. One of: debug|info|warn|error")
 	return command
 }
 
+// NewImportCommand defines a new command for exporting Kubernetes and Argo CD resources.
+func NewImportCommand() *cobra.Command {
+	var (
+		clientConfig clientcmd.ClientConfig
+		prune        bool
+		dryRun       bool
+	)
+	var command = cobra.Command{
+		Use:   "import SOURCE",
+		Short: "Import Argo CD data from stdin (specify `-') or a file",
+		Run: func(c *cobra.Command, args []string) {
+			if len(args) != 1 {
+				c.HelpFunc()(c, args)
+				os.Exit(1)
+			}
+			config, err := clientConfig.ClientConfig()
+			errors.CheckError(err)
+			config.QPS = 100
+			config.Burst = 50
+			errors.CheckError(err)
+			namespace, _, err := clientConfig.Namespace()
+			errors.CheckError(err)
+			acdClients := newArgoCDClientsets(config, namespace)
+
+			var input []byte
+			if in := args[0]; in == "-" {
+				input, err = ioutil.ReadAll(os.Stdin)
+			} else {
+				input, err = ioutil.ReadFile(in)
+			}
+			errors.CheckError(err)
+			var dryRunMsg string
+			if dryRun {
+				dryRunMsg = " (dry run)"
+			}
+
+			// pruneObjects tracks live objects and it's current resource version. any remaining
+			// items in this map indicates the resource should be pruned since it no longer appears
+			// in the backup
+			pruneObjects := make(map[kube.ResourceKey]unstructured.Unstructured)
+			configMaps, err := acdClients.configMaps.List(context.Background(), metav1.ListOptions{})
+			errors.CheckError(err)
+			// referencedSecrets holds any secrets referenced in the argocd-cm configmap. These
+			// secrets need to be imported too
+			var referencedSecrets map[string]bool
+			for _, cm := range configMaps.Items {
+				if isArgoCDConfigMap(cm.GetName()) {
+					pruneObjects[kube.ResourceKey{Group: "", Kind: "ConfigMap", Name: cm.GetName()}] = cm
+				}
+				if cm.GetName() == common.ArgoCDConfigMapName {
+					referencedSecrets = getReferencedSecrets(cm)
+				}
+			}
+
+			secrets, err := acdClients.secrets.List(context.Background(), metav1.ListOptions{})
+			errors.CheckError(err)
+			for _, secret := range secrets.Items {
+				if isArgoCDSecret(referencedSecrets, secret) {
+					pruneObjects[kube.ResourceKey{Group: "", Kind: "Secret", Name: secret.GetName()}] = secret
+				}
+			}
+			applications, err := acdClients.applications.List(context.Background(), metav1.ListOptions{})
+			errors.CheckError(err)
+			for _, app := range applications.Items {
+				pruneObjects[kube.ResourceKey{Group: "argoproj.io", Kind: "Application", Name: app.GetName()}] = app
+			}
+			projects, err := acdClients.projects.List(context.Background(), metav1.ListOptions{})
+			errors.CheckError(err)
+			for _, proj := range projects.Items {
+				pruneObjects[kube.ResourceKey{Group: "argoproj.io", Kind: "AppProject", Name: proj.GetName()}] = proj
+			}
+
+			// Create or replace existing object
+			backupObjects, err := kube.SplitYAML(input)
+			errors.CheckError(err)
+			for _, bakObj := range backupObjects {
+				gvk := bakObj.GroupVersionKind()
+				key := kube.ResourceKey{Group: gvk.Group, Kind: gvk.Kind, Name: bakObj.GetName()}
+				liveObj, exists := pruneObjects[key]
+				delete(pruneObjects, key)
+				var dynClient dynamic.ResourceInterface
+				switch bakObj.GetKind() {
+				case "Secret":
+					dynClient = acdClients.secrets
+				case "ConfigMap":
+					dynClient = acdClients.configMaps
+				case "AppProject":
+					dynClient = acdClients.projects
+				case "Application":
+					dynClient = acdClients.applications
+				}
+				if !exists {
+					if !dryRun {
+						_, err = dynClient.Create(context.Background(), bakObj, metav1.CreateOptions{})
+						errors.CheckError(err)
+					}
+					fmt.Printf("%s/%s %s created%s\n", gvk.Group, gvk.Kind, bakObj.GetName(), dryRunMsg)
+				} else if specsEqual(*bakObj, liveObj) {
+					fmt.Printf("%s/%s %s unchanged%s\n", gvk.Group, gvk.Kind, bakObj.GetName(), dryRunMsg)
+				} else {
+					if !dryRun {
+						newLive := updateLive(bakObj, &liveObj)
+						_, err = dynClient.Update(context.Background(), newLive, metav1.UpdateOptions{})
+						errors.CheckError(err)
+					}
+					fmt.Printf("%s/%s %s updated%s\n", gvk.Group, gvk.Kind, bakObj.GetName(), dryRunMsg)
+				}
+			}
+
+			// Delete objects not in backup
+			for key := range pruneObjects {
+				if prune {
+					var dynClient dynamic.ResourceInterface
+					switch key.Kind {
+					case "Secret":
+						dynClient = acdClients.secrets
+					case "AppProject":
+						dynClient = acdClients.projects
+					case "Application":
+						dynClient = acdClients.applications
+					default:
+						log.Fatalf("Unexpected kind '%s' in prune list", key.Kind)
+					}
+					if !dryRun {
+						err = dynClient.Delete(context.Background(), key.Name, metav1.DeleteOptions{})
+						errors.CheckError(err)
+					}
+					fmt.Printf("%s/%s %s pruned%s\n", key.Group, key.Kind, key.Name, dryRunMsg)
+				} else {
+					fmt.Printf("%s/%s %s needs pruning\n", key.Group, key.Kind, key.Name)
+				}
+			}
+		},
+	}
+
+	clientConfig = cli.AddKubectlFlagsToCmd(&command)
+	command.Flags().BoolVar(&dryRun, "dry-run", false, "Print what will be performed")
+	command.Flags().BoolVar(&prune, "prune", false, "Prune secrets, applications and projects which do not appear in the backup")
+
+	return &command
+}
+
 type argoCDClientsets struct {
 	configMaps   dynamic.ResourceInterface
 	secrets      dynamic.ResourceInterface
@@ -82,6 +236,78 @@ func newArgoCDClientsets(config *rest.Config, namespace string) *argoCDClientset
 	}
 }
 
+// NewExportCommand defines a new command for exporting Kubernetes and Argo CD resources.
+func NewExportCommand() *cobra.Command {
+	var (
+		clientConfig clientcmd.ClientConfig
+		out          string
+	)
+	var command = cobra.Command{
+		Use:   "export",
+		Short: "Export all Argo CD data to stdout (default) or a file",
+		Run: func(c *cobra.Command, args []string) {
+			config, err := clientConfig.ClientConfig()
+			errors.CheckError(err)
+			namespace, _, err := clientConfig.Namespace()
+			errors.CheckError(err)
+
+			var writer io.Writer
+			if out == "-" {
+				writer = os.Stdout
+			} else {
+				f, err := os.Create(out)
+				errors.CheckError(err)
+				bw := bufio.NewWriter(f)
+				writer = bw
+				defer func() {
+					err = bw.Flush()
+					errors.CheckError(err)
+					err = f.Close()
+					errors.CheckError(err)
+				}()
+			}
+
+			acdClients := newArgoCDClientsets(config, namespace)
+			acdConfigMap, err := acdClients.configMaps.Get(context.Background(), common.ArgoCDConfigMapName, metav1.GetOptions{})
+			errors.CheckError(err)
+			export(writer, *acdConfigMap)
+			acdRBACConfigMap, err := acdClients.configMaps.Get(context.Background(), common.ArgoCDRBACConfigMapName, metav1.GetOptions{})
+			errors.CheckError(err)
+			export(writer, *acdRBACConfigMap)
+			acdKnownHostsConfigMap, err := acdClients.configMaps.Get(context.Background(), common.ArgoCDKnownHostsConfigMapName, metav1.GetOptions{})
+			errors.CheckError(err)
+			export(writer, *acdKnownHostsConfigMap)
+			acdTLSCertsConfigMap, err := acdClients.configMaps.Get(context.Background(), common.ArgoCDTLSCertsConfigMapName, metav1.GetOptions{})
+			errors.CheckError(err)
+			export(writer, *acdTLSCertsConfigMap)
+
+			referencedSecrets := getReferencedSecrets(*acdConfigMap)
+			secrets, err := acdClients.secrets.List(context.Background(), metav1.ListOptions{})
+			errors.CheckError(err)
+			for _, secret := range secrets.Items {
+				if isArgoCDSecret(referencedSecrets, secret) {
+					export(writer, secret)
+				}
+			}
+			projects, err := acdClients.projects.List(context.Background(), metav1.ListOptions{})
+			errors.CheckError(err)
+			for _, proj := range projects.Items {
+				export(writer, proj)
+			}
+			applications, err := acdClients.applications.List(context.Background(), metav1.ListOptions{})
+			errors.CheckError(err)
+			for _, app := range applications.Items {
+				export(writer, app)
+			}
+		},
+	}
+
+	clientConfig = cli.AddKubectlFlagsToCmd(&command)
+	command.Flags().StringVarP(&out, "out", "o", "-", "Output to the specified file instead of stdout")
+
+	return &command
+}
+
 // getReferencedSecrets examines the argocd-cm config for any referenced repo secrets and returns a
 // map of all referenced secrets.
 func getReferencedSecrets(un unstructured.Unstructured) map[string]bool {
@@ -211,6 +437,83 @@ func specsEqual(left, right unstructured.Unstructured) bool {
 	return false
 }
 
+// updateLive replaces the live object's finalizers, spec, annotations, labels, and data from the
+// backup object but leaves all other fields intact (status, other metadata, etc...)
+func updateLive(bak, live *unstructured.Unstructured) *unstructured.Unstructured {
+	newLive := live.DeepCopy()
+	newLive.SetAnnotations(bak.GetAnnotations())
+	newLive.SetLabels(bak.GetLabels())
+	newLive.SetFinalizers(bak.GetFinalizers())
+	switch live.GetKind() {
+	case "Secret", "ConfigMap":
+		newLive.Object["data"] = bak.Object["data"]
+	case "AppProject":
+		newLive.Object["spec"] = bak.Object["spec"]
+	case "Application":
+		newLive.Object["spec"] = bak.Object["spec"]
+		if _, ok := bak.Object["status"]; ok {
+			newLive.Object["status"] = bak.Object["status"]
+		}
+	}
+	return newLive
+}
+
+// export writes the unstructured object and removes extraneous cruft from output before writing
+func export(w io.Writer, un unstructured.Unstructured) {
+	name := un.GetName()
+	finalizers := un.GetFinalizers()
+	apiVersion := un.GetAPIVersion()
+	kind := un.GetKind()
+	labels := un.GetLabels()
+	annotations := un.GetAnnotations()
+	unstructured.RemoveNestedField(un.Object, "metadata")
+	un.SetName(name)
+	un.SetFinalizers(finalizers)
+	un.SetAPIVersion(apiVersion)
+	un.SetKind(kind)
+	un.SetLabels(labels)
+	un.SetAnnotations(annotations)
+	data, err := yaml.Marshal(un.Object)
+	errors.CheckError(err)
+	_, err = w.Write(data)
+	errors.CheckError(err)
+	_, err = w.Write([]byte(yamlSeparator))
+	errors.CheckError(err)
+}
+
+// NewClusterConfig returns a new instance of `argocd-util kubeconfig` command
+func NewClusterConfig() *cobra.Command {
+	var (
+		clientConfig clientcmd.ClientConfig
+	)
+	var command = &cobra.Command{
+		Use:               "kubeconfig CLUSTER_URL OUTPUT_PATH",
+		Short:             "Generates kubeconfig for the specified cluster",
+		DisableAutoGenTag: true,
+		Run: func(c *cobra.Command, args []string) {
+			if len(args) != 2 {
+				c.HelpFunc()(c, args)
+				os.Exit(1)
+			}
+			serverUrl := args[0]
+			output := args[1]
+			conf, err := clientConfig.ClientConfig()
+			errors.CheckError(err)
+			namespace, _, err := clientConfig.Namespace()
+			errors.CheckError(err)
+			kubeclientset, err := kubernetes.NewForConfig(conf)
+			errors.CheckError(err)
+
+			cluster, err := db.NewDB(namespace, settings.NewSettingsManager(context.Background(), kubeclientset, namespace), kubeclientset).GetCluster(context.Background(), serverUrl)
+			errors.CheckError(err)
+			err = kube.WriteKubeConfig(cluster.RawRestConfig(), namespace, output)
+			errors.CheckError(err)
+		},
+	}
+	clientConfig = cli.AddKubectlFlagsToCmd(command)
+	return command
+}
+
 func iterateStringFields(obj interface{}, callback func(name string, val string) string) {
 	if mapField, ok := obj.(map[string]interface{}); ok {
 		for field, val := range mapField {

