fix cosign (#17656) (#17740)

Signed-off-by: Justin Marquis <justin@akuity.io>
Co-authored-by: Justin Marquis <76892343+34fathombelow@users.noreply.github.com>

.github/pr-title-checker-config.json

@@ -1,15 +0,0 @@
-{
-    "LABEL": {
-      "name": "title needs formatting",
-      "color": "EEEEEE"
-    },
-    "CHECKS": {
-      "prefixes": ["[Bot] docs: "],
-      "regexp": "^(feat|fix|docs|test|ci|chore)!?(\\(.*\\))?!?:.*"
-    },
-    "MESSAGES": {
-      "success": "PR title is valid",
-      "failure": "PR title is invalid",
-      "notice": "PR Title needs to pass regex '^(feat|fix|docs|test|ci|chore)!?(\\(.*\\))?!?:.*"
-    }
-  }

.github/pull_request_template.md

@@ -6,7 +6,6 @@ Checklist:
 
 * [ ] Either (a) I've created an [enhancement proposal](https://github.com/argoproj/argo-cd/issues/new/choose) and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
 * [ ] The title of the PR states what changed and the related issues number (used for the release note).
-* [ ] The title of the PR conforms to the [Toolchain Guide](https://argo-cd.readthedocs.io/en/latest/developer-guide/toolchain-guide/#title-of-the-pr)
 * [ ] I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
 * [ ] I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
 * [ ] Does this PR require documentation updates?

.github/workflows/README.md

@@ -16,7 +16,7 @@
 ## image-reuse.yaml
 
 - The resuable workflow can be used to publish or build images with multiple container registries(Quay,GHCR, dockerhub), and then sign them with cosign when an image is published.
-- A GO version `must` be specified e.g. 1.19
+- A GO version `must` be specified e.g. 1.20
 - The image name for each registry *must* contain the tag. Note: multiple tags are allowed for each registry using a CSV type.
 - Multiple platforms can be specified e.g. linux/amd64,linux/arm64
 - Images are not published by default. A boolean value must be set to `true` to push images.

.github/workflows/ci-build.yaml

@@ -28,9 +28,9 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
       - name: Download all Go modules
@@ -46,9 +46,9 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
       - name: Restore go build cache
@@ -70,13 +70,13 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
       - name: Run golangci-lint
-        uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0
+        uses: golangci/golangci-lint-action@0ad9a0988b3973e851ab0a07adf248ec2e100376 # v3.3.1
         with:
           version: v1.51.0
           args: --timeout 10m --exclude SA5011 --verbose
@@ -93,11 +93,11 @@ jobs:
       - name: Create checkout directory
         run: mkdir -p ~/go/src/github.com/argoproj
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
       - name: Create symlink in GOPATH
         run: ln -s $(pwd) ~/go/src/github.com/argoproj/argo-cd
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
       - name: Install required packages
@@ -149,7 +149,7 @@ jobs:
           path: test-results/
 
   test-go-race:
-    name: Run unit tests with -race for Go packages
+    name: Run unit tests with -race, for Go packages
     runs-on: ubuntu-22.04
     needs:
       - build-go
@@ -160,11 +160,11 @@ jobs:
       - name: Create checkout directory
         run: mkdir -p ~/go/src/github.com/argoproj
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
       - name: Create symlink in GOPATH
         run: ln -s $(pwd) ~/go/src/github.com/argoproj/argo-cd
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
       - name: Install required packages
@@ -215,9 +215,9 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
       - name: Create symlink in GOPATH
@@ -263,11 +263,11 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
       - name: Setup NodeJS
         uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
         with:
-          node-version: '20.3.1'
+          node-version: '18.15.0'
       - name: Restore node dependency cache
         id: cache-dependencies
         uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
@@ -300,7 +300,7 @@ jobs:
       sonar_secret: ${{ secrets.SONAR_TOKEN }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
         with:
           fetch-depth: 0
       - name: Restore node dependency cache
@@ -325,7 +325,7 @@ jobs:
           name: test-results
           path: test-results
       - name: Upload code coverage information to codecov.io
-        uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
+        uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70 # v3.1.1
         with:
           file: coverage.out
       - name: Perform static code analysis using SonarCloud
@@ -361,7 +361,7 @@ jobs:
     runs-on: ubuntu-22.04
     strategy:
       matrix:
-        k3s-version: [v1.27.2, v1.26.0, v1.25.4, v1.24.3]
+        k3s-version: [v1.26.0, v1.25.4, v1.24.3, v1.23.3]
     needs: 
       - build-go
     env:
@@ -379,9 +379,9 @@ jobs:
       GITLAB_TOKEN: ${{ secrets.E2E_TEST_GITLAB_TOKEN }}  
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
       - name: GH actions workaround - Kill XSP4 process
@@ -397,7 +397,6 @@ jobs:
           sudo mkdir -p $HOME/.kube && sudo chown -R runner $HOME/.kube
           sudo k3s kubectl config view --raw > $HOME/.kube/config
           sudo chown runner $HOME/.kube/config
-          sudo chmod go-r $HOME/.kube/config
           kubectl version
       - name: Restore go build cache
         uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
@@ -428,7 +427,7 @@ jobs:
         run: |
           docker pull ghcr.io/dexidp/dex:v2.37.0
           docker pull argoproj/argo-cd-ci-builder:v1.0.0
-          docker pull redis:7.0.11-alpine
+          docker pull redis:7.0.14-alpine
       - name: Create target directory for binaries in the build-process
         run: |
           mkdir -p dist

.github/workflows/codeql.yml

@@ -30,7 +30,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
       
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/image-reuse.yaml

@@ -58,28 +58,26 @@ jobs:
       image-digest: ${{ steps.image.outputs.digest }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.3.0
+        uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.3.0
         with:
           fetch-depth: 0
           token: ${{ secrets.GITHUB_TOKEN }}
         if: ${{ github.ref_type == 'tag'}}
 
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.3.0
+        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
         if: ${{ github.ref_type != 'tag'}}
 
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
+        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
         with:
           go-version: ${{ inputs.go-version }}
 
       - name: Install cosign
-        uses: sigstore/cosign-installer@d13028333d784fcc802b67ec924bcebe75aa0a5f # v3.1.0
-        with:
-          cosign-release: 'v2.0.0'
+        uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
 
-      - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0
-      - uses: docker/setup-buildx-action@ecf95283f03858871ff00b787d79c419715afc34 # v2.7.0
+      - uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
+      - uses: docker/setup-buildx-action@4b4e9c3e2d4531116a6f8ba8e71fc6e2cb6e6c8c # v2.5.0
 
       - name: Setup tags for container image as a CSV type
         run: |
@@ -106,7 +104,7 @@ jobs:
             echo 'EOF' >> $GITHUB_ENV
 
       - name: Login to Quay.io
-        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
         with:
           registry: quay.io
           username: ${{ secrets.quay_username }}
@@ -114,7 +112,7 @@ jobs:
         if: ${{ inputs.quay_image_name && inputs.push }}
 
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
         with:
           registry: ghcr.io
           username: ${{ secrets.ghcr_username }}
@@ -122,22 +120,15 @@ jobs:
         if: ${{ inputs.ghcr_image_name && inputs.push }}
 
       - name: Login to dockerhub Container Registry
-        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
         with:
           username: ${{ secrets.docker_username }}
           password: ${{ secrets.docker_password }}
         if: ${{ inputs.docker_image_name && inputs.push }}
 
-      - name: Set up build args for container image
-        run: |
-            echo "GIT_TAG=$(if [ -z "`git status --porcelain`" ]; then git describe --exact-match --tags HEAD 2>/dev/null; fi)" >> $GITHUB_ENV
-            echo "GIT_COMMIT=$(git rev-parse HEAD)" >> $GITHUB_ENV
-            echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
-            echo "GIT_TREE_STATE=$(if [ -z "`git status --porcelain`" ]; then echo "clean" ; else echo "dirty"; fi)" >> $GITHUB_ENV
-
       - name: Build and push container image
         id: image
-        uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 #v4.1.1
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 #v4.0.0
         with:
           context: .
           platforms: ${{ inputs.platforms }}
@@ -146,12 +137,7 @@ jobs:
           target: ${{ inputs.target }}
           provenance: false
           sbom: false
-          build-args: |
-            GIT_TAG=${{env.GIT_TAG}}
-            GIT_COMMIT=${{env.GIT_COMMIT}}
-            BUILD_DATE=${{env.BUILD_DATE}}
-            GIT_TREE_STATE=${{env.GIT_TREE_STATE}}
-
+ 
       - name: Sign container images
         run: |
           for signing_tag in $SIGNING_TAGS; do

.github/workflows/image.yaml

@@ -25,7 +25,7 @@ jobs:
       image-tag: ${{ steps.image.outputs.tag}}
       platforms: ${{ steps.platforms.outputs.platforms }}
     steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
 
       - name: Set image tag for ghcr
         run: echo "tag=$(cat ./VERSION)-${GITHUB_SHA::8}" >> $GITHUB_OUTPUT
@@ -77,22 +77,21 @@ jobs:
       ghcr_username: ${{ github.actor }}
       ghcr_password: ${{ secrets.GITHUB_TOKEN }}
 
-  build-and-publish-provenance: # Push attestations to GHCR, latest image is polluting quay.io
-    needs:
-      - build-and-publish
+  build-and-publish-provenance:
+    needs: [build-and-publish]
     permissions:
       actions: read # for detecting the Github Actions environment.
       id-token: write # for creating OIDC tokens for signing.
       packages: write # for uploading attestations. (https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#known-issues)
     if: ${{ github.repository == 'argoproj/argo-cd' && github.event_name == 'push' }}
     # Must be refernced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.7.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.10.0
     with:
-      image: ghcr.io/argoproj/argo-cd/argocd
+      image: quay.io/argoproj/argocd
       digest: ${{ needs.build-and-publish.outputs.image-digest }}
-      registry-username: ${{ github.actor }}
     secrets:
-      registry-password: ${{ secrets.GITHUB_TOKEN }}
+      registry-username: ${{ secrets.RELEASE_QUAY_USERNAME }}
+      registry-password: ${{ secrets.RELEASE_QUAY_TOKEN }}
 
   Deploy:
     needs:
@@ -104,7 +103,7 @@ jobs:
     if: ${{ github.repository == 'argoproj/argo-cd' && github.event_name == 'push' }}
     runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.3.0
+      - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
       - run: git clone "https://$TOKEN@github.com/argoproj/argoproj-deployments"
         env:
           TOKEN: ${{ secrets.TOKEN }}

.github/workflows/init-release.yaml

@@ -23,7 +23,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9  # v3.2.0
+        uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b  # v3.2.0
         with:
           fetch-depth: 0
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -56,15 +56,8 @@ jobs:
           make manifests-local VERSION=${{ inputs.TARGET_VERSION }}
           git diff
 
-      - name: Generate version compatibility table
-        run: |
-          git stash
-          bash hack/update-supported-versions.sh
-          git add -u .
-          git stash pop
-
       - name: Create pull request
-        uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38  # v5.0.2
+        uses: peter-evans/create-pull-request@38e0b6e68b4c852a5500a94740f0e535e0d7ba54  # v4.2.4
         with:
           commit-message: "Bump version to ${{ inputs.TARGET_VERSION }}"
           title: "Bump version to ${{ inputs.TARGET_VERSION }} on ${{ inputs.TARGET_BRANCH }} branch"

.github/workflows/pr-title-check.yml

@@ -2,11 +2,15 @@ name: "Lint PR"
 
 on:
   pull_request_target:
-    types: [opened, edited, reopened, synchronize]
+    types:
+      - opened
+      - edited
+      - synchronize
 
 # IMPORTANT: No checkout actions, scripts, or builds should be added to this workflow. Permissions should always be used
-# with extreme caution. https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target
-permissions: {}
+# with extreme caution.
+permissions:
+  contents: read
 
 # PR updates can happen in quick succession leading to this
 # workflow being trigger a number of times. This limits it
@@ -14,16 +18,24 @@ permissions: {}
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
 
-
 jobs:
-  validate:
+  main:
     permissions:
-      contents: read
-      pull-requests: read
-    name: Validate PR Title
+      pull-requests: read  # for amannn/action-semantic-pull-request to analyze PRs
+      statuses: write  # for amannn/action-semantic-pull-request to mark status of analyzed PR
+    name: Validate PR title
     runs-on: ubuntu-latest
     steps:
-      - uses: thehanimo/pr-title-checker@0cf5902181e78341bb97bb06646396e5bd354b3f # v1.4.0
+      # IMPORTANT: Carefully review changes when updating this action. Using the pull_request_target event requires caution.
+      - uses: amannn/action-semantic-pull-request@b6bca70dcd3e56e896605356ce09b76f7e1e0d39 # v5.1.0
         with:
+          types: |
+            feat
+            fix
+            docs
+            test
+            ci
+            chore
+            [Bot] docs
+        env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          configuration_path: ".github/pr-title-checker-config.json"

.github/workflows/release.yaml

@@ -38,7 +38,7 @@ jobs:
         packages: write # for uploading attestations. (https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#known-issues)
       # Must be refernced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
       if: github.repository == 'argoproj/argo-cd'
-      uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.7.0
+      uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.10.0
       with:
         image: quay.io/argoproj/argocd
         digest: ${{ needs.argocd-image.outputs.image-digest }}
@@ -59,7 +59,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
         with:
           fetch-depth: 0
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -77,7 +77,7 @@ jobs:
           fi
 
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
 
@@ -88,14 +88,14 @@ jobs:
           echo "GIT_TREE_STATE=$(if [ -z "`git status --porcelain`" ]; then echo "clean" ; else echo "dirty"; fi)" >> $GITHUB_ENV
 
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0
+        uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b # v4.2.0
         id: run-goreleaser
         with:
           version: latest
           args: release --clean --timeout 55m
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          KUBECTL_VERSION: ${{ env.KUBECTL_VERSION }}
+          KUBECTL_VERSION: ${{ env.KUBECTL_VERSION }} 
           GIT_TREE_STATE: ${{ env.GIT_TREE_STATE }}
 
       - name: Generate subject for provenance
@@ -120,35 +120,39 @@ jobs:
       contents: write #  Needed for release uploads
     if: github.repository == 'argoproj/argo-cd'
     # Must be refernced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.7.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
     with:
       base64-subjects: "${{ needs.goreleaser.outputs.hashes }}"
       provenance-name: "argocd-cli.intoto.jsonl"
       upload-assets: true
 
   generate-sbom:
-    name: Create SBOM and generate hash
+    name: Create Sbom and sign assets
     needs:
       - argocd-image
       - goreleaser
     permissions:
       contents: write # Needed for release uploads
-    outputs:
-      hashes: ${{ steps.sbom-hash.outputs.hashes}}
+      id-token: write # Needed for signing Sbom
     if: github.repository == 'argoproj/argo-cd'
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.2.0
+        uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
         with:
           fetch-depth: 0
           token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Setup Golang
-        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
+        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
 
+      - name: Install cosign
+        uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0
+        with:
+          cosign-release: 'v2.2.1'
+
       - name: Generate SBOM (spdx)
         id: spdx-builder
         env:
@@ -179,23 +183,22 @@ jobs:
 
           cd /tmp && tar -zcf sbom.tar.gz *.spdx
 
-      - name: Generate SBOM hash
-        shell: bash
-        id: sbom-hash
+      - name: Sign SBOM
         run: |
-          # sha256sum generates sha256 hash for sbom.
-          # base64 -w0 encodes to base64 and outputs on a single line.
-          # sha256sum /tmp/sbom.tar.gz ... | base64 -w0
-          echo "hashes=$(sha256sum /tmp/sbom.tar.gz | base64 -w0)" >> "$GITHUB_OUTPUT"
+          cosign sign-blob \
+            --output-certificate=/tmp/sbom.tar.gz.pem \
+            --output-signature=/tmp/sbom.tar.gz.sig \
+            -y \
+            /tmp/sbom.tar.gz
 
-      - name: Upload SBOM
+      - name: Upload SBOM and signature assets
         uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           files: |
             /tmp/sbom.tar.gz
-
+  
   sbom-provenance:
     needs: [generate-sbom]
     permissions:
@@ -204,7 +207,7 @@ jobs:
       contents: write #  Needed for release uploads
     if: github.repository == 'argoproj/argo-cd'
     # Must be refernced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.7.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
     with:
       base64-subjects: "${{ needs.generate-sbom.outputs.hashes }}"
       provenance-name: "argocd-sbom.intoto.jsonl"
@@ -222,7 +225,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.2.0
+        uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
         with:
           fetch-depth: 0
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -265,8 +268,8 @@ jobs:
           set -xue
           SOURCE_TAG=${{ github.ref_name }}
           VERSION_REF="${SOURCE_TAG#*v}"
-          if echo "$VERSION_REF" | grep -E -- '^[0-9]+\.[0-9]+\.0-rc1';then
-            VERSION=$(awk 'BEGIN {FS=OFS="."} {$2++; print}' <<< "${VERSION_REF%-rc1}")
+          if echo "$VERSION_REF" | grep -E -- '^[0-9]+\.[0-9]+\.0$';then
+            VERSION=$(awk 'BEGIN {FS=OFS="."} {$2++; print}' <<< "${VERSION_REF}")
             echo "Updating VERSION to: $VERSION"
             echo "UPDATE_VERSION=true" >> $GITHUB_ENV
             echo "NEW_VERSION=$VERSION" >> $GITHUB_ENV
@@ -281,7 +284,7 @@ jobs:
         if: ${{ env.UPDATE_VERSION == 'true' }}
 
       - name: Create PR to update VERSION on master branch
-        uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5.0.2
+        uses: peter-evans/create-pull-request@38e0b6e68b4c852a5500a94740f0e535e0d7ba54 # v4.2.4
         with:
           commit-message: Bump version in master
           title: "chore: Bump version in master"

.github/workflows/scorecard.yaml

@@ -30,12 +30,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
+        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
         with:
           results_file: results.sarif
           results_format: sarif

.github/workflows/update-snyk.yaml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
       - name: Build reports

.gitignore

@@ -18,7 +18,6 @@ node_modules/
 .kube/
 ./test/cmp/*.sock
 .envrc.remote
-.*.swp
 
 # ignore built binaries
 cmd/argocd/argocd

.gitpod.Dockerfile

@@ -13,8 +13,6 @@ ENV GOCACHE=/go-build-cache
 RUN apt-get install redis-server -y
 RUN go install github.com/mattn/goreman@latest
 
-RUN chown -R gitpod:gitpod /go-build-cache
-
 USER gitpod
 
 ENV ARGOCD_REDIS_LOCAL=true

.goreleaser.yaml

@@ -114,7 +114,6 @@ changelog:
     exclude:
       - '^test:'
       - '^.*?Bump(\([[:word:]]+\))?.+$'
-      - '^.*?[Bot](\([[:word:]]+\))?.+$'
 
 
 # yaml-language-server: $schema=https://goreleaser.com/static/schema.json

Dockerfile

@@ -1,10 +1,10 @@
-ARG BASE_IMAGE=docker.io/library/ubuntu:22.04@sha256:ac58ff7fe25edc58bdf0067ca99df00014dbd032e2246d30a722fa348fd799a5
+ARG BASE_IMAGE=docker.io/library/ubuntu:22.04@sha256:0bced47fffa3361afa981854fcabcd4577cd43cebbb808cea2b1f33a3dd7f508
 ####################################################################################################
 # Builder image
 # Initial stage which pulls prepares build dependencies and CLI tooling we need for our final image
 # Also used as the image in CI jobs so needs all dependencies
 ####################################################################################################
-FROM docker.io/library/golang:1.20.6@sha256:8e5a0067e6b387263a01d06b91ef1a983f90e9638564f6e25392fd2695f7ab6c AS builder
+FROM docker.io/library/golang:1.20.10@sha256:077ff85b374b23916b4b41835e242e5a3ddad9fc537ea7e980f230431747d245 AS builder
 
 RUN echo 'deb http://deb.debian.org/debian buster-backports main' >> /etc/apt/sources.list
 
@@ -83,7 +83,7 @@ WORKDIR /home/argocd
 ####################################################################################################
 # Argo CD UI stage
 ####################################################################################################
-FROM --platform=$BUILDPLATFORM docker.io/library/node:20.3.1@sha256:2f0b0c15f97441defa812268ee943bbfaaf666ea6cf7cac62ee3f127906b35c6 AS argocd-ui
+FROM --platform=$BUILDPLATFORM docker.io/library/node:18.15.0@sha256:8d9a875ee427897ef245302e31e2319385b092f1c3368b497e89790f240368f5 AS argocd-ui
 
 WORKDIR /src
 COPY ["ui/package.json", "ui/yarn.lock", "./"]
@@ -101,7 +101,7 @@ RUN HOST_ARCH=$TARGETARCH NODE_ENV='production' NODE_ONLINE_ENV='online' NODE_OP
 ####################################################################################################
 # Argo CD Build stage which performs the actual build of Argo CD binaries
 ####################################################################################################
-FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.20.6@sha256:8e5a0067e6b387263a01d06b91ef1a983f90e9638564f6e25392fd2695f7ab6c AS argocd-build
+FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.20.10@sha256:077ff85b374b23916b4b41835e242e5a3ddad9fc537ea7e980f230431747d245 AS argocd-build
 
 WORKDIR /go/src/github.com/argoproj/argo-cd
 
@@ -113,18 +113,7 @@ COPY . .
 COPY --from=argocd-ui /src/dist/app /go/src/github.com/argoproj/argo-cd/ui/dist/app
 ARG TARGETOS
 ARG TARGETARCH
-# These build args are optional; if not specified the defaults will be taken from the Makefile
-ARG GIT_TAG
-ARG BUILD_DATE
-ARG GIT_TREE_STATE
-ARG GIT_COMMIT
-RUN GIT_COMMIT=$GIT_COMMIT \
-    GIT_TREE_STATE=$GIT_TREE_STATE \
-    GIT_TAG=$GIT_TAG \
-    BUILD_DATE=$BUILD_DATE \
-    GOOS=$TARGETOS \
-    GOARCH=$TARGETARCH \
-    make argocd-all
+RUN GOOS=$TARGETOS GOARCH=$TARGETARCH make argocd-all
 
 ####################################################################################################
 # Final image

Makefile

@@ -9,13 +9,11 @@ GEN_RESOURCES_CLI_NAME=argocd-resources-gen
 HOST_OS:=$(shell go env GOOS)
 HOST_ARCH:=$(shell go env GOARCH)
 
-TARGET_ARCH?=linux/amd64
-
 VERSION=$(shell cat ${CURRENT_DIR}/VERSION)
-BUILD_DATE:=$(if $(BUILD_DATE),$(BUILD_DATE),$(shell date -u +'%Y-%m-%dT%H:%M:%SZ'))
-GIT_COMMIT:=$(if $(GIT_COMMIT),$(GIT_COMMIT),$(shell git rev-parse HEAD))
-GIT_TAG:=$(if $(GIT_TAG),$(GIT_TAG),$(shell if [ -z "`git status --porcelain`" ]; then git describe --exact-match --tags HEAD 2>/dev/null; fi))
-GIT_TREE_STATE:=$(if $(GIT_TREE_STATE),$(GIT_TREE_STATE),$(shell if [ -z "`git status --porcelain`" ]; then echo "clean" ; else echo "dirty"; fi))
+BUILD_DATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ')
+GIT_COMMIT=$(shell git rev-parse HEAD)
+GIT_TAG=$(shell if [ -z "`git status --porcelain`" ]; then git describe --exact-match --tags HEAD 2>/dev/null; fi)
+GIT_TREE_STATE=$(shell if [ -z "`git status --porcelain`" ]; then echo "clean" ; else echo "dirty"; fi)
 VOLUME_MOUNT=$(shell if test "$(go env GOOS)" = "darwin"; then echo ":delegated"; elif test selinuxenabled; then echo ":delegated"; else echo ""; fi)
 KUBECTL_VERSION=$(shell go list -m k8s.io/client-go | head -n 1 | rev | cut -d' ' -f1 | rev)
 
@@ -148,8 +146,7 @@ override LDFLAGS += \
   -X ${PACKAGE}.buildDate=${BUILD_DATE} \
   -X ${PACKAGE}.gitCommit=${GIT_COMMIT} \
   -X ${PACKAGE}.gitTreeState=${GIT_TREE_STATE}\
-  -X ${PACKAGE}.kubectlVersion=${KUBECTL_VERSION}\
-  -X "${PACKAGE}.extraBuildInfo=${EXTRA_BUILD_INFO}"
+  -X ${PACKAGE}.kubectlVersion=${KUBECTL_VERSION}
 
 ifeq (${STATIC_BUILD}, true)
 override LDFLAGS += -extldflags "-static"
@@ -285,7 +282,7 @@ controller:
 
 .PHONY: build-ui
 build-ui:
-	DOCKER_BUILDKIT=1 docker build -t argocd-ui --platform=$(TARGET_ARCH) --target argocd-ui .
+	DOCKER_BUILDKIT=1 docker build -t argocd-ui --target argocd-ui .
 	find ./ui/dist -type f -not -name gitkeep -delete
 	docker run -v ${CURRENT_DIR}/ui/dist/app:/tmp/app --rm -t argocd-ui sh -c 'cp -r ./dist/app/* /tmp/app/'
 
@@ -296,7 +293,7 @@ ifeq ($(DEV_IMAGE), true)
 # the dist directory is under .dockerignore.
 IMAGE_TAG="dev-$(shell git describe --always --dirty)"
 image: build-ui
-	DOCKER_BUILDKIT=1 docker build --platform=$(TARGET_ARCH) -t argocd-base --target argocd-base .
+	DOCKER_BUILDKIT=1 docker build --platform=linux/amd64 -t argocd-base --target argocd-base .
 	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GODEBUG="tarinsecurepath=0,zipinsecurepath=0" go build -v -ldflags '${LDFLAGS}' -o ${DIST_DIR}/argocd ./cmd
 	ln -sfn ${DIST_DIR}/argocd ${DIST_DIR}/argocd-server
 	ln -sfn ${DIST_DIR}/argocd ${DIST_DIR}/argocd-application-controller
@@ -304,10 +301,10 @@ image: build-ui
 	ln -sfn ${DIST_DIR}/argocd ${DIST_DIR}/argocd-cmp-server
 	ln -sfn ${DIST_DIR}/argocd ${DIST_DIR}/argocd-dex
 	cp Dockerfile.dev dist
-	DOCKER_BUILDKIT=1 docker build --platform=$(TARGET_ARCH) -t $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) -f dist/Dockerfile.dev dist
+	DOCKER_BUILDKIT=1 docker build --platform=linux/amd64 -t $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) -f dist/Dockerfile.dev dist
 else
 image:
-	DOCKER_BUILDKIT=1 docker build -t $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) --platform=$(TARGET_ARCH) .
+	DOCKER_BUILDKIT=1 docker build -t $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) .
 endif
 	@if [ "$(DOCKER_PUSH)" = "true" ] ; then docker push $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) ; fi
 
@@ -459,8 +456,6 @@ start-e2e-local: mod-vendor-local dep-ui-local cli-local
 	ARGOCD_IN_CI=$(ARGOCD_IN_CI) \
 	BIN_MODE=$(ARGOCD_BIN_MODE) \
 	ARGOCD_APPLICATION_NAMESPACES=argocd-e2e-external \
-	ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES=argocd-e2e-external \
-	ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS=http://127.0.0.1:8341,http://127.0.0.1:8342,http://127.0.0.1:8343,http://127.0.0.1:8344 \
 	ARGOCD_E2E_TEST=true \
 		goreman -f $(ARGOCD_PROCFILE) start ${ARGOCD_START}
 

