mirror of
https://github.com/argoproj/argo-cd.git
synced 2026-02-25 20:18:50 +01:00
Compare commits
45 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
86b2dde8e4 | ||
|
|
d3d228f19d | ||
|
|
e8f37d79aa | ||
|
|
93d3fe60ae | ||
|
|
fba15018bd | ||
|
|
57562de259 | ||
|
|
3b8b4c16dd | ||
|
|
ff20becb13 | ||
|
|
67a13bbe6e | ||
|
|
140fbccd09 | ||
|
|
b9cbfadf15 | ||
|
|
7ac6a6b500 | ||
|
|
afe1eaad6a | ||
|
|
bb21fcb3db | ||
|
|
73be2c9912 | ||
|
|
158e2883f6 | ||
|
|
0137050ef5 | ||
|
|
21ea86a827 | ||
|
|
524032ee39 | ||
|
|
5bb97700c4 | ||
|
|
0a170ca457 | ||
|
|
1523d89df8 | ||
|
|
0c7de210ae | ||
|
|
2c7d99b9ae | ||
|
|
4b53a60b11 | ||
|
|
114a4bf140 | ||
|
|
b20dbf5cf5 | ||
|
|
02bba2397b | ||
|
|
cb21483053 | ||
|
|
279a58b05b | ||
|
|
e01509a31f | ||
|
|
b40b62f1b2 | ||
|
|
ad49186498 | ||
|
|
f000a73a3a | ||
|
|
2a6f07aea2 | ||
|
|
16042390d7 | ||
|
|
70a9f9047e | ||
|
|
0366e0153d | ||
|
|
0a34eb18e8 | ||
|
|
787dccd85a | ||
|
|
16b2fd3cc9 | ||
|
|
b72f6df58a | ||
|
|
91fcd86bf1 | ||
|
|
2c1a8a9a22 | ||
|
|
64b29fee1b |
64
.github/workflows/ci-build.yaml
vendored
64
.github/workflows/ci-build.yaml
vendored
@@ -27,9 +27,9 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
- name: Setup Golang
|
||||
uses: actions/setup-go@v3
|
||||
uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3.4.0
|
||||
with:
|
||||
go-version: ${{ env.GOLANG_VERSION }}
|
||||
- name: Download all Go modules
|
||||
@@ -45,13 +45,13 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
- name: Setup Golang
|
||||
uses: actions/setup-go@v3
|
||||
uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3.4.0
|
||||
with:
|
||||
go-version: ${{ env.GOLANG_VERSION }}
|
||||
- name: Restore go build cache
|
||||
uses: actions/cache@v1
|
||||
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3.0.11
|
||||
with:
|
||||
path: ~/.cache/go-build
|
||||
key: ${{ runner.os }}-go-build-v1-${{ github.run_id }}
|
||||
@@ -69,13 +69,13 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
- name: Setup Golang
|
||||
uses: actions/setup-go@v3
|
||||
uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3.4.0
|
||||
with:
|
||||
go-version: ${{ env.GOLANG_VERSION }}
|
||||
- name: Run golangci-lint
|
||||
uses: golangci/golangci-lint-action@v3
|
||||
uses: golangci/golangci-lint-action@0ad9a0988b3973e851ab0a07adf248ec2e100376 # v3.3.1
|
||||
with:
|
||||
version: v1.46.2
|
||||
args: --timeout 10m --exclude SA5011 --verbose
|
||||
@@ -92,11 +92,11 @@ jobs:
|
||||
- name: Create checkout directory
|
||||
run: mkdir -p ~/go/src/github.com/argoproj
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
- name: Create symlink in GOPATH
|
||||
run: ln -s $(pwd) ~/go/src/github.com/argoproj/argo-cd
|
||||
- name: Setup Golang
|
||||
uses: actions/setup-go@v3
|
||||
uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3.4.0
|
||||
with:
|
||||
go-version: ${{ env.GOLANG_VERSION }}
|
||||
- name: Install required packages
|
||||
@@ -116,7 +116,7 @@ jobs:
|
||||
run: |
|
||||
echo "/usr/local/bin" >> $GITHUB_PATH
|
||||
- name: Restore go build cache
|
||||
uses: actions/cache@v1
|
||||
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3.0.11
|
||||
with:
|
||||
path: ~/.cache/go-build
|
||||
key: ${{ runner.os }}-go-build-v1-${{ github.run_id }}
|
||||
@@ -133,12 +133,12 @@ jobs:
|
||||
- name: Run all unit tests
|
||||
run: make test-local
|
||||
- name: Generate code coverage artifacts
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3.1.1
|
||||
with:
|
||||
name: code-coverage
|
||||
path: coverage.out
|
||||
- name: Generate test results artifacts
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3.1.1
|
||||
with:
|
||||
name: test-results
|
||||
path: test-results/
|
||||
@@ -155,11 +155,11 @@ jobs:
|
||||
- name: Create checkout directory
|
||||
run: mkdir -p ~/go/src/github.com/argoproj
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
- name: Create symlink in GOPATH
|
||||
run: ln -s $(pwd) ~/go/src/github.com/argoproj/argo-cd
|
||||
- name: Setup Golang
|
||||
uses: actions/setup-go@v3
|
||||
uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3.4.0
|
||||
with:
|
||||
go-version: ${{ env.GOLANG_VERSION }}
|
||||
- name: Install required packages
|
||||
@@ -179,7 +179,7 @@ jobs:
|
||||
run: |
|
||||
echo "/usr/local/bin" >> $GITHUB_PATH
|
||||
- name: Restore go build cache
|
||||
uses: actions/cache@v1
|
||||
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3.0.11
|
||||
with:
|
||||
path: ~/.cache/go-build
|
||||
key: ${{ runner.os }}-go-build-v1-${{ github.run_id }}
|
||||
@@ -196,7 +196,7 @@ jobs:
|
||||
- name: Run all unit tests
|
||||
run: make test-race-local
|
||||
- name: Generate test results artifacts
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3.1.1
|
||||
with:
|
||||
name: race-results
|
||||
path: test-results/
|
||||
@@ -206,9 +206,9 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
- name: Setup Golang
|
||||
uses: actions/setup-go@v3
|
||||
uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3.4.0
|
||||
with:
|
||||
go-version: ${{ env.GOLANG_VERSION }}
|
||||
- name: Create symlink in GOPATH
|
||||
@@ -250,14 +250,14 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
- name: Setup NodeJS
|
||||
uses: actions/setup-node@v1
|
||||
uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # v3.5.1
|
||||
with:
|
||||
node-version: '12.18.4'
|
||||
- name: Restore node dependency cache
|
||||
id: cache-dependencies
|
||||
uses: actions/cache@v1
|
||||
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3.0.11
|
||||
with:
|
||||
path: ui/node_modules
|
||||
key: ${{ runner.os }}-node-dep-v2-${{ hashFiles('**/yarn.lock') }}
|
||||
@@ -287,12 +287,12 @@ jobs:
|
||||
sonar_secret: ${{ secrets.SONAR_TOKEN }}
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Restore node dependency cache
|
||||
id: cache-dependencies
|
||||
uses: actions/cache@v1
|
||||
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3.0.11
|
||||
with:
|
||||
path: ui/node_modules
|
||||
key: ${{ runner.os }}-node-dep-v2-${{ hashFiles('**/yarn.lock') }}
|
||||
@@ -303,16 +303,16 @@ jobs:
|
||||
run: |
|
||||
mkdir -p test-results
|
||||
- name: Get code coverage artifiact
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # v3.0.1
|
||||
with:
|
||||
name: code-coverage
|
||||
- name: Get test result artifact
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # v3.0.1
|
||||
with:
|
||||
name: test-results
|
||||
path: test-results
|
||||
- name: Upload code coverage information to codecov.io
|
||||
uses: codecov/codecov-action@v1
|
||||
uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70 # v3.1.1
|
||||
with:
|
||||
file: coverage.out
|
||||
- name: Perform static code analysis using SonarCloud
|
||||
@@ -366,9 +366,9 @@ jobs:
|
||||
GITLAB_TOKEN: ${{ secrets.E2E_TEST_GITLAB_TOKEN }}
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
- name: Setup Golang
|
||||
uses: actions/setup-go@v3
|
||||
uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3.4.0
|
||||
with:
|
||||
go-version: ${{ env.GOLANG_VERSION }}
|
||||
- name: GH actions workaround - Kill XSP4 process
|
||||
@@ -386,7 +386,7 @@ jobs:
|
||||
sudo chown runner $HOME/.kube/config
|
||||
kubectl version
|
||||
- name: Restore go build cache
|
||||
uses: actions/cache@v1
|
||||
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3.0.11
|
||||
with:
|
||||
path: ~/.cache/go-build
|
||||
key: ${{ runner.os }}-go-build-v1-${{ github.run_id }}
|
||||
@@ -412,7 +412,7 @@ jobs:
|
||||
git config --global user.email "john.doe@example.com"
|
||||
- name: Pull Docker image required for tests
|
||||
run: |
|
||||
docker pull ghcr.io/dexidp/dex:v2.35.3-distroless
|
||||
docker pull ghcr.io/dexidp/dex:v2.35.3
|
||||
docker pull argoproj/argo-cd-ci-builder:v1.0.0
|
||||
docker pull redis:7.0.5-alpine
|
||||
- name: Create target directory for binaries in the build-process
|
||||
@@ -442,7 +442,7 @@ jobs:
|
||||
set -x
|
||||
make test-e2e-local
|
||||
- name: Upload e2e-server logs
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3.1.1
|
||||
with:
|
||||
name: e2e-server-k8s${{ matrix.k3s-version }}.log
|
||||
path: /tmp/e2e-server.log
|
||||
|
||||
8
.github/workflows/codeql.yml
vendored
8
.github/workflows/codeql.yml
vendored
@@ -29,11 +29,11 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
uses: github/codeql-action/init@8aff97f12c99086bdb92ff62ae06dbbcdf07941b # v2.1.33
|
||||
# Override language selection by uncommenting this and choosing your languages
|
||||
# with:
|
||||
# languages: go, javascript, csharp, python, cpp, java
|
||||
@@ -41,7 +41,7 @@ jobs:
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
||||
# If this step fails, then you should remove it and run the build manually (see below)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v2
|
||||
uses: github/codeql-action/autobuild@8aff97f12c99086bdb92ff62ae06dbbcdf07941b # v2.1.33
|
||||
|
||||
# ℹ️ Command-line programs to run using the OS shell.
|
||||
# 📚 https://git.io/JvXDl
|
||||
@@ -55,4 +55,4 @@ jobs:
|
||||
# make release
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
uses: github/codeql-action/analyze@8aff97f12c99086bdb92ff62ae06dbbcdf07941b # v2.1.33
|
||||
|
||||
16
.github/workflows/image.yaml
vendored
16
.github/workflows/image.yaml
vendored
@@ -28,22 +28,22 @@ jobs:
|
||||
env:
|
||||
GOPATH: /home/runner/work/argo-cd/argo-cd
|
||||
steps:
|
||||
- uses: actions/setup-go@v3
|
||||
- uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3.4.0
|
||||
with:
|
||||
go-version: ${{ env.GOLANG_VERSION }}
|
||||
- uses: actions/checkout@master
|
||||
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
with:
|
||||
path: src/github.com/argoproj/argo-cd
|
||||
|
||||
# get image tag
|
||||
- run: echo ::set-output name=tag::$(cat ./VERSION)-${GITHUB_SHA::8}
|
||||
- run: echo "tag=$(cat ./VERSION)-${GITHUB_SHA::8}" >> $GITHUB_OUTPUT
|
||||
working-directory: ./src/github.com/argoproj/argo-cd
|
||||
id: image
|
||||
|
||||
# login
|
||||
- run: |
|
||||
docker login ghcr.io --username $USERNAME --password $PASSWORD
|
||||
docker login quay.io --username "${DOCKER_USERNAME}" --password "${DOCKER_TOKEN}"
|
||||
docker login ghcr.io --username $USERNAME --password-stdin <<< "$PASSWORD"
|
||||
docker login quay.io --username "$DOCKER_USERNAME" --password-stdin <<< "$DOCKER_TOKEN"
|
||||
if: github.event_name == 'push'
|
||||
env:
|
||||
USERNAME: ${{ secrets.USERNAME }}
|
||||
@@ -52,8 +52,8 @@ jobs:
|
||||
DOCKER_TOKEN: ${{ secrets.RELEASE_QUAY_TOKEN }}
|
||||
|
||||
# build
|
||||
- uses: docker/setup-qemu-action@v2
|
||||
- uses: docker/setup-buildx-action@v2
|
||||
- uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
|
||||
- uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1
|
||||
- run: |
|
||||
IMAGE_PLATFORMS=linux/amd64
|
||||
if [[ "${{ github.event_name }}" == "push" || "${{ contains(github.event.pull_request.labels.*.name, 'test-arm-image') }}" == "true" ]]
|
||||
@@ -68,7 +68,7 @@ jobs:
|
||||
|
||||
# sign container images
|
||||
- name: Install cosign
|
||||
uses: sigstore/cosign-installer@main
|
||||
uses: sigstore/cosign-installer@9becc617647dfa20ae7b1151972e9b3a2c338a2b # v2.8.1
|
||||
with:
|
||||
cosign-release: 'v1.13.0'
|
||||
|
||||
|
||||
22
.github/workflows/release.yaml
vendored
22
.github/workflows/release.yaml
vendored
@@ -43,7 +43,7 @@ jobs:
|
||||
GIT_EMAIL: argoproj@gmail.com
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
with:
|
||||
fetch-depth: 0
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
@@ -147,7 +147,7 @@ jobs:
|
||||
echo "RELEASE_NOTES=${RELEASE_NOTES}" >> $GITHUB_ENV
|
||||
|
||||
- name: Setup Golang
|
||||
uses: actions/setup-go@v3
|
||||
uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3.4.0
|
||||
with:
|
||||
go-version: ${{ env.GOLANG_VERSION }}
|
||||
|
||||
@@ -195,13 +195,13 @@ jobs:
|
||||
QUAY_TOKEN: ${{ secrets.RELEASE_QUAY_TOKEN }}
|
||||
run: |
|
||||
set -ue
|
||||
docker login quay.io --username "${QUAY_USERNAME}" --password "${QUAY_TOKEN}"
|
||||
docker login quay.io --username "${QUAY_USERNAME}" --password-stdin <<< "${QUAY_TOKEN}"
|
||||
# Remove the following when Docker Hub is gone
|
||||
docker login --username "${DOCKER_USERNAME}" --password "${DOCKER_TOKEN}"
|
||||
docker login --username "${DOCKER_USERNAME}" --password-stdin <<< "${DOCKER_TOKEN}"
|
||||
if: ${{ env.DRY_RUN != 'true' }}
|
||||
|
||||
- uses: docker/setup-qemu-action@v2
|
||||
- uses: docker/setup-buildx-action@v2
|
||||
- uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
|
||||
- uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1
|
||||
- name: Build and push Docker image for release
|
||||
run: |
|
||||
set -ue
|
||||
@@ -215,7 +215,7 @@ jobs:
|
||||
if: ${{ env.DRY_RUN != 'true' }}
|
||||
|
||||
- name: Install cosign
|
||||
uses: sigstore/cosign-installer@main
|
||||
uses: sigstore/cosign-installer@9becc617647dfa20ae7b1151972e9b3a2c338a2b # v2.8.1
|
||||
with:
|
||||
cosign-release: 'v1.13.0'
|
||||
|
||||
@@ -232,7 +232,7 @@ jobs:
|
||||
|
||||
- name: Read release notes file
|
||||
id: release-notes
|
||||
uses: juliangruber/read-file-action@v1
|
||||
uses: juliangruber/read-file-action@02bbba9876a8f870efd4ad64e3b9088d3fb94d4b # v1.1.6
|
||||
with:
|
||||
path: ${{ env.RELEASE_NOTES }}
|
||||
|
||||
@@ -243,7 +243,7 @@ jobs:
|
||||
git push origin ${RELEASE_TAG}
|
||||
|
||||
- name: Dry run GitHub release
|
||||
uses: actions/create-release@v1
|
||||
uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e # v1.1.4
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
id: create_release
|
||||
@@ -295,7 +295,7 @@ jobs:
|
||||
if: ${{ env.DRY_RUN != 'true' }}
|
||||
|
||||
- name: Create GitHub release
|
||||
uses: softprops/action-gh-release@v1
|
||||
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
@@ -313,7 +313,7 @@ jobs:
|
||||
- name: Update homebrew formula
|
||||
env:
|
||||
HOMEBREW_TOKEN: ${{ secrets.RELEASE_HOMEBREW_TOKEN }}
|
||||
uses: dawidd6/action-homebrew-bump-formula@v3
|
||||
uses: dawidd6/action-homebrew-bump-formula@02e79d9da43d79efa846d73695b6052cbbdbf48a # v3.8.3
|
||||
with:
|
||||
token: ${{env.HOMEBREW_TOKEN}}
|
||||
formula: argocd
|
||||
|
||||
2
.github/workflows/update-snyk.yaml
vendored
2
.github/workflows/update-snyk.yaml
vendored
@@ -15,7 +15,7 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Build reports
|
||||
|
||||
4
Makefile
4
Makefile
@@ -512,7 +512,7 @@ build-docs-local:
|
||||
|
||||
.PHONY: build-docs
|
||||
build-docs:
|
||||
docker run ${MKDOCS_RUN_ARGS} --rm -it -p 8000:8000 -v ${CURRENT_DIR}:/docs ${MKDOCS_DOCKER_IMAGE} build
|
||||
docker run ${MKDOCS_RUN_ARGS} --rm -it -v ${CURRENT_DIR}:/docs --entrypoint "" ${MKDOCS_DOCKER_IMAGE} sh -c 'pip install -r docs/requirements.txt; mkdocs build'
|
||||
|
||||
.PHONY: serve-docs-local
|
||||
serve-docs-local:
|
||||
@@ -520,7 +520,7 @@ serve-docs-local:
|
||||
|
||||
.PHONY: serve-docs
|
||||
serve-docs:
|
||||
docker run ${MKDOCS_RUN_ARGS} --rm -it -p 8000:8000 -v ${CURRENT_DIR}:/docs ${MKDOCS_DOCKER_IMAGE} serve -a 0.0.0.0:8000
|
||||
docker run ${MKDOCS_RUN_ARGS} --rm -it -p 8000:8000 -v ${CURRENT_DIR}/site:/site -w /site --entrypoint "" ${MKDOCS_DOCKER_IMAGE} python3 -m http.server --bind 0.0.0.0 8000
|
||||
|
||||
|
||||
# Verify that kubectl can connect to your K8s cluster from Docker
|
||||
|
||||
1
USERS.md
1
USERS.md
@@ -160,6 +160,7 @@ Currently, the following organizations are **officially** using Argo CD:
|
||||
1. [Pipefy](https://www.pipefy.com/)
|
||||
1. [Pismo](https://pismo.io/)
|
||||
1. [Polarpoint.io](https://polarpoint.io)
|
||||
1. [PostFinance](https://github.com/postfinance)
|
||||
1. [Preferred Networks](https://preferred.jp/en/)
|
||||
1. [Productboard](https://www.productboard.com/)
|
||||
1. [Prudential](https://prudential.com.sg)
|
||||
|
||||
@@ -122,6 +122,15 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error initializing Azure Devops service: %v", err)
|
||||
}
|
||||
} else if providerConfig.Bitbucket != nil {
|
||||
appPassword, err := g.getSecretRef(ctx, providerConfig.Bitbucket.AppPasswordRef, applicationSetInfo.Namespace)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error fetching Bitbucket cloud appPassword: %v", err)
|
||||
}
|
||||
provider, err = scm_provider.NewBitBucketCloudProvider(ctx, providerConfig.Bitbucket.Owner, providerConfig.Bitbucket.User, appPassword, providerConfig.Bitbucket.AllBranches)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error initializing Bitbucket cloud service: %v", err)
|
||||
}
|
||||
} else {
|
||||
return nil, fmt.Errorf("no SCM provider implementation configured")
|
||||
}
|
||||
|
||||
@@ -4097,6 +4097,9 @@
|
||||
"appLabelKey": {
|
||||
"type": "string"
|
||||
},
|
||||
"appsInAnyNamespaceEnabled": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"configManagementPlugins": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
|
||||
@@ -33,7 +33,7 @@ func NewNotificationsCommand() *cobra.Command {
|
||||
var argocdService service.Service
|
||||
toolsCommand := cmd.NewToolsCommand(
|
||||
"notifications",
|
||||
"notifications",
|
||||
"argocd admin notifications",
|
||||
applications,
|
||||
settings.GetFactorySettings(argocdService, "argocd-notifications-secret", "argocd-notifications-cm"), func(clientConfig clientcmd.ClientConfig) {
|
||||
k8sCfg, err := clientConfig.ClientConfig()
|
||||
|
||||
@@ -203,6 +203,11 @@ func (s *Service) generateManifest(ctx context.Context, appDir string, envEntrie
|
||||
|
||||
manifests, err := kube.SplitYAMLToString([]byte(out))
|
||||
if err != nil {
|
||||
sanitizedManifests := manifests
|
||||
if len(sanitizedManifests) > 1000 {
|
||||
sanitizedManifests = manifests[:1000]
|
||||
}
|
||||
log.Debugf("Failed to split generated manifests. Beginning of generated manifests: %q", sanitizedManifests)
|
||||
return &apiclient.ManifestResponse{}, err
|
||||
}
|
||||
|
||||
|
||||
@@ -1497,17 +1497,7 @@ func (ctrl *ApplicationController) refreshAppConditions(app *appv1.Application)
|
||||
errorConditions := make([]appv1.ApplicationCondition, 0)
|
||||
proj, err := ctrl.getAppProj(app)
|
||||
if err != nil {
|
||||
if apierr.IsNotFound(err) {
|
||||
errorConditions = append(errorConditions, appv1.ApplicationCondition{
|
||||
Type: appv1.ApplicationConditionInvalidSpecError,
|
||||
Message: fmt.Sprintf("Application referencing project %s which does not exist", app.Spec.Project),
|
||||
})
|
||||
} else {
|
||||
errorConditions = append(errorConditions, appv1.ApplicationCondition{
|
||||
Type: appv1.ApplicationConditionUnknownError,
|
||||
Message: err.Error(),
|
||||
})
|
||||
}
|
||||
errorConditions = append(errorConditions, ctrl.projectErrorToCondition(err, app))
|
||||
} else {
|
||||
specConditions, err := argo.ValidatePermissions(context.Background(), &app.Spec, proj, ctrl.db)
|
||||
if err != nil {
|
||||
@@ -1798,7 +1788,7 @@ func (ctrl *ApplicationController) newApplicationInformerAndLister() (cache.Shar
|
||||
// If the application is not allowed to use the project,
|
||||
// log an error.