cmd/argocd-util/commands/backup.go

@@ -1,298 +0,0 @@
-package commands
-
-import (
-	"bufio"
-	"context"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"os"
-
-	"github.com/argoproj/gitops-engine/pkg/utils/kube"
-	"github.com/ghodss/yaml"
-	"github.com/sirupsen/logrus"
-	"github.com/spf13/cobra"
-	apierr "k8s.io/apimachinery/pkg/api/errors"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
-	"k8s.io/client-go/dynamic"
-	"k8s.io/client-go/tools/clientcmd"
-
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-)
-
-// NewExportCommand defines a new command for exporting Kubernetes and Argo CD resources.
-func NewExportCommand() *cobra.Command {
-	var (
-		clientConfig clientcmd.ClientConfig
-		out          string
-	)
-	var command = cobra.Command{
-		Use:   "export",
-		Short: "Export all Argo CD data to stdout (default) or a file",
-		Run: func(c *cobra.Command, args []string) {
-			config, err := clientConfig.ClientConfig()
-			errors.CheckError(err)
-			namespace, _, err := clientConfig.Namespace()
-			errors.CheckError(err)
-
-			var writer io.Writer
-			if out == "-" {
-				writer = os.Stdout
-			} else {
-				f, err := os.Create(out)
-				errors.CheckError(err)
-				bw := bufio.NewWriter(f)
-				writer = bw
-				defer func() {
-					err = bw.Flush()
-					errors.CheckError(err)
-					err = f.Close()
-					errors.CheckError(err)
-				}()
-			}
-
-			acdClients := newArgoCDClientsets(config, namespace)
-			acdConfigMap, err := acdClients.configMaps.Get(context.Background(), common.ArgoCDConfigMapName, v1.GetOptions{})
-			errors.CheckError(err)
-			export(writer, *acdConfigMap)
-			acdRBACConfigMap, err := acdClients.configMaps.Get(context.Background(), common.ArgoCDRBACConfigMapName, v1.GetOptions{})
-			errors.CheckError(err)
-			export(writer, *acdRBACConfigMap)
-			acdKnownHostsConfigMap, err := acdClients.configMaps.Get(context.Background(), common.ArgoCDKnownHostsConfigMapName, v1.GetOptions{})
-			errors.CheckError(err)
-			export(writer, *acdKnownHostsConfigMap)
-			acdTLSCertsConfigMap, err := acdClients.configMaps.Get(context.Background(), common.ArgoCDTLSCertsConfigMapName, v1.GetOptions{})
-			errors.CheckError(err)
-			export(writer, *acdTLSCertsConfigMap)
-
-			referencedSecrets := getReferencedSecrets(*acdConfigMap)
-			secrets, err := acdClients.secrets.List(context.Background(), v1.ListOptions{})
-			errors.CheckError(err)
-			for _, secret := range secrets.Items {
-				if isArgoCDSecret(referencedSecrets, secret) {
-					export(writer, secret)
-				}
-			}
-			projects, err := acdClients.projects.List(context.Background(), v1.ListOptions{})
-			errors.CheckError(err)
-			for _, proj := range projects.Items {
-				export(writer, proj)
-			}
-			applications, err := acdClients.applications.List(context.Background(), v1.ListOptions{})
-			errors.CheckError(err)
-			for _, app := range applications.Items {
-				export(writer, app)
-			}
-		},
-	}
-
-	clientConfig = cli.AddKubectlFlagsToCmd(&command)
-	command.Flags().StringVarP(&out, "out", "o", "-", "Output to the specified file instead of stdout")
-
-	return &command
-}
-
-// NewImportCommand defines a new command for exporting Kubernetes and Argo CD resources.
-func NewImportCommand() *cobra.Command {
-	var (
-		clientConfig clientcmd.ClientConfig
-		prune        bool
-		dryRun       bool
-		verbose      bool
-	)
-	var command = cobra.Command{
-		Use:   "import SOURCE",
-		Short: "Import Argo CD data from stdin (specify `-') or a file",
-		Run: func(c *cobra.Command, args []string) {
-			if len(args) != 1 {
-				c.HelpFunc()(c, args)
-				os.Exit(1)
-			}
-			config, err := clientConfig.ClientConfig()
-			errors.CheckError(err)
-			config.QPS = 100
-			config.Burst = 50
-			errors.CheckError(err)
-			namespace, _, err := clientConfig.Namespace()
-			errors.CheckError(err)
-			acdClients := newArgoCDClientsets(config, namespace)
-
-			var input []byte
-			if in := args[0]; in == "-" {
-				input, err = ioutil.ReadAll(os.Stdin)
-			} else {
-				input, err = ioutil.ReadFile(in)
-			}
-			errors.CheckError(err)
-			var dryRunMsg string
-			if dryRun {
-				dryRunMsg = " (dry run)"
-			}
-
-			// pruneObjects tracks live objects and it's current resource version. any remaining
-			// items in this map indicates the resource should be pruned since it no longer appears
-			// in the backup
-			pruneObjects := make(map[kube.ResourceKey]unstructured.Unstructured)
-			configMaps, err := acdClients.configMaps.List(context.Background(), v1.ListOptions{})
-			errors.CheckError(err)
-			// referencedSecrets holds any secrets referenced in the argocd-cm configmap. These
-			// secrets need to be imported too
-			var referencedSecrets map[string]bool
-			for _, cm := range configMaps.Items {
-				if isArgoCDConfigMap(cm.GetName()) {
-					pruneObjects[kube.ResourceKey{Group: "", Kind: "ConfigMap", Name: cm.GetName()}] = cm
-				}
-				if cm.GetName() == common.ArgoCDConfigMapName {
-					referencedSecrets = getReferencedSecrets(cm)
-				}
-			}
-
-			secrets, err := acdClients.secrets.List(context.Background(), v1.ListOptions{})
-			errors.CheckError(err)
-			for _, secret := range secrets.Items {
-				if isArgoCDSecret(referencedSecrets, secret) {
-					pruneObjects[kube.ResourceKey{Group: "", Kind: "Secret", Name: secret.GetName()}] = secret
-				}
-			}
-			applications, err := acdClients.applications.List(context.Background(), v1.ListOptions{})
-			errors.CheckError(err)
-			for _, app := range applications.Items {
-				pruneObjects[kube.ResourceKey{Group: "argoproj.io", Kind: "Application", Name: app.GetName()}] = app
-			}
-			projects, err := acdClients.projects.List(context.Background(), v1.ListOptions{})
-			errors.CheckError(err)
-			for _, proj := range projects.Items {
-				pruneObjects[kube.ResourceKey{Group: "argoproj.io", Kind: "AppProject", Name: proj.GetName()}] = proj
-			}
-
-			// Create or replace existing object
-			backupObjects, err := kube.SplitYAML(input)
-			errors.CheckError(err)
-			for _, bakObj := range backupObjects {
-				gvk := bakObj.GroupVersionKind()
-				key := kube.ResourceKey{Group: gvk.Group, Kind: gvk.Kind, Name: bakObj.GetName()}
-				liveObj, exists := pruneObjects[key]
-				delete(pruneObjects, key)
-				var dynClient dynamic.ResourceInterface
-				switch bakObj.GetKind() {
-				case "Secret":
-					dynClient = acdClients.secrets
-				case "ConfigMap":
-					dynClient = acdClients.configMaps
-				case "AppProject":
-					dynClient = acdClients.projects
-				case "Application":
-					dynClient = acdClients.applications
-				}
-				if !exists {
-					if !dryRun {
-						_, err = dynClient.Create(context.Background(), bakObj, v1.CreateOptions{})
-						errors.CheckError(err)
-					}
-					fmt.Printf("%s/%s %s created%s\n", gvk.Group, gvk.Kind, bakObj.GetName(), dryRunMsg)
-				} else if specsEqual(*bakObj, liveObj) {
-					if verbose {
-						fmt.Printf("%s/%s %s unchanged%s\n", gvk.Group, gvk.Kind, bakObj.GetName(), dryRunMsg)
-					}
-				} else {
-					if !dryRun {
-						newLive := updateLive(bakObj, &liveObj)
-						_, err = dynClient.Update(context.Background(), newLive, v1.UpdateOptions{})
-						errors.CheckError(err)
-					}
-					fmt.Printf("%s/%s %s updated%s\n", gvk.Group, gvk.Kind, bakObj.GetName(), dryRunMsg)
-				}
-			}
-
-			// Delete objects not in backup
-			for key, liveObj := range pruneObjects {
-				if prune {
-					var dynClient dynamic.ResourceInterface
-					switch key.Kind {
-					case "Secret":
-						dynClient = acdClients.secrets
-					case "AppProject":
-						dynClient = acdClients.projects
-					case "Application":
-						dynClient = acdClients.applications
-						if !dryRun {
-							if finalizers := liveObj.GetFinalizers(); len(finalizers) > 0 {
-								newLive := liveObj.DeepCopy()
-								newLive.SetFinalizers(nil)
-								_, err = dynClient.Update(context.Background(), newLive, v1.UpdateOptions{})
-								if err != nil && !apierr.IsNotFound(err) {
-									errors.CheckError(err)
-								}
-							}
-						}
-					default:
-						logrus.Fatalf("Unexpected kind '%s' in prune list", key.Kind)
-					}
-					if !dryRun {
-						err = dynClient.Delete(context.Background(), key.Name, v1.DeleteOptions{})
-						if err != nil && !apierr.IsNotFound(err) {
-							errors.CheckError(err)
-						}
-					}
-					fmt.Printf("%s/%s %s pruned%s\n", key.Group, key.Kind, key.Name, dryRunMsg)
-				} else {
-					fmt.Printf("%s/%s %s needs pruning\n", key.Group, key.Kind, key.Name)
-				}
-			}
-		},
-	}
-
-	clientConfig = cli.AddKubectlFlagsToCmd(&command)
-	command.Flags().BoolVar(&dryRun, "dry-run", false, "Print what will be performed")
-	command.Flags().BoolVar(&prune, "prune", false, "Prune secrets, applications and projects which do not appear in the backup")
-	command.Flags().BoolVar(&verbose, "verbose", false, "Verbose output (versus only changed output)")
-
-	return &command
-}
-
-// export writes the unstructured object and removes extraneous cruft from output before writing
-func export(w io.Writer, un unstructured.Unstructured) {
-	name := un.GetName()
-	finalizers := un.GetFinalizers()
-	apiVersion := un.GetAPIVersion()
-	kind := un.GetKind()
-	labels := un.GetLabels()
-	annotations := un.GetAnnotations()
-	unstructured.RemoveNestedField(un.Object, "metadata")
-	un.SetName(name)
-	un.SetFinalizers(finalizers)
-	un.SetAPIVersion(apiVersion)
-	un.SetKind(kind)
-	un.SetLabels(labels)
-	un.SetAnnotations(annotations)
-	data, err := yaml.Marshal(un.Object)
-	errors.CheckError(err)
-	_, err = w.Write(data)
-	errors.CheckError(err)
-	_, err = w.Write([]byte(yamlSeparator))
-	errors.CheckError(err)
-}
-
-// updateLive replaces the live object's finalizers, spec, annotations, labels, and data from the
-// backup object but leaves all other fields intact (status, other metadata, etc...)
-func updateLive(bak, live *unstructured.Unstructured) *unstructured.Unstructured {
-	newLive := live.DeepCopy()
-	newLive.SetAnnotations(bak.GetAnnotations())
-	newLive.SetLabels(bak.GetLabels())
-	newLive.SetFinalizers(bak.GetFinalizers())
-	switch live.GetKind() {
-	case "Secret", "ConfigMap":
-		newLive.Object["data"] = bak.Object["data"]
-	case "AppProject":
-		newLive.Object["spec"] = bak.Object["spec"]
-	case "Application":
-		newLive.Object["spec"] = bak.Object["spec"]
-		if _, ok := bak.Object["status"]; ok {
-			newLive.Object["status"] = bak.Object["status"]
-		}
-	}
-	return newLive
-}

cmd/argocd-util/commands/cluster.go

@@ -1,237 +0,0 @@
-package commands
-
-import (
-	"context"
-	"fmt"
-	"os"
-	"text/tabwriter"
-	"time"
-
-	"github.com/argoproj/gitops-engine/pkg/utils/kube"
-	"github.com/go-redis/redis/v8"
-	log "github.com/sirupsen/logrus"
-	"github.com/spf13/cobra"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/client-go/kubernetes"
-	"k8s.io/client-go/kubernetes/fake"
-	"k8s.io/client-go/tools/clientcmd"
-
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/controller/sharding"
-	argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	cacheutil "github.com/argoproj/argo-cd/v2/util/cache"
-	appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/db"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	kubeutil "github.com/argoproj/argo-cd/v2/util/kube"
-	"github.com/argoproj/argo-cd/v2/util/settings"
-)
-
-func NewClusterCommand(pathOpts *clientcmd.PathOptions) *cobra.Command {
-	var command = &cobra.Command{
-		Use:   "cluster",
-		Short: "Manage clusters configuration",
-		Run: func(c *cobra.Command, args []string) {
-			c.HelpFunc()(c, args)
-		},
-	}
-
-	command.AddCommand(NewClusterConfig())
-	command.AddCommand(NewGenClusterConfigCommand(pathOpts))
-	command.AddCommand(NewClusterStatsCommand())
-
-	return command
-}
-
-func NewClusterStatsCommand() *cobra.Command {
-	var (
-		shard            int
-		replicas         int
-		clientConfig     clientcmd.ClientConfig
-		cacheSrc         func() (*appstatecache.Cache, error)
-		portForwardRedis bool
-	)
-	var command = cobra.Command{
-		Use:   "stats",
-		Short: "Prints information cluster statistics and inferred shard number",
-		Run: func(cmd *cobra.Command, args []string) {
-			log.SetLevel(log.WarnLevel)
-
-			clientCfg, err := clientConfig.ClientConfig()
-			errors.CheckError(err)
-			namespace, _, err := clientConfig.Namespace()
-			errors.CheckError(err)
-
-			kubeClient := kubernetes.NewForConfigOrDie(clientCfg)
-			if replicas == 0 {
-				controllerPods, err := kubeClient.CoreV1().Pods(namespace).List(context.Background(), v1.ListOptions{
-					LabelSelector: "app.kubernetes.io/name=argocd-application-controller"})
-				errors.CheckError(err)
-				replicas = len(controllerPods.Items)
-			}
-
-			settingsMgr := settings.NewSettingsManager(context.Background(), kubeClient, namespace)
-
-			argoDB := db.NewDB(namespace, settingsMgr, kubeClient)
-			clusters, err := argoDB.ListClusters(context.Background())
-			errors.CheckError(err)
-			var cache *appstatecache.Cache
-			if portForwardRedis {
-				port, err := kubeutil.PortForward("app.kubernetes.io/name=argocd-redis-ha-haproxy", 6379, namespace)
-				errors.CheckError(err)
-				client := redis.NewClient(&redis.Options{Addr: fmt.Sprintf("localhost:%d", port)})
-				cache = appstatecache.NewCache(cacheutil.NewCache(cacheutil.NewRedisCache(client, time.Hour)), time.Hour)
-			} else {
-				cache, err = cacheSrc()
-				errors.CheckError(err)
-			}
-
-			w := tabwriter.NewWriter(os.Stdout, 0, 0, 2, ' ', 0)
-			_, _ = fmt.Fprintf(w, "SERVER\tSHARD\tCONNECTION\tAPPS COUNT\tRESOURCES COUNT\n")
-
-			for _, cluster := range clusters.Items {
-				clusterShard := 0
-				if replicas > 0 {
-					clusterShard = sharding.GetShardByID(cluster.ID, replicas)
-				}
-
-				if shard != -1 && clusterShard != shard {
-					continue
-				}
-
-				var info argoappv1.ClusterInfo
-				_ = cache.GetClusterInfo(cluster.Server, &info)
-				_, _ = fmt.Fprintf(w, "%s\t%d\t%s\t%d\t%d\n", cluster.Server, clusterShard, info.ConnectionState.Status, info.ApplicationsCount, info.CacheInfo.ResourcesCount)
-			}
-			_ = w.Flush()
-		},
-	}
-	clientConfig = cli.AddKubectlFlagsToCmd(&command)
-	command.Flags().IntVar(&shard, "shard", -1, "Cluster shard filter")
-	command.Flags().IntVar(&replicas, "replicas", 0, "Application controller replicas count. Inferred from number of running controller pods if not specified")
-	command.Flags().BoolVar(&portForwardRedis, "port-forward-redis", true, "Automatically port-forward ha proxy redis from current namespace?")
-	cacheSrc = appstatecache.AddCacheFlagsToCmd(&command)
-	return &command
-}
-
-// NewClusterConfig returns a new instance of `argocd-util kubeconfig` command
-func NewClusterConfig() *cobra.Command {
-	var (
-		clientConfig clientcmd.ClientConfig
-	)
-	var command = &cobra.Command{
-		Use:               "kubeconfig CLUSTER_URL OUTPUT_PATH",
-		Short:             "Generates kubeconfig for the specified cluster",
-		DisableAutoGenTag: true,
-		Run: func(c *cobra.Command, args []string) {
-			if len(args) != 2 {
-				c.HelpFunc()(c, args)
-				os.Exit(1)
-			}
-			serverUrl := args[0]
-			output := args[1]
-			conf, err := clientConfig.ClientConfig()
-			errors.CheckError(err)
-			namespace, _, err := clientConfig.Namespace()
-			errors.CheckError(err)
-			kubeclientset, err := kubernetes.NewForConfig(conf)
-			errors.CheckError(err)
-
-			cluster, err := db.NewDB(namespace, settings.NewSettingsManager(context.Background(), kubeclientset, namespace), kubeclientset).GetCluster(context.Background(), serverUrl)
-			errors.CheckError(err)
-			err = kube.WriteKubeConfig(cluster.RawRestConfig(), namespace, output)
-			errors.CheckError(err)
-		},
-	}
-	clientConfig = cli.AddKubectlFlagsToCmd(command)
-	return command
-}
-
-func NewGenClusterConfigCommand(pathOpts *clientcmd.PathOptions) *cobra.Command {
-	var (
-		clusterOpts  cmdutil.ClusterOptions
-		bearerToken  string
-		outputFormat string
-	)
-	var command = &cobra.Command{
-		Use:   "generate-spec CONTEXT",
-		Short: "Generate declarative config for a cluster",
-		Run: func(c *cobra.Command, args []string) {
-			log.SetLevel(log.WarnLevel)
-			var configAccess clientcmd.ConfigAccess = pathOpts
-			if len(args) == 0 {
-				log.Error("Choose a context name from:")
-				cmdutil.PrintKubeContexts(configAccess)
-				os.Exit(1)
-			}
-			cfgAccess, err := configAccess.GetStartingConfig()
-			errors.CheckError(err)
-			contextName := args[0]
-			clstContext := cfgAccess.Contexts[contextName]
-			if clstContext == nil {
-				log.Fatalf("Context %s does not exist in kubeconfig", contextName)
-			}
-
-			overrides := clientcmd.ConfigOverrides{
-				Context: *clstContext,
-			}
-			clientConfig := clientcmd.NewDefaultClientConfig(*cfgAccess, &overrides)
-			conf, err := clientConfig.ClientConfig()
-			errors.CheckError(err)
-			kubeClientset := fake.NewSimpleClientset()
-
-			var awsAuthConf *argoappv1.AWSAuthConfig
-			var execProviderConf *argoappv1.ExecProviderConfig
-			if clusterOpts.AwsClusterName != "" {
-				awsAuthConf = &argoappv1.AWSAuthConfig{
-					ClusterName: clusterOpts.AwsClusterName,
-					RoleARN:     clusterOpts.AwsRoleArn,
-				}
-			} else if clusterOpts.ExecProviderCommand != "" {
-				execProviderConf = &argoappv1.ExecProviderConfig{
-					Command:     clusterOpts.ExecProviderCommand,
-					Args:        clusterOpts.ExecProviderArgs,
-					Env:         clusterOpts.ExecProviderEnv,
-					APIVersion:  clusterOpts.ExecProviderAPIVersion,
-					InstallHint: clusterOpts.ExecProviderInstallHint,
-				}
-			} else if bearerToken == "" {
-				bearerToken = "bearer-token"
-			}
-			if clusterOpts.Name != "" {
-				contextName = clusterOpts.Name
-			}
-			clst := cmdutil.NewCluster(contextName, clusterOpts.Namespaces, conf, bearerToken, awsAuthConf, execProviderConf)
-			if clusterOpts.InCluster {
-				clst.Server = common.KubernetesInternalAPIServerAddr
-			}
-			if clusterOpts.Shard >= 0 {
-				clst.Shard = &clusterOpts.Shard
-			}
-
-			settingsMgr := settings.NewSettingsManager(context.Background(), kubeClientset, ArgoCDNamespace)
-			argoDB := db.NewDB(ArgoCDNamespace, settingsMgr, kubeClientset)
-
-			_, err = argoDB.CreateCluster(context.Background(), clst)
-			errors.CheckError(err)
-
-			secName, err := db.ServerToSecretName(clst.Server)
-			errors.CheckError(err)
-
-			secret, err := kubeClientset.CoreV1().Secrets(ArgoCDNamespace).Get(context.Background(), secName, v1.GetOptions{})
-			errors.CheckError(err)
-
-			cmdutil.ConvertSecretData(secret)
-			var printResources []interface{}
-			printResources = append(printResources, secret)
-			errors.CheckError(cmdutil.PrintResources(printResources, outputFormat))
-		},
-	}
-	command.PersistentFlags().StringVar(&pathOpts.LoadingRules.ExplicitPath, pathOpts.ExplicitFileFlag, pathOpts.LoadingRules.ExplicitPath, "use a particular kubeconfig file")
-	command.Flags().StringVar(&bearerToken, "bearer-token", "", "Authentication token that should be used to access K8S API server")
-	command.Flags().StringVarP(&outputFormat, "output", "o", "yaml", "Output format. One of: json|yaml")
-	cmdutil.AddClusterFlags(command, &clusterOpts)
-	return command
-}