Procfile

@@ -1,12 +1,12 @@
 controller: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-application-controller $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --otlp-address=${ARGOCD_OTLP_ADDRESS} --application-namespaces=${ARGOCD_APPLICATION_NAMESPACES:-''}"
 api-server: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-server $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --disable-auth=${ARGOCD_E2E_DISABLE_AUTH:-'true'} --insecure --dex-server http://localhost:${ARGOCD_E2E_DEX_PORT:-5556} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --port ${ARGOCD_E2E_APISERVER_PORT:-8080} --otlp-address=${ARGOCD_OTLP_ADDRESS} --application-namespaces=${ARGOCD_APPLICATION_NAMESPACES:-''}"
-dex: sh -c "ARGOCD_BINARY_NAME=argocd-dex go run github.com/argoproj/argo-cd/v2/cmd gendexcfg -o `pwd`/dist/dex.yaml && (test -f dist/dex.yaml || { echo 'Failed to generate dex configuration'; exit 1; }) && docker run --rm -p ${ARGOCD_E2E_DEX_PORT:-5556}:${ARGOCD_E2E_DEX_PORT:-5556} -v `pwd`/dist/dex.yaml:/dex.yaml ghcr.io/dexidp/dex:$(grep "image: ghcr.io/dexidp/dex" manifests/base/dex/argocd-dex-server-deployment.yaml | cut -d':' -f3) dex serve /dex.yaml"
-redis: bash -c "if [ \"$ARGOCD_REDIS_LOCAL\" = 'true' ]; then redis-server --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; else docker run --rm --name argocd-redis -i -p ${ARGOCD_E2E_REDIS_PORT:-6379}:${ARGOCD_E2E_REDIS_PORT:-6379} docker.io/library/redis:$(grep "image: redis" manifests/base/redis/argocd-redis-deployment.yaml | cut -d':' -f3) --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; fi"
+dex: sh -c "ARGOCD_BINARY_NAME=argocd-dex go run github.com/argoproj/argo-cd/v2/cmd gendexcfg -o `pwd`/dist/dex.yaml && docker run --rm -p ${ARGOCD_E2E_DEX_PORT:-5556}:${ARGOCD_E2E_DEX_PORT:-5556} -v `pwd`/dist/dex.yaml:/dex.yaml ghcr.io/dexidp/dex:$(grep "image: ghcr.io/dexidp/dex" manifests/base/dex/argocd-dex-server-deployment.yaml | cut -d':' -f3) dex serve /dex.yaml"
+redis: bash -c "if [ \"$ARGOCD_REDIS_LOCAL\" = 'true' ]; then redis-server --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; else docker run --rm --name argocd-redis -i -p ${ARGOCD_E2E_REDIS_PORT:-6379}:${ARGOCD_E2E_REDIS_PORT:-6379} redis:$(grep "image: redis" manifests/base/redis/argocd-redis-deployment.yaml | cut -d':' -f3) --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; fi"
 repo-server: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_GNUPGHOME=${ARGOCD_GNUPGHOME:-/tmp/argocd-local/gpg/keys} ARGOCD_PLUGINSOCKFILEPATH=${ARGOCD_PLUGINSOCKFILEPATH:-./test/cmp}  ARGOCD_GPG_DATA_PATH=${ARGOCD_GPG_DATA_PATH:-/tmp/argocd-local/gpg/source} ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-repo-server ARGOCD_GPG_ENABLED=${ARGOCD_GPG_ENABLED:-false} $COMMAND --loglevel debug --port ${ARGOCD_E2E_REPOSERVER_PORT:-8081} --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --otlp-address=${ARGOCD_OTLP_ADDRESS}"
 cmp-server: [ "$ARGOCD_E2E_TEST" = 'true' ] && exit 0 || [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_BINARY_NAME=argocd-cmp-server ARGOCD_PLUGINSOCKFILEPATH=${ARGOCD_PLUGINSOCKFILEPATH:-./test/cmp} $COMMAND --config-dir-path ./test/cmp --loglevel debug --otlp-address=${ARGOCD_OTLP_ADDRESS}"
 ui: sh -c 'cd ui && ${ARGOCD_E2E_YARN_CMD:-yarn} start'
 git-server: test/fixture/testrepos/start-git.sh
 helm-registry: test/fixture/testrepos/start-helm-registry.sh
 dev-mounter: [[ "$ARGOCD_E2E_TEST" != "true" ]] && go run hack/dev-mounter/main.go --configmap argocd-ssh-known-hosts-cm=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} --configmap argocd-tls-certs-cm=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} --configmap argocd-gpg-keys-cm=${ARGOCD_GPG_DATA_PATH:-/tmp/argocd-local/gpg/source}
-applicationset-controller: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=4 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-applicationset-controller $COMMAND --loglevel debug --metrics-addr localhost:12345 --probe-addr localhost:12346 --argocd-repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081}"
+applicationset-controller: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=4 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_ASK_PASS_SOCK=/tmp/applicationset-ask-pass.sock ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-applicationset-controller $COMMAND --loglevel debug --metrics-addr localhost:12345 --probe-addr localhost:12346 --argocd-repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081}"
 notification: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=4 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_BINARY_NAME=argocd-notifications $COMMAND --loglevel debug"

README.md

@@ -1,7 +1,6 @@
 **Releases:**
 [![Release Version](https://img.shields.io/github/v/release/argoproj/argo-cd?label=argo-cd)](https://github.com/argoproj/argo-cd/releases/latest)
 [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo-cd)](https://artifacthub.io/packages/helm/argo/argo-cd)
-[![SLSA 3](https://slsa.dev/images/gh-badge-level3.svg)](https://slsa.dev)
 
 **Code:** 
 [![Integration tests](https://github.com/argoproj/argo-cd/workflows/Integration%20tests/badge.svg?branch=master)](https://github.com/argoproj/argo-cd/actions?query=workflow%3A%22Integration+tests%22)

SECURITY.md

@@ -63,10 +63,9 @@ We will publish security advisories using the
 feature to keep our community well-informed, and will credit you for your
 findings (unless you prefer to stay anonymous, of course).
 
-There are two ways to report a vulnerability to the Argo CD team:
+Please report vulnerabilities by e-mail to the following address:
 
-* By opening a draft GitHub security advisory: https://github.com/argoproj/argo-cd/security/advisories/new
-* By e-mail to the following address: cncf-argo-security@lists.cncf.io
+* cncf-argo-security@lists.cncf.io
 
 ## Internet Bug Bounty collaboration
 

USERS.md

@@ -14,7 +14,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Adyen](https://www.adyen.com)
 1. [AirQo](https://airqo.net/)
 1. [Akuity](https://akuity.io/)
-1. [Albert Heijn](https://ah.nl/)
 1. [Alibaba Group](https://www.alibabagroup.com/)
 1. [Allianz Direct](https://www.allianzdirect.de/)
 1. [Amadeus IT Group](https://amadeus.com/)
@@ -34,11 +33,11 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [BigPanda](https://bigpanda.io)
 1. [BioBox Analytics](https://biobox.io)
 1. [BMW Group](https://www.bmwgroup.com/)
+1. [PT Boer Technology (Btech)](https://btech.id/)
 1. [Boozt](https://www.booztgroup.com/)
 1. [Boticario](https://www.boticario.com.br/)
 1. [Bulder Bank](https://bulderbank.no)
 1. [Camptocamp](https://camptocamp.com)
-1. [Candis](https://www.candis.io)
 1. [Capital One](https://www.capitalone.com)
 1. [CARFAX](https://www.carfax.com)
 1. [CARFAX Europe](https://www.carfax.eu)
@@ -46,24 +45,21 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Celonis](https://www.celonis.com/)
 1. [CERN](https://home.cern/)
 1. [Chargetrip](https://chargetrip.com)
-1. [Chainnodes](https://chainnodes.org)
 1. [Chime](https://www.chime.com)
 1. [Cisco ET&I](https://eti.cisco.com/)
 1. [Cloud Posse](https://www.cloudposse.com/)
 1. [Cloud Scale](https://cloudscaleinc.com/)
 1. [Cloudmate](https://cloudmt.co.kr/)
-1. [Cloudogu](https://cloudogu.com/)
 1. [Cobalt](https://www.cobalt.io/)
 1. [Codefresh](https://www.codefresh.io/)
 1. [Codility](https://www.codility.com/)
 1. [Commonbond](https://commonbond.co/)
 1. [Coralogix](https://coralogix.com/)
-1. [Crédit Agricole CIB](https://www.ca-cib.com)
 1. [CROZ d.o.o.](https://croz.net/)
+1. [Crédit Agricole CIB](https://www.ca-cib.com)
 1. [CyberAgent](https://www.cyberagent.co.jp/en/)
 1. [Cybozu](https://cybozu-global.com)
 1. [D2iQ](https://www.d2iq.com)
-1. [DaoCloud](https://daocloud.io/)
 1. [Datarisk](https://www.datarisk.io/)
 1. [Deloitte](https://www.deloitte.com/)
 1. [Deutsche Telekom AG](https://telekom.com)
@@ -103,8 +99,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [GlueOps](https://glueops.dev)
 1. [GMETRI](https://gmetri.com/)
 1. [Gojek](https://www.gojek.io/)
-1. [GoTo](https://www.goto.com/)
-1. [GoTo Financial](https://gotofinancial.com/)
 1. [Greenpass](https://www.greenpass.com.br/)
 1. [Gridfuse](https://gridfuse.com/)
 1. [Groww](https://groww.in)
@@ -116,7 +110,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [hipages](https://hipages.com.au/)
 1. [Hiya](https://hiya.com)
 1. [Honestbank](https://honestbank.com)
-1. [Hostinger](https://www.hostinger.com)
 1. [IBM](https://www.ibm.com/)
 1. [Ibotta](https://home.ibotta.com)
 1. [IITS-Consulting](https://iits-consulting.de)
@@ -130,11 +123,10 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [JovianX](https://www.jovianx.com/)
 1. [Kaltura](https://corp.kaltura.com/)
 1. [Kandji](https://www.kandji.io/)
-1. [Karrot](https://www.daangn.com/)
 1. [KarrotPay](https://www.daangnpay.com/)
+1. [Karrot](https://www.daangn.com/)
 1. [Kasa](https://kasa.co.kr/)
 1. [Keeeb](https://www.keeeb.com/)
-1. [KelkooGroup](https://www.kelkoogroup.com)
 1. [Keptn](https://keptn.sh)
 1. [Kinguin](https://www.kinguin.net/)
 1. [KintoHub](https://www.kintohub.com/)
@@ -147,7 +139,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Lightricks](https://www.lightricks.com/)
 1. [LINE](https://linecorp.com/en/)
 1. [Loom](https://www.loom.com/)
-1. [Lucid Motors](https://www.lucidmotors.com/)
 1. [Lytt](https://www.lytt.co/)
 1. [Magic Leap](https://www.magicleap.com/)
 1. [Majid Al Futtaim](https://www.majidalfuttaim.com/)
@@ -158,12 +149,10 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Max Kelsen](https://www.maxkelsen.com/)
 1. [MeDirect](https://medirect.com.mt/)
 1. [Meican](https://meican.com/)
-1. [Meilleurs Agents](https://www.meilleursagents.com/)
 1. [Mercedes-Benz Tech Innovation](https://www.mercedes-benz-techinnovation.com/)
 1. [Metanet](http://www.metanet.co.kr/en/)
 1. [MindSpore](https://mindspore.cn)
 1. [Mirantis](https://mirantis.com/)
-1. [Mission Lane](https://missionlane.com)
 1. [mixi Group](https://mixi.co.jp/)
 1. [Moengage](https://www.moengage.com/)
 1. [Money Forward](https://corp.moneyforward.com/en/)
@@ -179,7 +168,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Objective](https://www.objective.com.br/)
 1. [OCCMundial](https://occ.com.mx)
 1. [Octadesk](https://octadesk.com)
-1. [Olfeo](https://www.olfeo.com/)
 1. [omegaUp](https://omegaUp.com)
 1. [Omni](https://omni.se/)
 1. [openEuler](https://openeuler.org)
@@ -192,14 +180,14 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [OpsVerse](https://opsverse.io)
 1. [Optoro](https://www.optoro.com/)
 1. [Orbital Insight](https://orbitalinsight.com/)
-1. [Oscar Health Insurance](https://hioscar.com/)
 1. [p3r](https://www.p3r.one/)
 1. [Packlink](https://www.packlink.com/)
-1. [PagerDuty](https://www.pagerduty.com/)
 1. [Pandosearch](https://www.pandosearch.com/en/home)
+1. [PagerDuty](https://www.pagerduty.com/)
 1. [Patreon](https://www.patreon.com/)
 1. [PayPay](https://paypay.ne.jp/)
 1. [Peloton Interactive](https://www.onepeloton.com/)
+1. [PGS](https://www.pgs.com)
 1. [Pigment](https://www.gopigment.com/)
 1. [Pipefy](https://www.pipefy.com/)
 1. [Pismo](https://pismo.io/)
@@ -207,13 +195,9 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Polarpoint.io](https://polarpoint.io)
 1. [PostFinance](https://github.com/postfinance)
 1. [Preferred Networks](https://preferred.jp/en/)
-1. [Previder BV](https://previder.nl)
-1. [Procore](https://www.procore.com)
 1. [Productboard](https://www.productboard.com/)
 1. [Prudential](https://prudential.com.sg)
-1. [PT Boer Technology (Btech)](https://btech.id/)
 1. [PUBG](https://www.pubg.com)
-1. [Puzzle ITC](https://www.puzzle.ch/)
 1. [Qonto](https://qonto.com)
 1. [QuintoAndar](https://quintoandar.com.br)
 1. [Quipper](https://www.quipper.com/)
@@ -233,7 +217,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Sap Labs](http://sap.com)
 1. [Sauce Labs](https://saucelabs.com/)
 1. [Schwarz IT](https://jobs.schwarz/it-mission)
-1. [SEEK](https://seek.com.au)
 1. [SI Analytics](https://si-analytics.ai)
 1. [Skit](https://skit.ai/)
 1. [Skyscanner](https://www.skyscanner.net/)
@@ -248,7 +231,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Spendesk](https://spendesk.com/)
 1. [Splunk](https://splunk.com/)
 1. [Spores Labs](https://spores.app)
-1. [StreamNative](https://streamnative.io)
 1. [Stuart](https://stuart.com/)
 1. [Sumo Logic](https://sumologic.com/)
 1. [Sutpc](http://www.sutpc.com/)
@@ -262,7 +244,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Techcombank](https://www.techcombank.com.vn/trang-chu)
 1. [Technacy](https://www.technacy.it/)
 1. [Tesla](https://tesla.com/)
-1. [The Scale Factory](https://www.scalefactory.com/)
 1. [ThousandEyes](https://www.thousandeyes.com/)
 1. [Ticketmaster](https://ticketmaster.com)
 1. [Tiger Analytics](https://www.tigeranalytics.com/)
@@ -280,7 +261,6 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Universidad Mesoamericana](https://www.umes.edu.gt/)
 1. [Urbantz](https://urbantz.com/)
 1. [Vectra](https://www.vectra.ai)
-1. [Veepee](https://www.veepee.com)
 1. [Viaduct](https://www.viaduct.ai/)
 1. [Vinted](https://vinted.com/)
 1. [Virtuo](https://www.govirtuo.com/)
@@ -302,6 +282,5 @@ Currently, the following organizations are **officially** using Argo CD:
 1. [Yieldlab](https://www.yieldlab.de/)
 1. [Youverify](https://youverify.co/)
 1. [Yubo](https://www.yubo.live/)
-1. [ZDF](https://www.zdf.de/)
 1. [Zimpler](https://www.zimpler.com/)
 1. [ZOZO](https://corp.zozo.com/)

VERSION

@@ -1 +1 @@
-2.8.0
+2.7.18

applicationset/controllers/applicationset_controller.go

@@ -32,7 +32,6 @@ import (
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client"
-	"sigs.k8s.io/controller-runtime/pkg/controller"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"sigs.k8s.io/controller-runtime/pkg/event"
 	"sigs.k8s.io/controller-runtime/pkg/handler"
@@ -43,7 +42,6 @@ import (
 	"github.com/argoproj/argo-cd/v2/applicationset/utils"
 	"github.com/argoproj/argo-cd/v2/common"
 	"github.com/argoproj/argo-cd/v2/util/db"
-	"github.com/argoproj/argo-cd/v2/util/glob"
 
 	argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned"
@@ -58,10 +56,6 @@ const (
 	//   https://github.com/argoproj-labs/argocd-notifications/blob/33d345fa838829bb50fca5c08523aba380d2c12b/pkg/controller/state.go#L17
 	NotifiedAnnotationKey             = "notified.notifications.argoproj.io"
 	ReconcileRequeueOnValidationError = time.Minute * 3
-
-	// LabelKeyAppSetInstance is the label key to use to uniquely identify the apps of an applicationset
-	// The ArgoCD applicationset name is used as the instance name
-	LabelKeyAppSetInstance = "argocd.argoproj.io/application-set-name"
 )
 
 var (
@@ -74,19 +68,16 @@ var (
 // ApplicationSetReconciler reconciles a ApplicationSet object
 type ApplicationSetReconciler struct {
 	client.Client
-	Scheme               *runtime.Scheme
-	Recorder             record.EventRecorder
-	Generators           map[string]generators.Generator
-	ArgoDB               db.ArgoDB
-	ArgoAppClientset     appclientset.Interface
-	KubeClientset        kubernetes.Interface
-	Policy               argov1alpha1.ApplicationsSyncPolicy
-	EnablePolicyOverride bool
+	Scheme           *runtime.Scheme
+	Recorder         record.EventRecorder
+	Generators       map[string]generators.Generator
+	ArgoDB           db.ArgoDB
+	ArgoAppClientset appclientset.Interface
+	KubeClientset    kubernetes.Interface
+	utils.Policy
 	utils.Renderer
-	ArgoCDNamespace          string
-	ApplicationSetNamespaces []string
-	EnableProgressiveSyncs   bool
-	SCMRootCAPath            string
+
+	EnableProgressiveSyncs bool
 }
 
 // +kubebuilder:rbac:groups=argoproj.io,resources=applicationsets,verbs=get;list;watch;create;update;patch;delete
@@ -129,7 +120,7 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 
 	parametersGenerated = true
 
-	validateErrors, err := r.validateGeneratedApplications(ctx, desiredApplications, applicationSetInfo)
+	validateErrors, err := r.validateGeneratedApplications(ctx, desiredApplications, applicationSetInfo, req.Namespace)
 	if err != nil {
 		// While some generators may return an error that requires user intervention,
 		// other generators reference external resources that may change to cause
@@ -159,13 +150,15 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 
 	if r.EnableProgressiveSyncs {
 		if applicationSetInfo.Spec.Strategy == nil && len(applicationSetInfo.Status.ApplicationStatus) > 0 {
+			// If appset used progressive sync but stopped, clean up the progressive sync application statuses
 			log.Infof("Removing %v unnecessary AppStatus entries from ApplicationSet %v", len(applicationSetInfo.Status.ApplicationStatus), applicationSetInfo.Name)
 
 			err := r.setAppSetApplicationStatus(ctx, &applicationSetInfo, []argov1alpha1.ApplicationSetApplicationStatus{})
 			if err != nil {
 				return ctrl.Result{}, fmt.Errorf("failed to clear previous AppSet application statuses for %v: %w", applicationSetInfo.Name, err)
 			}
-		} else {
+		} else if applicationSetInfo.Spec.Strategy != nil {
+			// appset uses progressive sync
 			applications, err := r.getCurrentApplications(ctx, applicationSetInfo)
 			if err != nil {
 				return ctrl.Result{}, fmt.Errorf("failed to get current applications for application set: %w", err)
@@ -230,7 +223,7 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 		}
 	}
 
-	if utils.DefaultPolicy(applicationSetInfo.Spec.SyncPolicy, r.Policy, r.EnablePolicyOverride).AllowUpdate() {
+	if r.Policy.Update() {
 		err = r.createOrUpdateInCluster(ctx, applicationSetInfo, validApps)
 		if err != nil {
 			_ = r.setApplicationSetStatusCondition(ctx,
@@ -260,7 +253,7 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 		}
 	}
 
-	if utils.DefaultPolicy(applicationSetInfo.Spec.SyncPolicy, r.Policy, r.EnablePolicyOverride).AllowDelete() {
+	if r.Policy.Delete() {
 		err = r.deleteInCluster(ctx, applicationSetInfo, desiredApplications)
 		if err != nil {
 			_ = r.setApplicationSetStatusCondition(ctx,
@@ -295,7 +288,6 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 	}
 
 	requeueAfter := r.getMinRequeueAfter(&applicationSetInfo)
-	logCtx.WithField("requeueAfter", requeueAfter).Info("end reconcile")
 
 	if len(validateErrors) == 0 {
 		if err := r.setApplicationSetStatusCondition(ctx,
@@ -309,8 +301,13 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 		); err != nil {
 			return ctrl.Result{}, err
 		}
+	} else if requeueAfter == time.Duration(0) {
+		// Ensure that the request is requeued if there are validation errors.
+		requeueAfter = ReconcileRequeueOnValidationError
 	}
 
+	logCtx.WithField("requeueAfter", requeueAfter).Info("end reconcile")
+
 	return ctrl.Result{
 		RequeueAfter: requeueAfter,
 	}, nil
@@ -420,7 +417,7 @@ func (r *ApplicationSetReconciler) setApplicationSetStatusCondition(ctx context.
 
 // validateGeneratedApplications uses the Argo CD validation functions to verify the correctness of the
 // generated applications.
-func (r *ApplicationSetReconciler) validateGeneratedApplications(ctx context.Context, desiredApplications []argov1alpha1.Application, applicationSetInfo argov1alpha1.ApplicationSet) (map[int]error, error) {
+func (r *ApplicationSetReconciler) validateGeneratedApplications(ctx context.Context, desiredApplications []argov1alpha1.Application, applicationSetInfo argov1alpha1.ApplicationSet, namespace string) (map[int]error, error) {
 	errorsByIndex := map[int]error{}
 	namesSet := map[string]bool{}
 	for i, app := range desiredApplications {
@@ -432,7 +429,7 @@ func (r *ApplicationSetReconciler) validateGeneratedApplications(ctx context.Con
 			continue
 		}
 
-		proj, err := r.ArgoAppClientset.ArgoprojV1alpha1().AppProjects(r.ArgoCDNamespace).Get(ctx, app.Spec.GetProject(), metav1.GetOptions{})
+		proj, err := r.ArgoAppClientset.ArgoprojV1alpha1().AppProjects(namespace).Get(ctx, app.Spec.GetProject(), metav1.GetOptions{})
 		if err != nil {
 			if apierr.IsNotFound(err) {
 				errorsByIndex[i] = fmt.Errorf("application references project %s which does not exist", app.Spec.Project)
@@ -441,7 +438,7 @@ func (r *ApplicationSetReconciler) validateGeneratedApplications(ctx context.Con
 			return nil, err
 		}
 
-		if err := utils.ValidateDestination(ctx, &app.Spec.Destination, r.KubeClientset, r.ArgoCDNamespace); err != nil {
+		if err := utils.ValidateDestination(ctx, &app.Spec.Destination, r.KubeClientset, namespace); err != nil {
 			errorsByIndex[i] = fmt.Errorf("application destination spec is invalid: %s", err.Error())
 			continue
 		}
@@ -512,13 +509,9 @@ func (r *ApplicationSetReconciler) generateApplications(applicationSetInfo argov
 
 		for _, a := range t {
 			tmplApplication := getTempApplication(a.Template)
-			if tmplApplication.Labels == nil {
-				tmplApplication.Labels = make(map[string]string)
-			}
-			tmplApplication.Labels[LabelKeyAppSetInstance] = applicationSetInfo.Name
 
 			for _, p := range a.Params {
-				app, err := r.Renderer.RenderTemplateParams(tmplApplication, applicationSetInfo.Spec.SyncPolicy, p, applicationSetInfo.Spec.GoTemplate, applicationSetInfo.Spec.GoTemplateOptions)
+				app, err := r.Renderer.RenderTemplateParams(tmplApplication, applicationSetInfo.Spec.SyncPolicy, p, applicationSetInfo.Spec.GoTemplate)
 				if err != nil {
 					log.WithError(err).WithField("params", a.Params).WithField("generator", requestedGenerator).
 						Error("error generating application from params")
@@ -540,15 +533,7 @@ func (r *ApplicationSetReconciler) generateApplications(applicationSetInfo argov
 	return res, applicationSetReason, firstError
 }
 
-func ignoreNotAllowedNamespaces(namespaces []string) predicate.Predicate {
-	return predicate.Funcs{
-		CreateFunc: func(e event.CreateEvent) bool {
-			return glob.MatchStringInList(namespaces, e.Object.GetNamespace(), false)
-		},
-	}
-}
-
-func (r *ApplicationSetReconciler) SetupWithManager(mgr ctrl.Manager, enableProgressiveSyncs bool, maxConcurrentReconciliations int) error {
+func (r *ApplicationSetReconciler) SetupWithManager(mgr ctrl.Manager, enableProgressiveSyncs bool) error {
 	if err := mgr.GetFieldIndexer().IndexField(context.TODO(), &argov1alpha1.Application{}, ".metadata.controller", func(rawObj client.Object) []string {
 		// grab the job object, extract the owner...
 		app := rawObj.(*argov1alpha1.Application)
@@ -569,11 +554,9 @@ func (r *ApplicationSetReconciler) SetupWithManager(mgr ctrl.Manager, enableProg
 
 	ownsHandler := getOwnsHandlerPredicates(enableProgressiveSyncs)
 
-	return ctrl.NewControllerManagedBy(mgr).WithOptions(controller.Options{
-		MaxConcurrentReconciles: maxConcurrentReconciliations,
-	}).For(&argov1alpha1.ApplicationSet{}).
+	return ctrl.NewControllerManagedBy(mgr).
+		For(&argov1alpha1.ApplicationSet{}).
 		Owns(&argov1alpha1.Application{}, builder.WithPredicates(ownsHandler)).
-		WithEventFilter(ignoreNotAllowedNamespaces(r.ApplicationSetNamespaces)).
 		Watches(
 			&source.Kind{Type: &corev1.Secret{}},
 			&clusterSecretEventHandler{
@@ -704,7 +687,7 @@ func (r *ApplicationSetReconciler) deleteInCluster(ctx context.Context, applicat
 	// settingsMgr := settings.NewSettingsManager(context.TODO(), r.KubeClientset, applicationSet.Namespace)
 	// argoDB := db.NewDB(applicationSet.Namespace, settingsMgr, r.KubeClientset)
 	// clusterList, err := argoDB.ListClusters(ctx)
-	clusterList, err := utils.ListClusters(ctx, r.KubeClientset, r.ArgoCDNamespace)
+	clusterList, err := utils.ListClusters(ctx, r.KubeClientset, applicationSet.Namespace)
 	if err != nil {
 		return fmt.Errorf("error listing clusters: %w", err)
 	}
@@ -765,7 +748,7 @@ func (r *ApplicationSetReconciler) removeFinalizerOnInvalidDestination(ctx conte
 	var validDestination bool
 
 	// Detect if the destination is invalid (name doesn't correspond to a matching cluster)
-	if err := utils.ValidateDestination(ctx, &app.Spec.Destination, r.KubeClientset, r.ArgoCDNamespace); err != nil {
+	if err := utils.ValidateDestination(ctx, &app.Spec.Destination, r.KubeClientset, applicationSet.Namespace); err != nil {
 		appLog.Warnf("The destination cluster for %s couldn't be found: %v", app.Name, err)
 		validDestination = false
 	} else {

applicationset/controllers/applicationset_controller_test.go

@@ -26,11 +26,10 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"sigs.k8s.io/controller-runtime/pkg/event"
 
-	"github.com/argoproj/gitops-engine/pkg/health"
-	"github.com/argoproj/gitops-engine/pkg/sync/common"
-
 	"github.com/argoproj/argo-cd/v2/applicationset/generators"
 	"github.com/argoproj/argo-cd/v2/applicationset/utils"
+	"github.com/argoproj/gitops-engine/pkg/health"
+	"github.com/argoproj/gitops-engine/pkg/sync/common"
 
 	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 	appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake"
@@ -66,8 +65,8 @@ func (g *generatorMock) GetRequeueAfter(appSetGenerator *v1alpha1.ApplicationSet
 	return args.Get(0).(time.Duration)
 }
 
-func (r *rendererMock) RenderTemplateParams(tmpl *v1alpha1.Application, syncPolicy *v1alpha1.ApplicationSetSyncPolicy, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (*v1alpha1.Application, error) {
-	args := r.Called(tmpl, params, useGoTemplate, goTemplateOptions)
+func (r *rendererMock) RenderTemplateParams(tmpl *v1alpha1.Application, syncPolicy *v1alpha1.ApplicationSetSyncPolicy, params map[string]interface{}, useGoTemplate bool) (*v1alpha1.Application, error) {
+	args := r.Called(tmpl, params, useGoTemplate)
 
 	if args.Error(1) != nil {
 		return nil, args.Error(1)
@@ -165,14 +164,11 @@ func TestExtractApplications(t *testing.T) {
 			if cc.generateParamsError == nil {
 				for _, p := range cc.params {
 