|
||||
if _, err := ctrl.getAppProj(app); err != nil {
|
||||
ctrl.setAppCondition(app, appv1.ApplicationCondition{Type: appv1.ApplicationConditionUnknownError, Message: err.Error()})
|
||||
ctrl.setAppCondition(app, ctrl.projectErrorToCondition(err, app))
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1869,6 +1859,19 @@ func (ctrl *ApplicationController) newApplicationInformerAndLister() (cache.Shar
|
||||
return informer, lister
|
||||
}
|
||||
|
||||
func (ctrl *ApplicationController) projectErrorToCondition(err error, app *appv1.Application) appv1.ApplicationCondition {
|
||||
var condition appv1.ApplicationCondition
|
||||
if apierr.IsNotFound(err) {
|
||||
condition = appv1.ApplicationCondition{
|
||||
Type: appv1.ApplicationConditionInvalidSpecError,
|
||||
Message: fmt.Sprintf("Application referencing project %s which does not exist", app.Spec.Project),
|
||||
}
|
||||
} else {
|
||||
condition = appv1.ApplicationCondition{Type: appv1.ApplicationConditionUnknownError, Message: err.Error()}
|
||||
}
|
||||
return condition
|
||||
}
|
||||
|
||||
func (ctrl *ApplicationController) RegisterClusterSecretUpdater(ctx context.Context) {
|
||||
updater := NewClusterInfoUpdater(ctrl.stateCache, ctrl.db, ctrl.appLister.Applications(""), ctrl.cache, ctrl.clusterFilter, ctrl.getAppProj, ctrl.namespace)
|
||||
go updater.Run(ctx)
|
||||
|
||||
@@ -1068,6 +1068,34 @@ func TestUpdateReconciledAt(t *testing.T) {
|
||||
|
||||
}
|
||||
|
||||
func TestProjectErrorToCondition(t *testing.T) {
|
||||
app := newFakeApp()
|
||||
app.Spec.Project = "wrong project"
|
||||
ctrl := newFakeController(&fakeData{
|
||||
apps: []runtime.Object{app, &defaultProj},
|
||||
manifestResponse: &apiclient.ManifestResponse{
|
||||
Manifests: []string{},
|
||||
Namespace: test.FakeDestNamespace,
|
||||
Server: test.FakeClusterURL,
|
||||
Revision: "abc123",
|
||||
},
|
||||
managedLiveObjs: make(map[kube.ResourceKey]*unstructured.Unstructured),
|
||||
})
|
||||
key, _ := cache.MetaNamespaceKeyFunc(app)
|
||||
ctrl.appRefreshQueue.Add(key)
|
||||
ctrl.requestAppRefresh(app.Name, CompareWithRecent.Pointer(), nil)
|
||||
|
||||
ctrl.processAppRefreshQueueItem()
|
||||
|
||||
obj, ok, err := ctrl.appInformer.GetIndexer().GetByKey(key)
|
||||
assert.True(t, ok)
|
||||
assert.NoError(t, err)
|
||||
updatedApp := obj.(*argoappv1.Application)
|
||||
assert.Equal(t, argoappv1.ApplicationConditionInvalidSpecError, updatedApp.Status.Conditions[0].Type)
|
||||
assert.Equal(t, "Application referencing project wrong project which does not exist", updatedApp.Status.Conditions[0].Message)
|
||||
assert.Equal(t, argoappv1.ApplicationConditionInvalidSpecError, updatedApp.Status.Conditions[0].Type)
|
||||
}
|
||||
|
||||
func TestFinalizeProjectDeletion_HasApplications(t *testing.T) {
|
||||
app := newFakeApp()
|
||||
proj := &argoappv1.AppProject{ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: test.FakeArgoCDNamespace}}
|
||||
|
||||
@@ -45,6 +45,9 @@ spec:
|
||||
valueFiles:
|
||||
- values-prod.yaml
|
||||
|
||||
# Ignore locally missing valueFiles when installing Helm chart. Defaults to false
|
||||
ignoreMissingValueFiles: false
|
||||
|
||||
# Values file as block file
|
||||
values: |
|
||||
ingress:
|
||||
@@ -61,6 +64,9 @@ spec:
|
||||
hosts:
|
||||
- mydomain.example.com
|
||||
|
||||
# Skip custom resource definition installation if chart contains custom resource definitions. Defaults to false
|
||||
skipCrds: false
|
||||
|
||||
# Optional Helm version to template with. If omitted it will fall back to look at the 'apiVersion' in Chart.yaml
|
||||
# and decide which Helm binary to use automatically. This field can be either 'v2' or 'v3'.
|
||||
version: v2
|
||||
|
||||
@@ -318,3 +318,7 @@ The Pull Request Generator will requeue when the next action occurs.
|
||||
- `merge`
|
||||
|
||||
For more information about each event, please refer to the [official documentation](https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#merge-request-events).
|
||||
|
||||
## Lifecycle
|
||||
|
||||
An Application will be generated when a Pull Request is discovered when the configured criteria is met - i.e. for GitHub when a Pull Request matches the specified `labels` and/or `pullRequestState`. Application will be removed when a Pull Request no longer meets the specified criteria.
|
||||
|
||||
@@ -219,6 +219,41 @@ spec:
|
||||
* `api`: Optional. URL to Azure DevOps. If not set, `https://dev.azure.com` is used.
|
||||
* `allBranches`: Optional, default `false`. If `true`, scans every branch of eligible repositories. If `false`, check only the default branch of the eligible repositories.
|
||||
|
||||
## Bitbucket Cloud
|
||||
|
||||
The Bitbucket mode uses the Bitbucket API V2 to scan a workspace in bitbucket.org.
|
||||
|
||||
```yaml
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: ApplicationSet
|
||||
metadata:
|
||||
name: myapps
|
||||
spec:
|
||||
generators:
|
||||
- scmProvider:
|
||||
bitbucket:
|
||||
# The workspace id (slug).
|
||||
owner: "example-owner"
|
||||
# The user to use for basic authentication with an app password.
|
||||
user: "example-user"
|
||||
# If true, scan every branch of every repository. If false, scan only the main branch. Defaults to false.
|
||||
allBranches: true
|
||||
# Reference to a Secret containing an app password.
|
||||
appPasswordRef:
|
||||
secretName: appPassword
|
||||
key: password
|
||||
template:
|
||||
# ...
|
||||
```
|
||||
|
||||
* `owner`: The workspace ID (slug) to use when looking up repositories.
|
||||
* `user`: The user to use for authentication to the Bitbucket API V2 at bitbucket.org.
|
||||
* `allBranches`: By default (false) the template will only be evaluated for the main branch of each repo. If this is true, every branch of every repository will be passed to the filters. If using this flag, you likely want to use a `branchMatch` filter.
|
||||
* `appPasswordRef`: A `Secret` name and key containing the bitbucket app password to use for requests.
|
||||
|
||||
This SCM provider does not yet support label filtering
|
||||
|
||||
Available clone protocols are `ssh` and `https`.
|
||||
|
||||
## Filters
|
||||
|
||||
|
||||
@@ -87,7 +87,7 @@ By activating Go Templating, `{{ .path }}` becomes an object. Therefore, some ch
|
||||
generators' templating:
|
||||
|
||||
- `{{ path }}` becomes `{{ .path.path }}`
|
||||
- `{{ path[n] }}` becomes `{{ .path.segments[n] }}`
|
||||
- `{{ path[n] }}` becomes `{{ index .path.segments n }}`
|
||||
|
||||
Here is an example:
|
||||
|
||||
@@ -155,7 +155,7 @@ It is also possible to use Sprig functions to construct the path variables manua
|
||||
| `{{path.filename}}` | `{{.path.filename}}` | `{{.path.filename}}` |
|
||||
| `{{path.basenameNormalized}}` | `{{.path.basenameNormalized}}` | `{{normalize .path.path}}` |
|
||||
| `{{path.filenameNormalized}}` | `{{.path.filenameNormalized}}` | `{{normalize .path.filename}}` |
|
||||
| `{{path[N]}}` | `{{.path.segments[N]}}` | `{{index (splitList "/" .path.path) N}}` |
|
||||
| `{{path[N]}}` | `-` | `{{index .path.segments N}}` |
|
||||
|
||||
## Examples
|
||||
|
||||
|
||||
@@ -80,7 +80,7 @@ resources:
|
||||
## Helm
|
||||
|
||||
The Argo CD can be installed using [Helm](https://helm.sh/). The Helm chart is currently community maintained and available at
|
||||
[argo-helm/charts/argo-cd](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd).
|
||||
[argo-helm/charts/argo-cd](https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd).
|
||||
|
||||
## Supported versions
|
||||
|
||||
|
||||
@@ -67,8 +67,7 @@ Scraped at the `argocd-server-metrics:8083/metrics` endpoint.
|
||||
| Metric | Type | Description |
|
||||
|--------|:----:|-------------|
|
||||
| `argocd_redis_request_duration` | histogram | Redis requests duration. |
|
||||
| `argocd_redis_request_total` | counter | Number of kubernetes requests executed during application
|
||||
reconciliation. |
|
||||
| `argocd_redis_request_total` | counter | Number of kubernetes requests executed during application reconciliation. |
|
||||
| `grpc_server_handled_total` | counter | Total number of RPCs completed on the server, regardless of success or failure. |
|
||||
| `grpc_server_msg_sent_total` | counter | Total number of gRPC stream messages sent by the server. |
|
||||
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
## notifications template get
|
||||
## argocd admin notifications template get
|
||||
|
||||
Prints information about configured templates
|
||||
|
||||
```
|
||||
notifications template get [flags]
|
||||
argocd admin notifications template get [flags]
|
||||
```
|
||||
|
||||
### Examples
|
||||
@@ -11,9 +11,9 @@ notifications template get [flags]
|
||||
```
|
||||
|
||||
# prints all templates
|
||||
notifications template get
|
||||
argocd admin notifications template get
|
||||
# print YAML formatted app-sync-succeeded template definition
|
||||
notifications template get app-sync-succeeded -o=yaml
|
||||
argocd admin notifications template get app-sync-succeeded -o=yaml
|
||||
|
||||
```
|
||||
|
||||
@@ -53,12 +53,12 @@ notifications template get app-sync-succeeded -o=yaml
|
||||
--username string Username for basic authentication to the API server
|
||||
```
|
||||
|
||||
## notifications template notify
|
||||
## argocd admin notifications template notify
|
||||
|
||||
Generates notification using the specified template and send it to specified recipients
|
||||
|
||||
```
|
||||
notifications template notify NAME RESOURCE_NAME [flags]
|
||||
argocd admin notifications template notify NAME RESOURCE_NAME [flags]
|
||||
```
|
||||
|
||||
### Examples
|
||||
@@ -66,10 +66,10 @@ notifications template notify NAME RESOURCE_NAME [flags]
|
||||
```
|
||||
|
||||
# Trigger notification using in-cluster config map and secret
|
||||
notifications template notify app-sync-succeeded guestbook --recipient slack:my-slack-channel
|
||||
argocd admin notifications template notify app-sync-succeeded guestbook --recipient slack:my-slack-channel
|
||||
|
||||
# Render notification render generated notification in console
|
||||
notifications template notify app-sync-succeeded guestbook
|
||||
argocd admin notifications template notify app-sync-succeeded guestbook
|
||||
|
||||
```
|
||||
|
||||
@@ -109,12 +109,12 @@ notifications template notify app-sync-succeeded guestbook
|
||||
--username string Username for basic authentication to the API server
|
||||
```
|
||||
|
||||
## notifications trigger get
|
||||
## argocd admin notifications trigger get
|
||||
|
||||
Prints information about configured triggers
|
||||
|
||||
```
|
||||
notifications trigger get [flags]
|
||||
argocd admin notifications trigger get [flags]
|
||||
```
|
||||
|
||||
### Examples
|
||||
@@ -122,9 +122,9 @@ notifications trigger get [flags]
|
||||
```
|
||||
|
||||
# prints all triggers
|
||||
notifications trigger get
|
||||
argocd admin notifications trigger get
|
||||
# print YAML formatted on-sync-failed trigger definition
|
||||
notifications trigger get on-sync-failed -o=yaml
|
||||
argocd admin notifications trigger get on-sync-failed -o=yaml
|
||||
|
||||
```
|
||||
|
||||
@@ -164,12 +164,12 @@ notifications trigger get on-sync-failed -o=yaml
|
||||
--username string Username for basic authentication to the API server
|
||||
```
|
||||
|
||||
## notifications trigger run
|
||||
## argocd admin notifications trigger run
|
||||
|
||||
Evaluates specified trigger condition and prints the result
|
||||
|
||||
```
|
||||
notifications trigger run NAME RESOURCE_NAME [flags]
|
||||
argocd admin notifications trigger run NAME RESOURCE_NAME [flags]
|
||||
```
|
||||
|
||||
### Examples
|
||||
@@ -177,10 +177,10 @@ notifications trigger run NAME RESOURCE_NAME [flags]
|
||||
```
|
||||
|
||||
# Execute trigger configured in 'argocd-notification-cm' ConfigMap
|
||||
notifications trigger run on-sync-status-unknown ./sample-app.yaml
|
||||
argocd admin notifications trigger run on-sync-status-unknown ./sample-app.yaml
|
||||
|
||||
# Execute trigger using my-config-map.yaml instead of 'argocd-notifications-cm' ConfigMap
|
||||
notifications trigger run on-sync-status-unknown ./sample-app.yaml \
|
||||
argocd admin notifications trigger run on-sync-status-unknown ./sample-app.yaml \
|
||||
--config-map ./my-config-map.yaml
|
||||
```
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
## Troubleshooting
|
||||
|
||||
The `argocd-notifications` binary includes a set of CLI commands that helps to configure the controller
|
||||
The `argocd admin notifications` is a CLI command group that helps to configure the controller
|
||||
settings and troubleshoot issues.
|
||||
|
||||
## Global flags
|
||||
@@ -17,15 +17,15 @@ Additionally, you can specify `:empty` value to use empty secret with no notific
|
||||
* Get list of triggers configured in the local config map:
|
||||
|
||||
```bash
|
||||
argocd-notifications trigger get \
|
||||
--config-map ./argocd-notifications-cm.yaml --secret :empty
|
||||
argocd admin notifications trigger get \
|
||||
--config-map ./argocd admin notifications-cm.yaml --secret :empty
|
||||
```
|
||||
|
||||
* Trigger notification using in-cluster config map and secret:
|
||||
|
||||
```bash
|
||||
argocd-notifications template notify \
|
||||
app-sync-succeeded guestbook --recipient slack:argocd-notifications
|
||||
argocd admin notifications template notify \
|
||||
app-sync-succeeded guestbook --recipient slack:argocd admin notifications
|
||||
```
|
||||
|
||||
## Kustomize
|
||||
@@ -44,18 +44,18 @@ kustomize build ./argocd-notifications | \
|
||||
|
||||
### On your laptop
|
||||
|
||||
You can download `argocd-notifications` from the github [release](https://github.com/argoproj-labs/argocd-notifications/releases)
|
||||
You can download the `argocd` CLI from the github [release](https://github.com/argoproj/argo-cd/releases)
|
||||
attachments.
|
||||
|
||||
The binary is available in `argoprojlabs/argocd-notifications` image. Use the `docker run` and volume mount
|
||||
The binary is available in `argoproj/argo-cd` image. Use the `docker run` and volume mount
|
||||
to execute binary on any platform.
|
||||
|
||||
**Example:**
|
||||
|
||||
```bash
|
||||
docker run --rm -it -w /src -v $(pwd):/src \
|
||||
argoprojlabs/argocd-notifications:<version> \
|
||||
/app/argocd-notifications trigger get \
|
||||
argoproj/argo-cd:<version> \
|
||||
/app/argocd admin notifications trigger get \
|
||||
--config-map ./argocd-notifications-cm.yaml --secret :empty
|
||||
```
|
||||
|
||||
@@ -67,7 +67,7 @@ configuration.
|
||||
**Example**
|
||||
```bash
|
||||
kubectl exec -it argocd-notifications-controller-<pod-hash> \
|
||||
/app/argocd-notifications trigger get
|
||||
/app/argocd admin notifications trigger get
|
||||
```
|
||||
|
||||
## Commands
|
||||
|
||||
@@ -12,5 +12,6 @@ Argo CD is un-opinionated about how secrets are managed. There's many ways to do
|
||||
* [KSOPS](https://github.com/viaduct-ai/kustomize-sops#argo-cd-integration)
|
||||
* [argocd-vault-plugin](https://github.com/argoproj-labs/argocd-vault-plugin)
|
||||
* [argocd-vault-replacer](https://github.com/crumbhole/argocd-vault-replacer)
|
||||
* [Kubernetes Secrets Store CSI Driver](https://github.com/kubernetes-sigs/secrets-store-csi-driver)
|
||||
|
||||
For discussion, see [#1364](https://github.com/argoproj/argo-cd/issues/1364)
|
||||
|
||||
@@ -17,6 +17,8 @@ Configure the client by setting the __Access Type__ to _confidential_ and set th
|
||||
hostname. It should be https://{hostname}/auth/callback (you can also leave the default less secure https://{hostname}/* ). You can also set the
|
||||
__Base URL__ to _/applications_.
|
||||
|
||||
If you want to allow command line access, __Access Type__ must be set to _public_ and you also need to add http://localhost:8085/auth/callback in the list of Valid Redirect URIs. Then users can login using `argocd login {hostname} --sso`.
|
||||
|
||||

|
||||
|
||||
Make sure to click __Save__. You should now have a new tab called __Credentials__. You can copy the Secret that we'll use in our ArgoCD
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
mkdocs==1.2.3
|
||||
mkdocs-material==7.1.7
|
||||
mkdocs-material==7.1.8
|
||||
markdown_include==0.6.0
|
||||
pygments==2.7.4
|
||||
jinja2==3.0.3
|
||||
|
||||
@@ -2,14 +2,16 @@
|
||||
|
||||
[Custom tools](config-management-plugins.md), [Helm](helm.md), [Jsonnet](jsonnet.md), and [Kustomize](kustomize.md) support the following build env vars:
|
||||
|
||||
* `ARGOCD_APP_NAME` - name of application
|
||||
* `ARGOCD_APP_NAMESPACE` - destination application namespace.
|
||||
* `ARGOCD_APP_REVISION` - the resolved revision, e.g. `f913b6cbf58aa5ae5ca1f8a2b149477aebcbd9d8`
|
||||
* `ARGOCD_APP_SOURCE_PATH` - the path of the app within the repo
|
||||
* `ARGOCD_APP_SOURCE_REPO_URL` the repo's URL
|
||||
* `ARGOCD_APP_SOURCE_TARGET_REVISION` - the target revision from the spec, e.g. `master`.