cmd/argocd-util/commands/config.go

@@ -0,0 +1,359 @@
+package commands
+
+import (
+	"context"
+	"fmt"
+	"io/ioutil"
+	"os"
+
+	log "github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+	apiv1 "k8s.io/api/core/v1"
+	apierr "k8s.io/apimachinery/pkg/api/errors"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/kubernetes/fake"
+	"k8s.io/client-go/tools/clientcmd"
+
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	"github.com/argoproj/argo-cd/common"
+	argoappv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/db"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/git"
+	"github.com/argoproj/argo-cd/util/settings"
+)
+
+const (
+	ArgoCDNamespace  = "argocd"
+	repoSecretPrefix = "repo"
+)
+
+func NewGenerateConfigCommand(pathOpts *clientcmd.PathOptions) *cobra.Command {
+	var command = &cobra.Command{
+		Use:   "config",
+		Short: "Generate declarative configuration files",
+		Run: func(c *cobra.Command, args []string) {
+			c.HelpFunc()(c, args)
+		},
+	}
+	command.AddCommand(NewGenAppConfigCommand())
+	command.AddCommand(NewGenProjectConfigCommand())
+	command.AddCommand(NewGenClusterConfigCommand(pathOpts))
+	command.AddCommand(NewGenRepoConfigCommand())
+
+	return command
+}
+
+// NewGenAppConfigCommand generates declarative configuration file for given application
+func NewGenAppConfigCommand() *cobra.Command {
+	var (
+		appOpts      cmdutil.AppOptions
+		fileURL      string
+		appName      string
+		labels       []string
+		outputFormat string
+	)
+	var command = &cobra.Command{
+		Use:   "app APPNAME",
+		Short: "Generate declarative config for an application",
+		Example: `
+	# Generate declarative config for a directory app
+	argocd-util config app guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --directory-recurse
+
+	# Generate declarative config for a Jsonnet app
+	argocd-util config app jsonnet-guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path jsonnet-guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --jsonnet-ext-str replicas=2
+
+	# Generate declarative config for a Helm app
+	argocd-util config app helm-guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path helm-guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --helm-set replicaCount=2
+
+	# Generate declarative config for a Helm app from a Helm repo
+	argocd-util config app nginx-ingress --repo https://kubernetes-charts.storage.googleapis.com --helm-chart nginx-ingress --revision 1.24.3 --dest-namespace default --dest-server https://kubernetes.default.svc
+
+	# Generate declarative config for a Kustomize app
+	argocd-util config app kustomize-guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path kustomize-guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --kustomize-image gcr.io/heptio-images/ks-guestbook-demo:0.1
+
+	# Generate declarative config for a app using a custom tool:
+	argocd-util config app ksane --repo https://github.com/argoproj/argocd-example-apps.git --path plugins/kasane --dest-namespace default --dest-server https://kubernetes.default.svc --config-management-plugin kasane
+`,
+		Run: func(c *cobra.Command, args []string) {
+			app, err := cmdutil.ConstructApp(fileURL, appName, labels, args, appOpts, c.Flags())
+			errors.CheckError(err)
+
+			if app.Name == "" {
+				c.HelpFunc()(c, args)
+				os.Exit(1)
+			}
+
+			var printResources []interface{}
+			printResources = append(printResources, app)
+			errors.CheckError(cmdutil.PrintResources(printResources, outputFormat))
+		},
+	}
+	command.Flags().StringVar(&appName, "name", "", "A name for the app, ignored if a file is set (DEPRECATED)")
+	command.Flags().StringVarP(&fileURL, "file", "f", "", "Filename or URL to Kubernetes manifests for the app")
+	command.Flags().StringArrayVarP(&labels, "label", "l", []string{}, "Labels to apply to the app")
+	command.Flags().StringVarP(&outputFormat, "output", "o", "yaml", "Output format. One of: json|yaml")
+
+	// Only complete files with appropriate extension.
+	err := command.Flags().SetAnnotation("file", cobra.BashCompFilenameExt, []string{"json", "yaml", "yml"})
+	errors.CheckError(err)
+
+	cmdutil.AddAppFlags(command, &appOpts)
+	return command
+}
+
+// NewGenProjectConfigCommand generates declarative configuration file for given project
+func NewGenProjectConfigCommand() *cobra.Command {
+	var (
+		opts         cmdutil.ProjectOpts
+		fileURL      string
+		outputFormat string
+	)
+	var command = &cobra.Command{
+		Use:   "proj PROJECT",
+		Short: "Generate declarative config for a project",
+		Run: func(c *cobra.Command, args []string) {
+			proj, err := cmdutil.ConstructAppProj(fileURL, args, opts, c)
+			errors.CheckError(err)
+
+			var printResources []interface{}
+			printResources = append(printResources, proj)
+			errors.CheckError(cmdutil.PrintResources(printResources, outputFormat))
+		},
+	}
+	command.Flags().StringVarP(&fileURL, "file", "f", "", "Filename or URL to Kubernetes manifests for the project")
+	command.Flags().StringVarP(&outputFormat, "output", "o", "yaml", "Output format. One of: json|yaml")
+	err := command.Flags().SetAnnotation("file", cobra.BashCompFilenameExt, []string{"json", "yaml", "yml"})
+	if err != nil {
+		log.Fatal(err)
+	}
+	cmdutil.AddProjFlags(command, &opts)
+	return command
+}
+
+func NewGenClusterConfigCommand(pathOpts *clientcmd.PathOptions) *cobra.Command {
+	var (
+		clusterOpts  cmdutil.ClusterOptions
+		bearerToken  string
+		outputFormat string
+	)
+	var command = &cobra.Command{
+		Use:   "cluster CONTEXT",
+		Short: "Generate declarative config for a cluster",
+		Run: func(c *cobra.Command, args []string) {
+			var configAccess clientcmd.ConfigAccess = pathOpts
+			if len(args) == 0 {
+				log.Error("Choose a context name from:")
+				cmdutil.PrintKubeContexts(configAccess)
+				os.Exit(1)
+			}
+			cfgAccess, err := configAccess.GetStartingConfig()
+			errors.CheckError(err)
+			contextName := args[0]
+			clstContext := cfgAccess.Contexts[contextName]
+			if clstContext == nil {
+				log.Fatalf("Context %s does not exist in kubeconfig", contextName)
+			}
+
+			overrides := clientcmd.ConfigOverrides{
+				Context: *clstContext,
+			}
+			clientConfig := clientcmd.NewDefaultClientConfig(*cfgAccess, &overrides)
+			conf, err := clientConfig.ClientConfig()
+			errors.CheckError(err)
+			kubeClientset := fake.NewSimpleClientset()
+
+			var awsAuthConf *argoappv1.AWSAuthConfig
+			var execProviderConf *argoappv1.ExecProviderConfig
+			if clusterOpts.AwsClusterName != "" {
+				awsAuthConf = &argoappv1.AWSAuthConfig{
+					ClusterName: clusterOpts.AwsClusterName,
+					RoleARN:     clusterOpts.AwsRoleArn,
+				}
+			} else if clusterOpts.ExecProviderCommand != "" {
+				execProviderConf = &argoappv1.ExecProviderConfig{
+					Command:     clusterOpts.ExecProviderCommand,
+					Args:        clusterOpts.ExecProviderArgs,
+					Env:         clusterOpts.ExecProviderEnv,
+					APIVersion:  clusterOpts.ExecProviderAPIVersion,
+					InstallHint: clusterOpts.ExecProviderInstallHint,
+				}
+			} else if bearerToken == "" {
+				bearerToken = "bearer-token"
+			}
+			if clusterOpts.Name != "" {
+				contextName = clusterOpts.Name
+			}
+			clst := cmdutil.NewCluster(contextName, clusterOpts.Namespaces, conf, bearerToken, awsAuthConf, execProviderConf)
+			if clusterOpts.InCluster {
+				clst.Server = common.KubernetesInternalAPIServerAddr
+			}
+			if clusterOpts.Shard >= 0 {
+				clst.Shard = &clusterOpts.Shard
+			}
+
+			settingsMgr := settings.NewSettingsManager(context.Background(), kubeClientset, ArgoCDNamespace)
+			argoDB := db.NewDB(ArgoCDNamespace, settingsMgr, kubeClientset)
+
+			_, err = argoDB.CreateCluster(context.Background(), clst)
+			errors.CheckError(err)
+
+			secName, err := db.ServerToSecretName(clst.Server)
+			errors.CheckError(err)
+
+			secret, err := kubeClientset.CoreV1().Secrets(ArgoCDNamespace).Get(context.Background(), secName, v1.GetOptions{})
+			errors.CheckError(err)
+
+			cmdutil.ConvertSecretData(secret)
+			var printResources []interface{}
+			printResources = append(printResources, secret)
+			errors.CheckError(cmdutil.PrintResources(printResources, outputFormat))
+		},
+	}
+	command.PersistentFlags().StringVar(&pathOpts.LoadingRules.ExplicitPath, pathOpts.ExplicitFileFlag, pathOpts.LoadingRules.ExplicitPath, "use a particular kubeconfig file")
+	command.Flags().StringVar(&bearerToken, "bearer-token", "", "Authentication token that should be used to access K8S API server")
+	command.Flags().StringVarP(&outputFormat, "output", "o", "yaml", "Output format. One of: json|yaml")
+	cmdutil.AddClusterFlags(command, &clusterOpts)
+	return command
+}
+
+func NewGenRepoConfigCommand() *cobra.Command {
+	var (
+		repoOpts     cmdutil.RepoOptions
+		outputFormat string
+	)
+
+	// For better readability and easier formatting
+	var repoAddExamples = `  
+  # Add a Git repository via SSH using a private key for authentication, ignoring the server's host key:
+  argocd-util config repo git@git.example.com:repos/repo --insecure-ignore-host-key --ssh-private-key-path ~/id_rsa
+
+  # Add a Git repository via SSH on a non-default port - need to use ssh:// style URLs here
+  argocd-util config repo ssh://git@git.example.com:2222/repos/repo --ssh-private-key-path ~/id_rsa
+
+  # Add a private Git repository via HTTPS using username/password and TLS client certificates:
+  argocd-util config repo https://git.example.com/repos/repo --username git --password secret --tls-client-cert-path ~/mycert.crt --tls-client-cert-key-path ~/mycert.key
+
+  # Add a private Git repository via HTTPS using username/password without verifying the server's TLS certificate
+  argocd-util config repo https://git.example.com/repos/repo --username git --password secret --insecure-skip-server-verification
+
+  # Add a public Helm repository named 'stable' via HTTPS
+  argocd-util config repo https://kubernetes-charts.storage.googleapis.com --type helm --name stable  
+
+  # Add a private Helm repository named 'stable' via HTTPS
+  argocd-util config repo https://kubernetes-charts.storage.googleapis.com --type helm --name stable --username test --password test
+
+  # Add a private Helm OCI-based repository named 'stable' via HTTPS
+  argocd-util config repo helm-oci-registry.cn-zhangjiakou.cr.aliyuncs.com --type helm --name stable --enable-oci --username test --password test
+`
+
+	var command = &cobra.Command{
+		Use:     "repo REPOURL",
+		Short:   "Generate declarative config for a repo",
+		Example: repoAddExamples,
+		Run: func(c *cobra.Command, args []string) {
+			if len(args) != 1 {
+				c.HelpFunc()(c, args)
+				os.Exit(1)
+			}
+
+			// Repository URL
+			repoOpts.Repo.Repo = args[0]
+
+			// Specifying ssh-private-key-path is only valid for SSH repositories
+			if repoOpts.SshPrivateKeyPath != "" {
+				if ok, _ := git.IsSSHURL(repoOpts.Repo.Repo); ok {
+					keyData, err := ioutil.ReadFile(repoOpts.SshPrivateKeyPath)
+					if err != nil {
+						log.Fatal(err)
+					}
+					repoOpts.Repo.SSHPrivateKey = string(keyData)
+				} else {
+					err := fmt.Errorf("--ssh-private-key-path is only supported for SSH repositories.")
+					errors.CheckError(err)
+				}
+			}
+
+			// tls-client-cert-path and tls-client-cert-key-key-path must always be
+			// specified together
+			if (repoOpts.TlsClientCertPath != "" && repoOpts.TlsClientCertKeyPath == "") || (repoOpts.TlsClientCertPath == "" && repoOpts.TlsClientCertKeyPath != "") {
+				err := fmt.Errorf("--tls-client-cert-path and --tls-client-cert-key-path must be specified together")
+				errors.CheckError(err)
+			}
+
+			// Specifying tls-client-cert-path is only valid for HTTPS repositories
+			if repoOpts.TlsClientCertPath != "" {
+				if git.IsHTTPSURL(repoOpts.Repo.Repo) {
+					tlsCertData, err := ioutil.ReadFile(repoOpts.TlsClientCertPath)
+					errors.CheckError(err)
+					tlsCertKey, err := ioutil.ReadFile(repoOpts.TlsClientCertKeyPath)
+					errors.CheckError(err)
+					repoOpts.Repo.TLSClientCertData = string(tlsCertData)
+					repoOpts.Repo.TLSClientCertKey = string(tlsCertKey)
+				} else {
+					err := fmt.Errorf("--tls-client-cert-path is only supported for HTTPS repositories")
+					errors.CheckError(err)
+				}
+			}
+
+			// Set repository connection properties only when creating repository, not
+			// when creating repository credentials.
+			// InsecureIgnoreHostKey is deprecated and only here for backwards compat
+			repoOpts.Repo.InsecureIgnoreHostKey = repoOpts.InsecureIgnoreHostKey
+			repoOpts.Repo.Insecure = repoOpts.InsecureSkipServerVerification
+			repoOpts.Repo.EnableLFS = repoOpts.EnableLfs
+			repoOpts.Repo.EnableOCI = repoOpts.EnableOci
+
+			if repoOpts.Repo.Type == "helm" && repoOpts.Repo.Name == "" {
+				errors.CheckError(fmt.Errorf("must specify --name for repos of type 'helm'"))
+			}
+
+			// If the user set a username, but didn't supply password via --password,
+			// then we prompt for it
+			if repoOpts.Repo.Username != "" && repoOpts.Repo.Password == "" {
+				repoOpts.Repo.Password = cli.PromptPassword(repoOpts.Repo.Password)
+			}
+
+			argoCDCM := &apiv1.ConfigMap{
+				TypeMeta: v1.TypeMeta{
+					Kind:       "ConfigMap",
+					APIVersion: "v1",
+				},
+				ObjectMeta: v1.ObjectMeta{
+					Name:      common.ArgoCDConfigMapName,
+					Namespace: ArgoCDNamespace,
+					Labels: map[string]string{
+						"app.kubernetes.io/part-of": "argocd",
+					},
+				},
+			}
+			kubeClientset := fake.NewSimpleClientset(argoCDCM)
+			settingsMgr := settings.NewSettingsManager(context.Background(), kubeClientset, ArgoCDNamespace)
+			argoDB := db.NewDB(ArgoCDNamespace, settingsMgr, kubeClientset)
+
+			var printResources []interface{}
+			_, err := argoDB.CreateRepository(context.Background(), &repoOpts.Repo)
+			errors.CheckError(err)
+
+			secret, err := kubeClientset.CoreV1().Secrets(ArgoCDNamespace).Get(context.Background(), db.RepoURLToSecretName(repoSecretPrefix, repoOpts.Repo.Repo), v1.GetOptions{})
+			if err != nil {
+				if !apierr.IsNotFound(err) {
+					errors.CheckError(err)
+				}
+			} else {
+				cmdutil.ConvertSecretData(secret)
+				printResources = append(printResources, secret)
+			}
+
+			cm, err := kubeClientset.CoreV1().ConfigMaps(ArgoCDNamespace).Get(context.Background(), common.ArgoCDConfigMapName, v1.GetOptions{})
+			errors.CheckError(err)
+
+			printResources = append(printResources, cm)
+			errors.CheckError(cmdutil.PrintResources(printResources, outputFormat))
+		},
+	}
+	command.Flags().StringVarP(&outputFormat, "output", "o", "yaml", "Output format. One of: json|yaml")
+	cmdutil.AddRepoFlags(command, &repoOpts)
+	return command
+}

cmd/argocd-util/commands/project_allowlist.go

@@ -17,10 +17,10 @@ import (
 	"k8s.io/client-go/kubernetes/scheme"
 	"k8s.io/client-go/tools/clientcmd"
 