-					tmpApplication := getTempApplication(cc.template)
-					tmpApplication.Labels[LabelKeyAppSetInstance] = appSet.Name
-
 					if cc.rendererError != nil {
-						rendererMock.On("RenderTemplateParams", getTempApplication(cc.template), p, false, []string(nil)).
+						rendererMock.On("RenderTemplateParams", getTempApplication(cc.template), p, false).
 							Return(nil, cc.rendererError)
 					} else {
-						rendererMock.On("RenderTemplateParams", getTempApplication(cc.template), p, false, []string(nil)).
+						rendererMock.On("RenderTemplateParams", getTempApplication(cc.template), p, false).
 							Return(&app, nil)
 						expectedApps = append(expectedApps, app)
 					}
@@ -289,21 +285,7 @@ func TestMergeTemplateApplications(t *testing.T) {
 
 			rendererMock := rendererMock{}
 
-			appSet := &v1alpha1.ApplicationSet{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "name",
-					Namespace: "namespace",
-				},
-				Spec: v1alpha1.ApplicationSetSpec{
-					Generators: []v1alpha1.ApplicationSetGenerator{generator},
-					Template:   cc.template,
-				},
-			}
-
-			tmpApplication := getTempApplication(cc.expectedMerged)
-			tmpApplication.Labels[LabelKeyAppSetInstance] = appSet.Name
-
-			rendererMock.On("RenderTemplateParams", tmpApplication, cc.params[0], false, []string(nil)).
+			rendererMock.On("RenderTemplateParams", getTempApplication(cc.expectedMerged), cc.params[0], false).
 				Return(&cc.expectedApps[0], nil)
 
 			r := ApplicationSetReconciler{
@@ -317,7 +299,17 @@ func TestMergeTemplateApplications(t *testing.T) {
 				KubeClientset: kubefake.NewSimpleClientset(),
 			}
 
-			got, _, _ := r.generateApplications(*appSet)
+			got, _, _ := r.generateApplications(v1alpha1.ApplicationSet{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "name",
+					Namespace: "namespace",
+				},
+				Spec: v1alpha1.ApplicationSetSpec{
+					Generators: []v1alpha1.ApplicationSetGenerator{generator},
+					Template:   cc.template,
+				},
+			},
+			)
 
 			assert.Equal(t, cc.expectedApps, got)
 		})
@@ -1881,14 +1873,13 @@ func TestValidateGeneratedApplications(t *testing.T) {
 				Recorder:         record.NewFakeRecorder(1),
 				Generators:       map[string]generators.Generator{},
 				ArgoDB:           &argoDBMock,
-				ArgoCDNamespace:  "namespace",
 				ArgoAppClientset: appclientset.NewSimpleClientset(argoObjs...),
 				KubeClientset:    kubeclientset,
 			}
 
 			appSetInfo := v1alpha1.ApplicationSet{}
 
-			validationErrors, _ := r.validateGeneratedApplications(context.TODO(), cc.apps, appSetInfo)
+			validationErrors, _ := r.validateGeneratedApplications(context.TODO(), cc.apps, appSetInfo, "namespace")
 			var errorMessages []string
 			for _, v := range validationErrors {
 				errorMessages = append(errorMessages, v.Error())
@@ -1989,8 +1980,7 @@ func TestReconcilerValidationErrorBehaviour(t *testing.T) {
 		ArgoDB:           &argoDBMock,
 		ArgoAppClientset: appclientset.NewSimpleClientset(argoObjs...),
 		KubeClientset:    kubeclientset,
-		Policy:           v1alpha1.ApplicationsSyncPolicySync,
-		ArgoCDNamespace:  "argocd",
+		Policy:           &utils.SyncPolicy{},
 	}
 
 	req := ctrl.Request{
@@ -2003,7 +1993,7 @@ func TestReconcilerValidationErrorBehaviour(t *testing.T) {
 	// Verify that on validation error, no error is returned, but the object is requeued
 	res, err := r.Reconcile(context.Background(), req)
 	assert.Nil(t, err)
-	assert.True(t, res.RequeueAfter == 0)
+	assert.True(t, res.RequeueAfter == ReconcileRequeueOnValidationError)
 
 	var app v1alpha1.Application
 
@@ -2073,339 +2063,6 @@ func TestSetApplicationSetStatusCondition(t *testing.T) {
 	assert.Len(t, appSet.Status.Conditions, 3)
 }
 
-func applicationsUpdateSyncPolicyTest(t *testing.T, applicationsSyncPolicy v1alpha1.ApplicationsSyncPolicy, recordBuffer int, allowPolicyOverride bool) v1alpha1.Application {
-
-	scheme := runtime.NewScheme()
-	err := v1alpha1.AddToScheme(scheme)
-	assert.Nil(t, err)
-	err = v1alpha1.AddToScheme(scheme)
-	assert.Nil(t, err)
-
-	defaultProject := v1alpha1.AppProject{
-		ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: "argocd"},
-		Spec:       v1alpha1.AppProjectSpec{SourceRepos: []string{"*"}, Destinations: []v1alpha1.ApplicationDestination{{Namespace: "*", Server: "https://good-cluster"}}},
-	}
-	appSet := v1alpha1.ApplicationSet{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "name",
-			Namespace: "argocd",
-		},
-		Spec: v1alpha1.ApplicationSetSpec{
-			Generators: []v1alpha1.ApplicationSetGenerator{
-				{
-					List: &v1alpha1.ListGenerator{
-						Elements: []apiextensionsv1.JSON{{
-							Raw: []byte(`{"cluster": "good-cluster","url": "https://good-cluster"}`),
-						}},
-					},
-				},
-			},
-			SyncPolicy: &v1alpha1.ApplicationSetSyncPolicy{
-				ApplicationsSync: &applicationsSyncPolicy,
-			},
-			Template: v1alpha1.ApplicationSetTemplate{
-				ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{
-					Name:      "{{cluster}}",
-					Namespace: "argocd",
-				},
-				Spec: v1alpha1.ApplicationSpec{
-					Source:      &v1alpha1.ApplicationSource{RepoURL: "https://github.com/argoproj/argocd-example-apps", Path: "guestbook"},
-					Project:     "default",
-					Destination: v1alpha1.ApplicationDestination{Server: "{{url}}"},
-				},
-			},
-		},
-	}
-
-	kubeclientset := kubefake.NewSimpleClientset()
-	argoDBMock := dbmocks.ArgoDB{}
-	argoObjs := []runtime.Object{&defaultProject}
-
-	client := fake.NewClientBuilder().WithScheme(scheme).WithObjects(&appSet).Build()
-	goodCluster := v1alpha1.Cluster{Server: "https://good-cluster", Name: "good-cluster"}
-	argoDBMock.On("GetCluster", mock.Anything, "https://good-cluster").Return(&goodCluster, nil)
-	argoDBMock.On("ListClusters", mock.Anything).Return(&v1alpha1.ClusterList{Items: []v1alpha1.Cluster{
-		goodCluster,
-	}}, nil)
-
-	r := ApplicationSetReconciler{
-		Client:   client,
-		Scheme:   scheme,
-		Renderer: &utils.Render{},
-		Recorder: record.NewFakeRecorder(recordBuffer),
-		Generators: map[string]generators.Generator{
-			"List": generators.NewListGenerator(),
-		},
-		ArgoDB:               &argoDBMock,
-		ArgoCDNamespace:      "argocd",
-		ArgoAppClientset:     appclientset.NewSimpleClientset(argoObjs...),
-		KubeClientset:        kubeclientset,
-		Policy:               v1alpha1.ApplicationsSyncPolicySync,
-		EnablePolicyOverride: allowPolicyOverride,
-	}
-
-	req := ctrl.Request{
-		NamespacedName: types.NamespacedName{
-			Namespace: "argocd",
-			Name:      "name",
-		},
-	}
-
-	// Verify that on validation error, no error is returned, but the object is requeued
-	resCreate, err := r.Reconcile(context.Background(), req)
-	assert.Nil(t, err)
-	assert.True(t, resCreate.RequeueAfter == 0)
-
-	var app v1alpha1.Application
-
-	// make sure good app got created
-	err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "good-cluster"}, &app)
-	assert.Nil(t, err)
-	assert.Equal(t, app.Name, "good-cluster")
-
-	// Update resource
-	var retrievedApplicationSet v1alpha1.ApplicationSet
-	err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "name"}, &retrievedApplicationSet)
-	assert.Nil(t, err)
-
-	retrievedApplicationSet.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"}
-	retrievedApplicationSet.Spec.Template.Labels = map[string]string{"argocd.argoproj.io/application-set-name": "name", "label-key": "label-value"}
-
-	retrievedApplicationSet.Spec.Template.Spec.Source.Helm = &v1alpha1.ApplicationSourceHelm{
-		Values: "global.test: test",
-	}
-
-	err = r.Client.Update(context.TODO(), &retrievedApplicationSet)
-	assert.Nil(t, err)
-
-	resUpdate, err := r.Reconcile(context.Background(), req)
-	assert.Nil(t, err)
-
-	err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "good-cluster"}, &app)
-	assert.Nil(t, err)
-	assert.True(t, resUpdate.RequeueAfter == 0)
-	assert.Equal(t, app.Name, "good-cluster")
-
-	return app
-}
-
-func TestUpdateNotPerformedWithSyncPolicyCreateOnly(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateOnly
-
-	app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 1, true)
-
-	assert.Nil(t, app.Spec.Source.Helm)
-	assert.Nil(t, app.ObjectMeta.Annotations)
-	assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name"}, app.ObjectMeta.Labels)
-}
-
-func TestUpdateNotPerformedWithSyncPolicyCreateDelete(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateDelete
-
-	app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 1, true)
-
-	assert.Nil(t, app.Spec.Source.Helm)
-	assert.Nil(t, app.ObjectMeta.Annotations)
-	assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name"}, app.ObjectMeta.Labels)
-}
-
-func TestUpdatePerformedWithSyncPolicyCreateUpdate(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateUpdate
-
-	app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 2, true)
-
-	assert.Equal(t, "global.test: test", app.Spec.Source.Helm.Values)
-	assert.Equal(t, map[string]string{"annotation-key": "annotation-value"}, app.ObjectMeta.Annotations)
-	assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name", "label-key": "label-value"}, app.ObjectMeta.Labels)
-}
-
-func TestUpdatePerformedWithSyncPolicySync(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicySync
-
-	app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 2, true)
-
-	assert.Equal(t, "global.test: test", app.Spec.Source.Helm.Values)
-	assert.Equal(t, map[string]string{"annotation-key": "annotation-value"}, app.ObjectMeta.Annotations)
-	assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name", "label-key": "label-value"}, app.ObjectMeta.Labels)
-}
-
-func TestUpdatePerformedWithSyncPolicyCreateOnlyAndAllowPolicyOverrideFalse(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateOnly
-
-	app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 2, false)
-
-	assert.Equal(t, "global.test: test", app.Spec.Source.Helm.Values)
-	assert.Equal(t, map[string]string{"annotation-key": "annotation-value"}, app.ObjectMeta.Annotations)
-	assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name", "label-key": "label-value"}, app.ObjectMeta.Labels)
-}
-
-func applicationsDeleteSyncPolicyTest(t *testing.T, applicationsSyncPolicy v1alpha1.ApplicationsSyncPolicy, recordBuffer int, allowPolicyOverride bool) v1alpha1.ApplicationList {
-
-	scheme := runtime.NewScheme()
-	err := v1alpha1.AddToScheme(scheme)
-	assert.Nil(t, err)
-	err = v1alpha1.AddToScheme(scheme)
-	assert.Nil(t, err)
-
-	defaultProject := v1alpha1.AppProject{
-		ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: "argocd"},
-		Spec:       v1alpha1.AppProjectSpec{SourceRepos: []string{"*"}, Destinations: []v1alpha1.ApplicationDestination{{Namespace: "*", Server: "https://good-cluster"}}},
-	}
-	appSet := v1alpha1.ApplicationSet{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "name",
-			Namespace: "argocd",
-		},
-		Spec: v1alpha1.ApplicationSetSpec{
-			Generators: []v1alpha1.ApplicationSetGenerator{
-				{
-					List: &v1alpha1.ListGenerator{
-						Elements: []apiextensionsv1.JSON{{
-							Raw: []byte(`{"cluster": "good-cluster","url": "https://good-cluster"}`),
-						}},
-					},
-				},
-			},
-			SyncPolicy: &v1alpha1.ApplicationSetSyncPolicy{
-				ApplicationsSync: &applicationsSyncPolicy,
-			},
-			Template: v1alpha1.ApplicationSetTemplate{
-				ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{
-					Name:      "{{cluster}}",
-					Namespace: "argocd",
-				},
-				Spec: v1alpha1.ApplicationSpec{
-					Source:      &v1alpha1.ApplicationSource{RepoURL: "https://github.com/argoproj/argocd-example-apps", Path: "guestbook"},
-					Project:     "default",
-					Destination: v1alpha1.ApplicationDestination{Server: "{{url}}"},
-				},
-			},
-		},
-	}
-
-	kubeclientset := kubefake.NewSimpleClientset()
-	argoDBMock := dbmocks.ArgoDB{}
-	argoObjs := []runtime.Object{&defaultProject}
-
-	client := fake.NewClientBuilder().WithScheme(scheme).WithObjects(&appSet).Build()
-	goodCluster := v1alpha1.Cluster{Server: "https://good-cluster", Name: "good-cluster"}
-	argoDBMock.On("GetCluster", mock.Anything, "https://good-cluster").Return(&goodCluster, nil)
-	argoDBMock.On("ListClusters", mock.Anything).Return(&v1alpha1.ClusterList{Items: []v1alpha1.Cluster{
-		goodCluster,
-	}}, nil)
-
-	r := ApplicationSetReconciler{
-		Client:   client,
-		Scheme:   scheme,
-		Renderer: &utils.Render{},
-		Recorder: record.NewFakeRecorder(recordBuffer),
-		Generators: map[string]generators.Generator{
-			"List": generators.NewListGenerator(),
-		},
-		ArgoDB:               &argoDBMock,
-		ArgoCDNamespace:      "argocd",
-		ArgoAppClientset:     appclientset.NewSimpleClientset(argoObjs...),
-		KubeClientset:        kubeclientset,
-		Policy:               v1alpha1.ApplicationsSyncPolicySync,
-		EnablePolicyOverride: allowPolicyOverride,
-	}
-
-	req := ctrl.Request{
-		NamespacedName: types.NamespacedName{
-			Namespace: "argocd",
-			Name:      "name",
-		},
-	}
-
-	// Verify that on validation error, no error is returned, but the object is requeued
-	resCreate, err := r.Reconcile(context.Background(), req)
-	assert.Nil(t, err)
-	assert.True(t, resCreate.RequeueAfter == 0)
-
-	var app v1alpha1.Application
-
-	// make sure good app got created
-	err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "good-cluster"}, &app)
-	assert.Nil(t, err)
-	assert.Equal(t, app.Name, "good-cluster")
-
-	// Update resource
-	var retrievedApplicationSet v1alpha1.ApplicationSet
-	err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "name"}, &retrievedApplicationSet)
-	assert.Nil(t, err)
-	retrievedApplicationSet.Spec.Generators = []v1alpha1.ApplicationSetGenerator{
-		{
-			List: &v1alpha1.ListGenerator{
-				Elements: []apiextensionsv1.JSON{},
-			},
-		},
-	}
-
-	err = r.Client.Update(context.TODO(), &retrievedApplicationSet)
-	assert.Nil(t, err)
-
-	resUpdate, err := r.Reconcile(context.Background(), req)
-	assert.Nil(t, err)
-
-	var apps v1alpha1.ApplicationList
-
-	err = r.Client.List(context.TODO(), &apps)
-	assert.Nil(t, err)
-	assert.True(t, resUpdate.RequeueAfter == 0)
-
-	return apps
-}
-
-func TestDeleteNotPerformedWithSyncPolicyCreateOnly(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateOnly
-
-	apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 1, true)
-
-	assert.Equal(t, "good-cluster", apps.Items[0].Name)
-}
-
-func TestDeleteNotPerformedWithSyncPolicyCreateUpdate(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateUpdate
-
-	apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 2, true)
-
-	assert.Equal(t, "good-cluster", apps.Items[0].Name)
-}
-
-func TestDeletePerformedWithSyncPolicyCreateDelete(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateDelete
-
-	apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 3, true)
-
-	assert.Equal(t, 0, len(apps.Items))
-}
-
-func TestDeletePerformedWithSyncPolicySync(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicySync
-
-	apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 3, true)
-
-	assert.Equal(t, 0, len(apps.Items))
-}
-
-func TestDeletePerformedWithSyncPolicyCreateOnlyAndAllowPolicyOverrideFalse(t *testing.T) {
-
-	applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateOnly
-
-	apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 3, false)
-
-	assert.Equal(t, 0, len(apps.Items))
-}
-
 // Test app generation from a go template application set using a pull request generator
 func TestGenerateAppsUsingPullRequestGenerator(t *testing.T) {
 	scheme := runtime.NewScheme()
@@ -2449,8 +2106,7 @@ func TestGenerateAppsUsingPullRequestGenerator(t *testing.T) {
 					ObjectMeta: metav1.ObjectMeta{
 						Name: "AppSet-branch1-1",
 						Labels: map[string]string{
-							"app1":                 "label1",
-							LabelKeyAppSetInstance: "",
+							"app1": "label1",
 						},
 					},
 					Spec: v1alpha1.ApplicationSpec{
@@ -2613,7 +2269,6 @@ func TestPolicies(t *testing.T) {
 					"List": generators.NewListGenerator(),
 				},
 				ArgoDB:           &argoDBMock,
-				ArgoCDNamespace:  "argocd",
 				ArgoAppClientset: appclientset.NewSimpleClientset(argoObjs...),
 				KubeClientset:    kubeclientset,
 				Policy:           policy,

applicationset/controllers/clustereventhandler.go

@@ -139,11 +139,7 @@ func nestedGeneratorHasClusterGenerator(nested argoprojiov1alpha1.ApplicationSet
 			return false, fmt.Errorf("unable to get nested matrix generator: %w", err)
 		}
 		if nestedMatrix != nil {
-			hasClusterGenerator, err := nestedGeneratorsHaveClusterGenerator(nestedMatrix.ToMatrixGenerator().Generators)
-			if err != nil {
-				return false, fmt.Errorf("error evaluating nested matrix generator: %w", err)
-			}
-			return hasClusterGenerator, nil
+			return nestedGeneratorsHaveClusterGenerator(nestedMatrix.ToMatrixGenerator().Generators)
 		}
 	}
 
@@ -153,11 +149,7 @@ func nestedGeneratorHasClusterGenerator(nested argoprojiov1alpha1.ApplicationSet
 			return false, fmt.Errorf("unable to get nested merge generator: %w", err)
 		}
 		if nestedMerge != nil {
-			hasClusterGenerator, err := nestedGeneratorsHaveClusterGenerator(nestedMerge.ToMergeGenerator().Generators)
-			if err != nil {
-				return false, fmt.Errorf("error evaluating nested merge generator: %w", err)
-			}
-			return hasClusterGenerator, nil
+			return nestedGeneratorsHaveClusterGenerator(nestedMerge.ToMergeGenerator().Generators)
 		}
 	}
 

applicationset/controllers/clustereventhandler_test.go

@@ -573,68 +573,3 @@ type mockAddRateLimitingInterface struct {
 	errorOccurred bool
 	addedItems    []ctrl.Request
 }
-
-func TestNestedGeneratorHasClusterGenerator_NestedClusterGenerator(t *testing.T) {
-	nested := argov1alpha1.ApplicationSetNestedGenerator{
-		Clusters: &argov1alpha1.ClusterGenerator{},
-	}
-
-	hasClusterGenerator, err := nestedGeneratorHasClusterGenerator(nested)
-
-	assert.Nil(t, err)
-	assert.True(t, hasClusterGenerator)
-}
-
-func TestNestedGeneratorHasClusterGenerator_NestedMergeGenerator(t *testing.T) {
-	nested := argov1alpha1.ApplicationSetNestedGenerator{
-		Merge: &apiextensionsv1.JSON{
-			Raw: []byte(
-				`{
-					"generators": [
-					  {
-						"clusters": {
-						  "selector": {
-							"matchLabels": {
-							  "argocd.argoproj.io/secret-type": "cluster"
-							}
-						  }
-						}
-					  }
-					]
-				  }`,
-			),
-		},
-	}
-
-	hasClusterGenerator, err := nestedGeneratorHasClusterGenerator(nested)
-
-	assert.Nil(t, err)
-	assert.True(t, hasClusterGenerator)
-}
-
-func TestNestedGeneratorHasClusterGenerator_NestedMergeGeneratorWithInvalidJSON(t *testing.T) {
-	nested := argov1alpha1.ApplicationSetNestedGenerator{
-		Merge: &apiextensionsv1.JSON{
-			Raw: []byte(
-				`{
-					"generators": [
-					  {
-						"clusters": {
-						  "selector": {
-							"matchLabels": {
-							  "argocd.argoproj.io/secret-type": "cluster"
-							}
-						  }
-						}
-					  }
-					]
-				  `,
-			),
-		},
-	}
-
-	hasClusterGenerator, err := nestedGeneratorHasClusterGenerator(nested)
-
-	assert.NotNil(t, err)
-	assert.False(t, hasClusterGenerator)
-}

applicationset/controllers/requeue_after_test.go

@@ -5,7 +5,10 @@ import (
 	"testing"
 	"time"
 
+	"github.com/argoproj/argo-cd/v2/applicationset/generators"
+	argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/mock"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -14,14 +17,10 @@ import (
 	kubefake "k8s.io/client-go/kubernetes/fake"
 	"k8s.io/client-go/tools/record"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
-
-	"github.com/argoproj/argo-cd/v2/applicationset/generators"
-	"github.com/argoproj/argo-cd/v2/applicationset/services/mocks"
-	argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 )
 
 func TestRequeueAfter(t *testing.T) {
-	mockServer := &mocks.Repos{}
+	mockServer := argoCDServiceMock{}
 	ctx := context.Background()
 	scheme := runtime.NewScheme()
 	err := argov1alpha1.AddToScheme(scheme)
@@ -60,9 +59,9 @@ func TestRequeueAfter(t *testing.T) {
 		"List":                    generators.NewListGenerator(),
 		"Clusters":                generators.NewClusterGenerator(k8sClient, ctx, appClientset, "argocd"),
 		"Git":                     generators.NewGitGenerator(mockServer),
-		"SCMProvider":             generators.NewSCMProviderGenerator(fake.NewClientBuilder().WithObjects(&corev1.Secret{}).Build(), generators.SCMAuthProviders{}, "", []string{""}),
+		"SCMProvider":             generators.NewSCMProviderGenerator(fake.NewClientBuilder().WithObjects(&corev1.Secret{}).Build(), generators.SCMAuthProviders{}),
 		"ClusterDecisionResource": generators.NewDuckTypeGenerator(ctx, fakeDynClient, appClientset, "argocd"),
-		"PullRequest":             generators.NewPullRequestGenerator(k8sClient, generators.SCMAuthProviders{}, "", []string{""}),
+		"PullRequest":             generators.NewPullRequestGenerator(k8sClient, generators.SCMAuthProviders{}),
 	}
 
 	nestedGenerators := map[string]generators.Generator{
@@ -151,3 +150,30 @@ func TestRequeueAfter(t *testing.T) {
 		})
 	}
 }
+
+type argoCDServiceMock struct {
+	mock *mock.Mock
+}
+
+func (a argoCDServiceMock) GetApps(ctx context.Context, repoURL string, revision string) ([]string, error) {
+	args := a.mock.Called(ctx, repoURL, revision)
+
+	return args.Get(0).([]string), args.Error(1)
+}
+
+func (a argoCDServiceMock) GetFiles(ctx context.Context, repoURL string, revision string, pattern string) (map[string][]byte, error) {
+	args := a.mock.Called(ctx, repoURL, revision, pattern)
+
+	return args.Get(0).(map[string][]byte), args.Error(1)
+}
+
+func (a argoCDServiceMock) GetFileContent(ctx context.Context, repoURL string, revision string, path string) ([]byte, error) {
+	args := a.mock.Called(ctx, repoURL, revision, path)
+
+	return args.Get(0).([]byte), args.Error(1)
+}
+
+func (a argoCDServiceMock) GetDirectories(ctx context.Context, repoURL string, revision string) ([]string, error) {
+	args := a.mock.Called(ctx, repoURL, revision)
+	return args.Get(0).([]string), args.Error(1)
+}

applicationset/examples/applications-sync-policies/create-only.yaml

@@ -1,35 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: ApplicationSet
-metadata:
-  name: guestbook
-spec:
-  goTemplate: true
-  generators:
-  - list:
-      elements:
-      - cluster: engineering-dev
-        url: https://kubernetes.default.svc
-        foo: bar
-      # Update foo value with foo: bar
-      # Application engineering-prod-guestbook labels will still be baz
-      # Delete this element
-      # Application engineering-prod-guestbook will be kept
-      - cluster: engineering-prod
-        url: https://kubernetes.default.svc
-        foo: baz
-  template:
-    metadata:
-      name: '{{.cluster}}-guestbook'
-      labels:
-        foo: '{{.foo}}'
-    spec:
-      project: default
-      source:
-        repoURL: https://github.com/argoproj/argo-cd.git
-        targetRevision: HEAD
-        path: applicationset/examples/list-generator/guestbook/{{.cluster}}
-      destination:
-        server: '{{.url}}'
-        namespace: guestbook
-  syncPolicy:
-    applicationsSync: create-only

applicationset/examples/applications-sync-policies/create-update.yaml

@@ -1,35 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: ApplicationSet
-metadata:
-  name: guestbook
-spec:
-  goTemplate: true
-  generators:
-  - list:
-      elements:
-      - cluster: engineering-dev
-        url: https://kubernetes.default.svc
-        foo: bar
-      # Update foo value with foo: bar
-      # Application engineering-prod-guestbook labels will change to foo: bar
-      # Delete this element
-      # Application engineering-prod-guestbook will be kept
-      - cluster: engineering-prod
-        url: https://kubernetes.default.svc
-        foo: baz
-  template:
-    metadata:
-      name: '{{.cluster}}-guestbook'
-      labels:
-        foo: '{{.foo}}'
-    spec:
-      project: default
-      source:
-        repoURL: https://github.com/argoproj/argo-cd.git
-        targetRevision: HEAD
-        path: applicationset/examples/list-generator/guestbook/{{.cluster}}
-      destination:
-        server: '{{.url}}'
-        namespace: guestbook
-  syncPolicy:
-    applicationsSync: create-update

applicationset/examples/applications-sync-policies/guestbook/engineering-dev/guestbook-ui-deployment.yaml

@@ -1,20 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: guestbook-ui
-spec:
-  replicas: 1
-  revisionHistoryLimit: 3
-  selector:
-    matchLabels:
-      app: guestbook-ui
-  template:
-    metadata:
-      labels:
-        app: guestbook-ui
-    spec:
-      containers:
-      - image: gcr.io/heptio-images/ks-guestbook-demo:0.2
-        name: guestbook-ui
-        ports:
-        - containerPort: 80

applicationset/examples/applications-sync-policies/guestbook/engineering-dev/guestbook-ui-svc.yaml

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: guestbook-ui
-spec:
-  ports:
-  - port: 80
-    targetPort: 80
-  selector:
-    app: guestbook-ui

applicationset/examples/applications-sync-policies/guestbook/engineering-prod/guestbook-ui-deployment.yaml

@@ -1,20 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: guestbook-ui
-spec:
-  replicas: 1
-  revisionHistoryLimit: 3
-  selector:
-    matchLabels:
-      app: guestbook-ui
-  template:
-    metadata:
-      labels:
-        app: guestbook-ui
-    spec:
-      containers:
-      - image: gcr.io/heptio-images/ks-guestbook-demo:0.2
-        name: guestbook-ui
-        ports:
-        - containerPort: 80

applicationset/examples/applications-sync-policies/guestbook/engineering-prod/guestbook-ui-svc.yaml

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: guestbook-ui
-spec:
-  ports:
-  - port: 80
-    targetPort: 80
-  selector:
-    app: guestbook-ui

applicationset/examples/cluster/cluster-example.yaml

@@ -4,7 +4,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - clusters: {}
   template:

applicationset/examples/clusterDecisionResource/ducktype-example.yaml

@@ -4,7 +4,6 @@ metadata:
   name: book-import
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
     - clusterDecisionResource:
         configMapRef: ocm-placement

applicationset/examples/design-doc/applicationset.yaml

@@ -8,7 +8,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - clusters: {}
   template:

applicationset/examples/design-doc/git-directory-discovery.yaml

@@ -27,7 +27,6 @@ metadata:
   name: cluster-addons
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - git:
       repoURL: https://github.com/infra-team/cluster-deployments.git

applicationset/examples/design-doc/git-files-discovery.yaml

@@ -38,7 +38,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - git:
       repoURL: https://github.com/infra-team/cluster-deployments.git

applicationset/examples/design-doc/git-files-literal.yaml

@@ -51,7 +51,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - git:
       repoURL: https://github.com/infra-team/cluster-deployments.git

applicationset/examples/design-doc/list.yaml

@@ -5,7 +5,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - list:
       elements:

applicationset/examples/design-doc/template-override.yaml

@@ -8,7 +8,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - list:
       elements:

applicationset/examples/git-generator-directory/excludes/git-directories-exclude-example.yaml