|
||||
* `KUBE_VERSION` - the version of kubernetes
|
||||
* `KUBE_API_VERSIONS` = the version of kubernetes API
|
||||
| Variable | Description |
|
||||
| ----------------------------------- | ----------------------------------------------------------------------- |
|
||||
| `ARGOCD_APP_NAME` | The name of the application. |
|
||||
| `ARGOCD_APP_NAMESPACE` | The destination namespace of the application. |
|
||||
| `ARGOCD_APP_REVISION` | The resolved revision, e.g. `f913b6cbf58aa5ae5ca1f8a2b149477aebcbd9d8`. |
|
||||
| `ARGOCD_APP_SOURCE_PATH` | The path of the app within the source repo. |
|
||||
| `ARGOCD_APP_SOURCE_REPO_URL` | The source repo URL. |
|
||||
| `ARGOCD_APP_SOURCE_TARGET_REVISION` | The target revision from the spec, e.g. `master`. |
|
||||
| `KUBE_VERSION` | The version of Kubernetes. |
|
||||
| `KUBE_API_VERSIONS` | The version of the Kubernetes API. |
|
||||
|
||||
In case you don't want a variable to be interpolated, `$` can be escaped via `$$`.
|
||||
|
||||
|
||||
@@ -11,9 +11,9 @@ argocd admin notifications template get [flags]
|
||||
```
|
||||
|
||||
# prints all templates
|
||||
notifications template get
|
||||
argocd admin notifications template get
|
||||
# print YAML formatted app-sync-succeeded template definition
|
||||
notifications template get app-sync-succeeded -o=yaml
|
||||
argocd admin notifications template get app-sync-succeeded -o=yaml
|
||||
|
||||
```
|
||||
|
||||
|
||||
@@ -11,10 +11,10 @@ argocd admin notifications template notify NAME RESOURCE_NAME [flags]
|
||||
```
|
||||
|
||||
# Trigger notification using in-cluster config map and secret
|
||||
notifications template notify app-sync-succeeded guestbook --recipient slack:my-slack-channel
|
||||
argocd admin notifications template notify app-sync-succeeded guestbook --recipient slack:my-slack-channel
|
||||
|
||||
# Render notification render generated notification in console
|
||||
notifications template notify app-sync-succeeded guestbook
|
||||
argocd admin notifications template notify app-sync-succeeded guestbook
|
||||
|
||||
```
|
||||
|
||||
|
||||
@@ -11,9 +11,9 @@ argocd admin notifications trigger get [flags]
|
||||
```
|
||||
|
||||
# prints all triggers
|
||||
notifications trigger get
|
||||
argocd admin notifications trigger get
|
||||
# print YAML formatted on-sync-failed trigger definition
|
||||
notifications trigger get on-sync-failed -o=yaml
|
||||
argocd admin notifications trigger get on-sync-failed -o=yaml
|
||||
|
||||
```
|
||||
|
||||
|
||||
@@ -11,10 +11,10 @@ argocd admin notifications trigger run NAME RESOURCE_NAME [flags]
|
||||
```
|
||||
|
||||
# Execute trigger configured in 'argocd-notification-cm' ConfigMap
|
||||
notifications trigger run on-sync-status-unknown ./sample-app.yaml
|
||||
argocd admin notifications trigger run on-sync-status-unknown ./sample-app.yaml
|
||||
|
||||
# Execute trigger using my-config-map.yaml instead of 'argocd-notifications-cm' ConfigMap
|
||||
notifications trigger run on-sync-status-unknown ./sample-app.yaml \
|
||||
argocd admin notifications trigger run on-sync-status-unknown ./sample-app.yaml \
|
||||
--config-map ./my-config-map.yaml
|
||||
```
|
||||
|
||||
|
||||
@@ -68,7 +68,14 @@ spec:
|
||||
# This is a good place to, for example, download chart dependencies.
|
||||
command: [sh, -c, 'echo "Initializing..."']
|
||||
generate:
|
||||
command: [sh, -c, 'echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}"']
|
||||
command: [sh, -c]
|
||||
args:
|
||||
- |
|
||||
echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}"
|
||||
# The discovery config is applied to a repository. If every configured discovery tool matches, then the plugin may be
|
||||
# used to generate manifests for Applications using the repository.
|
||||
# Only one of fileName, find.glob, or find.command should be specified. If multiple are specified then only the
|
||||
# first (in that order) is evaluated.
|
||||
discover:
|
||||
fileName: "./subdir/s*.yaml"
|
||||
```
|
||||
@@ -122,7 +129,7 @@ data:
|
||||
init:
|
||||
command: [sh, -c, 'echo "Initializing..."']
|
||||
generate:
|
||||
command: [sh, -c, 'echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}"']
|
||||
command: [sh, -c, 'echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}"']
|
||||
discover:
|
||||
fileName: "./subdir/s*.yaml"
|
||||
```
|
||||
@@ -259,11 +266,16 @@ If you are actively developing a sidecar-installed CMP, keep a few things in min
|
||||
3) CMP errors are cached by the repo-server in Redis. Restarting the repo-server Pod will not clear the cache. Always
|
||||
do a "Hard Refresh" when actively developing a CMP so you have the latest output.
|
||||
|
||||
!!! note
|
||||
Each Application can only have one config management plugin configured at a time. If you're converting an existing
|
||||
plugin configured through the `argocd-cm` ConfigMap to a sidecar, make sure the discovery mechanism only returns
|
||||
true for Applications that have had their `name` field in the `plugin` section of their spec removed.
|
||||
|
||||
## Plugin tar stream exclusions
|
||||
|
||||
In order to increase the speed of manifest generation, certain files and folders can be excluded from being sent to your
|
||||
plugin. We recommend excluding your `.git` folder if it isn't necessary. Use Go's
|
||||
[filepatch.Match](https://pkg.go.dev/path/filepath#Match) syntax.
|
||||
plugin. We recommend excluding your `.git` folder if it isn't necessary. Use Go's
|
||||
[filepatch.Match](https://pkg.go.dev/path/filepath#Match) syntax. For example, `.git/*` to exclude `.git` folder.
|
||||
|
||||
You can set it one of three ways:
|
||||
|
||||
|
||||
@@ -150,18 +150,27 @@ func generateBuiltInTriggersDocs(out io.Writer, triggers map[string][]triggers.C
|
||||
}
|
||||
|
||||
func generateCommandsDocs(out io.Writer) error {
|
||||
toolsCmd := admin.NewNotificationsCommand()
|
||||
for _, subCommand := range toolsCmd.Commands() {
|
||||
for _, c := range subCommand.Commands() {
|
||||
var cmdDesc bytes.Buffer
|
||||
if err := doc.GenMarkdown(c, &cmdDesc); err != nil {
|
||||
return err
|
||||
}
|
||||
for _, line := range strings.Split(cmdDesc.String(), "\n") {
|
||||
if strings.HasPrefix(line, "### SEE ALSO") {
|
||||
break
|
||||
// create parents so that CommandPath() is correctly resolved
|
||||
mainCmd := &cobra.Command{Use: "argocd"}
|
||||
adminCmd := &cobra.Command{Use: "admin"}
|
||||
toolCmd := admin.NewNotificationsCommand()
|
||||
adminCmd.AddCommand(toolCmd)
|
||||
mainCmd.AddCommand(adminCmd)
|
||||
for _, mainSubCommand := range mainCmd.Commands() {
|
||||
for _, adminSubCommand := range mainSubCommand.Commands() {
|
||||
for _, toolSubCommand := range adminSubCommand.Commands() {
|
||||
for _, c := range toolSubCommand.Commands() {
|
||||
var cmdDesc bytes.Buffer
|
||||
if err := doc.GenMarkdown(c, &cmdDesc); err != nil {
|
||||
return err
|
||||
}
|
||||
for _, line := range strings.Split(cmdDesc.String(), "\n") {
|
||||
if strings.HasPrefix(line, "### SEE ALSO") {
|
||||
break
|
||||
}
|
||||
_, _ = fmt.Fprintf(out, "%s\n", line)
|
||||
}
|
||||
}
|
||||
_, _ = fmt.Fprintf(out, "%s\n", line)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -37,7 +37,7 @@ spec:
|
||||
type: RuntimeDefault
|
||||
containers:
|
||||
- name: dex
|
||||
image: ghcr.io/dexidp/dex:v2.35.3-distroless
|
||||
image: ghcr.io/dexidp/dex:v2.35.3
|
||||
imagePullPolicy: Always
|
||||
command: [/shared/argocd-dex, rundex]
|
||||
env:
|
||||
|
||||
@@ -5,7 +5,7 @@ kind: Kustomization
|
||||
images:
|
||||
- name: quay.io/argoproj/argocd
|
||||
newName: quay.io/argoproj/argocd
|
||||
newTag: v2.5.2
|
||||
newTag: v2.5.4
|
||||
resources:
|
||||
- ./application-controller
|
||||
- ./dex
|
||||
|
||||
@@ -10,27 +10,22 @@ spec:
|
||||
- Ingress
|
||||
- Egress
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-server
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-repo-server
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-application-controller
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 6379
|
||||
- from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-server
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-repo-server
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-application-controller
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 6379
|
||||
egress:
|
||||
- to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
|
||||
|
||||
- ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
|
||||
@@ -9635,7 +9635,7 @@ spec:
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -9893,7 +9893,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -9944,7 +9944,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -10151,7 +10151,7 @@ spec:
|
||||
key: application.namespaces
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
@@ -10239,9 +10239,6 @@ spec:
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
|
||||
@@ -12,4 +12,4 @@ resources:
|
||||
images:
|
||||
- name: quay.io/argoproj/argocd
|
||||
newName: quay.io/argoproj/argocd
|
||||
newTag: v2.5.2
|
||||
newTag: v2.5.4
|
||||
|
||||
@@ -11,7 +11,7 @@ patchesStrategicMerge:
|
||||
images:
|
||||
- name: quay.io/argoproj/argocd
|
||||
newName: quay.io/argoproj/argocd
|
||||
newTag: v2.5.2
|
||||
newTag: v2.5.4
|
||||
resources:
|
||||
- ../../base/application-controller
|
||||
- ../../base/applicationset-controller
|
||||
|
||||
@@ -10,36 +10,33 @@ spec:
|
||||
- Ingress
|
||||
- Egress
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-server
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-repo-server
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-application-controller
|
||||
ports:
|
||||
- port: 6379
|
||||
protocol: TCP
|
||||
- port: 26379
|
||||
protocol: TCP
|
||||
- from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-server
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-repo-server
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-application-controller
|
||||
ports:
|
||||
- port: 6379
|
||||
protocol: TCP
|
||||
- port: 26379
|
||||
protocol: TCP
|
||||
egress:
|
||||
- to:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-redis-ha
|
||||
ports:
|
||||
- port: 6379
|
||||
protocol: TCP
|
||||
- port: 26379
|
||||
protocol: TCP
|
||||
- to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
- to:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-redis-ha
|
||||
ports:
|
||||
- port: 6379
|
||||
protocol: TCP
|
||||
- port: 26379
|
||||
protocol: TCP
|
||||
- ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
|
||||
@@ -10,33 +10,30 @@ spec:
|
||||
- Ingress
|
||||
- Egress
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-redis-ha
|
||||
ports:
|
||||
- port: 6379
|
||||
protocol: TCP
|
||||
- port: 26379
|
||||
protocol: TCP
|
||||
- from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-redis-ha
|
||||
ports:
|
||||
- port: 6379
|
||||
protocol: TCP
|
||||
- port: 26379
|
||||
protocol: TCP
|
||||
egress:
|
||||
- to:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-redis-ha
|
||||
ports:
|
||||
- port: 6379
|
||||
protocol: TCP
|
||||
- port: 26379
|
||||
protocol: TCP
|
||||
- to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
- to:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: argocd-redis-ha
|
||||
ports:
|
||||
- port: 6379
|
||||
protocol: TCP
|
||||
- port: 26379
|
||||
protocol: TCP
|
||||
- ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
|
||||
@@ -10877,7 +10877,7 @@ spec:
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -10958,7 +10958,7 @@ spec:
|
||||
key: dexserver.disable.tls
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: ghcr.io/dexidp/dex:v2.35.3-distroless
|
||||
image: ghcr.io/dexidp/dex:v2.35.3
|
||||
imagePullPolicy: Always
|
||||
name: dex
|
||||
ports:
|
||||
@@ -10987,7 +10987,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -11040,7 +11040,7 @@ spec:
|
||||
containers:
|
||||
- command:
|
||||
- argocd-notifications
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -11337,7 +11337,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -11388,7 +11388,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -11661,7 +11661,7 @@ spec:
|
||||
key: application.namespaces
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -11896,7 +11896,7 @@ spec:
|
||||
key: application.namespaces
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
@@ -12240,9 +12240,6 @@ spec:
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
@@ -12286,9 +12283,6 @@ spec:
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
|
||||
@@ -1543,7 +1543,7 @@ spec:
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -1624,7 +1624,7 @@ spec:
|
||||
key: dexserver.disable.tls
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: ghcr.io/dexidp/dex:v2.35.3-distroless
|
||||
image: ghcr.io/dexidp/dex:v2.35.3
|
||||
imagePullPolicy: Always
|
||||
name: dex
|
||||
ports:
|
||||
@@ -1653,7 +1653,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -1706,7 +1706,7 @@ spec:
|
||||
containers:
|
||||
- command:
|
||||
- argocd-notifications
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -2003,7 +2003,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -2054,7 +2054,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -2327,7 +2327,7 @@ spec:
|
||||
key: application.namespaces
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -2562,7 +2562,7 @@ spec:
|
||||
key: application.namespaces
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
@@ -2906,9 +2906,6 @@ spec:
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
@@ -2952,9 +2949,6 @@ spec:
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
|
||||
@@ -9955,7 +9955,7 @@ spec:
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -10036,7 +10036,7 @@ spec:
|
||||
key: dexserver.disable.tls
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: ghcr.io/dexidp/dex:v2.35.3-distroless
|
||||
image: ghcr.io/dexidp/dex:v2.35.3
|
||||
imagePullPolicy: Always
|
||||
name: dex
|
||||
ports:
|
||||
@@ -10065,7 +10065,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -10118,7 +10118,7 @@ spec:
|
||||
containers:
|
||||
- command:
|
||||
- argocd-notifications
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -10371,7 +10371,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -10422,7 +10422,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -10691,7 +10691,7 @@ spec:
|
||||
key: application.namespaces
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -10924,7 +10924,7 @@ spec:
|
||||
key: application.namespaces
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
@@ -11055,9 +11055,6 @@ spec:
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
|
||||
@@ -621,7 +621,7 @@ spec:
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -702,7 +702,7 @@ spec:
|
||||
key: dexserver.disable.tls
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: ghcr.io/dexidp/dex:v2.35.3-distroless
|
||||
image: ghcr.io/dexidp/dex:v2.35.3
|
||||
imagePullPolicy: Always
|
||||
name: dex
|
||||
ports:
|
||||
@@ -731,7 +731,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -784,7 +784,7 @@ spec:
|
||||
containers:
|
||||
- command:
|
||||
- argocd-notifications
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -1037,7 +1037,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -1088,7 +1088,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -1357,7 +1357,7 @@ spec:
|
||||
key: application.namespaces
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -1590,7 +1590,7 @@ spec:
|
||||
key: application.namespaces
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v2.5.2
|
||||
image: quay.io/argoproj/argocd:v2.5.4
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
@@ -1721,9 +1721,6 @@ spec:
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
extra:
|
||||
analytics:
|
||||
property: G-5Z1VTPDL73
|
||||
provider: google
|
||||
extra_css:
|
||||
- assets/versions.css
|
||||
extra_javascript:
|
||||
- assets/versions.js
|
||||
google_analytics:
|
||||
- UA-105170809-2
|
||||
- auto
|
||||
markdown_extensions:
|
||||
- markdown_include.include
|
||||
- codehilite
|
||||
@@ -56,9 +57,9 @@ nav:
|
||||
- operator-manual/notifications/catalog.md
|
||||
- operator-manual/notifications/monitoring.md
|
||||
- operator-manual/notifications/subscriptions.md
|
||||
- operator-manual/notifications/troubleshooting.md
|
||||
- operator-manual/notifications/troubleshooting-commands.md
|
||||
- operator-manual/notifications/troubleshooting-errors.md
|
||||
- operator-manual/notifications/troubleshooting.md
|
||||
- Notification Services:
|
||||
- operator-manual/notifications/services/alertmanager.md
|
||||
- operator-manual/notifications/services/email.md
|
||||
|
||||
@@ -84,24 +84,25 @@ type Settings struct {
|
||||
GoogleAnalytics *GoogleAnalyticsConfig `protobuf:"bytes,7,opt,name=googleAnalytics,proto3" json:"googleAnalytics,omitempty"`
|
||||
KustomizeOptions *v1alpha1.KustomizeOptions `protobuf:"bytes,8,opt,name=kustomizeOptions,proto3" json:"kustomizeOptions,omitempty"`
|
||||
// Help settings
|
||||
Help *Help `protobuf:"bytes,9,opt,name=help,proto3" json:"help,omitempty"`
|
||||
Plugins []*Plugin `protobuf:"bytes,10,rep,name=plugins,proto3" json:"plugins,omitempty"`
|
||||
UserLoginsDisabled bool `protobuf:"varint,11,opt,name=userLoginsDisabled,proto3" json:"userLoginsDisabled,omitempty"`
|
||||
ConfigManagementPlugins []*v1alpha1.ConfigManagementPlugin `protobuf:"bytes,12,rep,name=configManagementPlugins,proto3" json:"configManagementPlugins,omitempty"`
|
||||
KustomizeVersions []string `protobuf:"bytes,13,rep,name=kustomizeVersions,proto3" json:"kustomizeVersions,omitempty"`
|
||||
UiCssURL string `protobuf:"bytes,14,opt,name=uiCssURL,proto3" json:"uiCssURL,omitempty"`
|
||||
UiBannerContent string `protobuf:"bytes,15,opt,name=uiBannerContent,proto3" json:"uiBannerContent,omitempty"`
|
||||
UiBannerURL string `protobuf:"bytes,16,opt,name=uiBannerURL,proto3" json:"uiBannerURL,omitempty"`
|
||||
PasswordPattern string `protobuf:"bytes,17,opt,name=passwordPattern,proto3" json:"passwordPattern,omitempty"`
|
||||
TrackingMethod string `protobuf:"bytes,18,opt,name=trackingMethod,proto3" json:"trackingMethod,omitempty"`
|
||||
UiBannerPermanent bool `protobuf:"varint,19,opt,name=uiBannerPermanent,proto3" json:"uiBannerPermanent,omitempty"`
|
||||
UiBannerPosition string `protobuf:"bytes,20,opt,name=uiBannerPosition,proto3" json:"uiBannerPosition,omitempty"`
|
||||
StatusBadgeRootUrl string `protobuf:"bytes,21,opt,name=statusBadgeRootUrl,proto3" json:"statusBadgeRootUrl,omitempty"`
|
||||
ExecEnabled bool `protobuf:"varint,22,opt,name=execEnabled,proto3" json:"execEnabled,omitempty"`
|
||||
ControllerNamespace string `protobuf:"bytes,23,opt,name=controllerNamespace,proto3" json:"controllerNamespace,omitempty"`
|
||||
XXX_NoUnkeyedLiteral struct{} `json:"-"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
XXX_sizecache int32 `json:"-"`
|
||||
Help *Help `protobuf:"bytes,9,opt,name=help,proto3" json:"help,omitempty"`
|
||||
Plugins []*Plugin `protobuf:"bytes,10,rep,name=plugins,proto3" json:"plugins,omitempty"`
|
||||
UserLoginsDisabled bool `protobuf:"varint,11,opt,name=userLoginsDisabled,proto3" json:"userLoginsDisabled,omitempty"`
|
||||
ConfigManagementPlugins []*v1alpha1.ConfigManagementPlugin `protobuf:"bytes,12,rep,name=configManagementPlugins,proto3" json:"configManagementPlugins,omitempty"`
|
||||
KustomizeVersions []string `protobuf:"bytes,13,rep,name=kustomizeVersions,proto3" json:"kustomizeVersions,omitempty"`
|
||||
UiCssURL string `protobuf:"bytes,14,opt,name=uiCssURL,proto3" json:"uiCssURL,omitempty"`
|
||||
UiBannerContent string `protobuf:"bytes,15,opt,name=uiBannerContent,proto3" json:"uiBannerContent,omitempty"`
|
||||
UiBannerURL string `protobuf:"bytes,16,opt,name=uiBannerURL,proto3" json:"uiBannerURL,omitempty"`
|
||||
PasswordPattern string `protobuf:"bytes,17,opt,name=passwordPattern,proto3" json:"passwordPattern,omitempty"`
|
||||
TrackingMethod string `protobuf:"bytes,18,opt,name=trackingMethod,proto3" json:"trackingMethod,omitempty"`
|
||||
UiBannerPermanent bool `protobuf:"varint,19,opt,name=uiBannerPermanent,proto3" json:"uiBannerPermanent,omitempty"`
|
||||
UiBannerPosition string `protobuf:"bytes,20,opt,name=uiBannerPosition,proto3" json:"uiBannerPosition,omitempty"`
|
||||
StatusBadgeRootUrl string `protobuf:"bytes,21,opt,name=statusBadgeRootUrl,proto3" json:"statusBadgeRootUrl,omitempty"`
|
||||
ExecEnabled bool `protobuf:"varint,22,opt,name=execEnabled,proto3" json:"execEnabled,omitempty"`
|
||||
ControllerNamespace string `protobuf:"bytes,23,opt,name=controllerNamespace,proto3" json:"controllerNamespace,omitempty"`
|
||||
AppsInAnyNamespaceEnabled bool `protobuf:"varint,24,opt,name=appsInAnyNamespaceEnabled,proto3" json:"appsInAnyNamespaceEnabled,omitempty"`
|
||||
XXX_NoUnkeyedLiteral struct{} `json:"-"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
XXX_sizecache int32 `json:"-"`
|
||||
}
|
||||
|
||||
func (m *Settings) Reset() { *m = Settings{} }
|
||||
@@ -298,6 +299,13 @@ func (m *Settings) GetControllerNamespace() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (m *Settings) GetAppsInAnyNamespaceEnabled() bool {
|
||||
if m != nil {
|
||||
return m.AppsInAnyNamespaceEnabled
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
type GoogleAnalyticsConfig struct {
|
||||
TrackingID string `protobuf:"bytes,1,opt,name=trackingID,proto3" json:"trackingID,omitempty"`
|
||||
AnonymizeUsers bool `protobuf:"varint,2,opt,name=anonymizeUsers,proto3" json:"anonymizeUsers,omitempty"`
|
||||
@@ -675,78 +683,79 @@ func init() {
|
||||
func init() { proto.RegisterFile("server/settings/settings.proto", fileDescriptor_a480d494da040caa) }
|
||||
|
||||
var fileDescriptor_a480d494da040caa = []byte{
|
||||
// 1129 bytes of a gzipped FileDescriptorProto
|
||||
// 1148 bytes of a gzipped FileDescriptorProto
|
||||
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x56, 0x4f, 0x6f, 0x1b, 0x45,
|
||||
0x14, 0xd7, 0xd6, 0x69, 0x62, 0xbf, 0x34, 0x75, 0x32, 0x6d, 0xd3, 0xc5, 0x2a, 0x8e, 0xf1, 0xa1,
|
||||
0x32, 0x08, 0xd6, 0x8d, 0x2b, 0x04, 0x42, 0xaa, 0x00, 0xdb, 0x55, 0x6b, 0xea, 0xb6, 0x61, 0xdb,
|
||||
0xf4, 0x80, 0x84, 0xaa, 0xc9, 0xee, 0x63, 0xb3, 0x78, 0x3d, 0xb3, 0x9a, 0x99, 0x35, 0x75, 0x8f,
|
||||
0xdc, 0xb8, 0x70, 0x81, 0x4f, 0xc3, 0x27, 0xe0, 0x88, 0xc4, 0x3d, 0x42, 0x16, 0x1f, 0x82, 0x23,
|
||||
0x9a, 0xd9, 0x3f, 0xd9, 0xd8, 0xe6, 0x8f, 0xd4, 0xdb, 0xcc, 0xef, 0xf7, 0xfe, 0xcd, 0x9b, 0x37,
|
||||
0xf3, 0x1e, 0x34, 0x25, 0x8a, 0x19, 0x8a, 0xae, 0x44, 0xa5, 0x42, 0x16, 0xc8, 0x62, 0xe1, 0xc4,
|
||||
0x82, 0x2b, 0x4e, 0xb6, 0xbc, 0x28, 0x91, 0x0a, 0x45, 0xe3, 0x7a, 0xc0, 0x03, 0x6e, 0xb0, 0xae,
|
||||
0x5e, 0xa5, 0x74, 0xe3, 0x56, 0xc0, 0x79, 0x10, 0x61, 0x97, 0xc6, 0x61, 0x97, 0x32, 0xc6, 0x15,
|
||||
0x55, 0x21, 0x67, 0x99, 0x72, 0x63, 0x1c, 0x84, 0xea, 0x34, 0x39, 0x71, 0x3c, 0x3e, 0xed, 0x52,
|
||||
0x61, 0xd4, 0xbf, 0x35, 0x8b, 0x0f, 0x3c, 0xbf, 0x3b, 0xeb, 0x75, 0xe3, 0x49, 0xa0, 0x35, 0x65,
|
||||
0x97, 0xc6, 0x71, 0x14, 0x7a, 0x46, 0xb7, 0x3b, 0x3b, 0xa4, 0x51, 0x7c, 0x4a, 0x0f, 0xbb, 0x01,
|
||||
0x32, 0x14, 0x54, 0xa1, 0x9f, 0x59, 0xfb, 0xec, 0x3f, 0xac, 0x2d, 0x9f, 0x84, 0x87, 0xbe, 0xd7,
|
||||
0xf5, 0x22, 0x1a, 0x4e, 0xb3, 0x78, 0xda, 0x75, 0xd8, 0x79, 0x96, 0xb1, 0x5f, 0x26, 0x28, 0xe6,
|
||||
0xed, 0xbf, 0x00, 0xaa, 0x39, 0x42, 0xde, 0x82, 0x4a, 0x22, 0x22, 0xdb, 0x6a, 0x59, 0x9d, 0x5a,
|
||||
0x7f, 0x6b, 0x71, 0x76, 0x50, 0x39, 0x76, 0xc7, 0xae, 0xc6, 0xc8, 0x1d, 0xa8, 0xf9, 0xf8, 0x6a,
|
||||
0xc0, 0xd9, 0x37, 0x61, 0x60, 0x5f, 0x6a, 0x59, 0x9d, 0xed, 0x1e, 0x71, 0xb2, 0xcc, 0x38, 0xc3,
|
||||
0x9c, 0x71, 0xcf, 0x85, 0xc8, 0x00, 0x40, 0xfb, 0xcf, 0x54, 0x2a, 0x46, 0xe5, 0x5a, 0xa1, 0xf2,
|
||||
0x74, 0x34, 0x1c, 0xa4, 0x54, 0xff, 0xea, 0xe2, 0xec, 0x00, 0xce, 0xf7, 0x6e, 0x49, 0x8d, 0xb4,
|
||||
0x60, 0x9b, 0xc6, 0xf1, 0x98, 0x9e, 0x60, 0xf4, 0x08, 0xe7, 0xf6, 0x86, 0x8e, 0xcc, 0x2d, 0x43,
|
||||
0xe4, 0x05, 0xec, 0x09, 0x94, 0x3c, 0x11, 0x1e, 0x3e, 0x9d, 0xa1, 0x10, 0xa1, 0x8f, 0xd2, 0xbe,
|
||||
0xdc, 0xaa, 0x74, 0xb6, 0x7b, 0x9d, 0xc2, 0x5b, 0x7e, 0x42, 0xc7, 0x5d, 0x16, 0xbd, 0xcf, 0x94,
|
||||
0x98, 0xbb, 0xab, 0x26, 0x88, 0x03, 0x44, 0x2a, 0xaa, 0x12, 0xd9, 0xa7, 0x7e, 0x80, 0xf7, 0x19,
|
||||
0x3d, 0x89, 0xd0, 0xb7, 0x37, 0x5b, 0x56, 0xa7, 0xea, 0xae, 0x61, 0xc8, 0x43, 0xa8, 0xa7, 0x95,
|
||||
0xf0, 0x39, 0xa3, 0xd1, 0x5c, 0x85, 0x9e, 0xb4, 0xb7, 0xcc, 0x99, 0x9b, 0x45, 0x14, 0x0f, 0x2e,
|
||||
0xf2, 0xd9, 0x71, 0x97, 0xd5, 0xc8, 0x6b, 0xd8, 0x9d, 0x24, 0x52, 0xf1, 0x69, 0xf8, 0x1a, 0x9f,
|
||||
0xc6, 0xa6, 0x9a, 0xec, 0xaa, 0x31, 0xf5, 0xc4, 0x39, 0x2f, 0x00, 0x27, 0x2f, 0x00, 0xb3, 0x78,
|
||||
0xe9, 0xf9, 0xce, 0xac, 0xe7, 0xc4, 0x93, 0xc0, 0xd1, 0xe5, 0xe4, 0x94, 0xca, 0xc9, 0xc9, 0xcb,
|
||||
0xc9, 0x79, 0xb4, 0x64, 0xd5, 0x5d, 0xf1, 0x43, 0xde, 0x81, 0x8d, 0x53, 0x8c, 0x62, 0xbb, 0x66,
|
||||
0xfc, 0xed, 0x14, 0xa1, 0x3f, 0xc4, 0x28, 0x76, 0x0d, 0x45, 0xde, 0x85, 0xad, 0x38, 0x4a, 0x82,
|
||||
0x90, 0x49, 0x1b, 0x4c, 0x9a, 0xeb, 0x85, 0xd4, 0x91, 0xc1, 0xdd, 0x9c, 0xd7, 0x39, 0x4c, 0x24,
|
||||
0x8a, 0x31, 0xd7, 0xbb, 0x61, 0x28, 0xd3, 0x1c, 0x6e, 0xa7, 0x39, 0x5c, 0x65, 0xc8, 0x8f, 0x16,
|
||||
0xdc, 0xf4, 0x4c, 0x56, 0x1e, 0x53, 0x46, 0x03, 0x9c, 0x22, 0x53, 0x47, 0x99, 0xaf, 0x2b, 0xc6,
|
||||
0xd7, 0xf3, 0x37, 0xcb, 0xc0, 0x60, 0xad, 0x71, 0xf7, 0x9f, 0x9c, 0x92, 0xf7, 0x61, 0xaf, 0x48,
|
||||
0xd1, 0x0b, 0x14, 0xd2, 0xdc, 0xc5, 0x4e, 0xab, 0xd2, 0xa9, 0xb9, 0xab, 0x04, 0x69, 0x40, 0x35,
|
||||
0x09, 0x07, 0x52, 0x1e, 0xbb, 0x63, 0xfb, 0xaa, 0xa9, 0xd4, 0x62, 0x4f, 0x3a, 0x50, 0x4f, 0xc2,
|
||||
0x3e, 0x65, 0x0c, 0xc5, 0x80, 0x33, 0x85, 0x4c, 0xd9, 0x75, 0x23, 0xb2, 0x0c, 0xeb, 0x92, 0xcf,
|
||||
0x21, 0x6d, 0x68, 0x37, 0x2d, 0xf9, 0x12, 0xa4, 0x6d, 0xc5, 0x54, 0xca, 0xef, 0xb8, 0xf0, 0x8f,
|
||||
0xa8, 0x52, 0x28, 0x98, 0xbd, 0x97, 0xda, 0x5a, 0x82, 0xc9, 0x6d, 0xb8, 0xaa, 0x04, 0xf5, 0x26,
|
||||
0x21, 0x0b, 0x1e, 0xa3, 0x3a, 0xe5, 0xbe, 0x4d, 0x8c, 0xe0, 0x12, 0xaa, 0xcf, 0x99, 0x3b, 0x38,
|
||||
0x42, 0x31, 0xa5, 0x4c, 0xc7, 0x77, 0xcd, 0xdc, 0xd3, 0x2a, 0x41, 0xde, 0x83, 0xdd, 0x02, 0xe4,
|
||||
0x32, 0xd4, 0x29, 0xb6, 0xaf, 0x1b, 0xbb, 0x2b, 0xf8, 0xd2, 0x33, 0x72, 0x39, 0x57, 0xc7, 0x22,
|
||||
0xb2, 0x6f, 0x18, 0xe9, 0x35, 0x8c, 0x3e, 0x3d, 0xbe, 0x42, 0x2f, 0x7f, 0x6f, 0xfb, 0x26, 0x86,
|
||||
0x32, 0x44, 0xee, 0xc0, 0x35, 0x8f, 0x33, 0x25, 0x78, 0x14, 0xa1, 0x78, 0x42, 0xa7, 0x28, 0x63,
|
||||
0xea, 0xa1, 0x7d, 0xd3, 0x98, 0x5c, 0x47, 0x35, 0x7e, 0xb6, 0x60, 0x7f, 0xfd, 0xc3, 0x27, 0xbb,
|
||||
0x50, 0x99, 0xe0, 0x3c, 0xfd, 0xf1, 0x5c, 0xbd, 0x24, 0x3e, 0x5c, 0x9e, 0xd1, 0x28, 0xc1, 0xec,
|
||||
0x93, 0x7b, 0xc3, 0x27, 0xb7, 0xec, 0xd6, 0x4d, 0x8d, 0x7f, 0x72, 0xe9, 0x63, 0xab, 0xfd, 0x12,
|
||||
0x6e, 0xac, 0xfd, 0x11, 0x48, 0x13, 0x20, 0xbf, 0x9f, 0xd1, 0x30, 0x8b, 0xad, 0x84, 0xe8, 0x5b,
|
||||
0xa5, 0x8c, 0xb3, 0xb9, 0x2e, 0xbe, 0x63, 0x89, 0x42, 0x9a, 0x58, 0xab, 0xee, 0x12, 0xda, 0xfe,
|
||||
0xc5, 0x82, 0x0d, 0xfd, 0x70, 0x89, 0x0d, 0x5b, 0xde, 0x29, 0x35, 0x99, 0x4f, 0xad, 0xe5, 0x5b,
|
||||
0x5d, 0xb2, 0x7a, 0xf9, 0x1c, 0x5f, 0x29, 0x63, 0xa4, 0xe6, 0x16, 0x7b, 0x72, 0x0f, 0xe0, 0x24,
|
||||
0x64, 0x54, 0xcc, 0x8f, 0x45, 0x24, 0xed, 0x8a, 0x79, 0x7f, 0x6f, 0x5f, 0xf8, 0x11, 0x9c, 0x7e,
|
||||
0xc1, 0xa7, 0xff, 0x68, 0x49, 0xa1, 0x71, 0x0f, 0xea, 0x4b, 0xf4, 0x9a, 0x6c, 0x5f, 0x2f, 0x67,
|
||||
0xbb, 0x56, 0xce, 0xce, 0x2d, 0xd8, 0x4c, 0x5f, 0x21, 0x21, 0xb0, 0xc1, 0xe8, 0x14, 0x33, 0x35,
|
||||