-	"github.com/argoproj/argo-cd/v2/util/errors"
+	"github.com/argoproj/argo-cd/util/errors"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/cli"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/cli"
 
 	// load the gcp plugin (required to authenticate against GKE clusters).
 	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"

cmd/argocd-util/commands/projects.go

@@ -7,12 +7,11 @@ import (
 	"path/filepath"
 	"strings"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned"
-	appclient "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/typed/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appclientset "github.com/argoproj/argo-cd/pkg/client/clientset/versioned"
+	appclient "github.com/argoproj/argo-cd/pkg/client/clientset/versioned/typed/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/errors"
 
 	"github.com/argoproj/gitops-engine/pkg/utils/kube"
 	"github.com/spf13/cobra"
@@ -22,49 +21,18 @@ import (
 
 func NewProjectsCommand() *cobra.Command {
 	var command = &cobra.Command{
-		Use:   "proj",
-		Short: "Manage projects configuration",
+		Use:   "projects",
+		Short: "Utility commands operate on ArgoCD Projects",
 		Run: func(c *cobra.Command, args []string) {
 			c.HelpFunc()(c, args)
 		},
 	}
 
-	command.AddCommand(NewGenProjectSpecCommand())
 	command.AddCommand(NewUpdatePolicyRuleCommand())
 	command.AddCommand(NewProjectAllowListGenCommand())
 	return command
 }
 
-// NewGenProjectConfigCommand generates declarative configuration file for given project
-func NewGenProjectSpecCommand() *cobra.Command {
-	var (
-		opts         cmdutil.ProjectOpts
-		fileURL      string
-		outputFormat string
-	)
-	var command = &cobra.Command{
-		Use:   "generate-spec PROJECT",
-		Short: "Generate declarative config for a project",
-		Run: func(c *cobra.Command, args []string) {
-			proj, err := cmdutil.ConstructAppProj(fileURL, args, opts, c)
-			errors.CheckError(err)
-
-			var printResources []interface{}
-			printResources = append(printResources, proj)
-			errors.CheckError(cmdutil.PrintResources(printResources, outputFormat))
-		},
-	}
-	command.Flags().StringVarP(&outputFormat, "output", "o", "yaml", "Output format. One of: json|yaml")
-	command.Flags().StringVarP(&fileURL, "file", "f", "", "Filename or URL to Kubernetes manifests for the project")
-
-	// Only complete files with appropriate extension.
-	err := command.Flags().SetAnnotation("file", cobra.BashCompFilenameExt, []string{"json", "yaml", "yml"})
-	errors.CheckError(err)
-
-	cmdutil.AddProjFlags(command, &opts)
-	return command
-}
-
 func globMatch(pattern string, val string) bool {
 	if pattern == "*" {
 		return true

cmd/argocd-util/commands/projects_test.go

@@ -7,8 +7,8 @@ import (
 	"github.com/stretchr/testify/assert"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/pkg/client/clientset/versioned/fake"
 )
 
 const (

cmd/argocd-util/commands/rbac.go

@@ -14,11 +14,11 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/server/rbacpolicy"
-	"github.com/argoproj/argo-cd/v2/util/assets"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/rbac"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/server/rbacpolicy"
+	"github.com/argoproj/argo-cd/util/assets"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/rbac"
 )
 
 // Provide a mapping of short-hand resource names to their RBAC counterparts
@@ -101,19 +101,19 @@ something.
 		Example: `
 # Check whether role some:role has permissions to create an application in the
 # 'default' project, using a local policy.csv file
-argocd-util settings rbac can some:role create application 'default/app' --policy-file policy.csv
+argocd-util rbac can some:role create application 'default/app' --policy-file policy.csv
 
 # Policy file can also be K8s config map with data keys like argocd-rbac-cm,
 # i.e. 'policy.csv' and (optionally) 'policy.default'
-argocd-util settings rbac can some:role create application 'default/app' --policy-file argocd-rbac-cm.yaml
+argocd-util rbac can some:role create application 'default/app' --policy-file argocd-rbac-cm.yaml
 
 # If --policy-file is not given, the ConfigMap 'argocd-rbac-cm' from K8s is
 # used. You need to specify the argocd namespace, and make sure that your
 # current Kubernetes context is pointing to the cluster Argo CD is running in
-argocd-util settings rbac can some:role create application 'default/app' --namespace argocd
+argocd-util rbac can some:role create application 'default/app' --namespace argocd
 
 # You can override a possibly configured default role
-argocd-util settings rbac can someuser create application 'default/app' --default-role role:readonly
+argocd-util rbac can someuser create application 'default/app' --default-role role:readonly
 
 `,
 		Run: func(c *cobra.Command, args []string) {

cmd/argocd-util/commands/rbac_test.go

@@ -10,7 +10,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes/fake"
 
-	"github.com/argoproj/argo-cd/v2/util/assets"
+	"github.com/argoproj/argo-cd/util/assets"
 )
 
 func Test_isValidRBACAction(t *testing.T) {

cmd/argocd-util/commands/repo.go

@@ -1,182 +0,0 @@
-package commands
-
-import (
-	"context"
-	"fmt"
-	"io/ioutil"
-	"os"
-
-	log "github.com/sirupsen/logrus"
-	"github.com/spf13/cobra"
-	apiv1 "k8s.io/api/core/v1"
-	apierr "k8s.io/apimachinery/pkg/api/errors"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/client-go/kubernetes/fake"
-
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/db"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/git"
-	"github.com/argoproj/argo-cd/v2/util/settings"
-)
-
-const (
-	ArgoCDNamespace  = "argocd"
-	repoSecretPrefix = "repo"
-)
-
-func NewRepoCommand() *cobra.Command {
-	var command = &cobra.Command{
-		Use:   "repo",
-		Short: "Manage repositories configuration",
-		Run: func(c *cobra.Command, args []string) {
-			c.HelpFunc()(c, args)
-		},
-	}
-	command.AddCommand(NewGenRepoSpecCommand())
-
-	return command
-}
-
-func NewGenRepoSpecCommand() *cobra.Command {
-	var (
-		repoOpts     cmdutil.RepoOptions
-		outputFormat string
-	)
-
-	// For better readability and easier formatting
-	var repoAddExamples = `  
-  # Add a Git repository via SSH using a private key for authentication, ignoring the server's host key:
-  argocd-util repo generate-spec git@git.example.com:repos/repo --insecure-ignore-host-key --ssh-private-key-path ~/id_rsa
-
-  # Add a Git repository via SSH on a non-default port - need to use ssh:// style URLs here
-  argocd-util repo generate-spec ssh://git@git.example.com:2222/repos/repo --ssh-private-key-path ~/id_rsa
-
-  # Add a private Git repository via HTTPS using username/password and TLS client certificates:
-  argocd-util repo generate-spec https://git.example.com/repos/repo --username git --password secret --tls-client-cert-path ~/mycert.crt --tls-client-cert-key-path ~/mycert.key
-
-  # Add a private Git repository via HTTPS using username/password without verifying the server's TLS certificate
-  argocd-util repo generate-spec https://git.example.com/repos/repo --username git --password secret --insecure-skip-server-verification
-
-  # Add a public Helm repository named 'stable' via HTTPS
-  argocd-util repo generate-spec https://kubernetes-charts.storage.googleapis.com --type helm --name stable  
-
-  # Add a private Helm repository named 'stable' via HTTPS
-  argocd-util repo generate-spec https://kubernetes-charts.storage.googleapis.com --type helm --name stable --username test --password test
-
-  # Add a private Helm OCI-based repository named 'stable' via HTTPS
-  argocd-util repo generate-spec helm-oci-registry.cn-zhangjiakou.cr.aliyuncs.com --type helm --name stable --enable-oci --username test --password test
-`
-
-	var command = &cobra.Command{
-		Use:     "generate-spec REPOURL",
-		Short:   "Generate declarative config for a repo",
-		Example: repoAddExamples,
-		Run: func(c *cobra.Command, args []string) {
-			log.SetLevel(log.WarnLevel)
-			if len(args) != 1 {
-				c.HelpFunc()(c, args)
-				os.Exit(1)
-			}
-
-			// Repository URL
-			repoOpts.Repo.Repo = args[0]
-
-			// Specifying ssh-private-key-path is only valid for SSH repositories
-			if repoOpts.SshPrivateKeyPath != "" {
-				if ok, _ := git.IsSSHURL(repoOpts.Repo.Repo); ok {
-					keyData, err := ioutil.ReadFile(repoOpts.SshPrivateKeyPath)
-					if err != nil {
-						log.Fatal(err)
-					}
-					repoOpts.Repo.SSHPrivateKey = string(keyData)
-				} else {
-					err := fmt.Errorf("--ssh-private-key-path is only supported for SSH repositories.")
-					errors.CheckError(err)
-				}
-			}
-
-			// tls-client-cert-path and tls-client-cert-key-key-path must always be
-			// specified together
-			if (repoOpts.TlsClientCertPath != "" && repoOpts.TlsClientCertKeyPath == "") || (repoOpts.TlsClientCertPath == "" && repoOpts.TlsClientCertKeyPath != "") {
-				err := fmt.Errorf("--tls-client-cert-path and --tls-client-cert-key-path must be specified together")
-				errors.CheckError(err)
-			}
-
-			// Specifying tls-client-cert-path is only valid for HTTPS repositories
-			if repoOpts.TlsClientCertPath != "" {
-				if git.IsHTTPSURL(repoOpts.Repo.Repo) {
-					tlsCertData, err := ioutil.ReadFile(repoOpts.TlsClientCertPath)
-					errors.CheckError(err)
-					tlsCertKey, err := ioutil.ReadFile(repoOpts.TlsClientCertKeyPath)
-					errors.CheckError(err)
-					repoOpts.Repo.TLSClientCertData = string(tlsCertData)
-					repoOpts.Repo.TLSClientCertKey = string(tlsCertKey)
-				} else {
-					err := fmt.Errorf("--tls-client-cert-path is only supported for HTTPS repositories")
-					errors.CheckError(err)
-				}
-			}
-
-			// Set repository connection properties only when creating repository, not
-			// when creating repository credentials.
-			// InsecureIgnoreHostKey is deprecated and only here for backwards compat
-			repoOpts.Repo.InsecureIgnoreHostKey = repoOpts.InsecureIgnoreHostKey
-			repoOpts.Repo.Insecure = repoOpts.InsecureSkipServerVerification
-			repoOpts.Repo.EnableLFS = repoOpts.EnableLfs
-			repoOpts.Repo.EnableOCI = repoOpts.EnableOci
-
-			if repoOpts.Repo.Type == "helm" && repoOpts.Repo.Name == "" {
-				errors.CheckError(fmt.Errorf("must specify --name for repos of type 'helm'"))
-			}
-
-			// If the user set a username, but didn't supply password via --password,
-			// then we prompt for it
-			if repoOpts.Repo.Username != "" && repoOpts.Repo.Password == "" {
-				repoOpts.Repo.Password = cli.PromptPassword(repoOpts.Repo.Password)
-			}
-
-			argoCDCM := &apiv1.ConfigMap{
-				TypeMeta: v1.TypeMeta{
-					Kind:       "ConfigMap",
-					APIVersion: "v1",
-				},
-				ObjectMeta: v1.ObjectMeta{
-					Name:      common.ArgoCDConfigMapName,
-					Namespace: ArgoCDNamespace,
-					Labels: map[string]string{
-						"app.kubernetes.io/part-of": "argocd",
-					},
-				},
-			}
-			kubeClientset := fake.NewSimpleClientset(argoCDCM)
-			settingsMgr := settings.NewSettingsManager(context.Background(), kubeClientset, ArgoCDNamespace)
-			argoDB := db.NewDB(ArgoCDNamespace, settingsMgr, kubeClientset)
-
-			var printResources []interface{}
-			_, err := argoDB.CreateRepository(context.Background(), &repoOpts.Repo)
-			errors.CheckError(err)
-
-			secret, err := kubeClientset.CoreV1().Secrets(ArgoCDNamespace).Get(context.Background(), db.RepoURLToSecretName(repoSecretPrefix, repoOpts.Repo.Repo), v1.GetOptions{})
-			if err != nil {
-				if !apierr.IsNotFound(err) {
-					errors.CheckError(err)
-				}
-			} else {
-				cmdutil.ConvertSecretData(secret)
-				printResources = append(printResources, secret)
-			}
-
-			cm, err := kubeClientset.CoreV1().ConfigMaps(ArgoCDNamespace).Get(context.Background(), common.ArgoCDConfigMapName, v1.GetOptions{})
-			errors.CheckError(err)
-
-			printResources = append(printResources, cm)
-			errors.CheckError(cmdutil.PrintResources(printResources, outputFormat))
-		},
-	}
-	command.Flags().StringVarP(&outputFormat, "output", "o", "yaml", "Output format. One of: json|yaml")
-	cmdutil.AddRepoFlags(command, &repoOpts)
-	return command
-}

cmd/argocd-util/commands/settings.go

@@ -23,13 +23,13 @@ import (
 	"k8s.io/client-go/kubernetes/fake"
 	"k8s.io/client-go/tools/clientcmd"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/argo/normalizers"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/lua"
-	"github.com/argoproj/argo-cd/v2/util/settings"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/argo/normalizers"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/lua"
+	"github.com/argoproj/argo-cd/util/settings"
 )
 
 type settingsOpts struct {
@@ -162,7 +162,6 @@ func NewSettingsCommand() *cobra.Command {
 
 	command.AddCommand(NewValidateSettingsCommand(&opts))
 	command.AddCommand(NewResourceOverridesCommand(&opts))
-	command.AddCommand(NewRBACCommand())
 
 	opts.clientConfig = cli.AddKubectlFlagsToCmd(command)
 	command.PersistentFlags().StringVar(&opts.argocdCMPath, "argocd-cm-path", "", "Path to local argocd-cm.yaml file")

cmd/argocd-util/commands/settings_test.go

@@ -9,9 +9,9 @@ import (
 	"os"
 	"testing"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	utils "github.com/argoproj/argo-cd/v2/util/io"
-	"github.com/argoproj/argo-cd/v2/util/settings"
+	"github.com/argoproj/argo-cd/common"
+	utils "github.com/argoproj/argo-cd/util/io"
+	"github.com/argoproj/argo-cd/util/settings"
 