@@ -5,7 +5,6 @@ metadata:
   namespace: argocd
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - git:
       repoURL: https://github.com/argoproj/argo-cd.git

applicationset/examples/git-generator-directory/git-directories-example.yaml

@@ -5,7 +5,6 @@ metadata:
   namespace: argocd
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - git:
       repoURL: https://github.com/argoproj/argo-cd.git

applicationset/examples/git-generator-files-discovery/git-generator-files.yaml

@@ -4,7 +4,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
     - git:
         repoURL: https://github.com/argoproj/argo-cd.git

applicationset/examples/list-generator/list-example.yaml

@@ -4,7 +4,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - list:
       elements:

applicationset/examples/matrix/cluster-and-git.yaml

@@ -8,7 +8,6 @@ metadata:
   name: cluster-git
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - matrix:
       generators:

applicationset/examples/matrix/list-and-git.yaml

@@ -8,7 +8,6 @@ metadata:
   name: list-git
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - matrix:
       generators:

applicationset/examples/matrix/list-and-list.yaml

@@ -5,7 +5,6 @@ metadata:
   namespace: argocd
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
     - matrix:
         generators:

applicationset/examples/matrix/matrix-and-union-in-matrix.yaml

@@ -13,7 +13,6 @@ metadata:
   name: matrix-and-union-in-matrix
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
     - matrix:
         generators:

applicationset/examples/merge/merge-clusters-and-list.yaml

@@ -4,7 +4,6 @@ metadata:
   name: merge-clusters-and-list
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
     - merge:
         mergeKeys:

applicationset/examples/merge/merge-two-matrixes.yaml

@@ -4,7 +4,6 @@ metadata:
   name: merge-two-matrixes
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
     - merge:
         mergeKeys:

applicationset/examples/pull-request-generator/pull-request-example.yaml

@@ -4,7 +4,6 @@ metadata:
   name: myapp
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - pullRequest:
       github:

applicationset/examples/scm-provider-generator/scm-provider-example.yaml

@@ -4,7 +4,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - scmProvider:
       github:

applicationset/examples/template-override/template-overrides-example.yaml

@@ -8,7 +8,6 @@ metadata:
   name: guestbook
 spec:
   goTemplate: true
-  goTemplateOptions: ["missingkey=error"]
   generators:
   - list:
       elements:

applicationset/generators/cluster.go

@@ -61,7 +61,8 @@ func (g *ClusterGenerator) GetTemplate(appSetGenerator *argoappsetv1alpha1.Appli
 	return &appSetGenerator.Clusters.Template
 }
 
-func (g *ClusterGenerator) GenerateParams(appSetGenerator *argoappsetv1alpha1.ApplicationSetGenerator, appSet *argoappsetv1alpha1.ApplicationSet) ([]map[string]interface{}, error) {
+func (g *ClusterGenerator) GenerateParams(
+	appSetGenerator *argoappsetv1alpha1.ApplicationSetGenerator, appSet *argoappsetv1alpha1.ApplicationSet) ([]map[string]interface{}, error) {
 
 	if appSetGenerator == nil {
 		return nil, EmptyAppSetGeneratorError
@@ -108,7 +109,7 @@ func (g *ClusterGenerator) GenerateParams(appSetGenerator *argoappsetv1alpha1.Ap
 			params["nameNormalized"] = cluster.Name
 			params["server"] = cluster.Server
 
-			err = appendTemplatedValues(appSetGenerator.Clusters.Values, params, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions)
+			err = appendTemplatedValues(appSetGenerator.Clusters.Values, params, appSet)
 			if err != nil {
 				return nil, err
 			}
@@ -148,7 +149,7 @@ func (g *ClusterGenerator) GenerateParams(appSetGenerator *argoappsetv1alpha1.Ap
 			}
 		}
 
-		err = appendTemplatedValues(appSetGenerator.Clusters.Values, params, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions)
+		err = appendTemplatedValues(appSetGenerator.Clusters.Values, params, appSet)
 		if err != nil {
 			return nil, err
 		}
@@ -161,6 +162,44 @@ func (g *ClusterGenerator) GenerateParams(appSetGenerator *argoappsetv1alpha1.Ap
 	return res, nil
 }
 
+func appendTemplatedValues(clusterValues map[string]string, params map[string]interface{}, appSet *argoappsetv1alpha1.ApplicationSet) error {
+	// We create a local map to ensure that we do not fall victim to a billion-laughs attack. We iterate through the
+	// cluster values map and only replace values in said map if it has already been whitelisted in the params map.
+	// Once we iterate through all the cluster values we can then safely merge the `tmp` map into the main params map.
+	tmp := map[string]interface{}{}
+
+	for key, value := range clusterValues {
+		result, err := replaceTemplatedString(value, params, appSet)
+
+		if err != nil {
+			return fmt.Errorf("error replacing templated String: %w", err)
+		}
+
+		if appSet.Spec.GoTemplate {
+			if tmp["values"] == nil {
+				tmp["values"] = map[string]string{}
+			}
+			tmp["values"].(map[string]string)[key] = result
+		} else {
+			tmp[fmt.Sprintf("values.%s", key)] = result
+		}
+	}
+
+	for key, value := range tmp {
+		params[key] = value
+	}
+
+	return nil
+}
+
+func replaceTemplatedString(value string, params map[string]interface{}, appSet *argoappsetv1alpha1.ApplicationSet) (string, error) {
+	replacedTmplStr, err := render.Replace(value, params, appSet.Spec.GoTemplate)
+	if err != nil {
+		return "", err
+	}
+	return replacedTmplStr, nil
+}
+
 func (g *ClusterGenerator) getSecretsByClusterName(appSetGenerator *argoappsetv1alpha1.ApplicationSetGenerator) (map[string]corev1.Secret, error) {
 	// List all Clusters:
 	clusterSecretList := &corev1.SecretList{}

applicationset/generators/duck_type_test.go

@@ -3,7 +3,6 @@ package generators
 import (
 	"context"
 	"fmt"
-	"testing"
 
 	"github.com/stretchr/testify/assert"
 	corev1 "k8s.io/api/core/v1"
@@ -16,6 +15,8 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+
+	"testing"
 )
 
 const resourceApiVersion = "mallard.io/v1"

applicationset/generators/generator_spec_processor.go

@@ -4,9 +4,8 @@ import (
 	"fmt"
 	"reflect"
 
-	"github.com/jeremywohl/flatten"
-
 	"github.com/argoproj/argo-cd/v2/applicationset/utils"
+	"github.com/jeremywohl/flatten"
 
 	"k8s.io/apimachinery/pkg/labels"
 
@@ -53,7 +52,7 @@ func Transform(requestedGenerator argoprojiov1alpha1.ApplicationSetGenerator, al
 		}
 		var params []map[string]interface{}
 		if len(genParams) != 0 {
-			tempInterpolatedGenerator, err := InterpolateGenerator(&requestedGenerator, genParams, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions)
+			tempInterpolatedGenerator, err := InterpolateGenerator(&requestedGenerator, genParams, appSet.Spec.GoTemplate)
 			interpolatedGenerator = &tempInterpolatedGenerator
 			if err != nil {
 				log.WithError(err).WithField("genParams", genParams).
@@ -148,9 +147,9 @@ func mergeGeneratorTemplate(g Generator, requestedGenerator *argoprojiov1alpha1.
 
 // InterpolateGenerator allows interpolating the matrix's 2nd child generator with values from the 1st child generator
 // "params" parameter is an array, where each index corresponds to a generator. Each index contains a map w/ that generator's parameters.
-func InterpolateGenerator(requestedGenerator *argoprojiov1alpha1.ApplicationSetGenerator, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (argoprojiov1alpha1.ApplicationSetGenerator, error) {
+func InterpolateGenerator(requestedGenerator *argoprojiov1alpha1.ApplicationSetGenerator, params map[string]interface{}, useGoTemplate bool) (argoprojiov1alpha1.ApplicationSetGenerator, error) {
 	render := utils.Render{}
-	interpolatedGenerator, err := render.RenderGeneratorParams(requestedGenerator, params, useGoTemplate, goTemplateOptions)
+	interpolatedGenerator, err := render.RenderGeneratorParams(requestedGenerator, params, useGoTemplate)
 	if err != nil {
 		log.WithError(err).WithField("interpolatedGenerator", interpolatedGenerator).Error("error interpolating generator with other generator's parameter")
 		return *interpolatedGenerator, err
@@ -158,16 +157,3 @@ func InterpolateGenerator(requestedGenerator *argoprojiov1alpha1.ApplicationSetG
 
 	return *interpolatedGenerator, nil
 }
-
-// Fixes https://github.com/argoproj/argo-cd/issues/11982 while ensuring backwards compatibility.
-// This is only a short-term solution and should be removed in a future major version.
-func dropDisabledNestedSelectors(generators []argoprojiov1alpha1.ApplicationSetNestedGenerator) bool {
-	var foundSelector bool
-	for i := range generators {
-		if generators[i].Selector != nil {
-			foundSelector = true
-			generators[i].Selector = nil
-		}
-	}
-	return foundSelector
-}

applicationset/generators/generator_spec_processor_test.go

@@ -10,8 +10,7 @@ import (
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	"github.com/argoproj/argo-cd/v2/applicationset/services/mocks"
-
+	testutils "github.com/argoproj/argo-cd/v2/applicationset/utils/test"
 	argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 
 	"github.com/stretchr/testify/mock"
@@ -20,6 +19,8 @@ import (
 	kubefake "k8s.io/client-go/kubernetes/fake"
 	crtclient "sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
+
+	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 )
 
 func TestMatchValues(t *testing.T) {
@@ -70,18 +71,18 @@ func TestMatchValues(t *testing.T) {
 				"List": listGenerator,
 			}
 
-			applicationSetInfo := argov1alpha1.ApplicationSet{
+			applicationSetInfo := argoprojiov1alpha1.ApplicationSet{
 				ObjectMeta: metav1.ObjectMeta{
 					Name: "set",
 				},
-				Spec: argov1alpha1.ApplicationSetSpec{
+				Spec: argoprojiov1alpha1.ApplicationSetSpec{
 					GoTemplate: false,
 				},
 			}
 
-			results, err := Transform(argov1alpha1.ApplicationSetGenerator{
+			results, err := Transform(argoprojiov1alpha1.ApplicationSetGenerator{
 				Selector: testCase.selector,
-				List: &argov1alpha1.ListGenerator{
+				List: &argoprojiov1alpha1.ListGenerator{
 					Elements: testCase.elements,
 					Template: emptyTemplate(),
 				}},
@@ -171,7 +172,6 @@ func TestMatchValuesGoTemplate(t *testing.T) {
 				data,
 				emptyTemplate(),
 				&applicationSetInfo, nil)
-
 			assert.NoError(t, err)
 			assert.ElementsMatch(t, testCase.expected, results[0].Params)
 		})
@@ -341,9 +341,9 @@ func getMockClusterGenerator() Generator {
 }
 
 func getMockGitGenerator() Generator {
-	argoCDServiceMock := mocks.Repos{}
-	argoCDServiceMock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return([]string{"app1", "app2", "app_3", "p1/app4"}, nil)
-	var gitGenerator = NewGitGenerator(&argoCDServiceMock)
+	argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}}
+	argoCDServiceMock.Mock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return([]string{"app1", "app2", "app_3", "p1/app4"}, nil)
+	var gitGenerator = NewGitGenerator(argoCDServiceMock)
 	return gitGenerator
 }
 
@@ -358,8 +358,8 @@ func TestGetRelevantGenerators(t *testing.T) {
 	testGenerators["Merge"] = NewMergeGenerator(testGenerators)
 	testGenerators["List"] = NewListGenerator()
 
-	requestedGenerator := &argov1alpha1.ApplicationSetGenerator{
-		List: &argov1alpha1.ListGenerator{
+	requestedGenerator := &argoprojiov1alpha1.ApplicationSetGenerator{
+		List: &argoprojiov1alpha1.ListGenerator{
 			Elements: []apiextensionsv1.JSON{{Raw: []byte(`{"cluster": "cluster","url": "url","values":{"foo":"bar"}}`)}},
 		}}
 
@@ -367,10 +367,10 @@ func TestGetRelevantGenerators(t *testing.T) {
 	assert.Len(t, relevantGenerators, 1)
 	assert.IsType(t, &ListGenerator{}, relevantGenerators[0])
 
-	requestedGenerator = &argov1alpha1.ApplicationSetGenerator{
-		Clusters: &argov1alpha1.ClusterGenerator{
+	requestedGenerator = &argoprojiov1alpha1.ApplicationSetGenerator{
+		Clusters: &argoprojiov1alpha1.ClusterGenerator{
 			Selector: metav1.LabelSelector{},
-			Template: argov1alpha1.ApplicationSetTemplate{},
+			Template: argoprojiov1alpha1.ApplicationSetTemplate{},
 			Values:   nil,
 		},
 	}
@@ -379,14 +379,14 @@ func TestGetRelevantGenerators(t *testing.T) {
 	assert.Len(t, relevantGenerators, 1)
 	assert.IsType(t, &ClusterGenerator{}, relevantGenerators[0])
 
-	requestedGenerator = &argov1alpha1.ApplicationSetGenerator{
-		Git: &argov1alpha1.GitGenerator{
+	requestedGenerator = &argoprojiov1alpha1.ApplicationSetGenerator{
+		Git: &argoprojiov1alpha1.GitGenerator{
 			RepoURL:             "",
 			Directories:         nil,
 			Files:               nil,
 			Revision:            "",
 			RequeueAfterSeconds: nil,
-			Template:            argov1alpha1.ApplicationSetTemplate{},
+			Template:            argoprojiov1alpha1.ApplicationSetTemplate{},
 		},
 	}
 
@@ -396,8 +396,8 @@ func TestGetRelevantGenerators(t *testing.T) {
 }
 
 func TestInterpolateGenerator(t *testing.T) {
-	requestedGenerator := &argov1alpha1.ApplicationSetGenerator{
-		Clusters: &argov1alpha1.ClusterGenerator{
+	requestedGenerator := &argoprojiov1alpha1.ApplicationSetGenerator{
+		Clusters: &argoprojiov1alpha1.ClusterGenerator{
 			Selector: metav1.LabelSelector{
 				MatchLabels: map[string]string{
 					"argocd.argoproj.io/secret-type": "cluster",
@@ -414,7 +414,7 @@ func TestInterpolateGenerator(t *testing.T) {
 		"path[1]":                 "p2",
 		"path.basenameNormalized": "app3",
 	}
-	interpolatedGenerator, err := InterpolateGenerator(requestedGenerator, gitGeneratorParams, false, nil)
+	interpolatedGenerator, err := InterpolateGenerator(requestedGenerator, gitGeneratorParams, false)
 	if err != nil {
 		log.WithError(err).WithField("requestedGenerator", requestedGenerator).Error("error interpolating Generator")
 		return
@@ -423,23 +423,23 @@ func TestInterpolateGenerator(t *testing.T) {
 	assert.Equal(t, "p1", interpolatedGenerator.Clusters.Selector.MatchLabels["path-zero"])
 	assert.Equal(t, "p1/p2/app3", interpolatedGenerator.Clusters.Selector.MatchLabels["path-full"])
 
-	fileNamePath := argov1alpha1.GitFileGeneratorItem{
+	fileNamePath := argoprojiov1alpha1.GitFileGeneratorItem{
 		Path: "{{name}}",
 	}
-	fileServerPath := argov1alpha1.GitFileGeneratorItem{
+	fileServerPath := argoprojiov1alpha1.GitFileGeneratorItem{
 		Path: "{{server}}",
 	}
 
-	requestedGenerator = &argov1alpha1.ApplicationSetGenerator{
-		Git: &argov1alpha1.GitGenerator{
-			Files:    append([]argov1alpha1.GitFileGeneratorItem{}, fileNamePath, fileServerPath),
-			Template: argov1alpha1.ApplicationSetTemplate{},
+	requestedGenerator = &argoprojiov1alpha1.ApplicationSetGenerator{
+		Git: &argoprojiov1alpha1.GitGenerator{
+			Files:    append([]argoprojiov1alpha1.GitFileGeneratorItem{}, fileNamePath, fileServerPath),
+			Template: argoprojiov1alpha1.ApplicationSetTemplate{},
 		},
 	}
 	clusterGeneratorParams := map[string]interface{}{
 		"name": "production_01/west", "server": "https://production-01.example.com",
 	}
-	interpolatedGenerator, err = InterpolateGenerator(requestedGenerator, clusterGeneratorParams, false, nil)
+	interpolatedGenerator, err = InterpolateGenerator(requestedGenerator, clusterGeneratorParams, false)
 	if err != nil {
 		log.WithError(err).WithField("requestedGenerator", requestedGenerator).Error("error interpolating Generator")
 		return
@@ -449,8 +449,8 @@ func TestInterpolateGenerator(t *testing.T) {
 }
 
 func TestInterpolateGenerator_go(t *testing.T) {
-	requestedGenerator := &argov1alpha1.ApplicationSetGenerator{
-		Clusters: &argov1alpha1.ClusterGenerator{
+	requestedGenerator := &argoprojiov1alpha1.ApplicationSetGenerator{
+		Clusters: &argoprojiov1alpha1.ClusterGenerator{
 			Selector: metav1.LabelSelector{
 				MatchLabels: map[string]string{
 					"argocd.argoproj.io/secret-type": "cluster",
@@ -467,7 +467,7 @@ func TestInterpolateGenerator_go(t *testing.T) {
 			"segments": []string{"p1", "p2", "app3"},
 		},
 	}
-	interpolatedGenerator, err := InterpolateGenerator(requestedGenerator, gitGeneratorParams, true, nil)
+	interpolatedGenerator, err := InterpolateGenerator(requestedGenerator, gitGeneratorParams, true)
 	require.NoError(t, err)
 	if err != nil {
 		log.WithError(err).WithField("requestedGenerator", requestedGenerator).Error("error interpolating Generator")
@@ -477,23 +477,23 @@ func TestInterpolateGenerator_go(t *testing.T) {
 	assert.Equal(t, "p1", interpolatedGenerator.Clusters.Selector.MatchLabels["path-zero"])
 	assert.Equal(t, "p1/p2/app3", interpolatedGenerator.Clusters.Selector.MatchLabels["path-full"])
 
-	fileNamePath := argov1alpha1.GitFileGeneratorItem{
+	fileNamePath := argoprojiov1alpha1.GitFileGeneratorItem{
 		Path: "{{.name}}",
 	}
-	fileServerPath := argov1alpha1.GitFileGeneratorItem{
+	fileServerPath := argoprojiov1alpha1.GitFileGeneratorItem{
 		Path: "{{.server}}",
 	}
 
-	requestedGenerator = &argov1alpha1.ApplicationSetGenerator{
-		Git: &argov1alpha1.GitGenerator{
-			Files:    append([]argov1alpha1.GitFileGeneratorItem{}, fileNamePath, fileServerPath),
-			Template: argov1alpha1.ApplicationSetTemplate{},
+	requestedGenerator = &argoprojiov1alpha1.ApplicationSetGenerator{
+		Git: &argoprojiov1alpha1.GitGenerator{
+			Files:    append([]argoprojiov1alpha1.GitFileGeneratorItem{}, fileNamePath, fileServerPath),
+			Template: argoprojiov1alpha1.ApplicationSetTemplate{},
 		},
 	}
 	clusterGeneratorParams := map[string]interface{}{
 		"name": "production_01/west", "server": "https://production-01.example.com",
 	}
-	interpolatedGenerator, err = InterpolateGenerator(requestedGenerator, clusterGeneratorParams, true, nil)
+	interpolatedGenerator, err = InterpolateGenerator(requestedGenerator, clusterGeneratorParams, true)
 	if err != nil {
 		log.WithError(err).WithField("requestedGenerator", requestedGenerator).Error("error interpolating Generator")
 		return

applicationset/generators/git.go

@@ -59,9 +59,9 @@ func (g *GitGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.Applic
 	var err error
 	var res []map[string]interface{}
 	if len(appSetGenerator.Git.Directories) != 0 {
-		res, err = g.generateParamsForGitDirectories(appSetGenerator, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions)
+		res, err = g.generateParamsForGitDirectories(appSetGenerator, appSet.Spec.GoTemplate)
 	} else if len(appSetGenerator.Git.Files) != 0 {
-		res, err = g.generateParamsForGitFiles(appSetGenerator, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions)
+		res, err = g.generateParamsForGitFiles(appSetGenerator, appSet.Spec.GoTemplate)
 	} else {
 		return nil, EmptyAppSetGeneratorError
 	}
@@ -72,7 +72,7 @@ func (g *GitGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.Applic
 	return res, nil
 }
 
-func (g *GitGenerator) generateParamsForGitDirectories(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool, goTemplateOptions []string) ([]map[string]interface{}, error) {
+func (g *GitGenerator) generateParamsForGitDirectories(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool) ([]map[string]interface{}, error) {
 
 	// Directories, not files
 	allPaths, err := g.repos.GetDirectories(context.TODO(), appSetGenerator.Git.RepoURL, appSetGenerator.Git.Revision)
@@ -90,15 +90,12 @@ func (g *GitGenerator) generateParamsForGitDirectories(appSetGenerator *argoproj
 
 	requestedApps := g.filterApps(appSetGenerator.Git.Directories, allPaths)
 
-	res, err := g.generateParamsFromApps(requestedApps, appSetGenerator, useGoTemplate, goTemplateOptions)
-	if err != nil {
-		return nil, fmt.Errorf("failed to generate params from apps: %w", err)
-	}
+	res := g.generateParamsFromApps(requestedApps, appSetGenerator, useGoTemplate)
 
 	return res, nil
 }
 
-func (g *GitGenerator) generateParamsForGitFiles(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool, goTemplateOptions []string) ([]map[string]interface{}, error) {
+func (g *GitGenerator) generateParamsForGitFiles(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool) ([]map[string]interface{}, error) {
 
 	// Get all files that match the requested path string, removing duplicates
 	allFiles := make(map[string][]byte)
@@ -125,7 +122,7 @@ func (g *GitGenerator) generateParamsForGitFiles(appSetGenerator *argoprojiov1al
 	for _, path := range allPaths {
 
 		// A JSON / YAML file path can contain multiple sets of parameters (ie it is an array)
-		paramsArray, err := g.generateParamsFromGitFile(path, allFiles[path], appSetGenerator.Git.Values, useGoTemplate, goTemplateOptions, appSetGenerator.Git.PathParamPrefix)
+		paramsArray, err := g.generateParamsFromGitFile(path, allFiles[path], useGoTemplate, appSetGenerator.Git.PathParamPrefix)
 		if err != nil {
 			return nil, fmt.Errorf("unable to process file '%s': %v", path, err)
 		}
@@ -135,7 +132,7 @@ func (g *GitGenerator) generateParamsForGitFiles(appSetGenerator *argoprojiov1al
 	return res, nil
 }
 
-func (g *GitGenerator) generateParamsFromGitFile(filePath string, fileContent []byte, values map[string]string, useGoTemplate bool, goTemplateOptions []string, pathParamPrefix string) ([]map[string]interface{}, error) {
+func (g *GitGenerator) generateParamsFromGitFile(filePath string, fileContent []byte, useGoTemplate bool, pathParamPrefix string) ([]map[string]interface{}, error) {
 	objectsFound := []map[string]interface{}{}
 
 	// First, we attempt to parse as an array
@@ -198,11 +195,6 @@ func (g *GitGenerator) generateParamsFromGitFile(filePath string, fileContent []
 			}
 		}
 
-		err := appendTemplatedValues(values, params, useGoTemplate, goTemplateOptions)
-		if err != nil {
-			return nil, fmt.Errorf("failed to append templated values: %w", err)
-		}
-
 		res = append(res, params)
 	}
 
@@ -237,7 +229,7 @@ func (g *GitGenerator) filterApps(Directories []argoprojiov1alpha1.GitDirectoryG
 	return res
 }
 
-func (g *GitGenerator) generateParamsFromApps(requestedApps []string, appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool, goTemplateOptions []string) ([]map[string]interface{}, error) {
+func (g *GitGenerator) generateParamsFromApps(requestedApps []string, appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool) []map[string]interface{} {
 	res := make([]map[string]interface{}, len(requestedApps))
 	for i, a := range requestedApps {
 
@@ -269,13 +261,8 @@ func (g *GitGenerator) generateParamsFromApps(requestedApps []string, appSetGene
 			}
 		}
 
-		err := appendTemplatedValues(appSetGenerator.Git.Values, params, useGoTemplate, goTemplateOptions)
-		if err != nil {
-			return nil, fmt.Errorf("failed to append templated values: %w", err)
-		}
-
 		res[i] = params
 	}
 
-	return res, nil
+	return res
 }

applicationset/generators/git_test.go

@@ -8,17 +8,23 @@ import (
 	"github.com/stretchr/testify/mock"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	"github.com/argoproj/argo-cd/v2/applicationset/services/mocks"
-
+	testutils "github.com/argoproj/argo-cd/v2/applicationset/utils/test"
 	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 )
 
+// type clientSet struct {
+// 	RepoServerServiceClient apiclient.RepoServerServiceClient
+// }
+
+// func (c *clientSet) NewRepoServerClient() (io.Closer, apiclient.RepoServerServiceClient, error) {
+// 	return io.NewCloser(func() error { return nil }), c.RepoServerServiceClient, nil
+// }
+
 func Test_generateParamsFromGitFile(t *testing.T) {
-	values := map[string]string{}
 	params, err := (*GitGenerator)(nil).generateParamsFromGitFile("path/dir/file_name.yaml", []byte(`
 foo:
   bar: baz
-`), values, false, nil, "")
+`), false, "")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -37,11 +43,10 @@ foo:
 }
 
 func Test_generatePrefixedParamsFromGitFile(t *testing.T) {
-	values := map[string]string{}
 	params, err := (*GitGenerator)(nil).generateParamsFromGitFile("path/dir/file_name.yaml", []byte(`
 foo:
   bar: baz
-`), values, false, nil, "myRepo")
+`), false, "myRepo")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -60,11 +65,10 @@ foo:
 }
 
 func Test_generateParamsFromGitFileGoTemplate(t *testing.T) {
-	values := map[string]string{}
 	params, err := (*GitGenerator)(nil).generateParamsFromGitFile("path/dir/file_name.yaml", []byte(`
 foo:
   bar: baz
-`), values, true, nil, "")
+`), true, "")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -89,11 +93,10 @@ foo:
 }
 
 func Test_generatePrefixedParamsFromGitFileGoTemplate(t *testing.T) {
-	values := map[string]string{}
 	params, err := (*GitGenerator)(nil).generateParamsFromGitFile("path/dir/file_name.yaml", []byte(`
 foo:
   bar: baz
-`), values, true, nil, "myRepo")
+`), true, "myRepo")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -127,7 +130,6 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) {
 		pathParamPrefix string
 		repoApps        []string
 		repoError       error
-		values          map[string]string
 		expected        []map[string]interface{}
 		expectedError   error
 	}{
@@ -218,25 +220,6 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) {
 			},
 			expectedError: nil,
 		},
-		{
-			name:        "Value variable interpolation",
-			directories: []argoprojiov1alpha1.GitDirectoryGeneratorItem{{Path: "*"}, {Path: "*/*"}},
-			repoApps: []string{
-				"app1",
-				"p1/app2",
-			},
-			repoError: nil,
-			values: map[string]string{
-				"foo":   "bar",
-				"aaa":   "{{ path[0] }}",
-				"no-op": "{{ this-does-not-exist }}",
-			},
-			expected: []map[string]interface{}{
-				{"values.foo": "bar", "values.no-op": "{{ this-does-not-exist }}", "values.aaa": "app1", "path": "app1", "path.basename": "app1", "path[0]": "app1", "path.basenameNormalized": "app1"},
-				{"values.foo": "bar", "values.no-op": "{{ this-does-not-exist }}", "values.aaa": "p1", "path": "p1/app2", "path.basename": "app2", "path[0]": "p1", "path[1]": "app2", "path.basenameNormalized": "app2"},
-			},
-			expectedError: nil,
-		},
 		{
 			name:          "handles empty response from repo server",
 			directories:   []argoprojiov1alpha1.GitDirectoryGeneratorItem{{Path: "*"}},
@@ -261,11 +244,11 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) {
 		t.Run(testCaseCopy.name, func(t *testing.T) {
 			t.Parallel()
 
-			argoCDServiceMock := mocks.Repos{}
+			argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}}
 
-			argoCDServiceMock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return(testCaseCopy.repoApps, testCaseCopy.repoError)
+			argoCDServiceMock.Mock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return(testCaseCopy.repoApps, testCaseCopy.repoError)
 