0xb3, 0x6e, 0x7f, 0x0a, 0xb5, 0xa2, 0xe9, 0x90, 0x1e, 0x80, 0xc7, 0x19, 0x43, 0x4f, 0x71, 0x21,
|
||||
0x6d, 0xcb, 0x04, 0x7a, 0xde, 0x9c, 0x06, 0x39, 0xe5, 0x96, 0xa4, 0xda, 0x77, 0xa1, 0x56, 0x10,
|
||||
0xeb, 0x3c, 0x68, 0x4c, 0xcd, 0xe3, 0x3c, 0x30, 0xb3, 0x6e, 0xff, 0x50, 0x81, 0x52, 0xa3, 0x5a,
|
||||
0xab, 0xb6, 0x0f, 0x9b, 0xa1, 0x94, 0x09, 0x8a, 0x4c, 0x31, 0xdb, 0x91, 0x0e, 0x54, 0xbd, 0x28,
|
||||
0x44, 0xa6, 0x46, 0x43, 0xd3, 0x0b, 0x6b, 0xfd, 0x2b, 0x8b, 0xb3, 0x83, 0xea, 0x20, 0xc3, 0xdc,
|
||||
0x82, 0x25, 0x87, 0xb0, 0xed, 0x45, 0x61, 0x4e, 0xa4, 0x2d, 0xaf, 0x5f, 0x5f, 0x9c, 0x1d, 0x6c,
|
||||
0x0f, 0xc6, 0xa3, 0x42, 0xbe, 0x2c, 0xa3, 0x9d, 0x4a, 0x8f, 0xc7, 0x59, 0xe3, 0xab, 0xb9, 0xd9,
|
||||
0x8e, 0xbc, 0x84, 0x9d, 0xd0, 0x7f, 0xce, 0x27, 0xc8, 0x06, 0x66, 0x08, 0xb0, 0x37, 0x4d, 0x6e,
|
||||
0x6e, 0xaf, 0xe9, 0xc2, 0xce, 0xa8, 0x2c, 0x68, 0xae, 0xab, 0xbf, 0xb7, 0x38, 0x3b, 0xd8, 0x19,
|
||||
0x0d, 0x4b, 0xb8, 0x7b, 0xd1, 0x5e, 0x63, 0x0e, 0x64, 0x55, 0x6f, 0xcd, 0x35, 0x3f, 0xbe, 0xf8,
|
||||
0xa8, 0x3e, 0xfa, 0xd7, 0x47, 0x95, 0x4e, 0x31, 0x4e, 0x31, 0x86, 0xe9, 0x71, 0xc0, 0x31, 0xf6,
|
||||
0x4b, 0xf5, 0xd1, 0xfb, 0x1a, 0xea, 0x79, 0x57, 0x7f, 0x86, 0x62, 0x16, 0x7a, 0x48, 0xbe, 0x80,
|
||||
0xca, 0x03, 0x54, 0x64, 0x7f, 0xa5, 0xed, 0x9b, 0x51, 0xa7, 0xb1, 0xb7, 0x82, 0xb7, 0xed, 0xef,
|
||||
0x7f, 0xff, 0xf3, 0xa7, 0x4b, 0x84, 0xec, 0x9a, 0xf1, 0x6d, 0x76, 0x58, 0x8c, 0x4e, 0xfd, 0xc1,
|
||||
0xaf, 0x8b, 0xa6, 0xf5, 0xdb, 0xa2, 0x69, 0xfd, 0xb1, 0x68, 0x5a, 0x5f, 0x7d, 0xf8, 0xff, 0xc6,
|
||||
0xb8, 0xf4, 0x0e, 0x0b, 0x23, 0x27, 0x9b, 0x66, 0xe8, 0xba, 0xfb, 0x77, 0x00, 0x00, 0x00, 0xff,
|
||||
0xff, 0x2a, 0xfc, 0x97, 0xee, 0x63, 0x0a, 0x00, 0x00,
|
||||
0x14, 0xd7, 0xd6, 0x69, 0x62, 0x3f, 0x37, 0x75, 0x32, 0x6d, 0xd3, 0xad, 0x55, 0x92, 0xe0, 0x43,
|
||||
0x65, 0x10, 0xac, 0x1b, 0x57, 0x08, 0x84, 0xa8, 0xa0, 0xb6, 0xab, 0xd6, 0xd4, 0x6d, 0xc3, 0xb6,
|
||||
0xe9, 0x01, 0x09, 0x55, 0x93, 0xdd, 0xc7, 0x66, 0xf1, 0x7a, 0x66, 0x35, 0x33, 0x6b, 0xea, 0x1e,
|
||||
0xb9, 0x71, 0xe1, 0x02, 0x9f, 0x85, 0x03, 0x9f, 0x80, 0x23, 0x12, 0xf7, 0x08, 0x59, 0x7c, 0x10,
|
||||
0x34, 0xb3, 0x7f, 0xb2, 0xb1, 0x5d, 0x40, 0xea, 0x6d, 0xe6, 0xf7, 0x7b, 0xff, 0xe6, 0xcd, 0x7b,
|
||||
0x33, 0x0f, 0x76, 0x25, 0x8a, 0x29, 0x8a, 0x8e, 0x44, 0xa5, 0x42, 0x16, 0xc8, 0x62, 0xe1, 0xc4,
|
||||
0x82, 0x2b, 0x4e, 0x36, 0xbc, 0x28, 0x91, 0x0a, 0x45, 0xf3, 0x6a, 0xc0, 0x03, 0x6e, 0xb0, 0x8e,
|
||||
0x5e, 0xa5, 0x74, 0xf3, 0x66, 0xc0, 0x79, 0x10, 0x61, 0x87, 0xc6, 0x61, 0x87, 0x32, 0xc6, 0x15,
|
||||
0x55, 0x21, 0x67, 0x99, 0x72, 0x73, 0x14, 0x84, 0xea, 0x24, 0x39, 0x76, 0x3c, 0x3e, 0xe9, 0x50,
|
||||
0x61, 0xd4, 0xbf, 0x33, 0x8b, 0x0f, 0x3d, 0xbf, 0x33, 0xed, 0x76, 0xe2, 0x71, 0xa0, 0x35, 0x65,
|
||||
0x87, 0xc6, 0x71, 0x14, 0x7a, 0x46, 0xb7, 0x33, 0x3d, 0xa0, 0x51, 0x7c, 0x42, 0x0f, 0x3a, 0x01,
|
||||
0x32, 0x14, 0x54, 0xa1, 0x9f, 0x59, 0xfb, 0xe2, 0x3f, 0xac, 0x2d, 0x9e, 0x84, 0x87, 0xbe, 0xd7,
|
||||
0xf1, 0x22, 0x1a, 0x4e, 0xb2, 0x78, 0x5a, 0x0d, 0xd8, 0x7c, 0x96, 0xb1, 0x5f, 0x25, 0x28, 0x66,
|
||||
0xad, 0x5f, 0xeb, 0x50, 0xcd, 0x11, 0x72, 0x03, 0x2a, 0x89, 0x88, 0x6c, 0x6b, 0xdf, 0x6a, 0xd7,
|
||||
0x7a, 0x1b, 0xf3, 0xd3, 0xbd, 0xca, 0x91, 0x3b, 0x72, 0x35, 0x46, 0x6e, 0x43, 0xcd, 0xc7, 0x57,
|
||||
0x7d, 0xce, 0xbe, 0x0d, 0x03, 0xfb, 0xc2, 0xbe, 0xd5, 0xae, 0x77, 0x89, 0x93, 0x65, 0xc6, 0x19,
|
||||
0xe4, 0x8c, 0x7b, 0x26, 0x44, 0xfa, 0x00, 0xda, 0x7f, 0xa6, 0x52, 0x31, 0x2a, 0x57, 0x0a, 0x95,
|
||||
0xa7, 0xc3, 0x41, 0x3f, 0xa5, 0x7a, 0x97, 0xe7, 0xa7, 0x7b, 0x70, 0xb6, 0x77, 0x4b, 0x6a, 0x64,
|
||||
0x1f, 0xea, 0x34, 0x8e, 0x47, 0xf4, 0x18, 0xa3, 0x47, 0x38, 0xb3, 0xd7, 0x74, 0x64, 0x6e, 0x19,
|
||||
0x22, 0x2f, 0x60, 0x5b, 0xa0, 0xe4, 0x89, 0xf0, 0xf0, 0xe9, 0x14, 0x85, 0x08, 0x7d, 0x94, 0xf6,
|
||||
0xc5, 0xfd, 0x4a, 0xbb, 0xde, 0x6d, 0x17, 0xde, 0xf2, 0x13, 0x3a, 0xee, 0xa2, 0xe8, 0x7d, 0xa6,
|
||||
0xc4, 0xcc, 0x5d, 0x36, 0x41, 0x1c, 0x20, 0x52, 0x51, 0x95, 0xc8, 0x1e, 0xf5, 0x03, 0xbc, 0xcf,
|
||||
0xe8, 0x71, 0x84, 0xbe, 0xbd, 0xbe, 0x6f, 0xb5, 0xab, 0xee, 0x0a, 0x86, 0x3c, 0x84, 0x46, 0x5a,
|
||||
0x09, 0xf7, 0x18, 0x8d, 0x66, 0x2a, 0xf4, 0xa4, 0xbd, 0x61, 0xce, 0xbc, 0x5b, 0x44, 0xf1, 0xe0,
|
||||
0x3c, 0x9f, 0x1d, 0x77, 0x51, 0x8d, 0xbc, 0x86, 0xad, 0x71, 0x22, 0x15, 0x9f, 0x84, 0xaf, 0xf1,
|
||||
0x69, 0x6c, 0xaa, 0xc9, 0xae, 0x1a, 0x53, 0x4f, 0x9c, 0xb3, 0x02, 0x70, 0xf2, 0x02, 0x30, 0x8b,
|
||||
0x97, 0x9e, 0xef, 0x4c, 0xbb, 0x4e, 0x3c, 0x0e, 0x1c, 0x5d, 0x4e, 0x4e, 0xa9, 0x9c, 0x9c, 0xbc,
|
||||
0x9c, 0x9c, 0x47, 0x0b, 0x56, 0xdd, 0x25, 0x3f, 0xe4, 0x5d, 0x58, 0x3b, 0xc1, 0x28, 0xb6, 0x6b,
|
||||
0xc6, 0xdf, 0x66, 0x11, 0xfa, 0x43, 0x8c, 0x62, 0xd7, 0x50, 0xe4, 0x3d, 0xd8, 0x88, 0xa3, 0x24,
|
||||
0x08, 0x99, 0xb4, 0xc1, 0xa4, 0xb9, 0x51, 0x48, 0x1d, 0x1a, 0xdc, 0xcd, 0x79, 0x9d, 0xc3, 0x44,
|
||||
0xa2, 0x18, 0x71, 0xbd, 0x1b, 0x84, 0x32, 0xcd, 0x61, 0x3d, 0xcd, 0xe1, 0x32, 0x43, 0x7e, 0xb2,
|
||||
0xe0, 0xba, 0x67, 0xb2, 0xf2, 0x98, 0x32, 0x1a, 0xe0, 0x04, 0x99, 0x3a, 0xcc, 0x7c, 0x5d, 0x32,
|
||||
0xbe, 0x9e, 0xbf, 0x5d, 0x06, 0xfa, 0x2b, 0x8d, 0xbb, 0x6f, 0x72, 0x4a, 0x3e, 0x80, 0xed, 0x22,
|
||||
0x45, 0x2f, 0x50, 0x48, 0x73, 0x17, 0x9b, 0xfb, 0x95, 0x76, 0xcd, 0x5d, 0x26, 0x48, 0x13, 0xaa,
|
||||
0x49, 0xd8, 0x97, 0xf2, 0xc8, 0x1d, 0xd9, 0x97, 0x4d, 0xa5, 0x16, 0x7b, 0xd2, 0x86, 0x46, 0x12,
|
||||
0xf6, 0x28, 0x63, 0x28, 0xfa, 0x9c, 0x29, 0x64, 0xca, 0x6e, 0x18, 0x91, 0x45, 0x58, 0x97, 0x7c,
|
||||
0x0e, 0x69, 0x43, 0x5b, 0x69, 0xc9, 0x97, 0x20, 0x6d, 0x2b, 0xa6, 0x52, 0x7e, 0xcf, 0x85, 0x7f,
|
||||
0x48, 0x95, 0x42, 0xc1, 0xec, 0xed, 0xd4, 0xd6, 0x02, 0x4c, 0x6e, 0xc1, 0x65, 0x25, 0xa8, 0x37,
|
||||
0x0e, 0x59, 0xf0, 0x18, 0xd5, 0x09, 0xf7, 0x6d, 0x62, 0x04, 0x17, 0x50, 0x7d, 0xce, 0xdc, 0xc1,
|
||||
0x21, 0x8a, 0x09, 0x65, 0x3a, 0xbe, 0x2b, 0xe6, 0x9e, 0x96, 0x09, 0xf2, 0x3e, 0x6c, 0x15, 0x20,
|
||||
0x97, 0xa1, 0x4e, 0xb1, 0x7d, 0xd5, 0xd8, 0x5d, 0xc2, 0x17, 0xda, 0xc8, 0xe5, 0x5c, 0x1d, 0x89,
|
||||
0xc8, 0xbe, 0x66, 0xa4, 0x57, 0x30, 0xfa, 0xf4, 0xf8, 0x0a, 0xbd, 0xbc, 0xdf, 0x76, 0x4c, 0x0c,
|
||||
0x65, 0x88, 0xdc, 0x86, 0x2b, 0x1e, 0x67, 0x4a, 0xf0, 0x28, 0x42, 0xf1, 0x84, 0x4e, 0x50, 0xc6,
|
||||
0xd4, 0x43, 0xfb, 0xba, 0x31, 0xb9, 0x8a, 0x22, 0x9f, 0xc1, 0x0d, 0x1a, 0xc7, 0x72, 0xc8, 0xee,
|
||||
0xb1, 0x59, 0x81, 0xe6, 0x1e, 0x6c, 0xe3, 0xe1, 0xcd, 0x02, 0xcd, 0x5f, 0x2c, 0xd8, 0x59, 0xfd,
|
||||
0x6c, 0x90, 0x2d, 0xa8, 0x8c, 0x71, 0x96, 0xbe, 0x97, 0xae, 0x5e, 0x12, 0x1f, 0x2e, 0x4e, 0x69,
|
||||
0x94, 0x60, 0xf6, 0x44, 0xbe, 0x65, 0xc3, 0x2e, 0xba, 0x75, 0x53, 0xe3, 0x9f, 0x5e, 0xf8, 0xc4,
|
||||
0x6a, 0xbd, 0x84, 0x6b, 0x2b, 0xdf, 0x13, 0xb2, 0x0b, 0x90, 0xdf, 0xee, 0x70, 0x90, 0xc5, 0x56,
|
||||
0x42, 0x74, 0x4d, 0x50, 0xc6, 0xd9, 0x4c, 0x97, 0xee, 0x91, 0x44, 0x21, 0x4d, 0xac, 0x55, 0x77,
|
||||
0x01, 0x6d, 0xfd, 0x66, 0xc1, 0x9a, 0x6e, 0x7b, 0x62, 0xc3, 0x86, 0x77, 0x42, 0xcd, 0xbd, 0xa5,
|
||||
0xd6, 0xf2, 0xad, 0x2e, 0x78, 0xbd, 0x7c, 0x8e, 0xaf, 0x94, 0x31, 0x52, 0x73, 0x8b, 0x3d, 0xb9,
|
||||
0x0b, 0x70, 0x1c, 0x32, 0x2a, 0x66, 0x47, 0x22, 0x92, 0x76, 0xc5, 0x74, 0xef, 0x3b, 0xe7, 0xde,
|
||||
0x13, 0xa7, 0x57, 0xf0, 0xe9, 0x2b, 0x5c, 0x52, 0x68, 0xde, 0x85, 0xc6, 0x02, 0xbd, 0x22, 0xdb,
|
||||
0x57, 0xcb, 0xd9, 0xae, 0x95, 0xb3, 0x73, 0x13, 0xd6, 0xd3, 0x1e, 0x26, 0x04, 0xd6, 0x18, 0x9d,
|
||||
0x60, 0xa6, 0x66, 0xd6, 0xad, 0xcf, 0xa1, 0x56, 0x7c, 0x59, 0xa4, 0x0b, 0xe0, 0x71, 0xc6, 0xd0,
|
||||
0x53, 0x5c, 0x48, 0xdb, 0x32, 0x81, 0x9e, 0x7d, 0x6d, 0xfd, 0x9c, 0x72, 0x4b, 0x52, 0xad, 0x3b,
|
||||
0x50, 0x2b, 0x88, 0x55, 0x1e, 0x34, 0xa6, 0x66, 0x71, 0x1e, 0x98, 0x59, 0xb7, 0x7e, 0xac, 0x40,
|
||||
0xe9, 0x9b, 0x5b, 0xa9, 0xb6, 0x03, 0xeb, 0xa1, 0x94, 0x09, 0x8a, 0x4c, 0x31, 0xdb, 0x91, 0x36,
|
||||
0x54, 0xbd, 0x28, 0x44, 0xa6, 0x86, 0x03, 0xf3, 0x93, 0xd6, 0x7a, 0x97, 0xe6, 0xa7, 0x7b, 0xd5,
|
||||
0x7e, 0x86, 0xb9, 0x05, 0x4b, 0x0e, 0xa0, 0xee, 0x45, 0x61, 0x4e, 0xa4, 0x1f, 0x66, 0xaf, 0x31,
|
||||
0x3f, 0xdd, 0xab, 0xf7, 0x47, 0xc3, 0x42, 0xbe, 0x2c, 0xa3, 0x9d, 0x4a, 0x8f, 0xc7, 0xd9, 0xb7,
|
||||
0x59, 0x73, 0xb3, 0x1d, 0x79, 0x09, 0x9b, 0xa1, 0xff, 0x9c, 0x8f, 0x91, 0xf5, 0xcd, 0x08, 0x61,
|
||||
0xaf, 0x9b, 0xdc, 0xdc, 0x5a, 0xf1, 0x87, 0x3b, 0xc3, 0xb2, 0xa0, 0xb9, 0xae, 0xde, 0xf6, 0xfc,
|
||||
0x74, 0x6f, 0x73, 0x38, 0x28, 0xe1, 0xee, 0x79, 0x7b, 0xcd, 0x19, 0x90, 0x65, 0xbd, 0x15, 0xd7,
|
||||
0xfc, 0xf8, 0x7c, 0x53, 0x7d, 0xfc, 0xaf, 0x4d, 0x95, 0xce, 0x40, 0x4e, 0x31, 0xc4, 0xe9, 0x61,
|
||||
0xc2, 0x31, 0xf6, 0x4b, 0xf5, 0xd1, 0xfd, 0x06, 0x1a, 0xf9, 0x4c, 0xf0, 0x0c, 0xc5, 0x34, 0xf4,
|
||||
0x90, 0x7c, 0x09, 0x95, 0x07, 0xa8, 0xc8, 0xce, 0xd2, 0xd0, 0x60, 0x06, 0xa5, 0xe6, 0xf6, 0x12,
|
||||
0xde, 0xb2, 0x7f, 0xf8, 0xf3, 0xef, 0x9f, 0x2f, 0x10, 0xb2, 0x65, 0x86, 0xbf, 0xe9, 0x41, 0x31,
|
||||
0x78, 0xf5, 0xfa, 0xbf, 0xcf, 0x77, 0xad, 0x3f, 0xe6, 0xbb, 0xd6, 0x5f, 0xf3, 0x5d, 0xeb, 0xeb,
|
||||
0x8f, 0xfe, 0xdf, 0x10, 0x98, 0xde, 0x61, 0x61, 0xe4, 0x78, 0xdd, 0x8c, 0x6c, 0x77, 0xfe, 0x09,
|
||||
0x00, 0x00, 0xff, 0xff, 0xf0, 0x33, 0x47, 0xc2, 0xa1, 0x0a, 0x00, 0x00,
|
||||
}
|
||||
|
||||
// Reference imports to suppress errors if they are not otherwise used.
|
||||
@@ -882,6 +891,18 @@ func (m *Settings) MarshalToSizedBuffer(dAtA []byte) (int, error) {
|
||||
i -= len(m.XXX_unrecognized)
|
||||
copy(dAtA[i:], m.XXX_unrecognized)
|
||||
}
|
||||
if m.AppsInAnyNamespaceEnabled {
|
||||
i--
|
||||
if m.AppsInAnyNamespaceEnabled {
|
||||
dAtA[i] = 1
|
||||
} else {
|
||||
dAtA[i] = 0
|
||||
}
|
||||
i--
|
||||
dAtA[i] = 0x1
|
||||
i--
|
||||
dAtA[i] = 0xc0
|
||||
}
|
||||
if len(m.ControllerNamespace) > 0 {
|
||||
i -= len(m.ControllerNamespace)
|
||||
copy(dAtA[i:], m.ControllerNamespace)
|
||||
@@ -1576,6 +1597,9 @@ func (m *Settings) Size() (n int) {
|
||||
if l > 0 {
|
||||
n += 2 + l + sovSettings(uint64(l))
|
||||
}
|
||||
if m.AppsInAnyNamespaceEnabled {
|
||||
n += 3
|
||||
}
|
||||
if m.XXX_unrecognized != nil {
|
||||
n += len(m.XXX_unrecognized)
|
||||
}
|
||||
@@ -2625,6 +2649,26 @@ func (m *Settings) Unmarshal(dAtA []byte) error {
|
||||
}
|
||||
m.ControllerNamespace = string(dAtA[iNdEx:postIndex])
|
||||
iNdEx = postIndex
|
||||
case 24:
|
||||
if wireType != 0 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field AppsInAnyNamespaceEnabled", wireType)
|
||||
}
|
||||
var v int
|
||||
for shift := uint(0); ; shift += 7 {
|
||||
if shift >= 64 {
|
||||
return ErrIntOverflowSettings
|
||||
}
|
||||
if iNdEx >= l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
b := dAtA[iNdEx]
|
||||
iNdEx++
|
||||
v |= int(b&0x7F) << shift
|
||||
if b < 0x80 {
|
||||
break
|
||||
}
|
||||
}
|
||||
m.AppsInAnyNamespaceEnabled = bool(v != 0)
|
||||
default:
|
||||
iNdEx = preIndex
|
||||
skippy, err := skipSettings(dAtA[iNdEx:])
|
||||
|
||||
@@ -177,7 +177,7 @@ func (repo *Repository) GetGitCreds(store git.CredsStore) git.Creds {
|
||||
return git.NewSSHCreds(repo.SSHPrivateKey, getCAPath(repo.Repo), repo.IsInsecure(), store)
|
||||
}
|
||||
if repo.GithubAppPrivateKey != "" && repo.GithubAppId != 0 && repo.GithubAppInstallationId != 0 {
|
||||
return git.NewGitHubAppCreds(repo.GithubAppId, repo.GithubAppInstallationId, repo.GithubAppPrivateKey, repo.GitHubAppEnterpriseBaseURL, repo.Repo, repo.TLSClientCertData, repo.TLSClientCertKey, repo.IsInsecure(), store)
|
||||
return git.NewGitHubAppCreds(repo.GithubAppId, repo.GithubAppInstallationId, repo.GithubAppPrivateKey, repo.GitHubAppEnterpriseBaseURL, repo.Repo, repo.TLSClientCertData, repo.TLSClientCertKey, repo.IsInsecure(), repo.Proxy, store)
|
||||
}
|
||||
return git.NopCreds{}
|
||||
}
|
||||
|
||||
@@ -856,7 +856,7 @@ func helmTemplate(appPath string, repoRoot string, env *v1alpha1.Env, q *apiclie
|
||||
for _, val := range appHelm.ValueFiles {
|
||||
|
||||
// This will resolve val to an absolute path (or an URL)
|
||||
path, isRemote, err := pathutil.ResolveFilePath(appPath, repoRoot, env.Envsubst(val), q.GetValuesFileSchemes())
|
||||
path, isRemote, err := pathutil.ResolveValueFilePathOrUrl(appPath, repoRoot, env.Envsubst(val), q.GetValuesFileSchemes())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -896,7 +896,7 @@ func helmTemplate(appPath string, repoRoot string, env *v1alpha1.Env, q *apiclie
|
||||
}
|
||||
}
|
||||
for _, p := range appHelm.FileParameters {
|
||||
resolvedPath, _, err := pathutil.ResolveFilePath(appPath, repoRoot, env.Envsubst(p.Path), q.GetValuesFileSchemes())
|
||||
resolvedPath, _, err := pathutil.ResolveValueFilePathOrUrl(appPath, repoRoot, env.Envsubst(p.Path), q.GetValuesFileSchemes())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -1504,7 +1504,7 @@ func makeJsonnetVm(appPath string, repoRoot string, sourceJsonnet v1alpha1.Appli
|
||||
jpaths := []string{appPath}
|
||||
for _, p := range sourceJsonnet.Libs {
|
||||
// the jsonnet library path is relative to the repository root, not application path
|
||||
jpath, _, err := pathutil.ResolveFilePath(repoRoot, repoRoot, p, nil)
|
||||
jpath, err := pathutil.ResolveFileOrDirectoryPath(repoRoot, repoRoot, p)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -1635,6 +1635,11 @@ func runConfigManagementPluginSidecars(ctx context.Context, appPath, repoPath st
|
||||
for _, manifestString := range cmpManifests.Manifests {
|
||||
manifestObjs, err := kube.SplitYAML([]byte(manifestString))
|
||||
if err != nil {
|
||||
sanitizedManifestString := manifestString
|
||||
if len(manifestString) > 1000 {
|
||||
sanitizedManifestString = sanitizedManifestString[:1000]
|
||||
}
|
||||
log.Debugf("Failed to convert generated manifests. Beginning of generated manifests: %q", sanitizedManifestString)
|
||||
return nil, fmt.Errorf("failed to convert CMP manifests to unstructured objects: %s", err.Error())
|
||||
}
|
||||
manifests = append(manifests, manifestObjs...)