 	"github.com/stretchr/testify/assert"
 	v1 "k8s.io/api/core/v1"

cmd/argocd/commands/account.go

@@ -16,15 +16,15 @@ import (
 	"github.com/spf13/cobra"
 	"golang.org/x/crypto/ssh/terminal"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	accountpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/account"
-	"github.com/argoproj/argo-cd/v2/pkg/apiclient/session"
-	"github.com/argoproj/argo-cd/v2/server/rbacpolicy"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/io"
-	"github.com/argoproj/argo-cd/v2/util/localconfig"
-	sessionutil "github.com/argoproj/argo-cd/v2/util/session"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	accountpkg "github.com/argoproj/argo-cd/pkg/apiclient/account"
+	"github.com/argoproj/argo-cd/pkg/apiclient/session"
+	"github.com/argoproj/argo-cd/server/rbacpolicy"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/io"
+	"github.com/argoproj/argo-cd/util/localconfig"
+	sessionutil "github.com/argoproj/argo-cd/util/session"
 )
 
 func NewAccountCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command {
@@ -99,7 +99,7 @@ func NewAccountUpdatePasswordCommand(clientOpts *argocdclient.ClientOptions) *co
 				errors.CheckError(err)
 				claims, err := configCtx.User.Claims()
 				errors.CheckError(err)
-				tokenString := passwordLogin(acdClient, localconfig.GetUsername(claims.Subject), newPassword)
+				tokenString := passwordLogin(acdClient, claims.Subject, newPassword)
 				localCfg.UpsertUser(localconfig.User{
 					Name:      localCfg.CurrentContext,
 					AuthToken: tokenString,

cmd/argocd/commands/app.go

@@ -30,28 +30,28 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/utils/pointer"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/controller"
-	"github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	"github.com/argoproj/argo-cd/v2/pkg/apiclient/application"
-	applicationpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/application"
-	clusterpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/cluster"
-	projectpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/project"
-	"github.com/argoproj/argo-cd/v2/pkg/apiclient/settings"
-	settingspkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/settings"
-	argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	repoapiclient "github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	"github.com/argoproj/argo-cd/v2/reposerver/repository"
-	"github.com/argoproj/argo-cd/v2/util/argo"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/git"
-	argoio "github.com/argoproj/argo-cd/v2/util/io"
-	argokube "github.com/argoproj/argo-cd/v2/util/kube"
-	"github.com/argoproj/argo-cd/v2/util/templates"
-	"github.com/argoproj/argo-cd/v2/util/text/label"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/controller"
+	"github.com/argoproj/argo-cd/pkg/apiclient"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	"github.com/argoproj/argo-cd/pkg/apiclient/application"
+	applicationpkg "github.com/argoproj/argo-cd/pkg/apiclient/application"
+	clusterpkg "github.com/argoproj/argo-cd/pkg/apiclient/cluster"
+	projectpkg "github.com/argoproj/argo-cd/pkg/apiclient/project"
+	"github.com/argoproj/argo-cd/pkg/apiclient/settings"
+	settingspkg "github.com/argoproj/argo-cd/pkg/apiclient/settings"
+	argoappv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	repoapiclient "github.com/argoproj/argo-cd/reposerver/apiclient"
+	"github.com/argoproj/argo-cd/reposerver/repository"
+	"github.com/argoproj/argo-cd/util/argo"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/git"
+	argoio "github.com/argoproj/argo-cd/util/io"
+	argokube "github.com/argoproj/argo-cd/util/kube"
+	"github.com/argoproj/argo-cd/util/templates"
+	"github.com/argoproj/argo-cd/util/text/label"
 )
 
 var (
@@ -276,7 +276,6 @@ func NewApplicationLogsCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 		sinceSeconds int64
 		untilTime    string
 		filter       string
-		container    string
 	)
 	var command = &cobra.Command{
 		Use:   "logs APPNAME",
@@ -305,7 +304,6 @@ func NewApplicationLogsCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 					SinceSeconds: sinceSeconds,
 					UntilTime:    &untilTime,
 					Filter:       &filter,
-					Container:    container,
 				})
 				if err != nil {
 					log.Fatalf("failed to get pod logs: %v", err)
@@ -346,7 +344,6 @@ func NewApplicationLogsCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 	command.Flags().Int64Var(&sinceSeconds, "since-seconds", 0, "A relative time in seconds before the current time from which to show logs")
 	command.Flags().StringVar(&untilTime, "until-time", "", "Show logs until this time")
 	command.Flags().StringVar(&filter, "filter", "", "Show logs contain this string")
-	command.Flags().StringVar(&container, "container", "", "Optional container name")
 
 	return command
 }
@@ -559,7 +556,6 @@ func NewApplicationUnsetCommand(clientOpts *argocdclient.ClientOptions) *cobra.C
 		namePrefix       bool
 		kustomizeVersion bool
 		kustomizeImages  []string
-		pluginEnvs       []string
 		appOpts          cmdutil.AppOptions
 	)
 	var command = &cobra.Command{
@@ -665,22 +661,9 @@ func NewApplicationUnsetCommand(clientOpts *argocdclient.ClientOptions) *cobra.C
 						}
 					}
 				}
-			}
-
-			if app.Spec.Source.Plugin != nil {
-				if len(pluginEnvs) == 0 {
-					c.HelpFunc()(c, args)
-					os.Exit(1)
+				if !updated {
+					return
 				}
-				for _, env := range pluginEnvs {
-					err = app.Spec.Source.Plugin.RemoveEnvEntry(env)
-					errors.CheckError(err)
-				}
-				updated = true
-			}
-
-			if !updated {
-				return
 			}
 
 			cmdutil.SetAppSpecOptions(c.Flags(), &app.Spec, &appOpts)
@@ -699,7 +682,6 @@ func NewApplicationUnsetCommand(clientOpts *argocdclient.ClientOptions) *cobra.C
 	command.Flags().BoolVar(&namePrefix, "nameprefix", false, "Kustomize nameprefix")
 	command.Flags().BoolVar(&kustomizeVersion, "kustomize-version", false, "Kustomize version")
 	command.Flags().StringArrayVar(&kustomizeImages, "kustomize-image", []string{}, "Kustomize images name (e.g. --kustomize-image node --kustomize-image mysql)")
-	command.Flags().StringArrayVar(&pluginEnvs, "plugin-env", []string{}, "Unset plugin env variables (e.g --plugin-env name)")
 	return command
 }
 
@@ -801,7 +783,6 @@ func NewApplicationDiffCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 	var (
 		refresh       bool
 		hardRefresh   bool
-		exitCode      bool
 		local         string
 		revision      string
 		localRepoRoot string
@@ -905,7 +886,7 @@ func NewApplicationDiffCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 					_ = cli.PrintDiff(item.key.Name, live, target)
 				}
 			}
-			if foundDiffs && exitCode {
+			if foundDiffs {
 				os.Exit(1)
 			}
 
@@ -913,7 +894,6 @@ func NewApplicationDiffCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 	}
 	command.Flags().BoolVar(&refresh, "refresh", false, "Refresh application data when retrieving")
 	command.Flags().BoolVar(&hardRefresh, "hard-refresh", false, "Refresh application data as well as target manifests cache")
-	command.Flags().BoolVar(&exitCode, "exit-code", true, "Return non-zero exit code when there is a diff")
 	command.Flags().StringVar(&local, "local", "", "Compare live app to a local manifests")
 	command.Flags().StringVar(&revision, "revision", "", "Compare live app to a particular revision")
 	command.Flags().StringVar(&localRepoRoot, "local-repo-root", "/", "Path to the repository root. Used together with --local allows setting the repository root")
@@ -956,9 +936,8 @@ func groupObjsForDiff(resources *application.ManagedResourcesResponse, objs map[
 // NewApplicationDeleteCommand returns a new instance of an `argocd app delete` command
 func NewApplicationDeleteCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command {
 	var (
-		cascade           bool
-		noPrompt          bool
-		propagationPolicy string
+		cascade  bool
+		noPrompt bool
 	)
 	var command = &cobra.Command{
 		Use:   "delete APPNAME",
@@ -984,9 +963,6 @@ func NewApplicationDeleteCommand(clientOpts *argocdclient.ClientOptions) *cobra.
 				if c.Flag("cascade").Changed {
 					appDeleteReq.Cascade = &cascade
 				}
-				if c.Flag("propagation-policy").Changed {
-					appDeleteReq.PropagationPolicy = &propagationPolicy
-				}
 				if cascade && isTerminal && !noPrompt {
 					var confirmAnswer string = "n"
 					var lowercaseAnswer string
@@ -1021,7 +997,6 @@ func NewApplicationDeleteCommand(clientOpts *argocdclient.ClientOptions) *cobra.
 		},
 	}
 	command.Flags().BoolVar(&cascade, "cascade", true, "Perform a cascaded deletion of all application resources")
-	command.Flags().StringVarP(&propagationPolicy, "propagation-policy", "p", "foreground", "Specify propagation policy for deletion of application's resources. One of: foreground|background")
 	command.Flags().BoolVarP(&noPrompt, "yes", "y", false, "Turn off prompting to confirm cascaded deletion of application resources")
 	return command
 }
@@ -1070,7 +1045,6 @@ func NewApplicationListCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 		output   string
 		selector string
 		projects []string
-		repo     string
 	)
 	var command = &cobra.Command{
 		Use:   "list",
@@ -1089,9 +1063,6 @@ func NewApplicationListCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 			if len(projects) != 0 {
 				appList = argo.FilterByProjects(appList, projects)
 			}
-			if repo != "" {
-				appList = argo.FilterByRepo(appList, repo)
-			}
 			switch output {
 			case "yaml", "json":
 				err := PrintResourceList(appList, output, false)
@@ -1108,7 +1079,6 @@ func NewApplicationListCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 	command.Flags().StringVarP(&output, "output", "o", "wide", "Output format. One of: wide|name|json|yaml")
 	command.Flags().StringVarP(&selector, "selector", "l", "", "List apps by label")
 	command.Flags().StringArrayVarP(&projects, "project", "p", []string{}, "Filter by project name")
-	command.Flags().StringVarP(&repo, "repo", "r", "", "List apps by source repo URL")
 	return command
 }
 

cmd/argocd/commands/app_actions.go

@@ -12,10 +12,10 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	applicationpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/application"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/io"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	applicationpkg "github.com/argoproj/argo-cd/pkg/apiclient/application"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/io"
 )
 
 type DisplayedAction struct {

cmd/argocd/commands/cert.go

@@ -11,12 +11,12 @@ import (
 
 	"github.com/spf13/cobra"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	certificatepkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/certificate"
-	appsv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	certutil "github.com/argoproj/argo-cd/v2/util/cert"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/io"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	certificatepkg "github.com/argoproj/argo-cd/pkg/apiclient/certificate"
+	appsv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	certutil "github.com/argoproj/argo-cd/util/cert"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/io"
 )
 
 // NewCertCommand returns a new instance of an `argocd repo` command

cmd/argocd/commands/cluster.go

@@ -12,14 +12,14 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	"github.com/argoproj/argo-cd/v2/common"
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	clusterpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/cluster"
-	argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/clusterauth"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/io"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	"github.com/argoproj/argo-cd/common"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	clusterpkg "github.com/argoproj/argo-cd/pkg/apiclient/cluster"
+	argoappv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/clusterauth"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/io"
 )
 
 // NewClusterCommand returns a new instance of an `argocd cluster` command

cmd/argocd/commands/cluster_test.go

@@ -5,7 +5,7 @@ import (
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 )
 
 func Test_printClusterTable(t *testing.T) {

cmd/argocd/commands/context.go

@@ -11,9 +11,9 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/localconfig"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/localconfig"
 )
 
 // NewContextCommand returns a new instance of an `argocd ctx` command

cmd/argocd/commands/context_test.go

@@ -7,7 +7,7 @@ import (
 
 	"github.com/stretchr/testify/assert"
 
-	"github.com/argoproj/argo-cd/v2/util/localconfig"
+	"github.com/argoproj/argo-cd/util/localconfig"
 )
 
 const testConfig = `contexts:

cmd/argocd/commands/gpg.go

@@ -10,11 +10,11 @@ import (
 
 	"github.com/spf13/cobra"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	gpgkeypkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/gpgkey"
-	appsv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	argoio "github.com/argoproj/argo-cd/v2/util/io"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	gpgkeypkg "github.com/argoproj/argo-cd/pkg/apiclient/gpgkey"
+	appsv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/errors"
+	argoio "github.com/argoproj/argo-cd/util/io"
 )
 
 // NewGPGCommand returns a new instance of an `argocd repo` command

cmd/argocd/commands/login.go

@@ -19,17 +19,17 @@ import (
 	"github.com/spf13/cobra"
 	"golang.org/x/oauth2"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	sessionpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/session"
-	settingspkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/settings"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	grpc_util "github.com/argoproj/argo-cd/v2/util/grpc"
-	"github.com/argoproj/argo-cd/v2/util/io"
-	jwtutil "github.com/argoproj/argo-cd/v2/util/jwt"
-	"github.com/argoproj/argo-cd/v2/util/localconfig"
-	oidcutil "github.com/argoproj/argo-cd/v2/util/oidc"
-	"github.com/argoproj/argo-cd/v2/util/rand"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	sessionpkg "github.com/argoproj/argo-cd/pkg/apiclient/session"
+	settingspkg "github.com/argoproj/argo-cd/pkg/apiclient/settings"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/errors"
+	grpc_util "github.com/argoproj/argo-cd/util/grpc"
+	"github.com/argoproj/argo-cd/util/io"
+	jwtutil "github.com/argoproj/argo-cd/util/jwt"
+	"github.com/argoproj/argo-cd/util/localconfig"
+	oidcutil "github.com/argoproj/argo-cd/util/oidc"
+	"github.com/argoproj/argo-cd/util/rand"
 )
 
 // NewLoginCommand returns a new instance of `argocd login` command

cmd/argocd/commands/logout.go

@@ -7,9 +7,9 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/localconfig"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/localconfig"
 )
 
 // NewLogoutCommand returns a new instance of `argocd logout` command

cmd/argocd/commands/logout_test.go

@@ -5,11 +5,11 @@ import (
 	"os"
 	"testing"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apiclient"
+	"github.com/argoproj/argo-cd/pkg/apiclient"
 
 	"github.com/stretchr/testify/assert"
 
-	"github.com/argoproj/argo-cd/v2/util/localconfig"
+	"github.com/argoproj/argo-cd/util/localconfig"
 )
 
 func TestLogout(t *testing.T) {

cmd/argocd/commands/project.go

@@ -14,18 +14,19 @@ import (
 	"github.com/ghodss/yaml"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	projectpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/project"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/git"
-	"github.com/argoproj/argo-cd/v2/util/gpg"
-	argoio "github.com/argoproj/argo-cd/v2/util/io"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	projectpkg "github.com/argoproj/argo-cd/pkg/apiclient/project"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/git"
+	"github.com/argoproj/argo-cd/util/gpg"
+	argoio "github.com/argoproj/argo-cd/util/io"
 )
 
 type policyOpts struct {
@@ -128,7 +129,23 @@ func NewProjectSetCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command
 			proj, err := projIf.Get(context.Background(), &projectpkg.ProjectQuery{Name: projName})
 			errors.CheckError(err)
 
-			if visited := cmdutil.SetProjSpecOptions(c.Flags(), &proj.Spec, &opts); visited == 0 {
+			visited := 0
+			c.Flags().Visit(func(f *pflag.Flag) {
+				visited++
+				switch f.Name {
+				case "description":
+					proj.Spec.Description = opts.Description
+				case "dest":
+					proj.Spec.Destinations = opts.GetDestinations()
+				case "src":
+					proj.Spec.SourceRepos = opts.Sources
+				case "signature-keys":
+					proj.Spec.SignatureKeys = opts.GetSignatureKeys()
+				case "orphaned-resources", "orphaned-resources-warn":
+					proj.Spec.OrphanedResources = cmdutil.GetOrphanedResourcesSettings(c, opts)
+				}
+			})
+			if visited == 0 {
 				log.Error("Please set at least one option to update")
 				c.HelpFunc()(c, args)
 				os.Exit(1)

cmd/argocd/commands/project_role.go

@@ -12,12 +12,12 @@ import (
 	jwtgo "github.com/dgrijalva/jwt-go/v4"
 	"github.com/spf13/cobra"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	projectpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/project"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/io"
-	"github.com/argoproj/argo-cd/v2/util/jwt"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	projectpkg "github.com/argoproj/argo-cd/pkg/apiclient/project"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/io"
+	"github.com/argoproj/argo-cd/util/jwt"
 )
 
 const (

cmd/argocd/commands/projectwindows.go

@@ -10,11 +10,11 @@ import (
 
 	"github.com/spf13/cobra"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	projectpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/project"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/io"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	projectpkg "github.com/argoproj/argo-cd/pkg/apiclient/project"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/io"
 )
 