-			var gitGenerator = NewGitGenerator(&argoCDServiceMock)
+			var gitGenerator = NewGitGenerator(argoCDServiceMock)
 			applicationSetInfo := argoprojiov1alpha1.ApplicationSet{
 				ObjectMeta: metav1.ObjectMeta{
 					Name: "set",
@@ -277,7 +260,6 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) {
 							Revision:        "Revision",
 							Directories:     testCaseCopy.directories,
 							PathParamPrefix: testCaseCopy.pathParamPrefix,
-							Values:          testCaseCopy.values,
 						},
 					}},
 				},
@@ -292,7 +274,7 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) {
 				assert.Equal(t, testCaseCopy.expected, got)
 			}
 
-			argoCDServiceMock.AssertExpectations(t)
+			argoCDServiceMock.Mock.AssertExpectations(t)
 		})
 	}
 }
@@ -557,11 +539,11 @@ func TestGitGenerateParamsFromDirectoriesGoTemplate(t *testing.T) {
 		t.Run(testCaseCopy.name, func(t *testing.T) {
 			t.Parallel()
 
-			argoCDServiceMock := mocks.Repos{}
+			argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}}
 
-			argoCDServiceMock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return(testCaseCopy.repoApps, testCaseCopy.repoError)
+			argoCDServiceMock.Mock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return(testCaseCopy.repoApps, testCaseCopy.repoError)
 
-			var gitGenerator = NewGitGenerator(&argoCDServiceMock)
+			var gitGenerator = NewGitGenerator(argoCDServiceMock)
 			applicationSetInfo := argoprojiov1alpha1.ApplicationSet{
 				ObjectMeta: metav1.ObjectMeta{
 					Name: "set",
@@ -588,7 +570,7 @@ func TestGitGenerateParamsFromDirectoriesGoTemplate(t *testing.T) {
 				assert.Equal(t, testCaseCopy.expected, got)
 			}
 
-			argoCDServiceMock.AssertExpectations(t)
+			argoCDServiceMock.Mock.AssertExpectations(t)
 		})
 	}
 
@@ -604,7 +586,6 @@ func TestGitGenerateParamsFromFiles(t *testing.T) {
 		repoFileContents map[string][]byte
 		// if repoPathsError is non-nil, the call to GetPaths(...) will return this error value
 		repoPathsError error
-		values         map[string]string
 		expected       []map[string]interface{}
 		expectedError  error
 	}{
@@ -668,74 +649,6 @@ func TestGitGenerateParamsFromFiles(t *testing.T) {
 			},
 			expectedError: nil,
 		},
-		{
-			name:  "Value variable interpolation",
-			files: []argoprojiov1alpha1.GitFileGeneratorItem{{Path: "**/config.json"}},
-			repoFileContents: map[string][]byte{
-				"cluster-config/production/config.json": []byte(`{
-   "cluster": {
-       "owner": "john.doe@example.com",
-       "name": "production",
-       "address": "https://kubernetes.default.svc"
-   },
-   "key1": "val1",
-   "key2": {
-       "key2_1": "val2_1",
-       "key2_2": {
-           "key2_2_1": "val2_2_1"
-       }
-   },
-   "key3": 123
-}`),
-				"cluster-config/staging/config.json": []byte(`{
-   "cluster": {
-       "owner": "foo.bar@example.com",
-       "name": "staging",
-       "address": "https://kubernetes.default.svc"
-   }
-}`),
-			},
-			repoPathsError: nil,
-			values: map[string]string{
-				"aaa":   "{{ cluster.owner }}",
-				"no-op": "{{ this-does-not-exist }}",
-			},
-			expected: []map[string]interface{}{
-				{
-					"cluster.owner":           "john.doe@example.com",
-					"cluster.name":            "production",
-					"cluster.address":         "https://kubernetes.default.svc",
-					"key1":                    "val1",
-					"key2.key2_1":             "val2_1",
-					"key2.key2_2.key2_2_1":    "val2_2_1",
-					"key3":                    "123",
-					"path":                    "cluster-config/production",
-					"path.basename":           "production",
-					"path[0]":                 "cluster-config",
-					"path[1]":                 "production",
-					"path.basenameNormalized": "production",
-					"path.filename":           "config.json",
-					"path.filenameNormalized": "config.json",
-					"values.aaa":              "john.doe@example.com",
-					"values.no-op":            "{{ this-does-not-exist }}",
-				},
-				{
-					"cluster.owner":           "foo.bar@example.com",
-					"cluster.name":            "staging",
-					"cluster.address":         "https://kubernetes.default.svc",
-					"path":                    "cluster-config/staging",
-					"path.basename":           "staging",
-					"path[0]":                 "cluster-config",
-					"path[1]":                 "staging",
-					"path.basenameNormalized": "staging",
-					"path.filename":           "config.json",
-					"path.filenameNormalized": "config.json",
-					"values.aaa":              "foo.bar@example.com",
-					"values.no-op":            "{{ this-does-not-exist }}",
-				},
-			},
-			expectedError: nil,
-		},
 		{
 			name:             "handles error during getting repo paths",
 			files:            []argoprojiov1alpha1.GitFileGeneratorItem{{Path: "**/config.json"}},
@@ -917,11 +830,11 @@ cluster:
 		t.Run(testCaseCopy.name, func(t *testing.T) {
 			t.Parallel()
 
-			argoCDServiceMock := mocks.Repos{}
-			argoCDServiceMock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything).
+			argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}}
+			argoCDServiceMock.Mock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything).
 				Return(testCaseCopy.repoFileContents, testCaseCopy.repoPathsError)
 
-			var gitGenerator = NewGitGenerator(&argoCDServiceMock)
+			var gitGenerator = NewGitGenerator(argoCDServiceMock)
 			applicationSetInfo := argoprojiov1alpha1.ApplicationSet{
 				ObjectMeta: metav1.ObjectMeta{
 					Name: "set",
@@ -932,7 +845,6 @@ cluster:
 							RepoURL:  "RepoURL",
 							Revision: "Revision",
 							Files:    testCaseCopy.files,
-							Values:   testCaseCopy.values,
 						},
 					}},
 				},
@@ -948,7 +860,7 @@ cluster:
 				assert.ElementsMatch(t, testCaseCopy.expected, got)
 			}
 
-			argoCDServiceMock.AssertExpectations(t)
+			argoCDServiceMock.Mock.AssertExpectations(t)
 		})
 	}
 }
@@ -1267,11 +1179,11 @@ cluster:
 		t.Run(testCaseCopy.name, func(t *testing.T) {
 			t.Parallel()
 
-			argoCDServiceMock := mocks.Repos{}
-			argoCDServiceMock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything).
+			argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}}
+			argoCDServiceMock.Mock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything).
 				Return(testCaseCopy.repoFileContents, testCaseCopy.repoPathsError)
 
-			var gitGenerator = NewGitGenerator(&argoCDServiceMock)
+			var gitGenerator = NewGitGenerator(argoCDServiceMock)
 			applicationSetInfo := argoprojiov1alpha1.ApplicationSet{
 				ObjectMeta: metav1.ObjectMeta{
 					Name: "set",
@@ -1298,7 +1210,7 @@ cluster:
 				assert.ElementsMatch(t, testCaseCopy.expected, got)
 			}
 
-			argoCDServiceMock.AssertExpectations(t)
+			argoCDServiceMock.Mock.AssertExpectations(t)
 		})
 	}
 }

applicationset/generators/list.go

@@ -5,9 +5,8 @@ import (
 	"fmt"
 	"time"
 
-	"sigs.k8s.io/yaml"
-
 	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+	"sigs.k8s.io/yaml"
 )
 
 var _ Generator = (*ListGenerator)(nil)

applicationset/generators/matrix.go

@@ -8,8 +8,6 @@ import (
 
 	"github.com/argoproj/argo-cd/v2/applicationset/utils"
 	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-
-	log "github.com/sirupsen/logrus"
 )
 
 var _ Generator = (*MatrixGenerator)(nil)
@@ -86,22 +84,10 @@ func (m *MatrixGenerator) getParams(appSetBaseGenerator argoprojiov1alpha1.Appli
 	if err != nil {
 		return nil, err
 	}
-	if matrixGen != nil && !appSet.Spec.ApplyNestedSelectors {
-		foundSelector := dropDisabledNestedSelectors(matrixGen.Generators)
-		if foundSelector {
-			log.Warnf("AppSet '%v' defines selector on nested matrix generator's generator without enabling them via 'spec.applyNestedSelectors', ignoring nested selectors", appSet.Name)
-		}
-	}
 	mergeGen, err := getMergeGenerator(appSetBaseGenerator)
 	if err != nil {
 		return nil, err
 	}
-	if mergeGen != nil && !appSet.Spec.ApplyNestedSelectors {
-		foundSelector := dropDisabledNestedSelectors(mergeGen.Generators)
-		if foundSelector {
-			log.Warnf("AppSet '%v' defines selector on nested merge generator's generator without enabling them via 'spec.applyNestedSelectors', ignoring nested selectors", appSet.Name)
-		}
-	}
 
 	t, err := Transform(
 		argoprojiov1alpha1.ApplicationSetGenerator{
@@ -111,7 +97,6 @@ func (m *MatrixGenerator) getParams(appSetBaseGenerator argoprojiov1alpha1.Appli
 			SCMProvider:             appSetBaseGenerator.SCMProvider,
 			ClusterDecisionResource: appSetBaseGenerator.ClusterDecisionResource,
 			PullRequest:             appSetBaseGenerator.PullRequest,
-			Plugin:                  appSetBaseGenerator.Plugin,
 			Matrix:                  matrixGen,
 			Merge:                   mergeGen,
 			Selector:                appSetBaseGenerator.Selector,
@@ -150,7 +135,6 @@ func (m *MatrixGenerator) GetRequeueAfter(appSetGenerator *argoprojiov1alpha1.Ap
 			Clusters:    r.Clusters,
 			Git:         r.Git,
 			PullRequest: r.PullRequest,
-			Plugin:      r.Plugin,
 			Matrix:      matrixGen,
 			Merge:       mergeGen,
 		}

applicationset/generators/matrix_test.go

@@ -13,12 +13,11 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 
-	"github.com/argoproj/argo-cd/v2/applicationset/services/mocks"
-
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 
+	testutils "github.com/argoproj/argo-cd/v2/applicationset/utils/test"
 	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 )
 
@@ -849,7 +848,7 @@ func TestMatrixGenerateListElementsYaml(t *testing.T) {
 	}
 
 	listGenerator := &argoprojiov1alpha1.ListGenerator{
-		Elements:     []apiextensionsv1.JSON{},
+		Elements: []apiextensionsv1.JSON{},
 		ElementsYaml: "{{ .foo.bar | toJson }}",
 	}
 
@@ -871,59 +870,60 @@ func TestMatrixGenerateListElementsYaml(t *testing.T) {
 			},
 			expected: []map[string]interface{}{
 				{
-					"chart":   "a",
-					"version": "1",
+					"chart":         "a",
+					"version":         "1",
 					"foo": map[string]interface{}{
 						"bar": []interface{}{
 							map[string]interface{}{
-								"chart":   "a",
+								"chart": "a",
 								"version": "1",
 							},
 							map[string]interface{}{
-								"chart":   "b",
+								"chart": "b",
 								"version": "2",
 							},
 						},
 					},
 					"path": map[string]interface{}{
-						"basename":           "dir",
+						"basename": "dir",
 						"basenameNormalized": "dir",
-						"filename":           "file_name.yaml",
+						"filename": "file_name.yaml",
 						"filenameNormalized": "file-name.yaml",
-						"path":               "path/dir",
-						"segments": []string{
+						"path": "path/dir",
+						"segments": []string {
 							"path",
 							"dir",
 						},
 					},
 				},
 				{
-					"chart":   "b",
-					"version": "2",
+					"chart":         "b",
+					"version":         "2",
 					"foo": map[string]interface{}{
 						"bar": []interface{}{
 							map[string]interface{}{
-								"chart":   "a",
+								"chart": "a",
 								"version": "1",
 							},
 							map[string]interface{}{
-								"chart":   "b",
+								"chart": "b",
 								"version": "2",
 							},
 						},
 					},
 					"path": map[string]interface{}{
-						"basename":           "dir",
+						"basename": "dir",
 						"basenameNormalized": "dir",
-						"filename":           "file_name.yaml",
+						"filename": "file_name.yaml",
 						"filenameNormalized": "file-name.yaml",
-						"path":               "path/dir",
-						"segments": []string{
+						"path": "path/dir",
+						"segments": []string {
 							"path",
 							"dir",
 						},
 					},
 				},
+
 			},
 		},
 	}
@@ -952,26 +952,27 @@ func TestMatrixGenerateListElementsYaml(t *testing.T) {
 					"foo": map[string]interface{}{
 						"bar": []interface{}{
 							map[string]interface{}{
-								"chart":   "a",
+								"chart": "a",
 								"version": "1",
 							},
 							map[string]interface{}{
-								"chart":   "b",
+								"chart": "b",
 								"version": "2",
 							},
 						},
 					},
 					"path": map[string]interface{}{
-						"basename":           "dir",
+						"basename": "dir",
 						"basenameNormalized": "dir",
-						"filename":           "file_name.yaml",
+						"filename": "file_name.yaml",
 						"filenameNormalized": "file-name.yaml",
-						"path":               "path/dir",
-						"segments": []string{
+						"path": "path/dir",
+						"segments": []string {
 							"path",
 							"dir",
 						},
 					},
+
 				}}, nil)
 				genMock.On("GetTemplate", &gitGeneratorSpec).
 					Return(&argoprojiov1alpha1.ApplicationSetTemplate{})
@@ -1053,8 +1054,8 @@ func TestGitGenerator_GenerateParams_list_x_git_matrix_generator(t *testing.T) {
 		},
 	}
 
-	repoServiceMock := &mocks.Repos{}
-	repoServiceMock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(map[string][]byte{
+	repoServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}}
+	repoServiceMock.Mock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(map[string][]byte{
 		"some/path.json": []byte("test: content"),
 	}, nil)
 	gitGenerator := NewGitGenerator(repoServiceMock)

applicationset/generators/merge.go

@@ -9,8 +9,6 @@ import (
 
 	"github.com/argoproj/argo-cd/v2/applicationset/utils"
 	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-
-	log "github.com/sirupsen/logrus"
 )
 
 var _ Generator = (*MergeGenerator)(nil)
@@ -143,22 +141,10 @@ func (m *MergeGenerator) getParams(appSetBaseGenerator argoprojiov1alpha1.Applic
 	if err != nil {
 		return nil, err
 	}
-	if matrixGen != nil && !appSet.Spec.ApplyNestedSelectors {
-		foundSelector := dropDisabledNestedSelectors(matrixGen.Generators)
-		if foundSelector {
-			log.Warnf("AppSet '%v' defines selector on nested matrix generator's generator without enabling them via 'spec.applyNestedSelectors', ignoring nested selector", appSet.Name)
-		}
-	}
 	mergeGen, err := getMergeGenerator(appSetBaseGenerator)
 	if err != nil {
 		return nil, err
 	}
-	if mergeGen != nil && !appSet.Spec.ApplyNestedSelectors {
-		foundSelector := dropDisabledNestedSelectors(mergeGen.Generators)
-		if foundSelector {
-			log.Warnf("AppSet '%v' defines selector on nested merge generator's generator without enabling them via 'spec.applyNestedSelectors', ignoring nested selector", appSet.Name)
-		}
-	}
 
 	t, err := Transform(
 		argoprojiov1alpha1.ApplicationSetGenerator{
@@ -168,7 +154,6 @@ func (m *MergeGenerator) getParams(appSetBaseGenerator argoprojiov1alpha1.Applic
 			SCMProvider:             appSetBaseGenerator.SCMProvider,
 			ClusterDecisionResource: appSetBaseGenerator.ClusterDecisionResource,
 			PullRequest:             appSetBaseGenerator.PullRequest,
-			Plugin:                  appSetBaseGenerator.Plugin,
 			Matrix:                  matrixGen,
 			Merge:                   mergeGen,
 			Selector:                appSetBaseGenerator.Selector,
@@ -205,7 +190,6 @@ func (m *MergeGenerator) GetRequeueAfter(appSetGenerator *argoprojiov1alpha1.App
 			Clusters:    r.Clusters,
 			Git:         r.Git,
 			PullRequest: r.PullRequest,
-			Plugin:      r.Plugin,
 			Matrix:      matrixGen,
 			Merge:       mergeGen,
 		}

applicationset/generators/plugin.go

@@ -1,211 +0,0 @@
-package generators
-
-import (
-	"context"
-	"fmt"
-	"strconv"
-	"strings"
-	"time"
-
-	"github.com/jeremywohl/flatten"
-	corev1 "k8s.io/api/core/v1"
-	"k8s.io/client-go/kubernetes"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-
-	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/util/settings"
-
-	"github.com/argoproj/argo-cd/v2/applicationset/services/plugin"
-)
-
-const (
-	DefaultPluginRequeueAfterSeconds = 30 * time.Minute
-)
-
-var _ Generator = (*PluginGenerator)(nil)
-
-type PluginGenerator struct {
-	client    client.Client
-	ctx       context.Context
-	clientset kubernetes.Interface
-	namespace string
-}
-
-func NewPluginGenerator(client client.Client, ctx context.Context, clientset kubernetes.Interface, namespace string) Generator {
-	g := &PluginGenerator{
-		client:    client,
-		ctx:       ctx,
-		clientset: clientset,
-		namespace: namespace,
-	}
-	return g
-}
-
-func (g *PluginGenerator) GetRequeueAfter(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator) time.Duration {
-	// Return a requeue default of 30 minutes, if no default is specified.
-
-	if appSetGenerator.Plugin.RequeueAfterSeconds != nil {
-		return time.Duration(*appSetGenerator.Plugin.RequeueAfterSeconds) * time.Second
-	}
-
-	return DefaultPluginRequeueAfterSeconds
-}
-
-func (g *PluginGenerator) GetTemplate(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator) *argoprojiov1alpha1.ApplicationSetTemplate {
-	return &appSetGenerator.Plugin.Template
-}
-
-func (g *PluginGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, applicationSetInfo *argoprojiov1alpha1.ApplicationSet) ([]map[string]interface{}, error) {
-
-	if appSetGenerator == nil {
-		return nil, EmptyAppSetGeneratorError
-	}
-
-	if appSetGenerator.Plugin == nil {
-		return nil, EmptyAppSetGeneratorError
-	}
-
-	ctx := context.Background()
-
-	providerConfig := appSetGenerator.Plugin
-
-	pluginClient, err := g.getPluginFromGenerator(ctx, applicationSetInfo.Name, providerConfig)
-	if err != nil {
-		return nil, err
-	}
-
-	list, err := pluginClient.List(ctx, providerConfig.Input.Parameters)
-	if err != nil {
-		return nil, fmt.Errorf("error listing params: %w", err)
-	}
-
-	res, err := g.generateParams(appSetGenerator, applicationSetInfo, list.Output.Parameters, appSetGenerator.Plugin.Input.Parameters, applicationSetInfo.Spec.GoTemplate)
-	if err != nil {
-		return nil, err
-	}
-
-	return res, nil
-}
-
-func (g *PluginGenerator) getPluginFromGenerator(ctx context.Context, appSetName string, generatorConfig *argoprojiov1alpha1.PluginGenerator) (*plugin.Service, error) {
-	cm, err := g.getConfigMap(ctx, generatorConfig.ConfigMapRef.Name)
-	if err != nil {
-		return nil, fmt.Errorf("error fetching ConfigMap: %w", err)
-	}
-	token, err := g.getToken(ctx, cm["token"])
-	if err != nil {
-		return nil, fmt.Errorf("error fetching Secret token: %v", err)
-	}
-
-	var requestTimeout int
-	requestTimeoutStr, ok := cm["requestTimeout"]
-	if ok {
-		requestTimeout, err = strconv.Atoi(requestTimeoutStr)
-		if err != nil {
-			return nil, fmt.Errorf("error set requestTimeout : %w", err)
-		}
-	}
-
-	pluginClient, err := plugin.NewPluginService(ctx, appSetName, cm["baseUrl"], token, requestTimeout)
-	if err != nil {
-		return nil, err
-	}
-	return pluginClient, nil
-}
-
-func (g *PluginGenerator) generateParams(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, appSet *argoprojiov1alpha1.ApplicationSet, objectsFound []map[string]interface{}, pluginParams argoprojiov1alpha1.PluginParameters, useGoTemplate bool) ([]map[string]interface{}, error) {
-	res := []map[string]interface{}{}
-
-	for _, objectFound := range objectsFound {
-
-		params := map[string]interface{}{}
-
-		if useGoTemplate {
-			for k, v := range objectFound {
-				params[k] = v
-			}
-		} else {
-			flat, err := flatten.Flatten(objectFound, "", flatten.DotStyle)
-			if err != nil {
-				return nil, err
-			}
-			for k, v := range flat {
-				params[k] = fmt.Sprintf("%v", v)
-			}
-		}
-
-		params["generator"] = map[string]interface{}{
-			"input": map[string]argoprojiov1alpha1.PluginParameters{
-				"parameters": pluginParams,
-			},
-		}
-
-		err := appendTemplatedValues(appSetGenerator.Plugin.Values, params, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions)
-		if err != nil {
-			return nil, err
-		}
-
-		res = append(res, params)
-	}
-
-	return res, nil
-}
-
-func (g *PluginGenerator) getToken(ctx context.Context, tokenRef string) (string, error) {
-
-	if tokenRef == "" || !strings.HasPrefix(tokenRef, "$") {
-		return "", fmt.Errorf("token is empty, or does not reference a secret key starting with '$': %v", tokenRef)
-	}
-
-	secretName, tokenKey := plugin.ParseSecretKey(tokenRef)
-
-	secret := &corev1.Secret{}
-	err := g.client.Get(
-		ctx,
-		client.ObjectKey{
-			Name:      secretName,
-			Namespace: g.namespace,
-		},
-		secret)
-
-	if err != nil {
-		return "", fmt.Errorf("error fetching secret %s/%s: %v", g.namespace, secretName, err)
-	}
-
-	secretValues := make(map[string]string, len(secret.Data))
-
-	for k, v := range secret.Data {
-		secretValues[k] = string(v)
-	}
-
-	token := settings.ReplaceStringSecret(tokenKey, secretValues)
-
-	return token, err
-}
-
-func (g *PluginGenerator) getConfigMap(ctx context.Context, configMapRef string) (map[string]string, error) {
-	cm := &corev1.ConfigMap{}
-	err := g.client.Get(
-		ctx,
-		client.ObjectKey{
-			Name:      configMapRef,
-			Namespace: g.namespace,
-		},
-		cm)
-
-	if err != nil {
-		return nil, err
-	}
-
-	baseUrl, ok := cm.Data["baseUrl"]
-	if !ok || baseUrl == "" {
-		return nil, fmt.Errorf("baseUrl not found in ConfigMap")
-	}
-
-	token, ok := cm.Data["token"]
-	if !ok || token == "" {
-		return nil, fmt.Errorf("token not found in ConfigMap")
-	}
-
-	return cm.Data, nil
-}