|
||||
@@ -1747,7 +1752,7 @@ func populateHelmAppDetails(res *apiclient.RepoAppDetailsResponse, appPath strin
|
||||
return err
|
||||
}
|
||||
|
||||
if resolvedValuesPath, _, err := pathutil.ResolveFilePath(appPath, repoRoot, "values.yaml", []string{}); err == nil {
|
||||
if resolvedValuesPath, _, err := pathutil.ResolveValueFilePathOrUrl(appPath, repoRoot, "values.yaml", []string{}); err == nil {
|
||||
if err := loadFileIntoIfExists(resolvedValuesPath, &res.Helm.Values); err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -1757,7 +1762,7 @@ func populateHelmAppDetails(res *apiclient.RepoAppDetailsResponse, appPath strin
|
||||
var resolvedSelectedValueFiles []pathutil.ResolvedFilePath
|
||||
// drop not allowed values files
|
||||
for _, file := range selectedValueFiles {
|
||||
if resolvedFile, _, err := pathutil.ResolveFilePath(appPath, repoRoot, file, q.GetValuesFileSchemes()); err == nil {
|
||||
if resolvedFile, _, err := pathutil.ResolveValueFilePathOrUrl(appPath, repoRoot, file, q.GetValuesFileSchemes()); err == nil {
|
||||
resolvedSelectedValueFiles = append(resolvedSelectedValueFiles, resolvedFile)
|
||||
} else {
|
||||
log.Warnf("Values file %s is not allowed: %v", file, err)
|
||||
|
||||
@@ -342,6 +342,27 @@ func TestGenerateJsonnetManifestInDir(t *testing.T) {
|
||||
assert.Equal(t, 2, len(res1.Manifests))
|
||||
}
|
||||
|
||||
func TestGenerateJsonnetManifestInRootDir(t *testing.T) {
|
||||
service := newService("testdata/jsonnet-1")
|
||||
|
||||
q := apiclient.ManifestRequest{
|
||||
Repo: &argoappv1.Repository{},
|
||||
ApplicationSource: &argoappv1.ApplicationSource{
|
||||
Path: ".",
|
||||
Directory: &argoappv1.ApplicationSourceDirectory{
|
||||
Jsonnet: argoappv1.ApplicationSourceJsonnet{
|
||||
ExtVars: []argoappv1.JsonnetVar{{Name: "extVarString", Value: "extVarString"}, {Name: "extVarCode", Value: "\"extVarCode\"", Code: true}},
|
||||
TLAs: []argoappv1.JsonnetVar{{Name: "tlaString", Value: "tlaString"}, {Name: "tlaCode", Value: "\"tlaCode\"", Code: true}},
|
||||
Libs: []string{"."},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
res1, err := service.GenerateManifest(context.Background(), &q)
|
||||
assert.Nil(t, err)
|
||||
assert.Equal(t, 2, len(res1.Manifests))
|
||||
}
|
||||
|
||||
func TestGenerateJsonnetLibOutside(t *testing.T) {
|
||||
service := newService(".")
|
||||
|
||||
@@ -358,7 +379,7 @@ func TestGenerateJsonnetLibOutside(t *testing.T) {
|
||||
}
|
||||
_, err := service.GenerateManifest(context.Background(), &q)
|
||||
require.Error(t, err)
|
||||
require.Contains(t, err.Error(), "value file '../../../testdata/jsonnet/vendor' resolved to outside repository root")
|
||||
require.Contains(t, err.Error(), "file '../../../testdata/jsonnet/vendor' resolved to outside repository root")
|
||||
}
|
||||
|
||||
func TestManifestGenErrorCacheByNumRequests(t *testing.T) {
|
||||
|
||||
47
reposerver/repository/testdata/jsonnet-1/guestbook-ui.jsonnet
vendored
Normal file
47
reposerver/repository/testdata/jsonnet-1/guestbook-ui.jsonnet
vendored
Normal file
@@ -0,0 +1,47 @@
|
||||
local service = import 'vendor/nested/service.libsonnet';
|
||||
local params = import 'params.libsonnet';
|
||||
|
||||
function(tlaString, tlaCode)
|
||||
[
|
||||
service.new(params),
|
||||
{
|
||||
apiVersion: 'apps/v1beta2',
|
||||
kind: 'Deployment',
|
||||
metadata: {
|
||||
name: params.name,
|
||||
},
|
||||
spec: {
|
||||
replicas: params.replicas,
|
||||
selector: {
|
||||
matchLabels: {
|
||||
app: params.name,
|
||||
},
|
||||
},
|
||||
template: {
|
||||
metadata: {
|
||||
labels: {
|
||||
app: params.name,
|
||||
tlaString: tlaString,
|
||||
tlaCode: tlaCode,
|
||||
extVarString: std.extVar('extVarString'),
|
||||
extVarCode: std.extVar('extVarCode'),
|
||||
},
|
||||
},
|
||||
spec: {
|
||||
containers: [
|
||||
{
|
||||
image: params.image,
|
||||
name: params.name,
|
||||
ports: [
|
||||
{
|
||||
containerPort: params.containerPort,
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
null,
|
||||
]
|
||||
8
reposerver/repository/testdata/jsonnet-1/params.libsonnet
vendored
Normal file
8
reposerver/repository/testdata/jsonnet-1/params.libsonnet
vendored
Normal file
@@ -0,0 +1,8 @@
|
||||
{
|
||||
containerPort: 80,
|
||||
image: "gcr.io/heptio-images/ks-guestbook-demo:0.2",
|
||||
name: "guestbook-ui",
|
||||
replicas: 1,
|
||||
servicePort: 80,
|
||||
type: "ClusterIP",
|
||||
}
|
||||
23
reposerver/repository/testdata/jsonnet-1/vendor/nested/service.libsonnet
vendored
Normal file
23
reposerver/repository/testdata/jsonnet-1/vendor/nested/service.libsonnet
vendored
Normal file
@@ -0,0 +1,23 @@
|
||||
local new(params) = {
|
||||
apiVersion: 'v1',
|
||||
kind: 'Service',
|
||||
metadata: {
|
||||
name: params.name,
|
||||
},
|
||||
spec: {
|
||||
ports: [
|
||||
{
|
||||
port: params.servicePort,
|
||||
targetPort: params.containerPort,
|
||||
},
|
||||
],
|
||||
selector: {
|
||||
app: params.name,
|
||||
},
|
||||
type: params.type,
|
||||
},
|
||||
};
|
||||
|
||||
{
|
||||
new:: new,
|
||||
}
|
||||
@@ -1,6 +1,7 @@
|
||||
package cluster
|
||||
|
||||
import (
|
||||
"net/url"
|
||||
"time"
|
||||
|
||||
"context"
|
||||
@@ -145,6 +146,12 @@ func (s *Server) getCluster(ctx context.Context, q *cluster.ClusterQuery) (*appv
|
||||
q.Name = ""
|
||||
if q.Id.Type == "name" {
|
||||
q.Name = q.Id.Value
|
||||
} else if q.Id.Type == "name_escaped" {
|
||||
nameUnescaped, err := url.QueryUnescape(q.Id.Value)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
q.Name = nameUnescaped
|
||||
} else {
|
||||
q.Server = q.Id.Value
|
||||
}
|
||||
|
||||
@@ -49,6 +49,66 @@ func newNoopEnforcer() *rbac.Enforcer {
|
||||
return enf
|
||||
}
|
||||
|
||||
func TestGetCluster_UrlEncodedName(t *testing.T) {
|
||||
db := &dbmocks.ArgoDB{}
|
||||
|
||||
mockCluster := v1alpha1.Cluster{
|
||||
Name: "test/ing",
|
||||
Server: "https://127.0.0.1",
|
||||
Namespaces: []string{"default", "kube-system"},
|
||||
}
|
||||
mockClusterList := v1alpha1.ClusterList{
|
||||
ListMeta: v1.ListMeta{},
|
||||
Items: []v1alpha1.Cluster{
|
||||
mockCluster,
|
||||
},
|
||||
}
|
||||
|
||||
db.On("ListClusters", mock.Anything).Return(&mockClusterList, nil)
|
||||
|
||||
server := NewServer(db, newNoopEnforcer(), newServerInMemoryCache(), &kubetest.MockKubectlCmd{})
|
||||
|
||||
cluster, err := server.Get(context.Background(), &clusterapi.ClusterQuery{
|
||||
Id: &clusterapi.ClusterID{
|
||||
Type: "name_escaped",
|
||||
Value: "test%2fing",
|
||||
},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, cluster.Name, "test/ing")
|
||||
}
|
||||
|
||||
func TestGetCluster_NameWithUrlEncodingButShouldNotBeUnescaped(t *testing.T) {
|
||||
db := &dbmocks.ArgoDB{}
|
||||
|
||||
mockCluster := v1alpha1.Cluster{
|
||||
Name: "test%2fing",
|
||||
Server: "https://127.0.0.1",
|
||||
Namespaces: []string{"default", "kube-system"},
|
||||
}
|
||||
mockClusterList := v1alpha1.ClusterList{
|
||||
ListMeta: v1.ListMeta{},
|
||||
Items: []v1alpha1.Cluster{
|
||||
mockCluster,
|
||||
},
|
||||
}
|
||||
|
||||
db.On("ListClusters", mock.Anything).Return(&mockClusterList, nil)
|
||||
|
||||
server := NewServer(db, newNoopEnforcer(), newServerInMemoryCache(), &kubetest.MockKubectlCmd{})
|
||||
|
||||
cluster, err := server.Get(context.Background(), &clusterapi.ClusterQuery{
|
||||
Id: &clusterapi.ClusterID{
|
||||
Type: "name",
|
||||
Value: "test%2fing",
|
||||
},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, cluster.Name, "test%2fing")
|
||||
}
|
||||
|
||||
func TestUpdateCluster_NoFieldsPaths(t *testing.T) {
|
||||
db := &dbmocks.ArgoDB{}
|
||||
var updated *v1alpha1.Cluster
|
||||
|
||||
@@ -20,6 +20,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/fields"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
"k8s.io/client-go/tools/cache"
|
||||
"k8s.io/client-go/util/retry"
|
||||
|
||||
"github.com/argoproj/argo-cd/v2/pkg/apiclient/project"
|
||||
"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
|
||||
@@ -75,6 +76,16 @@ func validateProject(proj *v1alpha1.AppProject) error {
|
||||
|
||||
// CreateToken creates a new token to access a project
|
||||
func (s *Server) CreateToken(ctx context.Context, q *project.ProjectTokenCreateRequest) (*project.ProjectTokenResponse, error) {
|
||||
var resp *project.ProjectTokenResponse
|
||||
err := retry.RetryOnConflict(retry.DefaultBackoff, func() error {
|
||||
var createErr error
|
||||
resp, createErr = s.createToken(ctx, q)
|
||||
return createErr
|
||||
})
|
||||
return resp, err
|
||||
}
|
||||
|
||||
func (s *Server) createToken(ctx context.Context, q *project.ProjectTokenCreateRequest) (*project.ProjectTokenResponse, error) {
|
||||
prj, err := s.appclientset.ArgoprojV1alpha1().AppProjects(s.ns).Get(ctx, q.Project, metav1.GetOptions{})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -146,6 +157,16 @@ func (s *Server) CreateToken(ctx context.Context, q *project.ProjectTokenCreateR
|
||||
|
||||
// DeleteToken deletes a token in a project
|
||||
func (s *Server) DeleteToken(ctx context.Context, q *project.ProjectTokenDeleteRequest) (*project.EmptyResponse, error) {
|
||||
var resp *project.EmptyResponse
|
||||
err := retry.RetryOnConflict(retry.DefaultBackoff, func() error {
|
||||
var deleteErr error
|
||||
resp, deleteErr = s.deleteToken(ctx, q)
|
||||
return deleteErr
|
||||
})
|
||||
return resp, err
|
||||
}
|
||||
|
||||
func (s *Server) deleteToken(ctx context.Context, q *project.ProjectTokenDeleteRequest) (*project.EmptyResponse, error) {
|
||||
prj, err := s.appclientset.ArgoprojV1alpha1().AppProjects(s.ns).Get(ctx, q.Project, metav1.GetOptions{})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
||||
@@ -2,6 +2,7 @@ package server
|
||||
|
||||
import (
|
||||
"context"
|
||||
netCtx "context"
|
||||
"crypto/tls"
|
||||
"fmt"
|
||||
goio "io"
|
||||
@@ -24,8 +25,6 @@ import (
|
||||
// nolint:staticcheck
|
||||
golang_proto "github.com/golang/protobuf/proto"
|
||||
|
||||
netCtx "context"
|
||||
|
||||
"github.com/argoproj/notifications-engine/pkg/api"
|
||||
"github.com/argoproj/pkg/sync"
|
||||
"github.com/go-redis/redis/v8"
|
||||
@@ -61,6 +60,8 @@ import (
|
||||
accountpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/account"
|
||||
applicationpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/application"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
|
||||
applicationsetpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/applicationset"
|
||||
certificatepkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/certificate"
|
||||
clusterpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/cluster"
|
||||
@@ -121,7 +122,6 @@ import (
|
||||
"github.com/argoproj/argo-cd/v2/util/swagger"
|
||||
tlsutil "github.com/argoproj/argo-cd/v2/util/tls"
|
||||
"github.com/argoproj/argo-cd/v2/util/webhook"
|
||||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
const maxConcurrentLoginRequestsCountEnv = "ARGOCD_MAX_CONCURRENT_LOGIN_REQUESTS_COUNT"
|
||||
@@ -733,7 +733,8 @@ func (a *ArgoCDServer) newGRPCServer() (*grpc.Server, application.AppResourceTre
|
||||
|
||||
applicationSetService := applicationset.NewServer(a.db, a.KubeClientset, a.enf, a.Cache, a.AppClientset, a.appLister, a.appsetInformer, a.appsetLister, a.projLister, a.settingsMgr, a.Namespace, projectLock)
|
||||
projectService := project.NewServer(a.Namespace, a.KubeClientset, a.AppClientset, a.enf, projectLock, a.sessionMgr, a.policyEnforcer, a.projInformer, a.settingsMgr, a.db)
|
||||
settingsService := settings.NewServer(a.settingsMgr, a, a.DisableAuth)
|
||||
appsInAnyNamespaceEnabled := len(a.ArgoCDServerOpts.ApplicationNamespaces) > 0
|
||||
settingsService := settings.NewServer(a.settingsMgr, a, a.DisableAuth, appsInAnyNamespaceEnabled)
|
||||
accountService := account.NewServer(a.sessionMgr, a.settingsMgr, a.enf)
|
||||
|
||||
notificationService := notification.NewServer(a.apiFactory)
|
||||
@@ -898,6 +899,7 @@ func (a *ArgoCDServer) newHTTPServer(ctx context.Context, port int, grpcWebHandl
|
||||
mustRegisterGWHandler(versionpkg.RegisterVersionServiceHandler, ctx, gwmux, conn)
|
||||
mustRegisterGWHandler(clusterpkg.RegisterClusterServiceHandler, ctx, gwmux, conn)
|
||||
mustRegisterGWHandler(applicationpkg.RegisterApplicationServiceHandler, ctx, gwmux, conn)
|
||||
mustRegisterGWHandler(applicationsetpkg.RegisterApplicationSetServiceHandler, ctx, gwmux, conn)
|
||||
mustRegisterGWHandler(notificationpkg.RegisterNotificationServiceHandler, ctx, gwmux, conn)
|
||||
mustRegisterGWHandler(repositorypkg.RegisterRepositoryServiceHandler, ctx, gwmux, conn)
|
||||
mustRegisterGWHandler(repocredspkg.RegisterRepoCredsServiceHandler, ctx, gwmux, conn)
|
||||
|
||||
@@ -2,6 +2,7 @@ package settings
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/ghodss/yaml"
|
||||
|
||||
sessionmgr "github.com/argoproj/argo-cd/v2/util/session"
|
||||
@@ -13,9 +14,10 @@ import (
|
||||
|
||||
// Server provides a Settings service
|
||||
type Server struct {
|
||||
mgr *settings.SettingsManager
|
||||
authenticator Authenticator
|
||||
disableAuth bool
|
||||
mgr *settings.SettingsManager
|
||||
authenticator Authenticator
|
||||
disableAuth bool
|
||||
appsInAnyNamespaceEnabled bool
|
||||
}
|
||||
|
||||
type Authenticator interface {
|
||||
@@ -23,8 +25,8 @@ type Authenticator interface {
|
||||
}
|
||||
|
||||
// NewServer returns a new instance of the Settings service
|
||||
func NewServer(mgr *settings.SettingsManager, authenticator Authenticator, disableAuth bool) *Server {
|
||||
return &Server{mgr: mgr, authenticator: authenticator, disableAuth: disableAuth}
|
||||
func NewServer(mgr *settings.SettingsManager, authenticator Authenticator, disableAuth, appsInAnyNamespaceEnabled bool) *Server {
|
||||
return &Server{mgr: mgr, authenticator: authenticator, disableAuth: disableAuth, appsInAnyNamespaceEnabled: appsInAnyNamespaceEnabled}
|
||||
}
|
||||
|
||||
// Get returns Argo CD settings
|
||||
@@ -102,13 +104,14 @@ func (s *Server) Get(ctx context.Context, q *settingspkg.SettingsQuery) (*settin
|
||||
ChatText: help.ChatText,
|
||||
BinaryUrls: help.BinaryURLs,
|
||||
},
|
||||
Plugins: plugins,
|
||||
UserLoginsDisabled: userLoginsDisabled,
|
||||
KustomizeVersions: kustomizeVersions,
|
||||
UiCssURL: argoCDSettings.UiCssURL,
|
||||
PasswordPattern: argoCDSettings.PasswordPattern,
|
||||
TrackingMethod: trackingMethod,
|
||||
ExecEnabled: argoCDSettings.ExecEnabled,
|
||||
Plugins: plugins,
|
||||
UserLoginsDisabled: userLoginsDisabled,
|
||||
KustomizeVersions: kustomizeVersions,
|
||||
UiCssURL: argoCDSettings.UiCssURL,
|
||||
PasswordPattern: argoCDSettings.PasswordPattern,
|
||||
TrackingMethod: trackingMethod,
|
||||
ExecEnabled: argoCDSettings.ExecEnabled,
|
||||
AppsInAnyNamespaceEnabled: s.appsInAnyNamespaceEnabled,
|
||||
}
|
||||
|
||||
if sessionmgr.LoggedIn(ctx) || s.disableAuth {
|
||||
|
||||
@@ -40,6 +40,7 @@ message Settings {
|
||||
string statusBadgeRootUrl = 21;
|
||||
bool execEnabled = 22;
|
||||
string controllerNamespace = 23;
|
||||
bool appsInAnyNamespaceEnabled = 24;
|
||||
}
|
||||
|
||||
message GoogleAnalyticsConfig {
|
||||
|
||||
@@ -10,12 +10,13 @@ import login from './login';
|
||||
import settings from './settings';
|
||||
import {Layout} from './shared/components/layout/layout';
|
||||
import {VersionPanel} from './shared/components/version-info/version-info-panel';
|
||||
import {Provider} from './shared/context';
|
||||
import {AuthSettingsCtx, Provider} from './shared/context';
|
||||
import {services} from './shared/services';
|
||||
import requests from './shared/services/requests';
|
||||
import {hashCode} from './shared/utils';
|
||||
import {Banner} from './ui-banner/ui-banner';
|
||||
import userInfo from './user-info';
|
||||
import {AuthSettings} from './shared/models';
|
||||
|
||||
services.viewPreferences.init();
|
||||
const bases = document.getElementsByTagName('base');
|
||||
@@ -71,8 +72,8 @@ const versionLoader = services.version.version();
|
||||
async function isExpiredSSO() {
|
||||
try {
|
||||
const {iss} = await services.users.get();
|
||||
const authSettings = await services.authService.settings();
|
||||
if (iss && iss !== 'argocd') {
|
||||
const authSettings = await services.authService.settings();
|
||||
return ((authSettings.dexConfig && authSettings.dexConfig.connectors) || []).length > 0 || authSettings.oidcConfig;
|
||||
}
|
||||
} catch {
|
||||
@@ -106,7 +107,10 @@ requests.onError.subscribe(async err => {
|
||||
}
|
||||
});
|
||||
|
||||
export class App extends React.Component<{}, {popupProps: PopupProps; showVersionPanel: boolean; error: Error; navItems: NavItem[]; routes: Routes; extensionsLoaded: boolean}> {
|
||||
export class App extends React.Component<
|
||||
{},
|
||||
{popupProps: PopupProps; showVersionPanel: boolean; error: Error; navItems: NavItem[]; routes: Routes; extensionsLoaded: boolean; authSettings: AuthSettings}
|
||||
> {
|
||||
public static childContextTypes = {
|
||||
history: PropTypes.object,
|
||||
apis: PropTypes.object
|
||||
@@ -124,7 +128,7 @@ export class App extends React.Component<{}, {popupProps: PopupProps; showVersio
|
||||
|
||||
constructor(props: {}) {
|
||||
super(props);
|
||||
this.state = {popupProps: null, error: null, showVersionPanel: false, navItems: [], routes: null, extensionsLoaded: false};
|
||||
this.state = {popupProps: null, error: null, showVersionPanel: false, navItems: [], routes: null, extensionsLoaded: false, authSettings: null};
|
||||
this.popupManager = new PopupManager();
|
||||
this.notificationsManager = new NotificationsManager();
|
||||
this.navigationManager = new NavigationManager(history);
|
||||
@@ -181,7 +185,7 @@ export class App extends React.Component<{}, {popupProps: PopupProps; showVersio
|
||||
};
|
||||
}
|
||||
|
||||
this.setState({...this.state, navItems: extendedNavItems, routes: extendedRoutes, extensionsLoaded: true});
|
||||
this.setState({...this.state, navItems: extendedNavItems, routes: extendedRoutes, extensionsLoaded: true, authSettings});
|
||||
}
|
||||
|
||||
public render() {
|
||||
@@ -211,42 +215,44 @@ export class App extends React.Component<{}, {popupProps: PopupProps; showVersio
|
||||
<PageContext.Provider value={{title: 'Argo CD'}}>
|
||||
<Provider value={{history, popup: this.popupManager, notifications: this.notificationsManager, navigation: this.navigationManager, baseHref: base}}>
|
||||
{this.state.popupProps && <Popup {...this.state.popupProps} />}
|
||||
<Router history={history}>
|
||||
<Switch>
|
||||
<Redirect exact={true} path='/' to='/applications' />
|
||||