 // NewProjectWindowsCommand returns a new instance of the `argocd proj windows` command

cmd/argocd/commands/relogin.go

@@ -9,12 +9,12 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	settingspkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/settings"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	argoio "github.com/argoproj/argo-cd/v2/util/io"
-	"github.com/argoproj/argo-cd/v2/util/localconfig"
-	"github.com/argoproj/argo-cd/v2/util/session"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	settingspkg "github.com/argoproj/argo-cd/pkg/apiclient/settings"
+	"github.com/argoproj/argo-cd/util/errors"
+	argoio "github.com/argoproj/argo-cd/util/io"
+	"github.com/argoproj/argo-cd/util/localconfig"
+	"github.com/argoproj/argo-cd/util/session"
 )
 
 // NewReloginCommand returns a new instance of `argocd relogin` command
@@ -55,8 +55,8 @@ func NewReloginCommand(globalClientOpts *argocdclient.ClientOptions) *cobra.Comm
 			claims, err := configCtx.User.Claims()
 			errors.CheckError(err)
 			if claims.Issuer == session.SessionManagerClaimsIssuer {
-				fmt.Printf("Relogging in as '%s'\n", localconfig.GetUsername(claims.Subject))
-				tokenString = passwordLogin(acdClient, localconfig.GetUsername(claims.Subject), password)
+				fmt.Printf("Relogging in as '%s'\n", claims.Subject)
+				tokenString = passwordLogin(acdClient, claims.Subject, password)
 			} else {
 				fmt.Println("Reinitiating SSO login")
 				setConn, setIf := acdClient.NewSettingsClientOrDie()

cmd/argocd/commands/repo.go

@@ -10,14 +10,14 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	repositorypkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/repository"
-	appsv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/git"
-	"github.com/argoproj/argo-cd/v2/util/io"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	repositorypkg "github.com/argoproj/argo-cd/pkg/apiclient/repository"
+	appsv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/git"
+	"github.com/argoproj/argo-cd/util/io"
 )
 
 // NewRepoCommand returns a new instance of an `argocd repo` command

cmd/argocd/commands/repocreds.go

@@ -10,13 +10,13 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	repocredspkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/repocreds"
-	appsv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/git"
-	"github.com/argoproj/argo-cd/v2/util/io"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	repocredspkg "github.com/argoproj/argo-cd/pkg/apiclient/repocreds"
+	appsv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/git"
+	"github.com/argoproj/argo-cd/util/io"
 )
 
 // NewRepoCredsCommand returns a new instance of an `argocd repocreds` command

cmd/argocd/commands/root.go

@@ -4,12 +4,12 @@ import (
 	"github.com/spf13/cobra"
 	"k8s.io/client-go/tools/clientcmd"
 
-	cmdutil "github.com/argoproj/argo-cd/v2/cmd/util"
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	"github.com/argoproj/argo-cd/v2/util/cli"
-	"github.com/argoproj/argo-cd/v2/util/config"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/localconfig"
+	cmdutil "github.com/argoproj/argo-cd/cmd/util"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	"github.com/argoproj/argo-cd/util/cli"
+	"github.com/argoproj/argo-cd/util/config"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/localconfig"
 )
 
 func init() {

cmd/argocd/commands/version.go

@@ -8,11 +8,11 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient"
-	"github.com/argoproj/argo-cd/v2/pkg/apiclient/version"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	argoio "github.com/argoproj/argo-cd/v2/util/io"
+	"github.com/argoproj/argo-cd/common"
+	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
+	"github.com/argoproj/argo-cd/pkg/apiclient/version"
+	"github.com/argoproj/argo-cd/util/errors"
+	argoio "github.com/argoproj/argo-cd/util/io"
 )
 
 // NewVersionCmd returns a new `version` command to be used as a sub-command to root

cmd/main.go

@@ -7,12 +7,12 @@ import (
 
 	"github.com/spf13/cobra"
 
-	appcontroller "github.com/argoproj/argo-cd/v2/cmd/argocd-application-controller/commands"
-	dex "github.com/argoproj/argo-cd/v2/cmd/argocd-dex/commands"
-	reposerver "github.com/argoproj/argo-cd/v2/cmd/argocd-repo-server/commands"
-	apiserver "github.com/argoproj/argo-cd/v2/cmd/argocd-server/commands"
-	util "github.com/argoproj/argo-cd/v2/cmd/argocd-util/commands"
-	cli "github.com/argoproj/argo-cd/v2/cmd/argocd/commands"
+	appcontroller "github.com/argoproj/argo-cd/cmd/argocd-application-controller/commands"
+	dex "github.com/argoproj/argo-cd/cmd/argocd-dex/commands"
+	reposerver "github.com/argoproj/argo-cd/cmd/argocd-repo-server/commands"
+	apiserver "github.com/argoproj/argo-cd/cmd/argocd-server/commands"
+	util "github.com/argoproj/argo-cd/cmd/argocd-util/commands"
+	cli "github.com/argoproj/argo-cd/cmd/argocd/commands"
 )
 
 const (

cmd/util/app.go

@@ -7,20 +7,18 @@ import (
 	"net/url"
 	"os"
 	"strings"
-	"time"
 
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/utils/pointer"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application"
-	argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/config"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/text/label"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/pkg/apis/application"
+	argoappv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/config"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/text/label"
 )
 
 type AppOptions struct {
@@ -64,10 +62,6 @@ type AppOptions struct {
 	Validate                   bool
 	directoryExclude           string
 	directoryInclude           string
-	retryLimit                 int64
-	retryBackoffDuration       time.Duration
-	retryBackoffMaxDuration    time.Duration
-	retryBackoffFactor         int64
 }
 
 func AddAppFlags(command *cobra.Command, opts *AppOptions) {
@@ -111,10 +105,6 @@ func AddAppFlags(command *cobra.Command, opts *AppOptions) {
 	command.Flags().StringArrayVar(&opts.kustomizeCommonAnnotations, "kustomize-common-annotation", []string{}, "Set common labels in Kustomize")
 	command.Flags().StringVar(&opts.directoryExclude, "directory-exclude", "", "Set glob expression used to exclude files from application source path")
 	command.Flags().StringVar(&opts.directoryInclude, "directory-include", "", "Set glob expression used to include files from application source path")
-	command.Flags().Int64Var(&opts.retryLimit, "sync-retry-limit", 0, "Max number of allowed sync retries")
-	command.Flags().DurationVar(&opts.retryBackoffDuration, "sync-retry-backoff-duration", common.DefaultSyncRetryDuration, "Sync retry backoff base duration. Input needs to be a duration (e.g. 2m, 1h)")
-	command.Flags().DurationVar(&opts.retryBackoffMaxDuration, "sync-retry-backoff-max-duration", common.DefaultSyncRetryMaxDuration, "Max sync retry backoff duration. Input needs to be a duration (e.g. 2m, 1h)")
-	command.Flags().Int64Var(&opts.retryBackoffFactor, "sync-retry-backoff-factor", common.DefaultSyncRetryFactor, "Factor multiplies the base duration after each failed sync retry")
 }
 
 func SetAppSpecOptions(flags *pflag.FlagSet, spec *argoappv1.ApplicationSpec, appOpts *AppOptions) int {
@@ -248,28 +238,6 @@ func SetAppSpecOptions(flags *pflag.FlagSet, spec *argoappv1.ApplicationSpec, ap
 			if spec.SyncPolicy.IsZero() {
 				spec.SyncPolicy = nil
 			}
-		case "sync-retry-limit":
-			if appOpts.retryLimit > 0 {
-				if spec.SyncPolicy == nil {
-					spec.SyncPolicy = &argoappv1.SyncPolicy{}
-				}
-				spec.SyncPolicy.Retry = &argoappv1.RetryStrategy{
-					Limit: appOpts.retryLimit,
-					Backoff: &argoappv1.Backoff{
-						Duration:    appOpts.retryBackoffDuration.String(),
-						MaxDuration: appOpts.retryBackoffMaxDuration.String(),
-						Factor:      pointer.Int64Ptr(appOpts.retryBackoffFactor),
-					},
-				}
-			} else if appOpts.retryLimit == 0 {
-				if spec.SyncPolicy.IsZero() {
-					spec.SyncPolicy = nil
-				} else {
-					spec.SyncPolicy.Retry = nil
-				}
-			} else {
-				log.Fatalf("Invalid sync-retry-limit [%d]", appOpts.retryLimit)
-			}
 		}
 	})
 	if flags.Changed("auto-prune") {

cmd/util/app_test.go

@@ -6,7 +6,7 @@ import (
 	"github.com/spf13/cobra"
 	"github.com/stretchr/testify/assert"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 )
 
 func Test_setHelmOpt(t *testing.T) {
@@ -164,11 +164,4 @@ func Test_setAppSpecOptions(t *testing.T) {
 		assert.NoError(t, f.SetFlag("sync-option", "!a=1"))
 		assert.Nil(t, f.spec.SyncPolicy)
 	})
-	t.Run("RetryLimit", func(t *testing.T) {
-		assert.NoError(t, f.SetFlag("sync-retry-limit", "5"))
-		assert.True(t, f.spec.SyncPolicy.Retry.Limit == 5)
-
-		assert.NoError(t, f.SetFlag("sync-retry-limit", "0"))
-		assert.Nil(t, f.spec.SyncPolicy.Retry)
-	})
 }

cmd/util/cluster.go

@@ -12,8 +12,8 @@ import (
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
 
-	argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/errors"
+	argoappv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/errors"
 )
 
 func PrintKubeContexts(ca clientcmd.ConfigAccess) {

cmd/util/cluster_test.go

@@ -7,7 +7,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"k8s.io/client-go/rest"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 )
 
 func Test_newCluster(t *testing.T) {

cmd/util/common.go

@@ -24,26 +24,21 @@ func PrintResources(resources []interface{}, output string) error {
 		}
 		resources[i] = filteredResource
 	}
-	var obj interface{} = resources
-	if len(resources) == 1 {
-		obj = resources[0]
-	}
 
 	switch output {
 	case "json":
-		jsonBytes, err := json.MarshalIndent(obj, "", "  ")
+		jsonBytes, err := json.MarshalIndent(resources, "", "  ")
 		if err != nil {
 			return err
 		}
 
 		fmt.Println(string(jsonBytes))
 	case "yaml":
-		yamlBytes, err := yaml.Marshal(obj)
+		yamlBytes, err := yaml.Marshal(resources)
 		if err != nil {
 			return err
 		}
-		// marshaled YAML already ends with the new line character
-		fmt.Print(string(yamlBytes))
+		fmt.Println(string(yamlBytes))
 	default:
 		return fmt.Errorf("unknown output format: %s", output)
 	}

cmd/util/project.go

@@ -9,28 +9,22 @@ import (
 	"strings"
 
 	"github.com/spf13/cobra"
-	"github.com/spf13/pflag"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/utils/pointer"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/config"
-	"github.com/argoproj/argo-cd/v2/util/gpg"
+	"github.com/argoproj/argo-cd/pkg/apis/application"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/config"
+	"github.com/argoproj/argo-cd/util/gpg"
 )
 
 type ProjectOpts struct {
-	Description   string
-	destinations  []string
-	Sources       []string
-	SignatureKeys []string
-
-	orphanedResourcesEnabled   bool
-	orphanedResourcesWarn      bool
-	allowedClusterResources    []string
-	deniedClusterResources     []string
-	allowedNamespacedResources []string
-	deniedNamespacedResources  []string
+	Description              string
+	destinations             []string
+	Sources                  []string
+	SignatureKeys            []string
+	orphanedResourcesEnabled bool
+	orphanedResourcesWarn    bool
 }
 
 func AddProjFlags(command *cobra.Command, opts *ProjectOpts) {
@@ -41,39 +35,6 @@ func AddProjFlags(command *cobra.Command, opts *ProjectOpts) {
 	command.Flags().StringSliceVar(&opts.SignatureKeys, "signature-keys", []string{}, "GnuPG public key IDs for commit signature verification")
 	command.Flags().BoolVar(&opts.orphanedResourcesEnabled, "orphaned-resources", false, "Enables orphaned resources monitoring")
 	command.Flags().BoolVar(&opts.orphanedResourcesWarn, "orphaned-resources-warn", false, "Specifies if applications should have a warning condition when orphaned resources detected")
-	command.Flags().StringArrayVar(&opts.allowedClusterResources, "allow-cluster-resource", []string{}, "List of allowed cluster level resources")
-	command.Flags().StringArrayVar(&opts.deniedClusterResources, "deny-cluster-resource", []string{}, "List of denied cluster level resources")
-	command.Flags().StringArrayVar(&opts.allowedNamespacedResources, "allow-namespaced-resource", []string{}, "List of allowed namespaced resources")
-	command.Flags().StringArrayVar(&opts.deniedNamespacedResources, "deny-namespaced-resource", []string{}, "List of denied namespaced resources")
-
-}
-
-func getGroupKindList(values []string) []v1.GroupKind {
-	var res []v1.GroupKind
-	for _, val := range values {
-		if parts := strings.Split(val, "/"); len(parts) == 2 {
-			res = append(res, v1.GroupKind{Group: parts[0], Kind: parts[1]})
-		} else if len(parts) == 1 {
-			res = append(res, v1.GroupKind{Kind: parts[0]})
-		}
-	}
-	return res
-}
-
-func (opts *ProjectOpts) GetAllowedClusterResources() []v1.GroupKind {
-	return getGroupKindList(opts.allowedClusterResources)
-}
-
-func (opts *ProjectOpts) GetDeniedClusterResources() []v1.GroupKind {
-	return getGroupKindList(opts.deniedClusterResources)
-}
-
-func (opts *ProjectOpts) GetAllowedNamespacedResources() []v1.GroupKind {
-	return getGroupKindList(opts.allowedNamespacedResources)
-}
-
-func (opts *ProjectOpts) GetDeniedNamespacedResources() []v1.GroupKind {
-	return getGroupKindList(opts.deniedNamespacedResources)
 }
 
 func (opts *ProjectOpts) GetDestinations() []v1alpha1.ApplicationDestination {
@@ -104,8 +65,8 @@ func (opts *ProjectOpts) GetSignatureKeys() []v1alpha1.SignatureKey {
 	return signatureKeys
 }
 
-func GetOrphanedResourcesSettings(flagSet *pflag.FlagSet, opts ProjectOpts) *v1alpha1.OrphanedResourcesMonitorSettings {
-	warnChanged := flagSet.Changed("orphaned-resources-warn")
+func GetOrphanedResourcesSettings(c *cobra.Command, opts ProjectOpts) *v1alpha1.OrphanedResourcesMonitorSettings {
+	warnChanged := c.Flag("orphaned-resources-warn").Changed
 	if opts.orphanedResourcesEnabled || warnChanged {
 		settings := v1alpha1.OrphanedResourcesMonitorSettings{}
 		if warnChanged {
@@ -135,43 +96,8 @@ func readProjFromURI(fileURL string, proj *v1alpha1.AppProject) error {
 	return err
 }
 