applicationset/generators/plugin_test.go

@@ -1,705 +0,0 @@
-package generators
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"net/http/httptest"
-	"strings"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-	v1 "k8s.io/api/core/v1"
-	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/runtime"
-	kubefake "k8s.io/client-go/kubernetes/fake"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-	"sigs.k8s.io/controller-runtime/pkg/client/fake"
-
-	"github.com/argoproj/argo-cd/v2/applicationset/services/plugin"
-	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-)
-
-func TestPluginGenerateParams(t *testing.T) {
-	testCases := []struct {
-		name            string
-		configmap       *v1.ConfigMap
-		secret          *v1.Secret
-		inputParameters map[string]apiextensionsv1.JSON
-		values          map[string]string
-		gotemplate      bool
-		expected        []map[string]interface{}
-		content         []byte
-		expectedError   error
-	}{
-		{
-			name: "simple case",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-					"token":   "$plugin.token",
-				},
-			},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "argocd-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: map[string]apiextensionsv1.JSON{
-				"pkey1": {Raw: []byte(`"val1"`)},
-				"pkey2": {Raw: []byte(`"val2"`)},
-			},
-			gotemplate: false,
-			content: []byte(`{"output": {
-				"parameters": [{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-                }]
-			 }}`),
-			expected: []map[string]interface{}{
-				{
-					"key1":                 "val1",
-					"key2.key2_1":          "val2_1",
-					"key2.key2_2.key2_2_1": "val2_2_1",
-					"key3":                 "123",
-					"generator": map[string]interface{}{
-						"input": argoprojiov1alpha1.PluginInput{
-							Parameters: argoprojiov1alpha1.PluginParameters{
-								"pkey1": {Raw: []byte(`"val1"`)},
-								"pkey2": {Raw: []byte(`"val2"`)},
-							},
-						},
-					},
-				},
-			},
-			expectedError: nil,
-		},
-		{
-			name: "simple case with values",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-					"token":   "$plugin.token",
-				},
-			},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "argocd-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: map[string]apiextensionsv1.JSON{
-				"pkey1": {Raw: []byte(`"val1"`)},
-				"pkey2": {Raw: []byte(`"val2"`)},
-			},
-			values: map[string]string{
-				"valuekey1": "valuevalue1",
-				"valuekey2": "templated-{{key1}}",
-			},
-			gotemplate: false,
-			content: []byte(`{"output": {
-				"parameters": [{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-                }]
-			 }}`),
-			expected: []map[string]interface{}{
-				{
-					"key1":                 "val1",
-					"key2.key2_1":          "val2_1",
-					"key2.key2_2.key2_2_1": "val2_2_1",
-					"key3":                 "123",
-					"values.valuekey1":     "valuevalue1",
-					"values.valuekey2":     "templated-val1",
-					"generator": map[string]interface{}{
-						"input": argoprojiov1alpha1.PluginInput{
-							Parameters: argoprojiov1alpha1.PluginParameters{
-								"pkey1": {Raw: []byte(`"val1"`)},
-								"pkey2": {Raw: []byte(`"val2"`)},
-							},
-						},
-					},
-				},
-			},
-			expectedError: nil,
-		},
-		{
-			name: "simple case with gotemplate",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-					"token":   "$plugin.token",
-				},
-			},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "argocd-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: map[string]apiextensionsv1.JSON{
-				"pkey1": {Raw: []byte(`"val1"`)},
-				"pkey2": {Raw: []byte(`"val2"`)},
-			},
-			gotemplate: true,
-			content: []byte(`{"output": {
-				"parameters": [{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-                }]
-			 }}`),
-			expected: []map[string]interface{}{
-				{
-					"key1": "val1",
-					"key2": map[string]interface{}{
-						"key2_1": "val2_1",
-						"key2_2": map[string]interface{}{
-							"key2_2_1": "val2_2_1",
-						},
-					},
-					"key3": float64(123),
-					"generator": map[string]interface{}{
-						"input": argoprojiov1alpha1.PluginInput{
-							Parameters: argoprojiov1alpha1.PluginParameters{
-								"pkey1": {Raw: []byte(`"val1"`)},
-								"pkey2": {Raw: []byte(`"val2"`)},
-							},
-						},
-					},
-				},
-			},
-			expectedError: nil,
-		},
-		{
-			name: "simple case with appended params",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-					"token":   "$plugin.token",
-				},
-			},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "argocd-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: map[string]apiextensionsv1.JSON{
-				"pkey1": {Raw: []byte(`"val1"`)},
-				"pkey2": {Raw: []byte(`"val2"`)},
-			},
-			gotemplate: false,
-			content: []byte(`{"output": {"parameters": [{
-				"key1": "val1",
-				"key2": {
-					"key2_1": "val2_1",
-					"key2_2": {
-						"key2_2_1": "val2_2_1"
-					}
-				},
-				"key3": 123,
-				"pkey2": "valplugin"
-			 }]}}`),
-			expected: []map[string]interface{}{
-				{
-					"key1":                 "val1",
-					"key2.key2_1":          "val2_1",
-					"key2.key2_2.key2_2_1": "val2_2_1",
-					"key3":                 "123",
-					"pkey2":                "valplugin",
-					"generator": map[string]interface{}{
-						"input": argoprojiov1alpha1.PluginInput{
-							Parameters: argoprojiov1alpha1.PluginParameters{
-								"pkey1": {Raw: []byte(`"val1"`)},
-								"pkey2": {Raw: []byte(`"val2"`)},
-							},
-						},
-					},
-				},
-			},
-			expectedError: nil,
-		},
-		{
-			name: "no params",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-					"token":   "$plugin.token",
-				},
-			},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "argocd-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: argoprojiov1alpha1.PluginParameters{},
-			gotemplate:      false,
-			content: []byte(`{"output": {
-				"parameters": [{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-                }]
-			 }}`),
-			expected: []map[string]interface{}{
-				{
-					"key1":                 "val1",
-					"key2.key2_1":          "val2_1",
-					"key2.key2_2.key2_2_1": "val2_2_1",
-					"key3":                 "123",
-					"generator": map[string]interface{}{
-						"input": map[string]map[string]interface{}{
-							"parameters": {},
-						},
-					},
-				},
-			},
-			expectedError: nil,
-		},
-		{
-			name: "empty return",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-					"token":   "$plugin.token",
-				},
-			},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "argocd-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: map[string]apiextensionsv1.JSON{},
-			gotemplate:      false,
-			content:         []byte(`{"input": {"parameters": []}}`),
-			expected:        []map[string]interface{}{},
-			expectedError:   nil,
-		},
-		{
-			name: "wrong return",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-					"token":   "$plugin.token",
-				},
-			},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "argocd-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: map[string]apiextensionsv1.JSON{},
-			gotemplate:      false,
-			content:         []byte(`wrong body ...`),
-			expected:        []map[string]interface{}{},
-			expectedError:   fmt.Errorf("error listing params: error get api 'set': invalid character 'w' looking for beginning of value: wrong body ..."),
-		},
-		{
-			name: "external secret",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-					"token":   "$plugin-secret:plugin.token",
-				},
-			},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "plugin-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: map[string]apiextensionsv1.JSON{
-				"pkey1": {Raw: []byte(`"val1"`)},
-				"pkey2": {Raw: []byte(`"val2"`)},
-			},
-			gotemplate: false,
-			content: []byte(`{"output": {"parameters": [{
-				"key1": "val1",
-				"key2": {
-					"key2_1": "val2_1",
-					"key2_2": {
-						"key2_2_1": "val2_2_1"
-					}
-				},
-				"key3": 123,
-				"pkey2": "valplugin"
-			 }]}}`),
-			expected: []map[string]interface{}{
-				{
-					"key1":                 "val1",
-					"key2.key2_1":          "val2_1",
-					"key2.key2_2.key2_2_1": "val2_2_1",
-					"key3":                 "123",
-					"pkey2":                "valplugin",
-					"generator": map[string]interface{}{
-						"input": argoprojiov1alpha1.PluginInput{
-							Parameters: argoprojiov1alpha1.PluginParameters{
-								"pkey1": {Raw: []byte(`"val1"`)},
-								"pkey2": {Raw: []byte(`"val2"`)},
-							},
-						},
-					},
-				},
-			},
-			expectedError: nil,
-		},
-		{
-			name: "no secret",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-					"token":   "$plugin.token",
-				},
-			},
-			secret: &v1.Secret{},
-			inputParameters: map[string]apiextensionsv1.JSON{
-				"pkey1": {Raw: []byte(`"val1"`)},
-				"pkey2": {Raw: []byte(`"val2"`)},
-			},
-			gotemplate: false,
-			content: []byte(`{"output": {
-				"parameters": [{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-                }]
-			 }}`),
-			expected: []map[string]interface{}{
-				{
-					"key1":                 "val1",
-					"key2.key2_1":          "val2_1",
-					"key2.key2_2.key2_2_1": "val2_2_1",
-					"key3":                 "123",
-					"generator": map[string]interface{}{
-						"input": argoprojiov1alpha1.PluginInput{
-							Parameters: argoprojiov1alpha1.PluginParameters{
-								"pkey1": {Raw: []byte(`"val1"`)},
-								"pkey2": {Raw: []byte(`"val2"`)},
-							},
-						},
-					},
-				},
-			},
-			expectedError: fmt.Errorf("error fetching Secret token: error fetching secret default/argocd-secret: secrets \"argocd-secret\" not found"),
-		},
-		{
-			name:      "no configmap",
-			configmap: &v1.ConfigMap{},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "argocd-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: map[string]apiextensionsv1.JSON{
-				"pkey1": {Raw: []byte(`"val1"`)},
-				"pkey2": {Raw: []byte(`"val2"`)},
-			},
-			gotemplate: false,
-			content: []byte(`{"output": {
-				"parameters": [{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-                }]
-			 }}`),
-			expected: []map[string]interface{}{
-				{
-					"key1":                 "val1",
-					"key2.key2_1":          "val2_1",
-					"key2.key2_2.key2_2_1": "val2_2_1",
-					"key3":                 "123",
-					"generator": map[string]interface{}{
-						"input": argoprojiov1alpha1.PluginInput{
-							Parameters: argoprojiov1alpha1.PluginParameters{
-								"pkey1": {Raw: []byte(`"val1"`)},
-								"pkey2": {Raw: []byte(`"val2"`)},
-							},
-						},
-					},
-				},
-			},
-			expectedError: fmt.Errorf("error fetching ConfigMap: configmaps \"\" not found"),
-		},
-		{
-			name: "no baseUrl",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"token": "$plugin.token",
-				},
-			},
-			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "argocd-secret",
-					Namespace: "default",
-				},
-				Data: map[string][]byte{
-					"plugin.token": []byte("my-secret"),
-				},
-			},
-			inputParameters: map[string]apiextensionsv1.JSON{
-				"pkey1": {Raw: []byte(`"val1"`)},
-				"pkey2": {Raw: []byte(`"val2"`)},
-			},
-			gotemplate: false,
-			content: []byte(`{"output": {
-				"parameters": [{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-                }]
-			 }}`),
-			expected: []map[string]interface{}{
-				{
-					"key1":                 "val1",
-					"key2.key2_1":          "val2_1",
-					"key2.key2_2.key2_2_1": "val2_2_1",
-					"key3":                 "123",
-					"generator": map[string]interface{}{
-						"input": argoprojiov1alpha1.PluginInput{
-							Parameters: argoprojiov1alpha1.PluginParameters{
-								"pkey1": {Raw: []byte(`"val1"`)},
-								"pkey2": {Raw: []byte(`"val2"`)},
-							},
-						},
-					},
-				},
-			},
-			expectedError: fmt.Errorf("error fetching ConfigMap: baseUrl not found in ConfigMap"),
-		},
-		{
-			name: "no token",
-			configmap: &v1.ConfigMap{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "first-plugin-cm",
-					Namespace: "default",
-				},
-				Data: map[string]string{
-					"baseUrl": "http://127.0.0.1",
-				},
-			},
-			secret: &v1.Secret{},
-			inputParameters: map[string]apiextensionsv1.JSON{
-				"pkey1": {Raw: []byte(`"val1"`)},
-				"pkey2": {Raw: []byte(`"val2"`)},
-			},
-			gotemplate: false,
-			content: []byte(`{"output": {
-				"parameters": [{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-                }]
-			 }}`),
-			expected: []map[string]interface{}{
-				{
-					"key1":                 "val1",
-					"key2.key2_1":          "val2_1",
-					"key2.key2_2.key2_2_1": "val2_2_1",
-					"key3":                 "123",
-					"generator": map[string]interface{}{
-						"input": argoprojiov1alpha1.PluginInput{
-							Parameters: argoprojiov1alpha1.PluginParameters{
-								"pkey1": {Raw: []byte(`"val1"`)},
-								"pkey2": {Raw: []byte(`"val2"`)},
-							},
-						},
-					},
-				},
-			},
-			expectedError: fmt.Errorf("error fetching ConfigMap: token not found in ConfigMap"),
-		},
-	}
-
-	ctx := context.Background()
-
-	for _, testCase := range testCases {
-
-		t.Run(testCase.name, func(t *testing.T) {
-
-			generatorConfig := argoprojiov1alpha1.ApplicationSetGenerator{
-				Plugin: &argoprojiov1alpha1.PluginGenerator{
-					ConfigMapRef: argoprojiov1alpha1.PluginConfigMapRef{Name: testCase.configmap.Name},
-					Input: argoprojiov1alpha1.PluginInput{
-						Parameters: testCase.inputParameters,
-					},
-					Values: testCase.values,
-				},
-			}
-
-			handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-
-				authHeader := r.Header.Get("Authorization")
-				_, tokenKey := plugin.ParseSecretKey(testCase.configmap.Data["token"])
-				expectedToken := testCase.secret.Data[strings.Replace(tokenKey, "$", "", -1)]
-				if authHeader != "Bearer "+string(expectedToken) {
-					w.WriteHeader(http.StatusUnauthorized)
-					return
-				}
-
-				w.Header().Set("Content-Type", "application/json")
-				_, err := w.Write(testCase.content)
-				if err != nil {
-					assert.NoError(t, fmt.Errorf("Error Write %v", err))
-				}
-			})
-
-			fakeServer := httptest.NewServer(handler)
-
-			defer fakeServer.Close()
-
-			if _, ok := testCase.configmap.Data["baseUrl"]; ok {
-				testCase.configmap.Data["baseUrl"] = fakeServer.URL
-			}
-
-			fakeClient := kubefake.NewSimpleClientset(append([]runtime.Object{}, testCase.configmap, testCase.secret)...)
-
-			fakeClientWithCache := fake.NewClientBuilder().WithObjects([]client.Object{testCase.configmap, testCase.secret}...).Build()
-
-			var pluginGenerator = NewPluginGenerator(fakeClientWithCache, ctx, fakeClient, "default")
-
-			applicationSetInfo := argoprojiov1alpha1.ApplicationSet{
-				ObjectMeta: metav1.ObjectMeta{
-					Name: "set",
-				},
-				Spec: argoprojiov1alpha1.ApplicationSetSpec{
-					GoTemplate: testCase.gotemplate,
-				},
-			}
-
-			got, err := pluginGenerator.GenerateParams(&generatorConfig, &applicationSetInfo)
-
-			if err != nil {
-				fmt.Println(err)
-			}
-
-			if testCase.expectedError != nil {
-				assert.EqualError(t, err, testCase.expectedError.Error())
-			} else {
-				assert.NoError(t, err)
-				expectedJson, err := json.Marshal(testCase.expected)
-				require.NoError(t, err)
-				gotJson, err := json.Marshal(got)
-				require.NoError(t, err)
-				assert.Equal(t, string(expectedJson), string(gotJson))
-			}
-		})
-	}
-}

applicationset/generators/pull_request.go

@@ -11,6 +11,7 @@ import (
 
 	"github.com/gosimple/slug"
 
+	"github.com/argoproj/argo-cd/v2/applicationset/services/pull_request"
 	pullrequest "github.com/argoproj/argo-cd/v2/applicationset/services/pull_request"
 	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 )
@@ -25,16 +26,12 @@ type PullRequestGenerator struct {
 	client                    client.Client
 	selectServiceProviderFunc func(context.Context, *argoprojiov1alpha1.PullRequestGenerator, *argoprojiov1alpha1.ApplicationSet) (pullrequest.PullRequestService, error)
 	auth                      SCMAuthProviders
-	scmRootCAPath             string
-	allowedSCMProviders       []string
 }
 
-func NewPullRequestGenerator(client client.Client, auth SCMAuthProviders, scmRootCAPath string, allowedScmProviders []string) Generator {
+func NewPullRequestGenerator(client client.Client, auth SCMAuthProviders) Generator {
 	g := &PullRequestGenerator{
-		client:              client,
-		auth:                auth,
-		scmRootCAPath:       scmRootCAPath,
-		allowedSCMProviders: allowedScmProviders,
+		client: client,
+		auth:   auth,
 	}
 	g.selectServiceProviderFunc = g.selectServiceProvider
 	return g
@@ -69,7 +66,7 @@ func (g *PullRequestGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
 		return nil, fmt.Errorf("failed to select pull request service provider: %v", err)
 	}
 
-	pulls, err := pullrequest.ListPullRequests(ctx, svc, appSetGenerator.PullRequest.Filters)
+	pulls, err := pull_request.ListPullRequests(ctx, svc, appSetGenerator.PullRequest.Filters)
 	if err != nil {
 		return nil, fmt.Errorf("error listing repos: %v", err)
 	}
@@ -87,27 +84,18 @@ func (g *PullRequestGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
 	}
 
 	var shortSHALength int
-	var shortSHALength7 int
 	for _, pull := range pulls {
 		shortSHALength = 8
 		if len(pull.HeadSHA) < 8 {
 			shortSHALength = len(pull.HeadSHA)
 		}
 
-		shortSHALength7 = 7
-		if len(pull.HeadSHA) < 7 {
-			shortSHALength7 = len(pull.HeadSHA)
-		}
-
 		paramMap := map[string]interface{}{
-			"number":             strconv.Itoa(pull.Number),
-			"branch":             pull.Branch,
-			"branch_slug":        slug.Make(pull.Branch),
-			"target_branch":      pull.TargetBranch,
-			"target_branch_slug": slug.Make(pull.TargetBranch),
-			"head_sha":           pull.HeadSHA,
-			"head_short_sha":     pull.HeadSHA[:shortSHALength],
-			"head_short_sha_7":   pull.HeadSHA[:shortSHALength7],
+			"number":         strconv.Itoa(pull.Number),
+			"branch":         pull.Branch,
+			"branch_slug":    slug.Make(pull.Branch),
+			"head_sha":       pull.HeadSHA,
+			"head_short_sha": pull.HeadSHA[:shortSHALength],
 		}
 
 		// PR lables will only be supported for Go Template appsets, since fasttemplate will be deprecated.
@@ -122,27 +110,18 @@ func (g *PullRequestGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
 // selectServiceProvider selects the provider to get pull requests from the configuration
 func (g *PullRequestGenerator) selectServiceProvider(ctx context.Context, generatorConfig *argoprojiov1alpha1.PullRequestGenerator, applicationSetInfo *argoprojiov1alpha1.ApplicationSet) (pullrequest.PullRequestService, error) {
 	if generatorConfig.Github != nil {
-		if !ScmProviderAllowed(applicationSetInfo, generatorConfig.Github.API, g.allowedSCMProviders) {
-			return nil, fmt.Errorf("scm provider not allowed: %s", generatorConfig.Github.API)
-		}
 		return g.github(ctx, generatorConfig.Github, applicationSetInfo)
 	}
 	if generatorConfig.GitLab != nil {
 		providerConfig := generatorConfig.GitLab
-		if !ScmProviderAllowed(applicationSetInfo, providerConfig.API, g.allowedSCMProviders) {
-			return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.API)
-		}
 		token, err := g.getSecretRef(ctx, providerConfig.TokenRef, applicationSetInfo.Namespace)
 		if err != nil {
 			return nil, fmt.Errorf("error fetching Secret token: %v", err)
 		}
-		return pullrequest.NewGitLabService(ctx, token, providerConfig.API, providerConfig.Project, providerConfig.Labels, providerConfig.PullRequestState, g.scmRootCAPath, providerConfig.Insecure)
+		return pullrequest.NewGitLabService(ctx, token, providerConfig.API, providerConfig.Project, providerConfig.Labels, providerConfig.PullRequestState)
 	}
 	if generatorConfig.Gitea != nil {
 		providerConfig := generatorConfig.Gitea
-		if !ScmProviderAllowed(applicationSetInfo, providerConfig.API, g.allowedSCMProviders) {
-			return nil, fmt.Errorf("scm provider not allowed: %s", generatorConfig.Gitea.API)
-		}
 		token, err := g.getSecretRef(ctx, providerConfig.TokenRef, applicationSetInfo.Namespace)
 		if err != nil {
 			return nil, fmt.Errorf("error fetching Secret token: %v", err)
@@ -151,9 +130,6 @@ func (g *PullRequestGenerator) selectServiceProvider(ctx context.Context, genera
 	}
 	if generatorConfig.BitbucketServer != nil {
 		providerConfig := generatorConfig.BitbucketServer
-		if !ScmProviderAllowed(applicationSetInfo, providerConfig.API, g.allowedSCMProviders) {
-			return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.API)
-		}
 		if providerConfig.BasicAuth != nil {
 			password, err := g.getSecretRef(ctx, providerConfig.BasicAuth.PasswordRef, applicationSetInfo.Namespace)
 			if err != nil {
@@ -164,32 +140,6 @@ func (g *PullRequestGenerator) selectServiceProvider(ctx context.Context, genera
 			return pullrequest.NewBitbucketServiceNoAuth(ctx, providerConfig.API, providerConfig.Project, providerConfig.Repo)
 		}
 	}
-	if generatorConfig.Bitbucket != nil {
-		providerConfig := generatorConfig.Bitbucket
-		if providerConfig.BearerToken != nil {
-			appToken, err := g.getSecretRef(ctx, providerConfig.BearerToken.TokenRef, applicationSetInfo.Namespace)
-			if err != nil {
-				return nil, fmt.Errorf("error fetching Secret Bearer token: %v", err)
-			}
-			return pullrequest.NewBitbucketCloudServiceBearerToken(providerConfig.API, appToken, providerConfig.Owner, providerConfig.Repo)
-		} else if providerConfig.BasicAuth != nil {
-			password, err := g.getSecretRef(ctx, providerConfig.BasicAuth.PasswordRef, applicationSetInfo.Namespace)
-			if err != nil {
-				return nil, fmt.Errorf("error fetching Secret token: %v", err)
-			}
-			return pullrequest.NewBitbucketCloudServiceBasicAuth(providerConfig.API, providerConfig.BasicAuth.Username, password, providerConfig.Owner, providerConfig.Repo)
-		} else {
-			return pullrequest.NewBitbucketCloudServiceNoAuth(providerConfig.API, providerConfig.Owner, providerConfig.Repo)
-		}
-	}
-	if generatorConfig.AzureDevOps != nil {
-		providerConfig := generatorConfig.AzureDevOps
-		token, err := g.getSecretRef(ctx, providerConfig.TokenRef, applicationSetInfo.Namespace)
-		if err != nil {
-			return nil, fmt.Errorf("error fetching Secret token: %v", err)
-		}
-		return pullrequest.NewAzureDevOpsService(ctx, token, providerConfig.API, providerConfig.Organization, providerConfig.Project, providerConfig.Repo, providerConfig.Labels)
-	}
 	return nil, fmt.Errorf("no Pull Request provider implementation configured")
 }
 

applicationset/generators/pull_request_test.go

@@ -28,10 +28,9 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 					ctx,
 					[]*pullrequest.PullRequest{
 						&pullrequest.PullRequest{
-							Number:       1,
-							Branch:       "branch1",
-							TargetBranch: "master",
-							HeadSHA:      "089d92cbf9ff857a39e6feccd32798ca700fb958",
+							Number:  1,
+							Branch:  "branch1",
+							HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958",
 						},
 					},
 					nil,
@@ -39,14 +38,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 			},
 			expected: []map[string]interface{}{
 				{
-					"number":             "1",
-					"branch":             "branch1",
-					"branch_slug":        "branch1",
-					"target_branch":      "master",
-					"target_branch_slug": "master",
-					"head_sha":           "089d92cbf9ff857a39e6feccd32798ca700fb958",
-					"head_short_sha":     "089d92cb",
-					"head_short_sha_7":   "089d92c",
+					"number":         "1",
+					"branch":         "branch1",
+					"branch_slug":    "branch1",
+					"head_sha":       "089d92cbf9ff857a39e6feccd32798ca700fb958",
+					"head_short_sha": "089d92cb",
 				},
 			},
 			expectedErr: nil,
@@ -57,10 +53,9 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 					ctx,
 					[]*pullrequest.PullRequest{
 						&pullrequest.PullRequest{
-							Number:       2,
-							Branch:       "feat/areally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature",
-							TargetBranch: "feat/anotherreally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature",
-							HeadSHA:      "9b34ff5bd418e57d58891eb0aa0728043ca1e8be",
+							Number:  2,
+							Branch:  "feat/areally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature",
+							HeadSHA: "9b34ff5bd418e57d58891eb0aa0728043ca1e8be",
 						},
 					},
 					nil,
@@ -68,14 +63,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 			},
 			expected: []map[string]interface{}{
 				{
-					"number":             "2",
-					"branch":             "feat/areally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature",
-					"branch_slug":        "feat-areally-long-pull-request-name-to-test-argo",
-					"target_branch":      "feat/anotherreally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature",
-					"target_branch_slug": "feat-anotherreally-long-pull-request-name-to-test",
-					"head_sha":           "9b34ff5bd418e57d58891eb0aa0728043ca1e8be",
-					"head_short_sha":     "9b34ff5b",
-					"head_short_sha_7":   "9b34ff5",
+					"number":         "2",
+					"branch":         "feat/areally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature",
+					"branch_slug":    "feat-areally-long-pull-request-name-to-test-argo",
+					"head_sha":       "9b34ff5bd418e57d58891eb0aa0728043ca1e8be",
+					"head_short_sha": "9b34ff5b",
 				},
 			},
 			expectedErr: nil,
@@ -86,10 +78,9 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 					ctx,
 					[]*pullrequest.PullRequest{
 						&pullrequest.PullRequest{
-							Number:       1,
-							Branch:       "a-very-short-sha",
-							TargetBranch: "master",
-							HeadSHA:      "abcd",
+							Number:  1,
+							Branch:  "a-very-short-sha",
+							HeadSHA: "abcd",
 						},
 					},
 					nil,
@@ -97,14 +88,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 			},
 			expected: []map[string]interface{}{
 				{
-					"number":             "1",
-					"branch":             "a-very-short-sha",
-					"branch_slug":        "a-very-short-sha",
-					"target_branch":      "master",
-					"target_branch_slug": "master",
-					"head_sha":           "abcd",
-					"head_short_sha":     "abcd",
-					"head_short_sha_7":   "abcd",
+					"number":         "1",
+					"branch":         "a-very-short-sha",
+					"branch_slug":    "a-very-short-sha",
+					"head_sha":       "abcd",
+					"head_short_sha": "abcd",
 				},
 			},
 			expectedErr: nil,
@@ -126,11 +114,10 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 					ctx,
 					[]*pullrequest.PullRequest{
 						&pullrequest.PullRequest{
-							Number:       1,
-							Branch:       "branch1",
-							TargetBranch: "master",
-							HeadSHA:      "089d92cbf9ff857a39e6feccd32798ca700fb958",
-							Labels:       []string{"preview"},
+							Number:  1,
+							Branch:  "branch1",
+							HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958",
+							Labels:  []string{"preview"},
 						},
 					},
 					nil,
@@ -138,15 +125,12 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 			},
 			expected: []map[string]interface{}{
 				{
-					"number":             "1",
-					"branch":             "branch1",
-					"branch_slug":        "branch1",
-					"target_branch":      "master",
-					"target_branch_slug": "master",
-					"head_sha":           "089d92cbf9ff857a39e6feccd32798ca700fb958",
-					"head_short_sha":     "089d92cb",
-					"head_short_sha_7":   "089d92c",
-					"labels":             []string{"preview"},
+					"number":         "1",
+					"branch":         "branch1",
+					"branch_slug":    "branch1",
+					"head_sha":       "089d92cbf9ff857a39e6feccd32798ca700fb958",
+					"head_short_sha": "089d92cb",
+					"labels":         []string{"preview"},
 				},
 			},
 			expectedErr: nil,
@@ -163,11 +147,10 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 					ctx,
 					[]*pullrequest.PullRequest{
 						&pullrequest.PullRequest{
-							Number:       1,
-							Branch:       "branch1",
-							TargetBranch: "master",
-							HeadSHA:      "089d92cbf9ff857a39e6feccd32798ca700fb958",
-							Labels:       []string{"preview"},
+							Number:  1,
+							Branch:  "branch1",
+							HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958",
+							Labels:  []string{"preview"},
 						},
 					},
 					nil,
@@ -175,14 +158,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) {
 			},
 			expected: []map[string]interface{}{
 				{
-					"number":             "1",
-					"branch":             "branch1",
-					"branch_slug":        "branch1",
-					"target_branch":      "master",
-					"target_branch_slug": "master",
-					"head_sha":           "089d92cbf9ff857a39e6feccd32798ca700fb958",
-					"head_short_sha":     "089d92cb",
-					"head_short_sha_7":   "089d92c",
+					"number":         "1",
+					"branch":         "branch1",
+					"branch_slug":    "branch1",
+					"head_sha":       "089d92cbf9ff857a39e6feccd32798ca700fb958",
+					"head_short_sha": "089d92cb",
 				},
 			},
 			expectedErr: nil,
@@ -273,80 +253,3 @@ func TestPullRequestGetSecretRef(t *testing.T) {
 		})
 	}
 }
-
-func TestAllowedSCMProviderPullRequest(t *testing.T) {
-	cases := []struct {
-		name           string
-		providerConfig *argoprojiov1alpha1.PullRequestGenerator
-		expectedError  string
-	}{
-		{
-			name: "Error Github",
-			providerConfig: &argoprojiov1alpha1.PullRequestGenerator{
-				Github: &argoprojiov1alpha1.PullRequestGeneratorGithub{
-					API: "https://myservice.mynamespace.svc.cluster.local",
-				},
-			},
-			expectedError: "failed to select pull request service provider: scm provider not allowed: https://myservice.mynamespace.svc.cluster.local",
-		},
-		{
-			name: "Error Gitlab",
-			providerConfig: &argoprojiov1alpha1.PullRequestGenerator{
-				GitLab: &argoprojiov1alpha1.PullRequestGeneratorGitLab{
-					API: "https://myservice.mynamespace.svc.cluster.local",
-				},
-			},
-			expectedError: "failed to select pull request service provider: scm provider not allowed: https://myservice.mynamespace.svc.cluster.local",
-		},
-		{
-			name: "Error Gitea",
-			providerConfig: &argoprojiov1alpha1.PullRequestGenerator{
-				Gitea: &argoprojiov1alpha1.PullRequestGeneratorGitea{
-					API: "https://myservice.mynamespace.svc.cluster.local",
-				},
-			},
-			expectedError: "failed to select pull request service provider: scm provider not allowed: https://myservice.mynamespace.svc.cluster.local",
-		},
-		{
-			name: "Error Bitbucket",
-			providerConfig: &argoprojiov1alpha1.PullRequestGenerator{
-				BitbucketServer: &argoprojiov1alpha1.PullRequestGeneratorBitbucketServer{
-					API: "https://myservice.mynamespace.svc.cluster.local",
-				},
-			},
-			expectedError: "failed to select pull request service provider: scm provider not allowed: https://myservice.mynamespace.svc.cluster.local",
-		},
-	}
-
-	for _, testCase := range cases {
-		testCaseCopy := testCase
-
-		t.Run(testCaseCopy.name, func(t *testing.T) {
-			t.Parallel()
-
-			pullRequestGenerator := NewPullRequestGenerator(nil, SCMAuthProviders{}, "", []string{
-				"github.myorg.com",
-				"gitlab.myorg.com",
-				"gitea.myorg.com",
-				"bitbucket.myorg.com",
-				"azuredevops.myorg.com",
-			})
-
-			applicationSetInfo := argoprojiov1alpha1.ApplicationSet{
-				ObjectMeta: metav1.ObjectMeta{
-					Name: "set",
-				},
-				Spec: argoprojiov1alpha1.ApplicationSetSpec{
-					Generators: []argoprojiov1alpha1.ApplicationSetGenerator{{
-						PullRequest: testCaseCopy.providerConfig,
-					}},
-				},
-			}
-
-			_, err := pullRequestGenerator.GenerateParams(&applicationSetInfo.Spec.Generators[0], &applicationSetInfo)
-
-			assert.Error(t, err, "Must return an error")
-			assert.Equal(t, testCaseCopy.expectedError, err.Error())
-		})
-	}
-}

applicationset/generators/scm_provider.go

@@ -9,12 +9,9 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
-	log "github.com/sirupsen/logrus"
-
 	"github.com/argoproj/argo-cd/v2/applicationset/services/github_app_auth"
 	"github.com/argoproj/argo-cd/v2/applicationset/services/scm_provider"
 	"github.com/argoproj/argo-cd/v2/applicationset/utils"
-	"github.com/argoproj/argo-cd/v2/common"
 	argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 )
 
@@ -29,20 +26,16 @@ type SCMProviderGenerator struct {
 	// Testing hooks.
 	overrideProvider scm_provider.SCMProviderService
 	SCMAuthProviders
-	scmRootCAPath       string
-	allowedSCMProviders []string
 }
 
 type SCMAuthProviders struct {
 	GitHubApps github_app_auth.Credentials
 }
 
-func NewSCMProviderGenerator(client client.Client, providers SCMAuthProviders, scmRootCAPath string, allowedSCMProviders []string) Generator {
+func NewSCMProviderGenerator(client client.Client, providers SCMAuthProviders) Generator {
 	return &SCMProviderGenerator{
-		client:              client,
-		SCMAuthProviders:    providers,
-		scmRootCAPath:       scmRootCAPath,
-		allowedSCMProviders: allowedSCMProviders,
+		client:           client,
+		SCMAuthProviders: providers,
 	}
 }
 
@@ -65,26 +58,6 @@ func (g *SCMProviderGenerator) GetTemplate(appSetGenerator *argoprojiov1alpha1.A
 	return &appSetGenerator.SCMProvider.Template
 }
 