{Object.keys(this.routes).map(path => {
|
||||
const route = this.routes[path];
|
||||
return (
|
||||
<Route
|
||||
key={path}
|
||||
path={path}
|
||||
render={routeProps =>
|
||||
route.noLayout ? (
|
||||
<div>
|
||||
<route.component {...routeProps} />
|
||||
</div>
|
||||
) : (
|
||||
<DataLoader load={() => services.viewPreferences.getPreferences()}>
|
||||
{pref => (
|
||||
<Layout
|
||||
onVersionClick={() => this.setState({showVersionPanel: true})}
|
||||
navItems={this.navItems}
|
||||
pref={pref}
|
||||
isExtension={route.extension}>
|
||||
<Banner>
|
||||
<route.component {...routeProps} />
|
||||
</Banner>
|
||||
</Layout>
|
||||
)}
|
||||
</DataLoader>
|
||||
)
|
||||
}
|
||||
/>
|
||||
);
|
||||
})}
|
||||
{this.state.extensionsLoaded && <Redirect path='*' to='/' />}
|
||||
</Switch>
|
||||
</Router>
|
||||
<AuthSettingsCtx.Provider value={this.state.authSettings}>
|
||||
<Router history={history}>
|
||||
<Switch>
|
||||
<Redirect exact={true} path='/' to='/applications' />
|
||||
{Object.keys(this.routes).map(path => {
|
||||
const route = this.routes[path];
|
||||
return (
|
||||
<Route
|
||||
key={path}
|
||||
path={path}
|
||||
render={routeProps =>
|
||||
route.noLayout ? (
|
||||
<div>
|
||||
<route.component {...routeProps} />
|
||||
</div>
|
||||
) : (
|
||||
<DataLoader load={() => services.viewPreferences.getPreferences()}>
|
||||
{pref => (
|
||||
<Layout
|
||||
onVersionClick={() => this.setState({showVersionPanel: true})}
|
||||
navItems={this.navItems}
|
||||
pref={pref}
|
||||
isExtension={route.extension}>
|
||||
<Banner>
|
||||
<route.component {...routeProps} />
|
||||
</Banner>
|
||||
</Layout>
|
||||
)}
|
||||
</DataLoader>
|
||||
)
|
||||
}
|
||||
/>
|
||||
);
|
||||
})}
|
||||
{this.state.extensionsLoaded && <Redirect path='*' to='/' />}
|
||||
</Switch>
|
||||
</Router>
|
||||
</AuthSettingsCtx.Provider>
|
||||
</Provider>
|
||||
</PageContext.Provider>
|
||||
<Notifications notifications={this.notificationsManager.notifications} />
|
||||
|
||||
@@ -23,7 +23,10 @@ function distinct<T>(first: IterableIterator<T>, second: IterableIterator<T>) {
|
||||
return Array.from(new Set(Array.from(first).concat(Array.from(second))));
|
||||
}
|
||||
|
||||
function overridesFirst(first: {overrideIndex: number}, second: {overrideIndex: number}) {
|
||||
function overridesFirst(first: {overrideIndex: number; metadata: {name: string}}, second: {overrideIndex: number; metadata: {name: string}}) {
|
||||
if (first.overrideIndex === second.overrideIndex) {
|
||||
return first.metadata.name.localeCompare(second.metadata.name);
|
||||
}
|
||||
if (first.overrideIndex < 0) {
|
||||
return 1;
|
||||
} else if (second.overrideIndex < 0) {
|
||||
@@ -57,7 +60,7 @@ function getParamsEditableItems(
|
||||
</span>
|
||||
),
|
||||
edit: (formApi: FormApi) => {
|
||||
const labelStyle = {position: 'absolute', right: 0, top: 0, zIndex: 1} as any;
|
||||
const labelStyle = {position: 'absolute', right: 0, top: 0, zIndex: 11} as any;
|
||||
const overrideRemoved = removedOverrides[i];
|
||||
const fieldItemPath = `${fieldsPath}[${i}]`;
|
||||
return (
|
||||
@@ -98,11 +101,6 @@ function getParamsEditableItems(
|
||||
);
|
||||
}
|
||||
}))
|
||||
.sort((first, second) => {
|
||||
const firstSortBy = first.key || first.title;
|
||||
const secondSortBy = second.key || second.title;
|
||||
return firstSortBy.localeCompare(secondSortBy);
|
||||
})
|
||||
.map((item, i) => ({...item, before: (i === 0 && <p style={{marginTop: '1em'}}>{title}</p>) || null}));
|
||||
}
|
||||
|
||||
@@ -192,29 +190,31 @@ export const ApplicationParameters = (props: {
|
||||
/>
|
||||
)
|
||||
});
|
||||
attributes.push({
|
||||
title: 'VALUES',
|
||||
view: app.spec.source.helm && (
|
||||
<Expandable>
|
||||
<pre>{app.spec.source.helm.values}</pre>
|
||||
</Expandable>
|
||||
),
|
||||
edit: (formApi: FormApi) => (
|
||||
<div>
|
||||
<pre>
|
||||
<FormField formApi={formApi} field='spec.source.helm.values' component={TextArea} />
|
||||
</pre>
|
||||
{props.details.helm.values && (
|
||||
<div>
|
||||
<label>values.yaml</label>
|
||||
<Expandable>
|
||||
<pre>{props.details.helm.values}</pre>
|
||||
</Expandable>
|
||||
</div>
|
||||
)}
|
||||
</div>
|
||||
)
|
||||
});
|
||||
if (app?.spec?.source?.helm?.values) {
|
||||
attributes.push({
|
||||
title: 'VALUES',
|
||||
view: app.spec.source.helm && (
|
||||
<Expandable>
|
||||
<pre>{app.spec.source.helm.values}</pre>
|
||||
</Expandable>
|
||||
),
|
||||
edit: (formApi: FormApi) => (
|
||||
<div>
|
||||
<pre>
|
||||
<FormField formApi={formApi} field='spec.source.helm.values' component={TextArea} />
|
||||
</pre>
|
||||
{props.details.helm.values && (
|
||||
<div>
|
||||
<label>values.yaml</label>
|
||||
<Expandable>
|
||||
<pre>{props.details.helm.values}</pre>
|
||||
</Expandable>
|
||||
</div>
|
||||
)}
|
||||
</div>
|
||||
)
|
||||
});
|
||||
}
|
||||
const paramsByName = new Map<string, models.HelmParameter>();
|
||||
(props.details.helm.parameters || []).forEach(param => paramsByName.set(param.name, param));
|
||||
const overridesByName = new Map<string, number>();
|
||||
|
||||
@@ -3,7 +3,7 @@ import * as classNames from 'classnames';
|
||||
import * as React from 'react';
|
||||
import {Key, KeybindingContext, NumKey, NumKeyToNumber, NumPadKey, useNav} from 'argo-ui/v2';
|
||||
import {Cluster} from '../../../shared/components';
|
||||
import {Consumer, Context} from '../../../shared/context';
|
||||
import {Consumer, Context, AuthSettingsCtx} from '../../../shared/context';
|
||||
import * as models from '../../../shared/models';
|
||||
import {ApplicationURLs} from '../application-urls';
|
||||
import * as AppUtils from '../utils';
|
||||
@@ -53,6 +53,7 @@ export const ApplicationTiles = ({applications, syncApplication, refreshApplicat
|
||||
const appRef = {ref: React.useRef(null), set: false};
|
||||
const appContainerRef = React.useRef(null);
|
||||
const appsPerRow = useItemsPerContainer(appRef.ref, appContainerRef);
|
||||
const authSettingsCtx = React.useContext(AuthSettingsCtx);
|
||||
|
||||
const {useKeybinding} = React.useContext(KeybindingContext);
|
||||
|
||||
@@ -97,7 +98,6 @@ export const ApplicationTiles = ({applications, syncApplication, refreshApplicat
|
||||
return navApp(NumKeyToNumber(n));
|
||||
}
|
||||
});
|
||||
|
||||
return (
|
||||
<Consumer>
|
||||
{ctx => (
|
||||
@@ -130,7 +130,9 @@ export const ApplicationTiles = ({applications, syncApplication, refreshApplicat
|
||||
}>
|
||||
<i className={'icon argo-icon-' + (app.spec.source.chart != null ? 'helm' : 'git')} />
|
||||
<Tooltip content={AppUtils.appInstanceName(app)}>
|
||||
<span className='applications-list__title'>{AppUtils.appQualifiedName(app)}</span>
|
||||
<span className='applications-list__title'>
|
||||
{AppUtils.appQualifiedName(app, authSettingsCtx?.appsInAnyNamespaceEnabled)}
|
||||
</span>
|
||||
</Tooltip>
|
||||
</div>
|
||||
<div
|
||||
|
||||
@@ -1113,8 +1113,8 @@ export const urlPattern = new RegExp(
|
||||
)
|
||||
);
|
||||
|
||||
export function appQualifiedName(app: appModels.Application): string {
|
||||
return app.metadata.namespace + '/' + app.metadata.name;
|
||||
export function appQualifiedName(app: appModels.Application, nsEnabled: boolean): string {
|
||||
return (nsEnabled ? app.metadata.namespace + '/' : '') + app.metadata.name;
|
||||
}
|
||||
|
||||
export function appInstanceName(app: appModels.Application): string {
|
||||
|
||||
@@ -13,3 +13,4 @@ if (mdl.hot) {
|
||||
}
|
||||
|
||||
(window as any).React = React;
|
||||
(window as any).ReactDOM = ReactDOM;
|
||||
|
||||
@@ -3,8 +3,10 @@ import {FormFunctionProps} from 'react-form';
|
||||
import {CheckboxField} from '..';
|
||||
import * as models from '../../models';
|
||||
import {appInstanceName, appQualifiedName, ComparisonStatusIcon, HealthStatusIcon, OperationPhaseIcon} from '../../../applications/components/utils';
|
||||
import {AuthSettingsCtx} from '../../context';
|
||||
|
||||
export const ApplicationSelector = ({apps, formApi}: {apps: models.Application[]; formApi: FormFunctionProps}) => {
|
||||
const authSettingsCtx = React.useContext(AuthSettingsCtx);
|
||||
return (
|
||||
<>
|
||||
<label>
|
||||
@@ -18,7 +20,9 @@ export const ApplicationSelector = ({apps, formApi}: {apps: models.Application[]
|
||||
<label key={appInstanceName(app)} style={{marginTop: '0.5em', cursor: 'pointer'}}>
|
||||
<CheckboxField field={`app/${i}`} />
|
||||
|
||||
{app.isAppOfAppsPattern ? `(App of Apps) ${appQualifiedName(app)}` : appQualifiedName(app)}
|
||||
{app.isAppOfAppsPattern
|
||||
? `(App of Apps) ${appQualifiedName(app, authSettingsCtx?.appsInAnyNamespaceEnabled)}`
|
||||
: appQualifiedName(app, authSettingsCtx?.appsInAnyNamespaceEnabled)}
|
||||
|
||||
<ComparisonStatusIcon status={app.status.sync.status} />
|
||||
|
||||
|
||||
@@ -70,7 +70,7 @@
|
||||
.page {
|
||||
padding-left: 0 !important;
|
||||
&__top-bar {
|
||||
left: $sidebar-width;
|
||||
left: $sidebar-width !important;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -85,7 +85,7 @@
|
||||
|
||||
.page {
|
||||
&__top-bar {
|
||||
left: $collapsed-sidebar-width;
|
||||
left: $collapsed-sidebar-width !important;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import {AppContext as ArgoAppContext, NavigationApi, NotificationsApi, PopupApi} from 'argo-ui';
|
||||
import {History} from 'history';
|
||||
import * as React from 'react';
|
||||
import * as models from './models';
|
||||
|
||||
export type AppContext = ArgoAppContext & {apis: {popup: PopupApi; notifications: NotificationsApi; navigation: NavigationApi; baseHref: string}};
|
||||
|
||||
@@ -11,4 +12,6 @@ export interface ContextApis {
|
||||
baseHref: string;
|
||||
}
|
||||
export const Context = React.createContext<ContextApis & {history: History}>(null);
|
||||
export const {Provider, Consumer} = Context;
|
||||
export let {Provider, Consumer} = Context;
|
||||
|
||||
export const AuthSettingsCtx = React.createContext<models.AuthSettings>(null);
|
||||
|
||||
@@ -453,6 +453,7 @@ export interface AuthSettings {
|
||||
uiBannerPermanent: boolean;
|
||||
uiBannerPosition: string;
|
||||
execEnabled: boolean;
|
||||
appsInAnyNamespaceEnabled: boolean;
|
||||
}
|
||||
|
||||
export interface UserInfo {
|
||||
|
||||
@@ -10,7 +10,7 @@ export class ClustersService {
|
||||
}
|
||||
|
||||
public get(url: string, name: string): Promise<models.Cluster> {
|
||||
const requestUrl = `/clusters/${url ? encodeURIComponent(url) : name}?id.type=${url ? 'url' : 'name'}`;
|
||||
const requestUrl = `/clusters/${url ? encodeURIComponent(url) : encodeURIComponent(name)}?id.type=${url ? 'url' : 'name_escaped'}`;
|
||||
return requests.get(requestUrl).then(res => res.body as models.Cluster);
|
||||
}
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
.ui-banner {
|
||||
background: $argo-color-gray-5;
|
||||
position: fixed;
|
||||
width: 100%;
|
||||
width: -webkit-fill-available;
|
||||
z-index: 10;
|
||||
text-align: center;
|
||||
color: $argo-color-teal-8;
|
||||
|
||||
@@ -43,6 +43,7 @@ export const Banner = (props: React.Props<any>) => {
|
||||
position: string;
|
||||
}) => {
|
||||
const heightOfBanner = permanent ? '28px' : '70px';
|
||||
const leftOffset = prefs.hideSidebar ? '60px' : '230px';
|
||||
let show = false;
|
||||
if (!content || content === '' || content === null) {
|
||||
if (prefs.hideBannerContent) {
|
||||
@@ -68,7 +69,7 @@ export const Banner = (props: React.Props<any>) => {
|
||||
}
|
||||
return (
|
||||
<React.Fragment>
|
||||
<div className={combinedBannerClassName} style={{visibility: show ? 'visible' : 'hidden', height: heightOfBanner}}>
|
||||
<div className={combinedBannerClassName} style={{visibility: show ? 'visible' : 'hidden', height: heightOfBanner, left: leftOffset}}>
|
||||
<div className='ui-banner-text' style={{maxHeight: permanent ? '25px' : '50px'}}>
|
||||
{url !== undefined ? (
|
||||
<a href={url} target='_blank' rel='noopener noreferrer'>
|
||||
|
||||
@@ -3457,9 +3457,9 @@ decko@^1.2.0:
|
||||
integrity sha1-/UPHNelnuAEzBohKVvvmZZlraBc=
|
||||
|
||||
decode-uri-component@^0.2.0:
|
||||
version "0.2.0"
|
||||
resolved "https://registry.yarnpkg.com/decode-uri-component/-/decode-uri-component-0.2.0.tgz#eb3913333458775cb84cd1a1fae062106bb87545"
|
||||
integrity sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=
|
||||
version "0.2.2"
|
||||
resolved "https://registry.yarnpkg.com/decode-uri-component/-/decode-uri-component-0.2.2.tgz#e69dbe25d37941171dd540e024c444cd5188e1e9"
|
||||
integrity sha512-FqUYQ+8o158GyGTrMFJms9qh3CqTKvAqgqsTnkLI8sKu0028orqBhxNMFkFen0zGyg6epACD32pjVk58ngIErQ==
|
||||
|
||||
dedent@^0.7.0:
|
||||
version "0.7.0"
|
||||
|
||||
@@ -294,8 +294,8 @@ type GitHubAppCreds struct {
|
||||
}
|
||||
|
||||
// NewGitHubAppCreds provide github app credentials
|
||||
func NewGitHubAppCreds(appID int64, appInstallId int64, privateKey string, baseURL string, repoURL string, clientCertData string, clientCertKey string, insecure bool, store CredsStore) GenericHTTPSCreds {
|
||||
return GitHubAppCreds{appID: appID, appInstallId: appInstallId, privateKey: privateKey, baseURL: baseURL, repoURL: repoURL, clientCertData: clientCertData, clientCertKey: clientCertKey, insecure: insecure, store: store}
|
||||
func NewGitHubAppCreds(appID int64, appInstallId int64, privateKey string, baseURL string, repoURL string, clientCertData string, clientCertKey string, insecure bool, proxy string, store CredsStore) GenericHTTPSCreds {
|
||||
return GitHubAppCreds{appID: appID, appInstallId: appInstallId, privateKey: privateKey, baseURL: baseURL, repoURL: repoURL, clientCertData: clientCertData, clientCertKey: clientCertKey, insecure: insecure, proxy: proxy, store: store}
|
||||
}
|
||||
|
||||
func (g GitHubAppCreds) Environ() (io.Closer, []string, error) {
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
package grpc
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
|
||||
"context"
|
||||
giterr "github.com/go-git/go-git/v5/plumbing/transport"
|
||||
"google.golang.org/grpc"
|
||||
"google.golang.org/grpc/codes"
|
||||
@@ -45,22 +45,22 @@ func UnwrapGRPCStatus(err error) *status.Status {
|
||||
return UnwrapGRPCStatus(e)
|
||||
}
|
||||
|
||||
// kubeErrToGRPC converts a Kubernetes error into a gRPC code + error. The gRPC code we translate
|
||||
// it to is significant, because it eventually maps back to an HTTP status code determined by
|
||||
// grpc-gateway. See:
|
||||
// https://github.com/grpc-ecosystem/grpc-gateway/blob/v2.11.3/runtime/errors.go#L36
|
||||
// https://go.dev/src/net/http/status.go
|
||||
func kubeErrToGRPC(err error) error {
|
||||
/*
|
||||
Unmapped source Kubernetes API errors as of 2018-04-16:
|
||||
* IsConflict => 409
|
||||
* IsGone => 410
|
||||
Unmapped source Kubernetes API errors as of 2022-10-05:
|
||||
* IsGone => 410 (DEPRECATED by ResourceExpired)
|
||||
* IsResourceExpired => 410
|
||||
* IsServerTimeout => 500
|
||||
* IsTooManyRequests => 429
|
||||
* IsUnexpectedServerError => should probably be a panic
|
||||
* IsUnexpectedObjectError => should probably be a panic
|
||||
* IsUnexpectedServerError
|
||||
* IsUnexpectedObjectError
|
||||
|
||||
Unmapped target gRPC codes as of 2018-04-16:
|
||||
Unmapped target gRPC codes as of 2022-10-05:
|
||||
* Canceled Code = 1
|
||||
* Unknown Code = 2
|
||||
* ResourceExhausted Code = 8
|
||||
* Aborted Code = 10
|
||||
* OutOfRange Code = 11
|
||||
* DataLoss Code = 15
|
||||
*/
|
||||
@@ -84,6 +84,12 @@ func kubeErrToGRPC(err error) error {
|
||||
err = rewrapError(err, codes.PermissionDenied)
|
||||
case apierr.IsTimeout(err):
|
||||
err = rewrapError(err, codes.DeadlineExceeded)
|
||||
case apierr.IsServerTimeout(err):
|
||||
err = rewrapError(err, codes.Unavailable)
|
||||
case apierr.IsConflict(err):
|
||||
err = rewrapError(err, codes.Aborted)
|
||||
case apierr.IsTooManyRequests(err):
|
||||
err = rewrapError(err, codes.ResourceExhausted)
|
||||
case apierr.IsInternalError(err):
|
||||
err = rewrapError(err, codes.Internal)
|
||||
default:
|
||||
|
||||
@@ -103,6 +103,42 @@ func Test_kubeErrToGRPC(t *testing.T) {
|
||||
},
|
||||
expectedGRPCStatus: status.New(codes.Unauthenticated, newUnauthorizedError().Error()),
|
||||
},
|
||||
{
|
||||
name: "will return Unavailable if apierr.IsServerTimeout",
|
||||
givenErrFn: func() error {
|
||||
return apierr.NewServerTimeout(schema.GroupResource{}, "update", 1)
|
||||
},
|
||||
expectedErrFn: func() error {
|
||||
err := apierr.NewServerTimeout(schema.GroupResource{}, "update", 1)
|
||||
grpcStatus := status.New(codes.Unavailable, err.Error())
|
||||
return grpcStatus.Err()
|
||||
},
|
||||
expectedGRPCStatus: status.New(codes.Unavailable, apierr.NewServerTimeout(schema.GroupResource{}, "update", 1).Error()),
|
||||
},
|
||||
{
|
||||
name: "will return Aborted if apierr.IsConflict",
|
||||
givenErrFn: func() error {
|
||||
return apierr.NewConflict(schema.GroupResource{}, "foo", errors.New("foo"))
|
||||
},
|
||||
expectedErrFn: func() error {
|
||||
err := apierr.NewConflict(schema.GroupResource{}, "foo", errors.New("foo"))
|
||||
grpcStatus := status.New(codes.Aborted, err.Error())
|
||||
return grpcStatus.Err()
|
||||
},
|
||||
expectedGRPCStatus: status.New(codes.Aborted, apierr.NewConflict(schema.GroupResource{}, "foo", errors.New("foo")).Error()),
|
||||
},
|
||||
{
|
||||
name: "will return ResourceExhausted if apierr.IsTooManyRequests",
|
||||
givenErrFn: func() error {
|
||||
return apierr.NewTooManyRequests("foo", 1)
|
||||
},
|
||||
expectedErrFn: func() error {
|
||||
err := apierr.NewTooManyRequests("foo", 1)
|
||||
grpcStatus := status.New(codes.ResourceExhausted, err.Error())
|
||||
return grpcStatus.Err()
|
||||
},
|
||||
expectedGRPCStatus: status.New(codes.ResourceExhausted, apierr.NewTooManyRequests("foo", 1).Error()),
|
||||
},
|
||||
}
|
||||
for _, c := range cases {
|
||||
c := c
|
||||
|
||||
@@ -58,7 +58,7 @@ func (c Cmd) run(args ...string) (string, error) {
|
||||
fmt.Sprintf("XDG_CACHE_HOME=%s/cache", c.helmHome),
|
||||
fmt.Sprintf("XDG_CONFIG_HOME=%s/config", c.helmHome),
|
||||
fmt.Sprintf("XDG_DATA_HOME=%s/data", c.helmHome),
|
||||
fmt.Sprintf("HELM_HOME=%s", c.helmHome))
|
||||
fmt.Sprintf("HELM_CONFIG_HOME=%s/config", c.helmHome))
|
||||
}
|
||||
|
||||
if c.IsHelmOci {
|
||||
|
||||
@@ -133,7 +133,7 @@ func Version(shortForm bool) (string, error) {
|
||||
func (h *helm) GetParameters(valuesFiles []pathutil.ResolvedFilePath, appPath, repoRoot string) (map[string]string, error) {
|
||||
var values []string
|
||||
// Don't load values.yaml if it's an out-of-bounds link.