-func SetProjSpecOptions(flags *pflag.FlagSet, spec *v1alpha1.AppProjectSpec, projOpts *ProjectOpts) int {
-	visited := 0
-	flags.Visit(func(f *pflag.Flag) {
-		visited++
-		switch f.Name {
-		case "description":
-			spec.Description = projOpts.Description
-		case "dest":
-			spec.Destinations = projOpts.GetDestinations()
-		case "src":
-			spec.SourceRepos = projOpts.Sources
-		case "signature-keys":
-			spec.SignatureKeys = projOpts.GetSignatureKeys()
-		case "allow-cluster-resource":
-			spec.ClusterResourceWhitelist = projOpts.GetAllowedClusterResources()
-		case "deny-cluster-resource":
-			spec.ClusterResourceBlacklist = projOpts.GetDeniedClusterResources()
-		case "allow-namespaced-resource":
-			spec.NamespaceResourceWhitelist = projOpts.GetAllowedNamespacedResources()
-		case "deny-namespaced-resource":
-			spec.NamespaceResourceBlacklist = projOpts.GetDeniedNamespacedResources()
-		}
-	})
-	if flags.Changed("orphaned-resources") || flags.Changed("orphaned-resources-warn") {
-		spec.OrphanedResources = GetOrphanedResourcesSettings(flags, *projOpts)
-		visited++
-	}
-	return visited
-}
-
 func ConstructAppProj(fileURL string, args []string, opts ProjectOpts, c *cobra.Command) (*v1alpha1.AppProject, error) {
-	var proj = v1alpha1.AppProject{
-		TypeMeta: v1.TypeMeta{
-			Kind:       application.AppProjectKind,
-			APIVersion: application.Group + "/v1alpha1",
-		},
-	}
+	var proj v1alpha1.AppProject
 	if fileURL == "-" {
 		// read stdin
 		err := readProjFromStdin(&proj)
@@ -194,9 +120,22 @@ func ConstructAppProj(fileURL string, args []string, opts ProjectOpts, c *cobra.
 			c.HelpFunc()(c, args)
 			os.Exit(1)
 		}
-		proj.Name = args[0]
+		projName := args[0]
+		proj = v1alpha1.AppProject{
+			TypeMeta: v1.TypeMeta{
+				Kind:       application.AppProjectKind,
+				APIVersion: application.Group + "/v1alpha1",
+			},
+			ObjectMeta: v1.ObjectMeta{Name: projName},
+			Spec: v1alpha1.AppProjectSpec{
+				Description:       opts.Description,
+				Destinations:      opts.GetDestinations(),
+				SourceRepos:       opts.Sources,
+				SignatureKeys:     opts.GetSignatureKeys(),
+				OrphanedResources: GetOrphanedResourcesSettings(c, opts),
+			},
+		}
 	}
-	SetProjSpecOptions(c.Flags(), &proj.Spec, &opts)
 
 	return &proj, nil
 }

cmd/util/project_test.go

@@ -1,24 +0,0 @@
-package util
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-func TestProjectOpts_ResourceLists(t *testing.T) {
-	opts := ProjectOpts{
-		allowedNamespacedResources: []string{"ConfigMap"},
-		deniedNamespacedResources:  []string{"apps/DaemonSet"},
-		allowedClusterResources:    []string{"apiextensions.k8s.io/CustomResourceDefinition"},
-		deniedClusterResources:     []string{"rbac.authorization.k8s.io/ClusterRole"},
-	}
-
-	assert.ElementsMatch(t,
-		[]v1.GroupKind{{Kind: "ConfigMap"}}, opts.GetAllowedNamespacedResources(),
-		[]v1.GroupKind{{Group: "apps", Kind: "DaemonSet"}}, opts.GetDeniedNamespacedResources(),
-		[]v1.GroupKind{{Group: "apiextensions.k8s.io", Kind: "CustomResourceDefinition"}}, opts.GetAllowedClusterResources(),
-		[]v1.GroupKind{{Group: "rbac.authorization.k8s.io", Kind: "ClusterRole"}}, opts.GetDeniedClusterResources(),
-	)
-}

cmd/util/repo.go

@@ -3,8 +3,8 @@ package util
 import (
 	"github.com/spf13/cobra"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	appsv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/common"
+	appsv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 )
 
 type RepoOptions struct {

common/common.go

@@ -53,8 +53,6 @@ const (
 	DefaultSSHKnownHostsName = "ssh_known_hosts"
 	// Default path to GnuPG home directory
 	DefaultGnuPgHomePath = "/app/config/gpg/keys"
-	// Default path to repo server TLS endpoint config
-	DefaultAppConfigPath = "/app/config"
 )
 
 const (
@@ -127,15 +125,9 @@ const (
 	AnnotationKeyManagedBy = "managed-by"
 	// AnnotationValueManagedByArgoCD is a 'managed-by' annotation value for resources managed by Argo CD
 	AnnotationValueManagedByArgoCD = "argocd.argoproj.io"
-	// ResourcesFinalizerName is the finalizer value which we inject to finalize deletion of an application
+	// ResourcesFinalizerName the finalizer value which we inject to finalize deletion of an application
 	ResourcesFinalizerName = "resources-finalizer.argocd.argoproj.io"
 
-	// ForegroundPropagationPolicyFinalizer is the finalizer we inject to delete application with foreground propagation policy
-	ForegroundPropagationPolicyFinalizer = "resources-finalizer.argocd.argoproj.io/foreground"
-
-	// BackgroundPropagationPolicyFinalizer is the finalizer we inject to delete application with background propagation policy
-	BackgroundPropagationPolicyFinalizer = "resources-finalizer.argocd.argoproj.io/background"
-
 	// AnnotationKeyManifestGeneratePaths is an annotation that contains a list of semicolon-separated paths in the
 	// manifests repository that affects the manifest generation. Paths might be either relative or absolute. The
 	// absolute path means an absolute path within the repository and the relative path is relative to the application
@@ -196,10 +188,6 @@ const (
 	EnvEnableGRPCTimeHistogramEnv = "ARGOCD_ENABLE_GRPC_TIME_HISTOGRAM"
 	// EnvGithubAppCredsExpirationDuration controls the caching of Github app credentials. This value is in minutes (default: 60)
 	EnvGithubAppCredsExpirationDuration = "ARGOCD_GITHUB_APP_CREDS_EXPIRATION_DURATION"
-	// EnvHelmIndexCacheDuration controls how the helm repository index file is cached for (default: 0)
-	EnvHelmIndexCacheDuration = "ARGOCD_HELM_INDEX_CACHE_DURATION"
-	// EnvRepoServerConfigPath allows to override the configuration path for repo server
-	EnvAppConfigPath = "ARGOCD_APP_CONF_PATH"
 )
 
 const (

controller/appcontroller.go

@@ -39,22 +39,22 @@ import (
 	// make sure to register workqueue prometheus metrics
 	_ "k8s.io/component-base/metrics/prometheus/workqueue"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	statecache "github.com/argoproj/argo-cd/v2/controller/cache"
-	"github.com/argoproj/argo-cd/v2/controller/metrics"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application"
-	appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned"
-	"github.com/argoproj/argo-cd/v2/pkg/client/informers/externalversions/application/v1alpha1"
-	applisters "github.com/argoproj/argo-cd/v2/pkg/client/listers/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	"github.com/argoproj/argo-cd/v2/util/argo"
-	appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate"
-	"github.com/argoproj/argo-cd/v2/util/db"
-	"github.com/argoproj/argo-cd/v2/util/errors"
-	"github.com/argoproj/argo-cd/v2/util/glob"
-	logutils "github.com/argoproj/argo-cd/v2/util/log"
-	settings_util "github.com/argoproj/argo-cd/v2/util/settings"
+	"github.com/argoproj/argo-cd/common"
+	statecache "github.com/argoproj/argo-cd/controller/cache"
+	"github.com/argoproj/argo-cd/controller/metrics"
+	"github.com/argoproj/argo-cd/pkg/apis/application"
+	appv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appclientset "github.com/argoproj/argo-cd/pkg/client/clientset/versioned"
+	"github.com/argoproj/argo-cd/pkg/client/informers/externalversions/application/v1alpha1"
+	applisters "github.com/argoproj/argo-cd/pkg/client/listers/application/v1alpha1"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	"github.com/argoproj/argo-cd/util/argo"
+	appstatecache "github.com/argoproj/argo-cd/util/cache/appstate"
+	"github.com/argoproj/argo-cd/util/db"
+	"github.com/argoproj/argo-cd/util/errors"
+	"github.com/argoproj/argo-cd/util/glob"
+	logutils "github.com/argoproj/argo-cd/util/log"
+	settings_util "github.com/argoproj/argo-cd/util/settings"
 )
 
 const (
@@ -413,13 +413,11 @@ func (ctrl *ApplicationController) getAppHosts(a *appv1.Application, appNodes []
 			appPods[kube.NewResourceKey(node.Group, node.Kind, node.Namespace, node.Name)] = true
 		}
 	}
-
 	allNodesInfo := map[string]statecache.NodeInfo{}
 	allPodsByNode := map[string][]statecache.PodInfo{}
 	appPodsByNode := map[string][]statecache.PodInfo{}
 	err := ctrl.stateCache.IterateResources(a.Spec.Destination.Server, func(res *clustercache.Resource, info *statecache.ResourceInfo) {
 		key := res.ResourceKey()
-
 		switch {
 		case info.NodeInfo != nil && key.Group == "" && key.Kind == "Node":
 			allNodesInfo[key.Name] = *info.NodeInfo
@@ -466,7 +464,7 @@ func (ctrl *ApplicationController) getAppHosts(a *appv1.Application, appNodes []
 
 		for _, pod := range neighbors {
 			for name, resource := range pod.ResourceRequests {
-				if !supportedResourceNames[name] || pod.Phase == v1.PodSucceeded || pod.Phase == v1.PodFailed {
+				if !supportedResourceNames[name] {
 					continue
 				}
 				info := resources[name]
@@ -664,18 +662,6 @@ func (ctrl *ApplicationController) processAppOperationQueueItem() (processNext b
 	}
 	app := origApp.DeepCopy()
 
-	if app.Operation != nil {
-		// If we get here, we are about process an operation but we cannot rely on informer since it might has stale data.
-		// So always retrieve the latest version to ensure it is not stale to avoid unnecessary syncing.
-		// This code should be deleted when https://github.com/argoproj/argo-cd/pull/6294 is implemented.
-		freshApp, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(ctrl.namespace).Get(context.Background(), app.ObjectMeta.Name, metav1.GetOptions{})
-		if err != nil {
-			log.Errorf("Failed to retrieve latest application state: %v", err)
-			return
-		}
-		app = freshApp
-	}
-
 	if app.Operation != nil {
 		ctrl.processRequestedAppOperation(app)
 	} else if app.DeletionTimestamp != nil && app.CascadedDeletion() {
@@ -853,16 +839,9 @@ func (ctrl *ApplicationController) finalizeApplicationDeletion(app *appv1.Applic
 	config := metrics.AddMetricsTransportWrapper(ctrl.metricsServer, app, cluster.RESTConfig())
 
 	filteredObjs := FilterObjectsForDeletion(objs)
-
-	propagationPolicy := metav1.DeletePropagationForeground
-	if app.GetPropagationPolicy() == common.BackgroundPropagationPolicyFinalizer {
-		propagationPolicy = metav1.DeletePropagationBackground
-	}
-	logCtx.Infof("Deleting application's resources with %s propagation policy", propagationPolicy)
-
 	err = kube.RunAllAsync(len(filteredObjs), func(i int) error {
 		obj := filteredObjs[i]
-		return ctrl.kubectl.DeleteResource(context.Background(), config, obj.GroupVersionKind(), obj.GetName(), obj.GetNamespace(), metav1.DeleteOptions{PropagationPolicy: &propagationPolicy})
+		return ctrl.kubectl.DeleteResource(context.Background(), config, obj.GroupVersionKind(), obj.GetName(), obj.GetNamespace(), false)
 	})
 	if err != nil {
 		return objs, err
@@ -890,8 +869,14 @@ func (ctrl *ApplicationController) finalizeApplicationDeletion(app *appv1.Applic
 	if err != nil {
 		return objs, err
 	}
-
-	err = ctrl.removeCascadeFinalizer(app)
+	app.SetCascadedDeletion(false)
+	var patch []byte
+	patch, _ = json.Marshal(map[string]interface{}{
+		"metadata": map[string]interface{}{
+			"finalizers": app.Finalizers,
+		},
+	})
+	_, err = ctrl.applicationClientset.ArgoprojV1alpha1().Applications(app.Namespace).Patch(context.Background(), app.Name, types.MergePatchType, patch, metav1.PatchOptions{})
 	if err != nil {
 		return objs, err
 	}
@@ -901,19 +886,6 @@ func (ctrl *ApplicationController) finalizeApplicationDeletion(app *appv1.Applic
 	return objs, nil
 }
 
-func (ctrl *ApplicationController) removeCascadeFinalizer(app *appv1.Application) error {
-	app.UnSetCascadedDeletion()
-	var patch []byte
-	patch, _ = json.Marshal(map[string]interface{}{
-		"metadata": map[string]interface{}{
-			"finalizers": app.Finalizers,
-		},
-	})
-
-	_, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(app.Namespace).Patch(context.Background(), app.Name, types.MergePatchType, patch, metav1.PatchOptions{})
-	return err
-}
-
 func (ctrl *ApplicationController) setAppCondition(app *appv1.Application, condition appv1.ApplicationCondition) {
 	// do nothing if app already has same condition
 	for _, c := range app.Status.Conditions {
@@ -956,6 +928,20 @@ func (ctrl *ApplicationController) processRequestedAppOperation(app *appv1.Appli
 	}()
 	terminating := false
 	if isOperationInProgress(app) {
+		// If we get here, we are about process an operation but we notice it is already in progress.
+		// We need to detect if the app object we pulled off the informer is stale and doesn't
+		// reflect the fact that the operation is completed. We don't want to perform the operation
+		// again. To detect this, always retrieve the latest version to ensure it is not stale.
+		freshApp, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(ctrl.namespace).Get(context.Background(), app.ObjectMeta.Name, metav1.GetOptions{})
+		if err != nil {
+			logCtx.Errorf("Failed to retrieve latest application state: %v", err)
+			return
+		}
+		if !isOperationInProgress(freshApp) {
+			logCtx.Infof("Skipping operation on stale application state")
+			return
+		}
+		app = freshApp
 		state = app.Status.OperationState.DeepCopy()
 		terminating = state.Phase == synccommon.OperationTerminating
 		// Failed  operation with retry strategy might have be in-progress and has completion time

controller/appcontroller_test.go

@@ -10,7 +10,7 @@ import (
 
 	clustercache "github.com/argoproj/gitops-engine/pkg/cache"
 
-	statecache "github.com/argoproj/argo-cd/v2/controller/cache"
+	statecache "github.com/argoproj/argo-cd/controller/cache"
 
 	"github.com/argoproj/gitops-engine/pkg/cache/mocks"
 	synccommon "github.com/argoproj/gitops-engine/pkg/sync/common"
@@ -29,16 +29,16 @@ import (
 	kubetesting "k8s.io/client-go/testing"
 	"k8s.io/client-go/tools/cache"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	mockstatecache "github.com/argoproj/argo-cd/v2/controller/cache/mocks"
-	argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	mockrepoclient "github.com/argoproj/argo-cd/v2/reposerver/apiclient/mocks"
-	"github.com/argoproj/argo-cd/v2/test"
-	cacheutil "github.com/argoproj/argo-cd/v2/util/cache"
-	appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate"
-	"github.com/argoproj/argo-cd/v2/util/settings"
+	"github.com/argoproj/argo-cd/common"
+	mockstatecache "github.com/argoproj/argo-cd/controller/cache/mocks"
+	argoappv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appclientset "github.com/argoproj/argo-cd/pkg/client/clientset/versioned/fake"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	mockrepoclient "github.com/argoproj/argo-cd/reposerver/apiclient/mocks"
+	"github.com/argoproj/argo-cd/test"
+	cacheutil "github.com/argoproj/argo-cd/util/cache"
+	appstatecache "github.com/argoproj/argo-cd/util/cache/appstate"
+	"github.com/argoproj/argo-cd/util/settings"
 )
 
 type namespacedResource struct {

controller/cache/cache.go

@@ -18,14 +18,14 @@ import (
 	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/client-go/tools/cache"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/controller/metrics"
-	appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/argo"
-	"github.com/argoproj/argo-cd/v2/util/db"
-	logutils "github.com/argoproj/argo-cd/v2/util/log"
-	"github.com/argoproj/argo-cd/v2/util/lua"
-	"github.com/argoproj/argo-cd/v2/util/settings"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/controller/metrics"
+	appv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/argo"
+	"github.com/argoproj/argo-cd/util/db"
+	logutils "github.com/argoproj/argo-cd/util/log"
+	"github.com/argoproj/argo-cd/util/lua"
+	"github.com/argoproj/argo-cd/util/settings"
 )
 
 type LiveStateCache interface {
@@ -56,7 +56,6 @@ type ObjectUpdatedHandler = func(managedByApp map[string]bool, ref v1.ObjectRefe
 type PodInfo struct {
 	NodeName         string
 	ResourceRequests v1.ResourceList
-	Phase            v1.PodPhase
 }
 
 type NodeInfo struct {

controller/cache/cache_test.go

@@ -9,7 +9,7 @@ import (
 	"github.com/argoproj/gitops-engine/pkg/cache/mocks"
 	"github.com/stretchr/testify/mock"
 