-func ScmProviderAllowed(applicationSetInfo *argoprojiov1alpha1.ApplicationSet, url string, allowedScmProviders []string) bool {
-	if url == "" || len(allowedScmProviders) == 0 {
-		return true
-	}
-
-	for _, allowedScmProvider := range allowedScmProviders {
-		if url == allowedScmProvider {
-			return true
-		}
-	}
-
-	log.WithFields(log.Fields{
-		common.SecurityField: common.SecurityMedium,
-		"applicationset":     applicationSetInfo.Name,
-		"appSetNamespace":    applicationSetInfo.Namespace,
-	}).Debugf("attempted to use disallowed SCM %q", url)
-
-	return false
-}
-
 func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, applicationSetInfo *argoprojiov1alpha1.ApplicationSet) ([]map[string]interface{}, error) {
 	if appSetGenerator == nil {
 		return nil, EmptyAppSetGeneratorError
@@ -102,30 +75,21 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
 	if g.overrideProvider != nil {
 		provider = g.overrideProvider
 	} else if providerConfig.Github != nil {
-		if !ScmProviderAllowed(applicationSetInfo, providerConfig.Github.API, g.allowedSCMProviders) {
-			return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.Github.API)
-		}
 		var err error
 		provider, err = g.githubProvider(ctx, providerConfig.Github, applicationSetInfo)
 		if err != nil {
 			return nil, fmt.Errorf("scm provider: %w", err)
 		}
 	} else if providerConfig.Gitlab != nil {
-		if !ScmProviderAllowed(applicationSetInfo, providerConfig.Gitlab.API, g.allowedSCMProviders) {
-			return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.Gitlab.API)
-		}
 		token, err := g.getSecretRef(ctx, providerConfig.Gitlab.TokenRef, applicationSetInfo.Namespace)
 		if err != nil {
 			return nil, fmt.Errorf("error fetching Gitlab token: %v", err)
 		}
-		provider, err = scm_provider.NewGitlabProvider(ctx, providerConfig.Gitlab.Group, token, providerConfig.Gitlab.API, providerConfig.Gitlab.AllBranches, providerConfig.Gitlab.IncludeSubgroups, providerConfig.Gitlab.Insecure, g.scmRootCAPath)
+		provider, err = scm_provider.NewGitlabProvider(ctx, providerConfig.Gitlab.Group, token, providerConfig.Gitlab.API, providerConfig.Gitlab.AllBranches, providerConfig.Gitlab.IncludeSubgroups)
 		if err != nil {
 			return nil, fmt.Errorf("error initializing Gitlab service: %v", err)
 		}
 	} else if providerConfig.Gitea != nil {
-		if !ScmProviderAllowed(applicationSetInfo, providerConfig.Gitea.API, g.allowedSCMProviders) {
-			return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.Gitea.API)
-		}
 		token, err := g.getSecretRef(ctx, providerConfig.Gitea.TokenRef, applicationSetInfo.Namespace)
 		if err != nil {
 			return nil, fmt.Errorf("error fetching Gitea token: %v", err)
@@ -136,9 +100,6 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
 		}
 	} else if providerConfig.BitbucketServer != nil {
 		providerConfig := providerConfig.BitbucketServer
-		if !ScmProviderAllowed(applicationSetInfo, providerConfig.API, g.allowedSCMProviders) {
-			return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.API)
-		}
 		var scmError error
 		if providerConfig.BasicAuth != nil {
 			password, err := g.getSecretRef(ctx, providerConfig.BasicAuth.PasswordRef, applicationSetInfo.Namespace)
@@ -153,9 +114,6 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
 			return nil, fmt.Errorf("error initializing Bitbucket Server service: %v", scmError)
 		}
 	} else if providerConfig.AzureDevOps != nil {
-		if !ScmProviderAllowed(applicationSetInfo, providerConfig.AzureDevOps.API, g.allowedSCMProviders) {
-			return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.AzureDevOps.API)
-		}
 		token, err := g.getSecretRef(ctx, providerConfig.AzureDevOps.AccessTokenRef, applicationSetInfo.Namespace)
 		if err != nil {
 			return nil, fmt.Errorf("error fetching Azure Devops access token: %v", err)
@@ -173,12 +131,6 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
 		if err != nil {
 			return nil, fmt.Errorf("error initializing Bitbucket cloud service: %v", err)
 		}
-	} else if providerConfig.AWSCodeCommit != nil {
-		var awsErr error
-		provider, awsErr = scm_provider.NewAWSCodeCommitProvider(ctx, providerConfig.AWSCodeCommit.TagFilters, providerConfig.AWSCodeCommit.Role, providerConfig.AWSCodeCommit.Region, providerConfig.AWSCodeCommit.AllBranches)
-		if awsErr != nil {
-			return nil, fmt.Errorf("error initializing AWS codecommit service: %v", awsErr)
-		}
 	} else {
 		return nil, fmt.Errorf("no SCM provider implementation configured")
 	}
@@ -188,40 +140,26 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
 	if err != nil {
 		return nil, fmt.Errorf("error listing repos: %v", err)
 	}
-	paramsArray := make([]map[string]interface{}, 0, len(repos))
+	params := make([]map[string]interface{}, 0, len(repos))
 	var shortSHALength int
-	var shortSHALength7 int
 	for _, repo := range repos {
 		shortSHALength = 8
 		if len(repo.SHA) < 8 {
 			shortSHALength = len(repo.SHA)
 		}
 
-		shortSHALength7 = 7
-		if len(repo.SHA) < 7 {
-			shortSHALength7 = len(repo.SHA)
-		}
-
-		params := map[string]interface{}{
+		params = append(params, map[string]interface{}{
 			"organization":     repo.Organization,
 			"repository":       repo.Repository,
 			"url":              repo.URL,
 			"branch":           repo.Branch,
 			"sha":              repo.SHA,
 			"short_sha":        repo.SHA[:shortSHALength],
-			"short_sha_7":      repo.SHA[:shortSHALength7],
 			"labels":           strings.Join(repo.Labels, ","),
 			"branchNormalized": utils.SanitizeName(repo.Branch),
-		}
-
-		err := appendTemplatedValues(appSetGenerator.SCMProvider.Values, params, applicationSetInfo.Spec.GoTemplate, applicationSetInfo.Spec.GoTemplateOptions)
-		if err != nil {
-			return nil, fmt.Errorf("failed to append templated values: %w", err)
-		}
-
-		paramsArray = append(paramsArray, params)
+		})
 	}
-	return paramsArray, nil
+	return params, nil
 }
 
 func (g *SCMProviderGenerator) getSecretRef(ctx context.Context, ref *argoprojiov1alpha1.SecretRef, namespace string) (string, error) {

applicationset/generators/scm_provider_test.go

@@ -80,209 +80,38 @@ func TestSCMProviderGetSecretRef(t *testing.T) {
 }
 
 func TestSCMProviderGenerateParams(t *testing.T) {
-	cases := []struct {
-		name          string
-		repos         []*scm_provider.Repository
-		values        map[string]string
-		expected      []map[string]interface{}
-		expectedError error
-	}{
-		{
-			name: "Multiple repos with labels",
-			repos: []*scm_provider.Repository{
-				{
-					Organization: "myorg",
-					Repository:   "repo1",
-					URL:          "git@github.com:myorg/repo1.git",
-					Branch:       "main",
-					SHA:          "0bc57212c3cbbec69d20b34c507284bd300def5b",
-					Labels:       []string{"prod", "staging"},
-				},
-				{
-					Organization: "myorg",
-					Repository:   "repo2",
-					URL:          "git@github.com:myorg/repo2.git",
-					Branch:       "main",
-					SHA:          "59d0",
-				},
+	mockProvider := &scm_provider.MockProvider{
+		Repos: []*scm_provider.Repository{
+			{
+				Organization: "myorg",
+				Repository:   "repo1",
+				URL:          "git@github.com:myorg/repo1.git",
+				Branch:       "main",
+				SHA:          "0bc57212c3cbbec69d20b34c507284bd300def5b",
+				Labels:       []string{"prod", "staging"},
 			},
-			expected: []map[string]interface{}{
-				{
-					"organization": "myorg",
-					"repository": "repo1",
-					"url": "git@github.com:myorg/repo1.git",
-					"branch": "main",
-					"branchNormalized": "main",
-					"sha": "0bc57212c3cbbec69d20b34c507284bd300def5b",
-					"short_sha": "0bc57212",
-					"short_sha_7": "0bc5721",
-					"labels": "prod,staging",
-				},
-				{
-					"organization": "myorg",
-					"repository": "repo2",
-					"url": "git@github.com:myorg/repo2.git",
-					"branch": "main",
-					"branchNormalized": "main",
-					"sha": "59d0",
-					"short_sha": "59d0",
-					"short_sha_7": "59d0",
-					"labels": "",
-				},
-			},
-		},
-		{
-			name: "Value interpolation",
-			repos: []*scm_provider.Repository{
-				{
-					Organization: "myorg",
-					Repository:   "repo3",
-					URL:          "git@github.com:myorg/repo3.git",
-					Branch:       "main",
-					SHA:          "0bc57212c3cbbec69d20b34c507284bd300def5b",
-					Labels:       []string{"prod", "staging"},
-				},
-			},
-			values: map[string]string{
-				"foo":                    "bar",
-				"should_i_force_push_to": "{{ branch }}?",
-			},
-			expected: []map[string]interface{}{
-				{
-					"organization":                  "myorg",
-					"repository":                    "repo3",
-					"url":                           "git@github.com:myorg/repo3.git",
-					"branch":                        "main",
-					"branchNormalized":              "main",
-					"sha":                           "0bc57212c3cbbec69d20b34c507284bd300def5b",
-					"short_sha":                     "0bc57212",
-					"short_sha_7":                   "0bc5721",
-					"labels":                        "prod,staging",
-					"values.foo":                    "bar",
-					"values.should_i_force_push_to": "main?",
-				},
+			{
+				Organization: "myorg",
+				Repository:   "repo2",
+				URL:          "git@github.com:myorg/repo2.git",
+				Branch:       "main",
+				SHA:          "59d0",
 			},
 		},
 	}
-
-	for _, testCase := range cases {
-		testCaseCopy := testCase
-
-		t.Run(testCaseCopy.name, func(t *testing.T) {
-			t.Parallel()
-
-			mockProvider := &scm_provider.MockProvider{
-				Repos: testCaseCopy.repos,
-			}
-			scmGenerator := &SCMProviderGenerator{overrideProvider: mockProvider}
-			applicationSetInfo := argoprojiov1alpha1.ApplicationSet{
-				ObjectMeta: metav1.ObjectMeta{
-					Name: "set",
-				},
-				Spec: argoprojiov1alpha1.ApplicationSetSpec{
-					Generators: []argoprojiov1alpha1.ApplicationSetGenerator{{
-						SCMProvider: &argoprojiov1alpha1.SCMProviderGenerator{
-							Values: testCaseCopy.values,
-						},
-					}},
-				},
-			}
-
-			got, err := scmGenerator.GenerateParams(&applicationSetInfo.Spec.Generators[0], &applicationSetInfo)
-
-			if testCaseCopy.expectedError != nil {
-				assert.EqualError(t, err, testCaseCopy.expectedError.Error())
-			} else {
-				assert.NoError(t, err)
-				assert.Equal(t, testCaseCopy.expected, got)
-			}
-
-		})
-	}
-}
-
-func TestAllowedSCMProvider(t *testing.T) {
-	cases := []struct {
-		name           string
-		providerConfig *argoprojiov1alpha1.SCMProviderGenerator
-		expectedError  string
-	}{
-		{
-			name: "Error Github",
-			providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{
-				Github: &argoprojiov1alpha1.SCMProviderGeneratorGithub{
-					API: "https://myservice.mynamespace.svc.cluster.local",
-				},
-			},
-			expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local",
-		},
-		{
-			name: "Error Gitlab",
-			providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{
-				Gitlab: &argoprojiov1alpha1.SCMProviderGeneratorGitlab{
-					API: "https://myservice.mynamespace.svc.cluster.local",
-				},
-			},
-			expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local",
-		},
-		{
-			name: "Error Gitea",
-			providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{
-				Gitea: &argoprojiov1alpha1.SCMProviderGeneratorGitea{
-					API: "https://myservice.mynamespace.svc.cluster.local",
-				},
-			},
-			expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local",
-		},
-		{
-			name: "Error Bitbucket",
-			providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{
-				BitbucketServer: &argoprojiov1alpha1.SCMProviderGeneratorBitbucketServer{
-					API: "https://myservice.mynamespace.svc.cluster.local",
-				},
-			},
-			expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local",
-		},
-		{
-			name: "Error AzureDevops",
-			providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{
-				AzureDevOps: &argoprojiov1alpha1.SCMProviderGeneratorAzureDevOps{
-					API: "https://myservice.mynamespace.svc.cluster.local",
-				},
-			},
-			expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local",
-		},
-	}
-
-	for _, testCase := range cases {
-		testCaseCopy := testCase
-
-		t.Run(testCaseCopy.name, func(t *testing.T) {
-			t.Parallel()
-
-			scmGenerator := &SCMProviderGenerator{allowedSCMProviders: []string{
-				"github.myorg.com",
-				"gitlab.myorg.com",
-				"gitea.myorg.com",
-				"bitbucket.myorg.com",
-				"azuredevops.myorg.com",
-			}}
-
-			applicationSetInfo := argoprojiov1alpha1.ApplicationSet{
-				ObjectMeta: metav1.ObjectMeta{
-					Name: "set",
-				},
-				Spec: argoprojiov1alpha1.ApplicationSetSpec{
-					Generators: []argoprojiov1alpha1.ApplicationSetGenerator{{
-						SCMProvider: testCaseCopy.providerConfig,
-					}},
-				},
-			}
-
-			_, err := scmGenerator.GenerateParams(&applicationSetInfo.Spec.Generators[0], &applicationSetInfo)
-
-			assert.Error(t, err, "Must return an error")
-			assert.Equal(t, testCaseCopy.expectedError, err.Error())
-		})
-	}
+	gen := &SCMProviderGenerator{overrideProvider: mockProvider}
+	params, err := gen.GenerateParams(&argoprojiov1alpha1.ApplicationSetGenerator{
+		SCMProvider: &argoprojiov1alpha1.SCMProviderGenerator{},
+	}, nil)
+	assert.Nil(t, err)
+	assert.Len(t, params, 2)
+	assert.Equal(t, "myorg", params[0]["organization"])
+	assert.Equal(t, "repo1", params[0]["repository"])
+	assert.Equal(t, "git@github.com:myorg/repo1.git", params[0]["url"])
+	assert.Equal(t, "main", params[0]["branch"])
+	assert.Equal(t, "0bc57212c3cbbec69d20b34c507284bd300def5b", params[0]["sha"])
+	assert.Equal(t, "0bc57212", params[0]["short_sha"])
+	assert.Equal(t, "59d0", params[1]["short_sha"])
+	assert.Equal(t, "prod,staging", params[0]["labels"])
+	assert.Equal(t, "repo2", params[1]["repository"])
 }

applicationset/generators/value_interpolation.go

@@ -1,43 +0,0 @@
-package generators
-
-import (
-	"fmt"
-)
-
-func appendTemplatedValues(values map[string]string, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) error {
-	// We create a local map to ensure that we do not fall victim to a billion-laughs attack. We iterate through the
-	// cluster values map and only replace values in said map if it has already been allowlisted in the params map.
-	// Once we iterate through all the cluster values we can then safely merge the `tmp` map into the main params map.
-	tmp := map[string]interface{}{}
-
-	for key, value := range values {
-		result, err := replaceTemplatedString(value, params, useGoTemplate, goTemplateOptions)
-
-		if err != nil {
-			return fmt.Errorf("failed to replace templated string: %w", err)
-		}
-
-		if useGoTemplate {
-			if tmp["values"] == nil {
-				tmp["values"] = map[string]string{}
-			}
-			tmp["values"].(map[string]string)[key] = result
-		} else {
-			tmp[fmt.Sprintf("values.%s", key)] = result
-		}
-	}
-
-	for key, value := range tmp {
-		params[key] = value
-	}
-
-	return nil
-}
-
-func replaceTemplatedString(value string, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (string, error) {
-	replacedTmplStr, err := render.Replace(value, params, useGoTemplate, goTemplateOptions)
-	if err != nil {
-		return "", fmt.Errorf("failed to replace templated string with rendered values: %w", err)
-	}
-	return replacedTmplStr, nil
-}

applicationset/generators/value_interpolation_test.go

@@ -1,125 +0,0 @@
-package generators
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestValueInterpolation(t *testing.T) {
-	testCases := []struct {
-		name     string
-		values   map[string]string
-		params   map[string]interface{}
-		expected map[string]interface{}
-	}{
-		{
-			name: "Simple interpolation",
-			values: map[string]string{
-				"hello": "{{ world }}",
-			},
-			params: map[string]interface{}{
-				"world": "world!",
-			},
-			expected: map[string]interface{}{
-				"world":        "world!",
-				"values.hello": "world!",
-			},
-		},
-		{
-			name: "Non-existent",
-			values: map[string]string{
-				"non-existent": "{{ non-existent }}",
-			},
-			params: map[string]interface{}{},
-			expected: map[string]interface{}{
-				"values.non-existent": "{{ non-existent }}",
-			},
-		},
-		{
-			name: "Billion laughs",
-			values: map[string]string{
-				"lol1": "lol",
-				"lol2": "{{values.lol1}}{{values.lol1}}",
-				"lol3": "{{values.lol2}}{{values.lol2}}{{values.lol2}}",
-			},
-			params: map[string]interface{}{},
-			expected: map[string]interface{}{
-				"values.lol1": "lol",
-				"values.lol2": "{{values.lol1}}{{values.lol1}}",
-				"values.lol3": "{{values.lol2}}{{values.lol2}}{{values.lol2}}",
-			},
-		},
-	}
-
-	for _, testCase := range testCases {
-
-		t.Run(testCase.name, func(t *testing.T) {
-			err := appendTemplatedValues(testCase.values, testCase.params, false, nil)
-			assert.NoError(t, err)
-			assert.EqualValues(t, testCase.expected, testCase.params)
-		})
-	}
-}
-
-func TestValueInterpolationWithGoTemplating(t *testing.T) {
-	testCases := []struct {
-		name     string
-		values   map[string]string
-		params   map[string]interface{}
-		expected map[string]interface{}
-	}{
-		{
-			name: "Simple interpolation",
-			values: map[string]string{
-				"hello": "{{ .world }}",
-			},
-			params: map[string]interface{}{
-				"world": "world!",
-			},
-			expected: map[string]interface{}{
-				"world": "world!",
-				"values": map[string]string{
-					"hello": "world!",
-				},
-			},
-		},
-		{
-			name: "Non-existent to default",
-			values: map[string]string{
-				"non_existent": "{{ default \"bar\" .non_existent }}",
-			},
-			params: map[string]interface{}{},
-			expected: map[string]interface{}{
-				"values": map[string]string{
-					"non_existent": "bar",
-				},
-			},
-		},
-		{
-			name: "Billion laughs",
-			values: map[string]string{
-				"lol1": "lol",
-				"lol2": "{{.values.lol1}}{{.values.lol1}}",
-				"lol3": "{{.values.lol2}}{{.values.lol2}}{{.values.lol2}}",
-			},
-			params: map[string]interface{}{},
-			expected: map[string]interface{}{
-				"values": map[string]string{
-					"lol1": "lol",
-					"lol2": "<no value><no value>",
-					"lol3": "<no value><no value><no value>",
-				},
-			},
-		},
-	}
-
-	for _, testCase := range testCases {
-
-		t.Run(testCase.name, func(t *testing.T) {
-			err := appendTemplatedValues(testCase.values, testCase.params, true, nil)
-			assert.NoError(t, err)
-			assert.EqualValues(t, testCase.expected, testCase.params)
-		})
-	}
-}

applicationset/services/internal/http/client.go

@@ -1,161 +0,0 @@
-package http
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"io"
-	"net/http"
-	"strings"
-	"time"
-)
-
-const (
-	userAgent      = "argocd-applicationset"
-	defaultTimeout = 30
-)
-
-type Client struct {
-	// URL is the URL used for API requests.
-	baseURL string
-
-	// UserAgent is the user agent to include in HTTP requests.
-	UserAgent string
-
-	// Token is used to make authenticated API calls.
-	token string
-
-	// Client is an HTTP client used to communicate with the API.
-	client *http.Client
-}
-
-type ErrorResponse struct {
-	Body     []byte
-	Response *http.Response
-	Message  string
-}
-
-func NewClient(baseURL string, options ...ClientOptionFunc) (*Client, error) {
-	client, err := newClient(baseURL, options...)
-	if err != nil {
-		return nil, err
-	}
-	return client, nil
-}
-
-func newClient(baseURL string, options ...ClientOptionFunc) (*Client, error) {
-	c := &Client{baseURL: baseURL, UserAgent: userAgent}
-
-	// Configure the HTTP client.
-	c.client = &http.Client{
-		Timeout: time.Duration(defaultTimeout) * time.Second,
-	}
-
-	// Apply any given client options.
-	for _, fn := range options {
-		if fn == nil {
-			continue
-		}
-		if err := fn(c); err != nil {
-			return nil, err
-		}
-	}
-
-	return c, nil
-}
-
-func (c *Client) NewRequest(method, path string, body interface{}, options []ClientOptionFunc) (*http.Request, error) {
-
-	// Make sure the given URL end with a slash
-	if !strings.HasSuffix(c.baseURL, "/") {
-		c.baseURL += "/"
-	}
-
-	var buf io.ReadWriter
-	if body != nil {
-		buf = &bytes.Buffer{}
-		enc := json.NewEncoder(buf)
-		enc.SetEscapeHTML(false)
-		err := enc.Encode(body)
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	req, err := http.NewRequest(method, c.baseURL+path, buf)
-	if err != nil {
-		return nil, err
-	}
-
-	if body != nil {
-		req.Header.Set("Content-Type", "application/json")
-	}
-
-	if len(c.token) != 0 {
-		req.Header.Set("Authorization", "Bearer "+c.token)
-	}
-
-	if c.UserAgent != "" {
-		req.Header.Set("User-Agent", c.UserAgent)
-	}
-
-	return req, nil
-}
-
-func (c *Client) Do(ctx context.Context, req *http.Request, v interface{}) (*http.Response, error) {
-	resp, err := c.client.Do(req)
-	if err != nil {
-		return nil, err
-	}
-
-	defer resp.Body.Close()
-
-	if err := CheckResponse(resp); err != nil {
-		return resp, err
-	}
-
-	switch v := v.(type) {
-	case nil:
-	case io.Writer:
-		_, err = io.Copy(v, resp.Body)
-	default:
-		buf := new(bytes.Buffer)
-		teeReader := io.TeeReader(resp.Body, buf)
-		decErr := json.NewDecoder(teeReader).Decode(v)
-		if decErr == io.EOF {
-			decErr = nil // ignore EOF errors caused by empty response body
-		}
-		if decErr != nil {
-			err = fmt.Errorf("%s: %s", decErr.Error(), buf.String())
-		}
-	}
-	return resp, err
-}
-
-// CheckResponse checks the API response for errors, and returns them if present.
-func CheckResponse(resp *http.Response) error {
-
-	if c := resp.StatusCode; 200 <= c && c <= 299 {
-		return nil
-	}
-
-	data, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return fmt.Errorf("API error with status code %d: %v", resp.StatusCode, err)
-	}
-
-	var raw map[string]interface{}
-	if err := json.Unmarshal(data, &raw); err != nil {
-		return fmt.Errorf("API error with status code %d: %s", resp.StatusCode, string(data))
-	}
-
-	message := ""
-	if value, ok := raw["message"].(string); ok {
-		message = value
-	} else if value, ok := raw["error"].(string); ok {
-		message = value
-	}
-
-	return fmt.Errorf("API error with status code %d: %s", resp.StatusCode, message)
-}

applicationset/services/internal/http/client_options.go

@@ -1,22 +0,0 @@
-package http
-
-import "time"
-
-// ClientOptionFunc can be used to customize a new Restful API client.
-type ClientOptionFunc func(*Client) error
-
-// WithToken is an option for NewClient to set token
-func WithToken(token string) ClientOptionFunc {
-	return func(c *Client) error {
-		c.token = token
-		return nil
-	}
-}
-
-// WithTimeout can be used to configure a custom timeout for requests.
-func WithTimeout(timeout int) ClientOptionFunc {
-	return func(c *Client) error {
-		c.client.Timeout = time.Duration(timeout) * time.Second
-		return nil
-	}
-}

applicationset/services/internal/http/client_test.go

@@ -1,163 +0,0 @@
-package http
-
-import (
-	"bytes"
-	"context"
-	"fmt"
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestClient(t *testing.T) {
-	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.WriteHeader(http.StatusOK)
-		_, err := w.Write([]byte("Hello, World!"))
-		if err != nil {
-			assert.NoError(t, fmt.Errorf("Error Write %v", err))
-		}
-	}))
-	defer server.Close()
-
-	var clientOptionFns []ClientOptionFunc
-	_, err := NewClient(server.URL, clientOptionFns...)
-
-	if err != nil {
-		t.Fatalf("Failed to create client: %v", err)
-	}
-}
-
-func TestClientDo(t *testing.T) {
-	ctx := context.Background()
-
-	for _, c := range []struct {
-		name            string
-		params          map[string]string
-		content         []byte
-		fakeServer      *httptest.Server
-		clientOptionFns []ClientOptionFunc
-		expected        []map[string]interface{}
-		expectedCode    int
-		expectedError   error
-	}{
-		{
-			name: "Simple",
-			params: map[string]string{
-				"pkey1": "val1",
-				"pkey2": "val2",
-			},
-			fakeServer: httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-				w.WriteHeader(http.StatusOK)
-				_, err := w.Write([]byte(`[{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-				 }]`))
-				if err != nil {
-					assert.NoError(t, fmt.Errorf("Error Write %v", err))
-				}
-			})),
-			clientOptionFns: nil,
-			expected: []map[string]interface{}{
-				{
-					"key1": "val1",
-					"key2": map[string]interface{}{
-						"key2_1": "val2_1",
-						"key2_2": map[string]interface{}{
-							"key2_2_1": "val2_2_1",
-						},
-					},
-					"key3": float64(123),
-				},
-			},
-			expectedCode:  200,
-			expectedError: nil,
-		},
-		{
-			name: "With Token",
-			params: map[string]string{
-				"pkey1": "val1",
-				"pkey2": "val2",
-			},
-			fakeServer: httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-				authHeader := r.Header.Get("Authorization")
-				if authHeader != "Bearer "+string("test-token") {
-					w.WriteHeader(http.StatusUnauthorized)
-					return
-				}
-				w.WriteHeader(http.StatusOK)
-				_, err := w.Write([]byte(`[{
-					"key1": "val1",
-					"key2": {
-						"key2_1": "val2_1",
-						"key2_2": {
-							"key2_2_1": "val2_2_1"
-						}
-					},
-					"key3": 123
-				 }]`))
-				if err != nil {
-					assert.NoError(t, fmt.Errorf("Error Write %v", err))
-				}
-			})),
-			clientOptionFns: nil,
-			expected:        []map[string]interface{}(nil),
-			expectedCode:    401,
-			expectedError:   fmt.Errorf("API error with status code 401: "),
-		},
-	} {
-		cc := c
-		t.Run(cc.name, func(t *testing.T) {
-			defer cc.fakeServer.Close()
-
-			client, err := NewClient(cc.fakeServer.URL, cc.clientOptionFns...)
-
-			if err != nil {
-				t.Fatalf("NewClient returned unexpected error: %v", err)
-			}
-
-			req, err := client.NewRequest("POST", "", cc.params, nil)
-
-			if err != nil {
-				t.Fatalf("NewRequest returned unexpected error: %v", err)
-			}
-
-			var data []map[string]interface{}
-
-			resp, err := client.Do(ctx, req, &data)
-
-			if cc.expectedError != nil {
-				assert.EqualError(t, err, cc.expectedError.Error())
-			} else {
-				assert.Equal(t, resp.StatusCode, cc.expectedCode)
-				assert.Equal(t, data, cc.expected)
-				assert.NoError(t, err)
-			}
-		})
-	}
-}
-
-func TestCheckResponse(t *testing.T) {
-	resp := &http.Response{
-		StatusCode: http.StatusBadRequest,
-		Body:       io.NopCloser(bytes.NewBufferString(`{"error":"invalid_request","description":"Invalid token"}`)),
-	}
-
-	err := CheckResponse(resp)
-	if err == nil {
-		t.Error("Expected an error, got nil")
-	}
-
-	expected := "API error with status code 400: invalid_request"
-	if err.Error() != expected {
-		t.Errorf("Expected error '%s', got '%s'", expected, err.Error())
-	}
-}