|
||||
if _, _, err := pathutil.ResolveFilePath(appPath, repoRoot, "values.yaml", []string{}); err == nil {
|
||||
if _, _, err := pathutil.ResolveValueFilePathOrUrl(appPath, repoRoot, "values.yaml", []string{}); err == nil {
|
||||
out, err := h.cmd.inspectValues(".")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
||||
@@ -59,7 +59,7 @@ func TestHelmTemplateValues(t *testing.T) {
|
||||
require.NoError(t, err)
|
||||
h, err := NewHelmApp(repoRootAbs, []HelmRepository{}, false, "", "", false)
|
||||
assert.NoError(t, err)
|
||||
valuesPath, _, err := path.ResolveFilePath(repoRootAbs, repoRootAbs, "values-production.yaml", nil)
|
||||
valuesPath, _, err := path.ResolveValueFilePathOrUrl(repoRootAbs, repoRootAbs, "values-production.yaml", nil)
|
||||
require.NoError(t, err)
|
||||
opts := TemplateOpts{
|
||||
Name: "test",
|
||||
@@ -98,7 +98,7 @@ func TestHelmGetParamsValueFiles(t *testing.T) {
|
||||
require.NoError(t, err)
|
||||
h, err := NewHelmApp(repoRootAbs, nil, false, "", "", false)
|
||||
assert.NoError(t, err)
|
||||
valuesPath, _, err := path.ResolveFilePath(repoRootAbs, repoRootAbs, "values-production.yaml", nil)
|
||||
valuesPath, _, err := path.ResolveValueFilePathOrUrl(repoRootAbs, repoRootAbs, "values-production.yaml", nil)
|
||||
require.NoError(t, err)
|
||||
params, err := h.GetParameters([]path.ResolvedFilePath{valuesPath}, repoRootAbs, repoRootAbs)
|
||||
assert.Nil(t, err)
|
||||
@@ -113,9 +113,9 @@ func TestHelmGetParamsValueFilesThatExist(t *testing.T) {
|
||||
require.NoError(t, err)
|
||||
h, err := NewHelmApp(repoRootAbs, nil, false, "", "", false)
|
||||
assert.NoError(t, err)
|
||||
valuesMissingPath, _, err := path.ResolveFilePath(repoRootAbs, repoRootAbs, "values-missing.yaml", nil)
|
||||
valuesMissingPath, _, err := path.ResolveValueFilePathOrUrl(repoRootAbs, repoRootAbs, "values-missing.yaml", nil)
|
||||
require.NoError(t, err)
|
||||
valuesProductionPath, _, err := path.ResolveFilePath(repoRootAbs, repoRootAbs, "values-production.yaml", nil)
|
||||
valuesProductionPath, _, err := path.ResolveValueFilePathOrUrl(repoRootAbs, repoRootAbs, "values-production.yaml", nil)
|
||||
require.NoError(t, err)
|
||||
params, err := h.GetParameters([]path.ResolvedFilePath{valuesMissingPath, valuesProductionPath}, repoRootAbs, repoRootAbs)
|
||||
assert.Nil(t, err)
|
||||
|
||||
@@ -10,10 +10,14 @@ import (
|
||||
log "github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
// ResolvedFilePath represents a resolved file path and intended to prevent unintentional use of not verified file path.
|
||||
// It is always either a URL or an absolute path.
|
||||
// ResolvedFilePath represents a resolved file path and is intended to prevent unintentional use of an unverified file
|
||||
// path. It is always either a URL or an absolute path.
|
||||
type ResolvedFilePath string
|
||||
|
||||
// ResolvedFileOrDirectoryPath represents a resolved file or directory path and is intended to prevent unintentional use
|
||||
// of an unverified file or directory path. It is an absolute path.
|
||||
type ResolvedFileOrDirectoryPath string
|
||||
|
||||
// resolveSymbolicLinkRecursive resolves the symlink path recursively to its
|
||||
// canonical path on the file system, with a maximum nesting level of maxDepth.
|
||||
// If path is not a symlink, returns the verbatim copy of path and err of nil.
|
||||
@@ -60,7 +64,24 @@ func isURLSchemeAllowed(scheme string, allowed []string) bool {
|
||||
return isAllowed && scheme != ""
|
||||
}
|
||||
|
||||
// ResolveFilePath will inspect and resolve given file, and make sure that its final path is within the boundaries of
|
||||
// We do not provide the path in the error message, because it will be
|
||||
// returned to the user and could be used for information gathering.
|
||||
// Instead, we log the concrete error details.
|
||||
func resolveFailure(path string, err error) error {
|
||||
log.Errorf("failed to resolve path '%s': %v", path, err)
|
||||
return fmt.Errorf("internal error: failed to resolve path. Check logs for more details")
|
||||
}
|
||||
|
||||
func ResolveFileOrDirectoryPath(appPath, repoRoot, dir string) (ResolvedFileOrDirectoryPath, error) {
|
||||
path, err := resolveFileOrDirectory(appPath, repoRoot, dir, true)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return ResolvedFileOrDirectoryPath(path), nil
|
||||
}
|
||||
|
||||
// ResolveValueFilePathOrUrl will inspect and resolve given file, and make sure that its final path is within the boundaries of
|
||||
// the path specified in repoRoot.
|
||||
//
|
||||
// appPath is the path we're operating in, e.g. where a Helm chart was unpacked
|
||||
@@ -88,15 +109,7 @@ func isURLSchemeAllowed(scheme string, allowed []string) bool {
|
||||
//
|
||||
// isRemote will be set to true if valueFile is an URL using an allowed
|
||||
// protocol scheme, or to false if it resolved to a local file.
|
||||
func ResolveFilePath(appPath, repoRoot, valueFile string, allowedURLSchemes []string) (resolvedPath ResolvedFilePath, isRemote bool, err error) {
|
||||
// We do not provide the path in the error message, because it will be
|
||||
// returned to the user and could be used for information gathering.
|
||||
// Instead, we log the concrete error details.
|
||||
resolveFailure := func(path string, err error) error {
|
||||
log.Errorf("failed to resolve path '%s': %v", path, err)
|
||||
return fmt.Errorf("internal error: failed to resolve path. Check logs for more details")
|
||||
}
|
||||
|
||||
func ResolveValueFilePathOrUrl(appPath, repoRoot, valueFile string, allowedURLSchemes []string) (resolvedPath ResolvedFilePath, isRemote bool, err error) {
|
||||
// A value file can be specified as an URL to a remote resource.
|
||||
// We only allow certain URL schemes for remote value files.
|
||||
url, err := url.Parse(valueFile)
|
||||
@@ -111,36 +124,45 @@ func ResolveFilePath(appPath, repoRoot, valueFile string, allowedURLSchemes []st
|
||||
}
|
||||
}
|
||||
|
||||
path, err := resolveFileOrDirectory(appPath, repoRoot, valueFile, false)
|
||||
if err != nil {
|
||||
return "", false, err
|
||||
}
|
||||
|
||||
return ResolvedFilePath(path), false, nil
|
||||
}
|
||||
|
||||
func resolveFileOrDirectory(appPath string, repoRoot string, fileOrDirectory string, allowResolveToRoot bool) (string, error) {
|
||||
// Ensure that our repository root is absolute
|
||||
absRepoPath, err := filepath.Abs(repoRoot)
|
||||
if err != nil {
|
||||
return "", false, resolveFailure(repoRoot, err)
|
||||
return "", resolveFailure(repoRoot, err)
|
||||
}
|
||||
|
||||
// If the path to the file is relative, join it with the current working directory (appPath)
|
||||
// If the path to the file or directory is relative, join it with the current working directory (appPath)
|
||||
// Otherwise, join it with the repository's root
|
||||
path := valueFile
|
||||
path := fileOrDirectory
|
||||
if !filepath.IsAbs(path) {
|
||||
absWorkDir, err := filepath.Abs(appPath)
|
||||
if err != nil {
|
||||
return "", false, resolveFailure(repoRoot, err)
|
||||
return "", resolveFailure(repoRoot, err)
|
||||
}
|
||||
path = filepath.Join(absWorkDir, path)
|
||||
} else {
|
||||
path = filepath.Join(absRepoPath, path)
|
||||
}
|
||||
|
||||
// Ensure any symbolic link is resolved before we
|
||||
// Ensure any symbolic link is resolved before we evaluate the path
|
||||
delinkedPath, err := resolveSymbolicLinkRecursive(path, 10)
|
||||
if err != nil {
|
||||
return "", false, resolveFailure(path, err)
|
||||
return "", resolveFailure(repoRoot, err)
|
||||
}
|
||||
path = delinkedPath
|
||||
|
||||
// Resolve the joined path to an absolute path
|
||||
path, err = filepath.Abs(path)
|
||||
if err != nil {
|
||||
return "", false, resolveFailure(path, err)
|
||||
return "", resolveFailure(repoRoot, err)
|
||||
}
|
||||
|
||||
// Ensure our root path has a trailing slash, otherwise the following check
|
||||
@@ -150,10 +172,17 @@ func ResolveFilePath(appPath, repoRoot, valueFile string, allowedURLSchemes []st
|
||||
requiredRootPath += string(os.PathSeparator)
|
||||
}
|
||||
|
||||
// Make sure that the resolved path to values file is within the repository's root path
|
||||
if !strings.HasPrefix(path, requiredRootPath) {
|
||||
return "", false, fmt.Errorf("value file '%s' resolved to outside repository root", valueFile)
|
||||
resolvedToRoot := path+string(os.PathSeparator) == requiredRootPath
|
||||
if resolvedToRoot {
|
||||
if !allowResolveToRoot {
|
||||
return "", resolveFailure(path, fmt.Errorf("path resolved to repository root, which is not allowed"))
|
||||
}
|
||||
} else {
|
||||
// Make sure that the resolved path to file is within the repository's root path
|
||||
if !strings.HasPrefix(path, requiredRootPath) {
|
||||
return "", fmt.Errorf("file '%s' resolved to outside repository root", fileOrDirectory)
|
||||
}
|
||||
}
|
||||
|
||||
return ResolvedFilePath(path), false, nil
|
||||
return path, nil
|
||||
}
|
||||
|
||||
@@ -98,19 +98,19 @@ var allowedRemoteProtocols = []string{"http", "https"}
|
||||
|
||||
func Test_resolveFilePath(t *testing.T) {
|
||||
t.Run("Resolve normal relative path into absolute path", func(t *testing.T) {
|
||||
p, remote, err := ResolveFilePath("/foo/bar", "/foo", "baz/bim.yaml", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl("/foo/bar", "/foo", "baz/bim.yaml", allowedRemoteProtocols)
|
||||
assert.NoError(t, err)
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, "/foo/bar/baz/bim.yaml", string(p))
|
||||
})
|
||||
t.Run("Resolve normal relative path into absolute path", func(t *testing.T) {
|
||||
p, remote, err := ResolveFilePath("/foo/bar", "/foo", "baz/../../bim.yaml", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl("/foo/bar", "/foo", "baz/../../bim.yaml", allowedRemoteProtocols)
|
||||
assert.NoError(t, err)
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, "/foo/bim.yaml", string(p))
|
||||
})
|
||||
t.Run("Error on path resolving outside repository root", func(t *testing.T) {
|
||||
p, remote, err := ResolveFilePath("/foo/bar", "/foo", "baz/../../../bim.yaml", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl("/foo/bar", "/foo", "baz/../../../bim.yaml", allowedRemoteProtocols)
|
||||
assert.Error(t, err)
|
||||
assert.Contains(t, err.Error(), "outside repository root")
|
||||
assert.False(t, remote)
|
||||
@@ -118,26 +118,26 @@ func Test_resolveFilePath(t *testing.T) {
|
||||
})
|
||||
t.Run("Return verbatim URL", func(t *testing.T) {
|
||||
url := "https://some.where/foo,yaml"
|
||||
p, remote, err := ResolveFilePath("/foo/bar", "/foo", url, allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl("/foo/bar", "/foo", url, allowedRemoteProtocols)
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, remote)
|
||||
assert.Equal(t, url, string(p))
|
||||
})
|
||||
t.Run("URL scheme not allowed", func(t *testing.T) {
|
||||
url := "file:///some.where/foo,yaml"
|
||||
p, remote, err := ResolveFilePath("/foo/bar", "/foo", url, allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl("/foo/bar", "/foo", url, allowedRemoteProtocols)
|
||||
assert.Error(t, err)
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, "", string(p))
|
||||
})
|
||||
t.Run("Implicit URL by absolute path", func(t *testing.T) {
|
||||
p, remote, err := ResolveFilePath("/foo/bar", "/foo", "/baz.yaml", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl("/foo/bar", "/foo", "/baz.yaml", allowedRemoteProtocols)
|
||||
assert.NoError(t, err)
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, "/foo/baz.yaml", string(p))
|
||||
})
|
||||
t.Run("Relative app path", func(t *testing.T) {
|
||||
p, remote, err := ResolveFilePath(".", "/foo", "/baz.yaml", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl(".", "/foo", "/baz.yaml", allowedRemoteProtocols)
|
||||
assert.NoError(t, err)
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, "/foo/baz.yaml", string(p))
|
||||
@@ -145,37 +145,42 @@ func Test_resolveFilePath(t *testing.T) {
|
||||
t.Run("Relative repo path", func(t *testing.T) {
|
||||
c, err := os.Getwd()
|
||||
require.NoError(t, err)
|
||||
p, remote, err := ResolveFilePath(".", ".", "baz.yaml", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl(".", ".", "baz.yaml", allowedRemoteProtocols)
|
||||
assert.NoError(t, err)
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, c+"/baz.yaml", string(p))
|
||||
})
|
||||
t.Run("Overlapping root prefix without trailing slash", func(t *testing.T) {
|
||||
p, remote, err := ResolveFilePath(".", "/foo", "../foo2/baz.yaml", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl(".", "/foo", "../foo2/baz.yaml", allowedRemoteProtocols)
|
||||
assert.Error(t, err)
|
||||
assert.Contains(t, err.Error(), "outside repository root")
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, "", string(p))
|
||||
})
|
||||
t.Run("Overlapping root prefix with trailing slash", func(t *testing.T) {
|
||||
p, remote, err := ResolveFilePath(".", "/foo/", "../foo2/baz.yaml", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl(".", "/foo/", "../foo2/baz.yaml", allowedRemoteProtocols)
|
||||
assert.Error(t, err)
|
||||
assert.Contains(t, err.Error(), "outside repository root")
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, "", string(p))
|
||||
})
|
||||
t.Run("Garbage input as values file", func(t *testing.T) {
|
||||
p, remote, err := ResolveFilePath(".", "/foo/", "kfdj\\ks&&&321209.,---e32908923%$§!\"", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl(".", "/foo/", "kfdj\\ks&&&321209.,---e32908923%$§!\"", allowedRemoteProtocols)
|
||||
assert.Error(t, err)
|
||||
assert.Contains(t, err.Error(), "outside repository root")
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, "", string(p))
|
||||
})
|
||||
t.Run("NUL-byte path input as values file", func(t *testing.T) {
|
||||
p, remote, err := ResolveFilePath(".", "/foo/", "\000", allowedRemoteProtocols)
|
||||
p, remote, err := ResolveValueFilePathOrUrl(".", "/foo/", "\000", allowedRemoteProtocols)
|
||||
assert.Error(t, err)
|
||||
assert.Contains(t, err.Error(), "outside repository root")
|
||||
assert.False(t, remote)
|
||||
assert.Equal(t, "", string(p))
|
||||
})
|
||||
t.Run("Resolve root path into absolute path - jsonnet library path", func(t *testing.T) {
|
||||
p, err := ResolveFileOrDirectoryPath("/foo", "/foo", "./")
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, "/foo", string(p))
|
||||
})
|
||||
}
|
||||
|
||||
@@ -11,6 +11,7 @@ import (
|
||||
"google.golang.org/grpc/codes"
|
||||
"google.golang.org/grpc/status"
|
||||
v1 "k8s.io/api/core/v1"
|
||||
"k8s.io/client-go/util/retry"
|
||||
|
||||
"github.com/argoproj/argo-cd/v2/common"
|
||||
)
|
||||
@@ -127,17 +128,19 @@ func (mgr *SettingsManager) GetAccount(name string) (*Account, error) {
|
||||
}
|
||||
|
||||
// UpdateAccount runs the callback function against an account that matches to the specified name
|
||||
//and persist changes applied by the callback.
|
||||
// and persist changes applied by the callback.
|
||||
func (mgr *SettingsManager) UpdateAccount(name string, callback func(account *Account) error) error {
|
||||
account, err := mgr.GetAccount(name)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = callback(account)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return mgr.saveAccount(name, *account)
|
||||
return retry.RetryOnConflict(retry.DefaultBackoff, func() error {
|
||||
account, err := mgr.GetAccount(name)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = callback(account)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return mgr.saveAccount(name, *account)
|
||||
})
|
||||
}
|
||||
|
||||
// GetAccounts returns list of configured accounts
|
||||
|
||||
@@ -108,6 +108,8 @@ type ArgoCDSettings struct {
|
||||
// token verification to pass despite the OIDC provider having an invalid certificate. Only set to `true` if you
|
||||
// understand the risks.
|
||||
OIDCTLSInsecureSkipVerify bool `json:"oidcTLSInsecureSkipVerify"`
|
||||
// AppsInAnyNamespaceEnabled indicates whether applications are allowed to be created in any namespace
|
||||
AppsInAnyNamespaceEnabled bool `json:"appsInAnyNamespaceEnabled"`
|
||||
}
|
||||
|
||||
type GoogleAnalytics struct {
|
||||
|
||||
Reference in New Issue
Block a user