-	appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	appv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 )
 
 func TestHandleModEvent_HasChanges(t *testing.T) {

controller/cache/info.go

@@ -11,9 +11,9 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	resourcehelper "k8s.io/kubectl/pkg/util/resource"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/resource"
+	"github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/resource"
 )
 
 func populateNodeInfo(un *unstructured.Unstructured, res *ResourceInfo) {
@@ -324,7 +324,7 @@ func populatePodInfo(un *unstructured.Unstructured, res *ResourceInfo) {
 	}
 
 	req, _ := resourcehelper.PodRequestsAndLimits(&pod)
-	res.PodInfo = &PodInfo{NodeName: pod.Spec.NodeName, ResourceRequests: req, Phase: pod.Status.Phase}
+	res.PodInfo = &PodInfo{NodeName: pod.Spec.NodeName, ResourceRequests: req}
 
 	res.Info = append(res.Info, v1alpha1.InfoItem{Name: "Node", Value: pod.Spec.NodeName})
 	res.Info = append(res.Info, v1alpha1.InfoItem{Name: "Containers", Value: fmt.Sprintf("%d/%d", readyContainers, totalContainers)})

controller/cache/info_test.go

@@ -15,7 +15,7 @@ import (
 	v1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 )
 
 func strToUnstructured(jsonStr string) *unstructured.Unstructured {

controller/cache/mocks/LiveStateCache.go

@@ -7,7 +7,7 @@ import (
 
 	cache "github.com/argoproj/gitops-engine/pkg/cache"
 
-	controllercache "github.com/argoproj/argo-cd/v2/controller/cache"
+	controllercache "github.com/argoproj/argo-cd/controller/cache"
 
 	kube "github.com/argoproj/gitops-engine/pkg/utils/kube"
 
@@ -19,7 +19,7 @@ import (
 
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	v1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	v1alpha1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 )
 
 // LiveStateCache is an autogenerated mock type for the LiveStateCache type

controller/clusterinfoupdater.go

@@ -10,12 +10,12 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 
-	"github.com/argoproj/argo-cd/v2/controller/metrics"
-	appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/pkg/client/listers/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/argo"
-	appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate"
-	"github.com/argoproj/argo-cd/v2/util/db"
+	"github.com/argoproj/argo-cd/controller/metrics"
+	appv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/pkg/client/listers/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/argo"
+	appstatecache "github.com/argoproj/argo-cd/util/cache/appstate"
+	"github.com/argoproj/argo-cd/util/db"
 )
 
 const (

controller/clusterinfoupdater_test.go

@@ -6,14 +6,14 @@ import (
 	"testing"
 	"time"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appsfake "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake"
-	appinformers "github.com/argoproj/argo-cd/v2/pkg/client/informers/externalversions/application/v1alpha1"
-	applisters "github.com/argoproj/argo-cd/v2/pkg/client/listers/application/v1alpha1"
-	cacheutil "github.com/argoproj/argo-cd/v2/util/cache"
-	"github.com/argoproj/argo-cd/v2/util/cache/appstate"
-	"github.com/argoproj/argo-cd/v2/util/db"
-	"github.com/argoproj/argo-cd/v2/util/settings"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appsfake "github.com/argoproj/argo-cd/pkg/client/clientset/versioned/fake"
+	appinformers "github.com/argoproj/argo-cd/pkg/client/informers/externalversions/application/v1alpha1"
+	applisters "github.com/argoproj/argo-cd/pkg/client/listers/application/v1alpha1"
+	cacheutil "github.com/argoproj/argo-cd/util/cache"
+	"github.com/argoproj/argo-cd/util/cache/appstate"
+	"github.com/argoproj/argo-cd/util/db"
+	"github.com/argoproj/argo-cd/util/settings"
 
 	clustercache "github.com/argoproj/gitops-engine/pkg/cache"
 	"github.com/stretchr/testify/assert"

controller/metrics/metrics.go

@@ -16,10 +16,10 @@ import (
 	log "github.com/sirupsen/logrus"
 	"k8s.io/apimachinery/pkg/labels"
 
-	argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	applister "github.com/argoproj/argo-cd/v2/pkg/client/listers/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/git"
-	"github.com/argoproj/argo-cd/v2/util/healthz"
+	argoappv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	applister "github.com/argoproj/argo-cd/pkg/client/listers/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/git"
+	"github.com/argoproj/argo-cd/util/healthz"
 )
 
 type MetricsServer struct {

controller/metrics/metrics_test.go

@@ -17,10 +17,10 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/client-go/tools/cache"
 
-	argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake"
-	appinformer "github.com/argoproj/argo-cd/v2/pkg/client/informers/externalversions"
-	applister "github.com/argoproj/argo-cd/v2/pkg/client/listers/application/v1alpha1"
+	argoappv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appclientset "github.com/argoproj/argo-cd/pkg/client/clientset/versioned/fake"
+	appinformer "github.com/argoproj/argo-cd/pkg/client/informers/externalversions"
+	applister "github.com/argoproj/argo-cd/pkg/client/listers/application/v1alpha1"
 )
 
 const fakeApp = `

controller/metrics/transportwrapper.go

@@ -6,7 +6,7 @@ import (
 	"github.com/argoproj/pkg/kubeclientmetrics"
 	"k8s.io/client-go/rest"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 )
 
 // AddMetricsTransportWrapper adds a transport wrapper which increments 'argocd_app_k8s_request_total' counter on each kubernetes request

controller/sharding/sharding.go

@@ -7,7 +7,7 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 )
 
 func InferShard() (int, error) {
@@ -26,8 +26,8 @@ func InferShard() (int, error) {
 	return shard, nil
 }
 
-// GetShardByID calculates cluster shard as `clusterSecret.UID % replicas count`
-func GetShardByID(id string, replicas int) int {
+// getShardByID calculates cluster shard as `clusterSecret.UID % replicas count`
+func getShardByID(id string, replicas int) int {
 	if id == "" {
 		return 0
 	} else {
@@ -45,7 +45,7 @@ func GetClusterFilter(replicas int, shard int) func(c *v1alpha1.Cluster) bool {
 			if c.Shard != nil {
 				clusterShard = int(*c.Shard)
 			} else {
-				clusterShard = GetShardByID(c.ID, replicas)
+				clusterShard = getShardByID(c.ID, replicas)
 			}
 		}
 		return clusterShard == shard

controller/sharding/sharding_test.go

@@ -3,20 +3,20 @@ package sharding
 import (
 	"testing"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 
 	"github.com/stretchr/testify/assert"
 )
 
 func TestGetShardByID_NotEmptyID(t *testing.T) {
-	assert.Equal(t, 0, GetShardByID("1", 2))
-	assert.Equal(t, 1, GetShardByID("2", 2))
-	assert.Equal(t, 0, GetShardByID("3", 2))
-	assert.Equal(t, 1, GetShardByID("4", 2))
+	assert.Equal(t, 0, getShardByID("1", 2))
+	assert.Equal(t, 1, getShardByID("2", 2))
+	assert.Equal(t, 0, getShardByID("3", 2))
+	assert.Equal(t, 1, getShardByID("4", 2))
 }
 
 func TestGetShardByID_EmptyID(t *testing.T) {
-	shard := GetShardByID("", 10)
+	shard := getShardByID("", 10)
 	assert.Equal(t, 0, shard)
 }
 

controller/state.go

@@ -22,21 +22,21 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/client-go/tools/cache"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	statecache "github.com/argoproj/argo-cd/v2/controller/cache"
-	"github.com/argoproj/argo-cd/v2/controller/metrics"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	"github.com/argoproj/argo-cd/v2/util/argo"
-	appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate"
-	"github.com/argoproj/argo-cd/v2/util/db"
-	"github.com/argoproj/argo-cd/v2/util/gpg"
-	argohealth "github.com/argoproj/argo-cd/v2/util/health"
-	"github.com/argoproj/argo-cd/v2/util/io"
-	"github.com/argoproj/argo-cd/v2/util/settings"
-	"github.com/argoproj/argo-cd/v2/util/stats"
+	"github.com/argoproj/argo-cd/common"
+	statecache "github.com/argoproj/argo-cd/controller/cache"
+	"github.com/argoproj/argo-cd/controller/metrics"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	appclientset "github.com/argoproj/argo-cd/pkg/client/clientset/versioned"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	"github.com/argoproj/argo-cd/util/argo"
+	appstatecache "github.com/argoproj/argo-cd/util/cache/appstate"
+	"github.com/argoproj/argo-cd/util/db"
+	"github.com/argoproj/argo-cd/util/gpg"
+	argohealth "github.com/argoproj/argo-cd/util/health"
+	"github.com/argoproj/argo-cd/util/io"
+	"github.com/argoproj/argo-cd/util/settings"
+	"github.com/argoproj/argo-cd/util/stats"
 )
 
 type resourceInfoProviderStub struct {
@@ -275,29 +275,34 @@ func verifyGnuPGSignature(revision string, project *appv1.AppProject, manifestIn
 	conditions := make([]appv1.ApplicationCondition, 0)
 	// We need to have some data in the verification result to parse, otherwise there was no signature
 	if manifestInfo.VerifyResult != "" {
-		verifyResult := gpg.ParseGitCommitVerification(manifestInfo.VerifyResult)
-		switch verifyResult.Result {
-		case gpg.VerifyResultGood:
-			// This is the only case we allow to sync to, but we need to make sure signing key is allowed
-			validKey := false
-			for _, k := range project.Spec.SignatureKeys {
-				if gpg.KeyID(k.KeyID) == gpg.KeyID(verifyResult.KeyID) && gpg.KeyID(k.KeyID) != "" {
-					validKey = true
-					break
+		verifyResult, err := gpg.ParseGitCommitVerification(manifestInfo.VerifyResult)
+		if err != nil {
+			conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now})
+			log.Errorf("Error while verifying git commit for revision %s: %s", revision, err.Error())
+		} else {
+			switch verifyResult.Result {
+			case gpg.VerifyResultGood:
+				// This is the only case we allow to sync to, but we need to make sure signing key is allowed
+				validKey := false
+				for _, k := range project.Spec.SignatureKeys {
+					if gpg.KeyID(k.KeyID) == gpg.KeyID(verifyResult.KeyID) && gpg.KeyID(k.KeyID) != "" {
+						validKey = true
+						break
+					}
 				}
-			}
-			if !validKey {
-				msg := fmt.Sprintf("Found good signature made with %s key %s, but this key is not allowed in AppProject",
-					verifyResult.Cipher, verifyResult.KeyID)
+				if !validKey {
+					msg := fmt.Sprintf("Found good signature made with %s key %s, but this key is not allowed in AppProject",
+						verifyResult.Cipher, verifyResult.KeyID)
+					conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now})
+				}
+			case gpg.VerifyResultInvalid:
+				msg := fmt.Sprintf("Found signature made with %s key %s, but verification result was invalid: '%s'",
+					verifyResult.Cipher, verifyResult.KeyID, verifyResult.Message)
+				conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now})
+			default:
+				msg := fmt.Sprintf("Could not verify commit signature on revision '%s', check logs for more information.", revision)
 				conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now})
 			}
-		case gpg.VerifyResultInvalid:
-			msg := fmt.Sprintf("Found signature made with %s key %s, but verification result was invalid: '%s'",
-				verifyResult.Cipher, verifyResult.KeyID, verifyResult.Message)
-			conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now})
-		default:
-			msg := fmt.Sprintf("Could not verify commit signature on revision '%s', check logs for more information.", revision)
-			conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now})
 		}
 	} else {
 		msg := fmt.Sprintf("Target revision %s in Git is not signed, but a signature is required", revision)
@@ -348,11 +353,9 @@ func (m *appStateManager) diffArrayCached(configArray []*unstructured.Unstructur
 			}
 			dr = res
 		}
-		if dr != nil {
-			diffResultList.Diffs[i] = *dr
-			if dr.Modified {
-				diffResultList.Modified = true
-			}
+		diffResultList.Diffs[i] = *dr
+		if dr != nil && dr.Modified {
+			diffResultList.Modified = true
 		}
 	}
 

controller/state_test.go

@@ -17,10 +17,10 @@ import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
 
-	"github.com/argoproj/argo-cd/v2/common"
-	argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	"github.com/argoproj/argo-cd/v2/test"
+	"github.com/argoproj/argo-cd/common"
+	argoappv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	"github.com/argoproj/argo-cd/test"
 )
 
 // TestCompareAppStateEmpty tests comparison when both git and live have no objects

controller/sync.go

@@ -16,14 +16,14 @@ import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 
-	cdcommon "github.com/argoproj/argo-cd/v2/common"
-	"github.com/argoproj/argo-cd/v2/controller/metrics"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	listersv1alpha1 "github.com/argoproj/argo-cd/v2/pkg/client/listers/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/argo"
-	logutils "github.com/argoproj/argo-cd/v2/util/log"
-	"github.com/argoproj/argo-cd/v2/util/lua"
-	"github.com/argoproj/argo-cd/v2/util/rand"
+	cdcommon "github.com/argoproj/argo-cd/common"
+	"github.com/argoproj/argo-cd/controller/metrics"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	listersv1alpha1 "github.com/argoproj/argo-cd/pkg/client/listers/application/v1alpha1"
+	"github.com/argoproj/argo-cd/util/argo"
+	logutils "github.com/argoproj/argo-cd/util/log"
+	"github.com/argoproj/argo-cd/util/lua"
+	"github.com/argoproj/argo-cd/util/rand"
 )
 
 var syncIdPrefix uint64 = 0
@@ -136,16 +136,6 @@ func (m *appStateManager) SyncAppState(app *v1alpha1.Application, state *v1alpha
 		})
 	}
 
-	prunePropagationPolicy := v1.DeletePropagationForeground
-	switch {
-	case syncOp.SyncOptions.HasOption("PrunePropagationPolicy=background"):
-		prunePropagationPolicy = v1.DeletePropagationBackground
-	case syncOp.SyncOptions.HasOption("PrunePropagationPolicy=foreground"):
-		prunePropagationPolicy = v1.DeletePropagationForeground
-	case syncOp.SyncOptions.HasOption("PrunePropagationPolicy=orphan"):
-		prunePropagationPolicy = v1.DeletePropagationOrphan
-	}
-
 	syncCtx, err := sync.NewSyncContext(
 		compareResult.syncStatus.Revision,
 		compareResult.reconciliationResult,
@@ -169,7 +159,7 @@ func (m *appStateManager) SyncAppState(app *v1alpha1.Application, state *v1alpha
 		sync.WithResourcesFilter(func(key kube.ResourceKey, target *unstructured.Unstructured, live *unstructured.Unstructured) bool {
 			return len(syncOp.Resources) == 0 || argo.ContainsSyncResource(key.Name, key.Namespace, schema.GroupVersionKind{Kind: key.Kind, Group: key.Group}, syncOp.Resources)
 		}),
-		sync.WithManifestValidation(!syncOp.SyncOptions.HasOption(common.SyncOptionsDisableValidation)),
+		sync.WithManifestValidation(!syncOp.SyncOptions.HasOption("Validate=false")),
 		sync.WithNamespaceCreation(syncOp.SyncOptions.HasOption("CreateNamespace=true"), func(un *unstructured.Unstructured) bool {
 			if un != nil && kube.GetAppInstanceLabel(un, cdcommon.LabelKeyAppInstance) != "" {
 				kube.UnsetLabel(un, cdcommon.LabelKeyAppInstance)
@@ -178,10 +168,8 @@ func (m *appStateManager) SyncAppState(app *v1alpha1.Application, state *v1alpha
 			return false
 		}),
 		sync.WithSyncWaveHook(delayBetweenSyncWaves),
-		sync.WithPruneLast(syncOp.SyncOptions.HasOption(common.SyncOptionPruneLast)),
+		sync.WithPruneLast(syncOp.SyncOptions.HasOption("PruneLast=true")),
 		sync.WithResourceModificationChecker(syncOp.SyncOptions.HasOption("ApplyOutOfSyncOnly=true"), compareResult.diffResultList),
-		sync.WithPrunePropagationPolicy(&prunePropagationPolicy),
-		sync.WithReplace(syncOp.SyncOptions.HasOption(common.SyncOptionReplace)),
 	)
 
 	if err != nil {

controller/sync_test.go

@@ -11,9 +11,9 @@ import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
 
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	"github.com/argoproj/argo-cd/v2/test"
+	"github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
+	"github.com/argoproj/argo-cd/reposerver/apiclient"
+	"github.com/argoproj/argo-cd/test"
 )
 
 func TestPersistRevisionHistory(t *testing.T) {

docs/CONTRIBUTING.md

@@ -1 +0,0 @@
-Please refer to [the Contribution Guide](https://argo-cd.readthedocs.io/en/latest/developer-guide/contributing/)

docs/SUPPORT.md

@@ -1,6 +0,0 @@
-# Support
-
-1. Make sure you've read [understanding the basics](understand_the_basics.md) the [getting started guide](getting_started.md).
-2. Looked for an answer in [the frequently asked questions](faq.md).
-3. Ask a question in [the Argo CD Slack channel ⧉](https://argoproj.github.io/community/join-slack).
-4. [Read issues, report a bug, or request a feature ⧉](https://github.com/argoproj/argo-cd/issues).