applicationset/services/mocks/Repos.go

@@ -1,81 +0,0 @@
-// Code generated by mockery v2.25.1. DO NOT EDIT.
-
-package mocks
-
-import (
-	context "context"
-
-	mock "github.com/stretchr/testify/mock"
-)
-
-// Repos is an autogenerated mock type for the Repos type
-type Repos struct {
-	mock.Mock
-}
-
-// GetDirectories provides a mock function with given fields: ctx, repoURL, revision
-func (_m *Repos) GetDirectories(ctx context.Context, repoURL string, revision string) ([]string, error) {
-	ret := _m.Called(ctx, repoURL, revision)
-
-	var r0 []string
-	var r1 error
-	if rf, ok := ret.Get(0).(func(context.Context, string, string) ([]string, error)); ok {
-		return rf(ctx, repoURL, revision)
-	}
-	if rf, ok := ret.Get(0).(func(context.Context, string, string) []string); ok {
-		r0 = rf(ctx, repoURL, revision)
-	} else {
-		if ret.Get(0) != nil {
-			r0 = ret.Get(0).([]string)
-		}
-	}
-
-	if rf, ok := ret.Get(1).(func(context.Context, string, string) error); ok {
-		r1 = rf(ctx, repoURL, revision)
-	} else {
-		r1 = ret.Error(1)
-	}
-
-	return r0, r1
-}
-
-// GetFiles provides a mock function with given fields: ctx, repoURL, revision, pattern
-func (_m *Repos) GetFiles(ctx context.Context, repoURL string, revision string, pattern string) (map[string][]byte, error) {
-	ret := _m.Called(ctx, repoURL, revision, pattern)
-
-	var r0 map[string][]byte
-	var r1 error
-	if rf, ok := ret.Get(0).(func(context.Context, string, string, string) (map[string][]byte, error)); ok {
-		return rf(ctx, repoURL, revision, pattern)
-	}
-	if rf, ok := ret.Get(0).(func(context.Context, string, string, string) map[string][]byte); ok {
-		r0 = rf(ctx, repoURL, revision, pattern)
-	} else {
-		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(map[string][]byte)
-		}
-	}
-
-	if rf, ok := ret.Get(1).(func(context.Context, string, string, string) error); ok {
-		r1 = rf(ctx, repoURL, revision, pattern)
-	} else {
-		r1 = ret.Error(1)
-	}
-
-	return r0, r1
-}
-
-type mockConstructorTestingTNewRepos interface {
-	mock.TestingT
-	Cleanup(func())
-}
-
-// NewRepos creates a new instance of Repos. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
-func NewRepos(t mockConstructorTestingTNewRepos) *Repos {
-	mock := &Repos{}
-	mock.Mock.Test(t)
-
-	t.Cleanup(func() { mock.AssertExpectations(t) })
-
-	return mock
-}

applicationset/services/mocks/RepositoryDB.go

@@ -1,57 +0,0 @@
-// Code generated by mockery v2.21.1. DO NOT EDIT.
-
-package mocks
-
-import (
-	context "context"
-
-	mock "github.com/stretchr/testify/mock"
-
-	v1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-)
-
-// RepositoryDB is an autogenerated mock type for the RepositoryDB type
-type RepositoryDB struct {
-	mock.Mock
-}
-
-// GetRepository provides a mock function with given fields: ctx, url
-func (_m *RepositoryDB) GetRepository(ctx context.Context, url string) (*v1alpha1.Repository, error) {
-	ret := _m.Called(ctx, url)
-
-	var r0 *v1alpha1.Repository
-	var r1 error
-	if rf, ok := ret.Get(0).(func(context.Context, string) (*v1alpha1.Repository, error)); ok {
-		return rf(ctx, url)
-	}
-	if rf, ok := ret.Get(0).(func(context.Context, string) *v1alpha1.Repository); ok {
-		r0 = rf(ctx, url)
-	} else {
-		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*v1alpha1.Repository)
-		}
-	}
-
-	if rf, ok := ret.Get(1).(func(context.Context, string) error); ok {
-		r1 = rf(ctx, url)
-	} else {
-		r1 = ret.Error(1)
-	}
-
-	return r0, r1
-}
-
-type mockConstructorTestingTNewRepositoryDB interface {
-	mock.TestingT
-	Cleanup(func())
-}
-
-// NewRepositoryDB creates a new instance of RepositoryDB. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
-func NewRepositoryDB(t mockConstructorTestingTNewRepositoryDB) *RepositoryDB {
-	mock := &RepositoryDB{}
-	mock.Mock.Test(t)
-
-	t.Cleanup(func() { mock.AssertExpectations(t) })
-
-	return mock
-}

applicationset/services/plugin/plugin_service.go

@@ -1,73 +0,0 @@
-package plugin
-
-import (
-	"context"
-	"fmt"
-	"net/http"
-
-	internalhttp "github.com/argoproj/argo-cd/v2/applicationset/services/internal/http"
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-)
-
-// ServiceRequest is the request object sent to the plugin service.
-type ServiceRequest struct {
-	// ApplicationSetName is the appSetName of the ApplicationSet for which we're requesting parameters. Useful for logging in
-	// the plugin service.
-	ApplicationSetName string `json:"applicationSetName"`
-	// Input is the map of parameters set in the ApplicationSet spec for this generator.
-	Input v1alpha1.PluginInput `json:"input"`
-}
-
-type Output struct {
-	// Parameters is the list of parameter sets returned by the plugin.
-	Parameters []map[string]interface{} `json:"parameters"`
-}
-
-// ServiceResponse is the response object returned by the plugin service.
-type ServiceResponse struct {
-	// Output is the map of outputs returned by the plugin.
-	Output Output `json:"output"`
-}
-
-type Service struct {
-	client     *internalhttp.Client
-	appSetName string
-}
-
-func NewPluginService(ctx context.Context, appSetName string, baseURL string, token string, requestTimeout int) (*Service, error) {
-	var clientOptionFns []internalhttp.ClientOptionFunc
-
-	clientOptionFns = append(clientOptionFns, internalhttp.WithToken(token))
-
-	if requestTimeout != 0 {
-		clientOptionFns = append(clientOptionFns, internalhttp.WithTimeout(requestTimeout))
-	}
-
-	client, err := internalhttp.NewClient(baseURL, clientOptionFns...)
-	if err != nil {
-		return nil, fmt.Errorf("error creating plugin client: %v", err)
-	}
-
-	return &Service{
-		client:     client,
-		appSetName: appSetName,
-	}, nil
-}
-
-func (p *Service) List(ctx context.Context, parameters v1alpha1.PluginParameters) (*ServiceResponse, error) {
-	req, err := p.client.NewRequest(http.MethodPost, "api/v1/getparams.execute", ServiceRequest{ApplicationSetName: p.appSetName, Input: v1alpha1.PluginInput{Parameters: parameters}}, nil)
-
-	if err != nil {
-		return nil, fmt.Errorf("NewRequest returned unexpected error: %v", err)
-	}
-
-	var data ServiceResponse
-
-	_, err = p.client.Do(ctx, req, &data)
-
-	if err != nil {
-		return nil, fmt.Errorf("error get api '%s': %v", p.appSetName, err)
-	}
-
-	return &data, err
-}

applicationset/services/plugin/plugin_service_test.go

@@ -1,52 +0,0 @@
-package plugin
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestPlugin(t *testing.T) {
-	expectedJSON := `{"parameters": [{"number":123,"digest":"sha256:942ae2dfd73088b54d7151a3c3fd5af038a51c50029bfcfd21f1e650d9579967"},{"number":456,"digest":"sha256:224e68cc69566e5cbbb76034b3c42cd2ed57c1a66720396e1c257794cb7d68c1"}]}`
-	token := "0bc57212c3cbbec69d20b34c507284bd300def5b"
-
-	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Content-Type", "application/json")
-		authHeader := r.Header.Get("Authorization")
-		if authHeader != "Bearer "+token {
-			w.WriteHeader(http.StatusUnauthorized)
-			return
-		}
-		_, err := w.Write([]byte(expectedJSON))
-
-		if err != nil {
-			assert.NoError(t, fmt.Errorf("Error Write %v", err))
-		}
-	})
-	ts := httptest.NewServer(handler)
-	defer ts.Close()
-
-	client, err := NewPluginService(context.Background(), "plugin-test", ts.URL, token, 0)
-
-	if err != nil {
-		t.Errorf("unexpected error: %v", err)
-	}
-
-	data, err := client.List(context.Background(), nil)
-
-	if err != nil {
-		t.Errorf("unexpected error: %v", err)
-	}
-
-	var expectedData ServiceResponse
-	err = json.Unmarshal([]byte(expectedJSON), &expectedData)
-	if err != nil {
-		t.Fatal(err)
-	}
-	assert.Equal(t, &expectedData, data)
-}

applicationset/services/plugin/utils.go

@@ -1,21 +0,0 @@
-package plugin
-
-import (
-	"fmt"
-	"strings"
-
-	"github.com/argoproj/argo-cd/v2/common"
-)
-
-// ParseSecretKey retrieves secret appSetName if different from common ArgoCDSecretName.
-func ParseSecretKey(key string) (secretName string, tokenKey string) {
-	if strings.Contains(key, ":") {
-		parts := strings.Split(key, ":")
-		secretName = parts[0][1:]
-		tokenKey = fmt.Sprintf("$%s", parts[1])
-	} else {
-		secretName = common.ArgoCDSecretName
-		tokenKey = key
-	}
-	return secretName, tokenKey
-}

applicationset/services/plugin/utils_test.go

@@ -1,17 +0,0 @@
-package plugin
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestParseSecretKey(t *testing.T) {
-	secretName, tokenKey := ParseSecretKey("#my-secret:my-token")
-	assert.Equal(t, "my-secret", secretName)
-	assert.Equal(t, "$my-token", tokenKey)
-
-	secretName, tokenKey = ParseSecretKey("#my-secret")
-	assert.Equal(t, "argocd-secret", secretName)
-	assert.Equal(t, "#my-secret", tokenKey)
-}

applicationset/services/pull_request/azure_devops.go

@@ -1,145 +0,0 @@
-package pull_request
-
-import (
-	"context"
-	"fmt"
-	"strings"
-
-	"github.com/microsoft/azure-devops-go-api/azuredevops"
-	core "github.com/microsoft/azure-devops-go-api/azuredevops/core"
-	git "github.com/microsoft/azure-devops-go-api/azuredevops/git"
-)
-
-const AZURE_DEVOPS_DEFAULT_URL = "https://dev.azure.com"
-
-type AzureDevOpsClientFactory interface {
-	// Returns an Azure Devops Client interface.
-	GetClient(ctx context.Context) (git.Client, error)
-}
-
-type devopsFactoryImpl struct {
-	connection *azuredevops.Connection
-}
-
-func (factory *devopsFactoryImpl) GetClient(ctx context.Context) (git.Client, error) {
-	gitClient, err := git.NewClient(ctx, factory.connection)
-	if err != nil {
-		return nil, fmt.Errorf("failed to get new Azure DevOps git client for pull request generator: %w", err)
-	}
-	return gitClient, nil
-}
-
-type AzureDevOpsService struct {
-	clientFactory AzureDevOpsClientFactory
-	project       string
-	repo          string
-	labels        []string
-}
-
-var _ PullRequestService = (*AzureDevOpsService)(nil)
-var _ AzureDevOpsClientFactory = &devopsFactoryImpl{}
-
-func NewAzureDevOpsService(ctx context.Context, token, url, organization, project, repo string, labels []string) (PullRequestService, error) {
-	organizationUrl := buildURL(url, organization)
-
-	var connection *azuredevops.Connection
-	if token == "" {
-		connection = azuredevops.NewAnonymousConnection(organizationUrl)
-	} else {
-		connection = azuredevops.NewPatConnection(organizationUrl, token)
-	}
-
-	return &AzureDevOpsService{
-		clientFactory: &devopsFactoryImpl{connection: connection},
-		project:       project,
-		repo:          repo,
-		labels:        labels,
-	}, nil
-}
-
-func (a *AzureDevOpsService) List(ctx context.Context) ([]*PullRequest, error) {
-	client, err := a.clientFactory.GetClient(ctx)
-	if err != nil {
-		return nil, fmt.Errorf("failed to get Azure DevOps client: %w", err)
-	}
-
-	args := git.GetPullRequestsByProjectArgs{
-		Project:        &a.project,
-		SearchCriteria: &git.GitPullRequestSearchCriteria{},
-	}
-
-	azurePullRequests, err := client.GetPullRequestsByProject(ctx, args)
-	if err != nil {
-		return nil, fmt.Errorf("failed to get pull requests by project: %w", err)
-	}
-
-	pullRequests := []*PullRequest{}
-
-	for _, pr := range *azurePullRequests {
-		if pr.Repository == nil ||
-			pr.Repository.Name == nil ||
-			pr.PullRequestId == nil ||
-			pr.SourceRefName == nil ||
-			pr.LastMergeSourceCommit == nil ||
-			pr.LastMergeSourceCommit.CommitId == nil {
-			continue
-		}
-
-		azureDevOpsLabels := convertLabels(pr.Labels)
-		if !containAzureDevOpsLabels(a.labels, azureDevOpsLabels) {
-			continue
-		}
-
-		if *pr.Repository.Name == a.repo {
-			pullRequests = append(pullRequests, &PullRequest{
-				Number:  *pr.PullRequestId,
-				Branch:  strings.Replace(*pr.SourceRefName, "refs/heads/", "", 1),
-				HeadSHA: *pr.LastMergeSourceCommit.CommitId,
-				Labels:  azureDevOpsLabels,
-			})
-		}
-	}
-
-	return pullRequests, nil
-}
-
-// convertLabels converts WebApiTagDefinitions to strings
-func convertLabels(tags *[]core.WebApiTagDefinition) []string {
-	if tags == nil {
-		return []string{}
-	}
-	labelStrings := make([]string, len(*tags))
-	for i, label := range *tags {
-		labelStrings[i] = *label.Name
-	}
-	return labelStrings
-}
-
-// containAzureDevOpsLabels returns true if gotLabels contains expectedLabels
-func containAzureDevOpsLabels(expectedLabels []string, gotLabels []string) bool {
-	for _, expected := range expectedLabels {
-		found := false
-		for _, got := range gotLabels {
-			if expected == got {
-				found = true
-				break
-			}
-		}
-		if !found {
-			return false
-		}
-	}
-	return true
-}
-
-func buildURL(url, organization string) string {
-	if url == "" {
-		url = AZURE_DEVOPS_DEFAULT_URL
-	}
-	separator := ""
-	if !strings.HasSuffix(url, "/") {
-		separator = "/"
-	}
-	devOpsURL := fmt.Sprintf("%s%s%s", url, separator, organization)
-	return devOpsURL
-}

applicationset/services/pull_request/azure_devops_test.go

@@ -1,221 +0,0 @@
-package pull_request
-
-import (
-	"context"
-	"testing"
-
-	"github.com/microsoft/azure-devops-go-api/azuredevops/core"
-	git "github.com/microsoft/azure-devops-go-api/azuredevops/git"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/mock"
-
-	azureMock "github.com/argoproj/argo-cd/v2/applicationset/services/scm_provider/azure_devops/git/mocks"
-)
-
-func createBoolPtr(x bool) *bool {
-	return &x
-}
-
-func createStringPtr(x string) *string {
-	return &x
-}
-
-func createIntPtr(x int) *int {
-	return &x
-}
-
-func createLabelsPtr(x []core.WebApiTagDefinition) *[]core.WebApiTagDefinition {
-	return &x
-}
-
-type AzureClientFactoryMock struct {
-	mock *mock.Mock
-}
-
-func (m *AzureClientFactoryMock) GetClient(ctx context.Context) (git.Client, error) {
-	args := m.mock.Called(ctx)
-
-	var client git.Client
-	c := args.Get(0)
-	if c != nil {
-		client = c.(git.Client)
-	}
-
-	var err error
-	if len(args) > 1 {
-		if e, ok := args.Get(1).(error); ok {
-			err = e
-		}
-	}
-
-	return client, err
-}
-
-func TestListPullRequest(t *testing.T) {
-	teamProject := "myorg_project"
-	repoName := "myorg_project_repo"
-	pr_id := 123
-	pr_head_sha := "cd4973d9d14a08ffe6b641a89a68891d6aac8056"
-	ctx := context.Background()
-
-	pullRequestMock := []git.GitPullRequest{
-		{
-			PullRequestId: createIntPtr(pr_id),
-			SourceRefName: createStringPtr("refs/heads/feature-branch"),
-			LastMergeSourceCommit: &git.GitCommitRef{
-				CommitId: createStringPtr(pr_head_sha),
-			},
-			Labels: &[]core.WebApiTagDefinition{},
-			Repository: &git.GitRepository{
-				Name: createStringPtr(repoName),
-			},
-		},
-	}
-
-	args := git.GetPullRequestsByProjectArgs{
-		Project:        &teamProject,
-		SearchCriteria: &git.GitPullRequestSearchCriteria{},
-	}
-
-	gitClientMock := azureMock.Client{}
-	clientFactoryMock := &AzureClientFactoryMock{mock: &mock.Mock{}}
-	clientFactoryMock.mock.On("GetClient", mock.Anything).Return(&gitClientMock, nil)
-	gitClientMock.On("GetPullRequestsByProject", ctx, args).Return(&pullRequestMock, nil)
-
-	provider := AzureDevOpsService{
-		clientFactory: clientFactoryMock,
-		project:       teamProject,
-		repo:          repoName,
-		labels:        nil,
-	}
-
-	list, err := provider.List(ctx)
-	assert.NoError(t, err)
-	assert.Equal(t, 1, len(list))
-	assert.Equal(t, "feature-branch", list[0].Branch)
-	assert.Equal(t, pr_head_sha, list[0].HeadSHA)
-	assert.Equal(t, pr_id, list[0].Number)
-}
-
-func TestConvertLabes(t *testing.T) {
-	testCases := []struct {
-		name           string
-		gotLabels      *[]core.WebApiTagDefinition
-		expectedLabels []string
-	}{
-		{
-			name:           "empty labels",
-			gotLabels:      createLabelsPtr([]core.WebApiTagDefinition{}),
-			expectedLabels: []string{},
-		},
-		{
-			name:           "nil labels",
-			gotLabels:      createLabelsPtr(nil),
-			expectedLabels: []string{},
-		},
-		{
-			name: "one label",
-			gotLabels: createLabelsPtr([]core.WebApiTagDefinition{
-				{Name: createStringPtr("label1"), Active: createBoolPtr(true)},
-			}),
-			expectedLabels: []string{"label1"},
-		},
-		{
-			name: "two label",
-			gotLabels: createLabelsPtr([]core.WebApiTagDefinition{
-				{Name: createStringPtr("label1"), Active: createBoolPtr(true)},
-				{Name: createStringPtr("label2"), Active: createBoolPtr(true)},
-			}),
-			expectedLabels: []string{"label1", "label2"},
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			got := convertLabels(tc.gotLabels)
-			assert.Equal(t, tc.expectedLabels, got)
-		})
-	}
-}
-
-func TestContainAzureDevOpsLabels(t *testing.T) {
-	testCases := []struct {
-		name           string
-		expectedLabels []string
-		gotLabels      []string
-		expectedResult bool
-	}{
-		{
-			name:           "empty labels",
-			expectedLabels: []string{},
-			gotLabels:      []string{},
-			expectedResult: true,
-		},
-		{
-			name:           "no matching labels",
-			expectedLabels: []string{"label1", "label2"},
-			gotLabels:      []string{"label3", "label4"},
-			expectedResult: false,
-		},
-		{
-			name:           "some matching labels",
-			expectedLabels: []string{"label1", "label2"},
-			gotLabels:      []string{"label1", "label3"},
-			expectedResult: false,
-		},
-		{
-			name:           "all matching labels",
-			expectedLabels: []string{"label1", "label2"},
-			gotLabels:      []string{"label1", "label2"},
-			expectedResult: true,
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			got := containAzureDevOpsLabels(tc.expectedLabels, tc.gotLabels)
-			assert.Equal(t, tc.expectedResult, got)
-		})
-	}
-}
-
-func TestBuildURL(t *testing.T) {
-	testCases := []struct {
-		name         string
-		url          string
-		organization string
-		expected     string
-	}{
-		{
-			name:         "Provided default URL and organization",
-			url:          "https://dev.azure.com/",
-			organization: "myorganization",
-			expected:     "https://dev.azure.com/myorganization",
-		},
-		{
-			name:         "Provided default URL and organization without trailing slash",
-			url:          "https://dev.azure.com",
-			organization: "myorganization",
-			expected:     "https://dev.azure.com/myorganization",
-		},
-		{
-			name:         "Provided no URL and organization",
-			url:          "",
-			organization: "myorganization",
-			expected:     "https://dev.azure.com/myorganization",
-		},
-		{
-			name:         "Provided custom URL and organization",
-			url:          "https://azuredevops.mycompany.com/",
-			organization: "myorganization",
-			expected:     "https://azuredevops.mycompany.com/myorganization",
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			result := buildURL(tc.url, tc.organization)
-			assert.Equal(t, result, tc.expected)
-		})
-	}
-}

applicationset/services/pull_request/bitbucket_cloud.go

@@ -1,138 +0,0 @@
-package pull_request
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-	"net/url"
-
-	"github.com/ktrysmt/go-bitbucket"
-)
-
-type BitbucketCloudService struct {
-	client         *bitbucket.Client
-	owner          string
-	repositorySlug string
-}
-
-type BitbucketCloudPullRequest struct {
-	ID     int                             `json:"id"`
-	Source BitbucketCloudPullRequestSource `json:"source"`
-}
-
-type BitbucketCloudPullRequestSource struct {
-	Branch BitbucketCloudPullRequestSourceBranch `json:"branch"`
-	Commit BitbucketCloudPullRequestSourceCommit `json:"commit"`
-}
-
-type BitbucketCloudPullRequestSourceBranch struct {
-	Name string `json:"name"`
-}
-
-type BitbucketCloudPullRequestSourceCommit struct {
-	Hash string `json:"hash"`
-}
-
-type PullRequestResponse struct {
-	Page     int32         `json:"page"`
-	Size     int32         `json:"size"`
-	Pagelen  int32         `json:"pagelen"`
-	Next     string        `json:"next"`
-	Previous string        `json:"previous"`
-	Items    []PullRequest `json:"values"`
-}
-
-var _ PullRequestService = (*BitbucketCloudService)(nil)
-
-func parseUrl(uri string) (*url.URL, error) {
-	if uri == "" {
-		uri = "https://api.bitbucket.org/2.0"
-	}
-
-	url, err := url.Parse(uri)
-	if err != nil {
-		return nil, err
-	}
-
-	return url, nil
-}
-
-func NewBitbucketCloudServiceBasicAuth(baseUrl, username, password, owner, repositorySlug string) (PullRequestService, error) {
-	url, err := parseUrl(baseUrl)
-	if err != nil {
-		return nil, fmt.Errorf("error parsing base url of %s for %s/%s: %v", baseUrl, owner, repositorySlug, err)
-	}
-
-	bitbucketClient := bitbucket.NewBasicAuth(username, password)
-	bitbucketClient.SetApiBaseURL(*url)
-
-	return &BitbucketCloudService{
-		client:         bitbucketClient,
-		owner:          owner,
-		repositorySlug: repositorySlug,
-	}, nil
-}
-
-func NewBitbucketCloudServiceBearerToken(baseUrl, bearerToken, owner, repositorySlug string) (PullRequestService, error) {
-	url, err := parseUrl(baseUrl)
-	if err != nil {
-		return nil, fmt.Errorf("error parsing base url of %s for %s/%s: %v", baseUrl, owner, repositorySlug, err)
-	}
-
-	bitbucketClient := bitbucket.NewOAuthbearerToken(bearerToken)
-	bitbucketClient.SetApiBaseURL(*url)
-
-	return &BitbucketCloudService{
-		client:         bitbucketClient,
-		owner:          owner,
-		repositorySlug: repositorySlug,
-	}, nil
-}
-
-func NewBitbucketCloudServiceNoAuth(baseUrl, owner, repositorySlug string) (PullRequestService, error) {
-	// There is currently no method to explicitly not require auth
-	return NewBitbucketCloudServiceBearerToken(baseUrl, "", owner, repositorySlug)
-}
-
-func (b *BitbucketCloudService) List(_ context.Context) ([]*PullRequest, error) {
-	opts := &bitbucket.PullRequestsOptions{
-		Owner:    b.owner,
-		RepoSlug: b.repositorySlug,
-	}
-
-	response, err := b.client.Repositories.PullRequests.Gets(opts)
-	if err != nil {
-		return nil, fmt.Errorf("error listing pull requests for %s/%s: %v", b.owner, b.repositorySlug, err)
-	}
-
-	resp, ok := response.(map[string]interface{})
-	if !ok {
-		return nil, fmt.Errorf("unknown type returned from bitbucket pull requests")
-	}
-
-	repoArray, ok := resp["values"].([]interface{})
-	if !ok {
-		return nil, fmt.Errorf("unknown type returned from response values")
-	}
-
-	jsonStr, err := json.Marshal(repoArray)
-	if err != nil {
-		return nil, fmt.Errorf("error marshalling response body to json: %v", err)
-	}
-
-	var pulls []BitbucketCloudPullRequest
-	if err := json.Unmarshal(jsonStr, &pulls); err != nil {
-		return nil, fmt.Errorf("error unmarshalling json to type '[]BitbucketCloudPullRequest': %v", err)
-	}
-
-	pullRequests := []*PullRequest{}
-	for _, pull := range pulls {
-		pullRequests = append(pullRequests, &PullRequest{
-			Number:  pull.ID,
-			Branch:  pull.Source.Branch.Name,
-			HeadSHA: pull.Source.Commit.Hash,
-		})
-	}
-
-	return pullRequests, nil
-}

applicationset/services/pull_request/bitbucket_cloud_test.go

@@ -1,410 +0,0 @@
-package pull_request
-
-import (
-	"context"
-	"fmt"
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-
-	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-)
-
-func defaultHandlerCloud(t *testing.T) func(http.ResponseWriter, *http.Request) {
-	return func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Content-Type", "application/json")
-		var err error
-		switch r.RequestURI {
-		case "/repositories/OWNER/REPO/pullrequests/":
-			_, err = io.WriteString(w, `{
-					"size": 1,
-					"pagelen": 10,
-					"page": 1,
-					"values": [
-						{
-							"id": 101,
-							"source": {
-								"branch": {
-									"name": "feature/foo-bar"
-								},
-								"commit": {
-									"type": "commit",
-									"hash": "1a8dd249c04a"
-								}
-							}
-						}
-					]
-				}`)
-		default:
-			t.Fail()
-		}
-		if err != nil {
-			t.Fail()
-		}
-	}
-}
-
-func TestParseUrlEmptyUrl(t *testing.T) {
-	url, err := parseUrl("")
-	bitbucketUrl, _ := url.Parse("https://api.bitbucket.org/2.0")
-
-	assert.NoError(t, err)
-	assert.Equal(t, bitbucketUrl, url)
-}
-
-func TestInvalidBaseUrlBasicAuthCloud(t *testing.T) {
-	_, err := NewBitbucketCloudServiceBasicAuth("http:// example.org", "user", "password", "OWNER", "REPO")
-
-	assert.Error(t, err)
-}
-
-func TestInvalidBaseUrlBearerTokenCloud(t *testing.T) {
-	_, err := NewBitbucketCloudServiceBearerToken("http:// example.org", "TOKEN", "OWNER", "REPO")
-
-	assert.Error(t, err)
-}
-
-func TestInvalidBaseUrlNoAuthCloud(t *testing.T) {
-	_, err := NewBitbucketCloudServiceNoAuth("http:// example.org", "OWNER", "REPO")
-
-	assert.Error(t, err)
-}
-
-func TestListPullRequestBearerTokenCloud(t *testing.T) {
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		assert.Equal(t, "Bearer TOKEN", r.Header.Get("Authorization"))
-		defaultHandlerCloud(t)(w, r)
-	}))
-	defer ts.Close()
-	svc, err := NewBitbucketCloudServiceBearerToken(ts.URL, "TOKEN", "OWNER", "REPO")
-	assert.NoError(t, err)
-	pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{})
-	assert.NoError(t, err)
-	assert.Equal(t, 1, len(pullRequests))
-	assert.Equal(t, 101, pullRequests[0].Number)
-	assert.Equal(t, "feature/foo-bar", pullRequests[0].Branch)
-	assert.Equal(t, "1a8dd249c04a", pullRequests[0].HeadSHA)
-}
-
-func TestListPullRequestNoAuthCloud(t *testing.T) {
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		assert.Empty(t, r.Header.Get("Authorization"))
-		defaultHandlerCloud(t)(w, r)
-	}))
-	defer ts.Close()
-	svc, err := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO")
-	assert.NoError(t, err)
-	pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{})
-	assert.NoError(t, err)
-	assert.Equal(t, 1, len(pullRequests))
-	assert.Equal(t, 101, pullRequests[0].Number)
-	assert.Equal(t, "feature/foo-bar", pullRequests[0].Branch)
-	assert.Equal(t, "1a8dd249c04a", pullRequests[0].HeadSHA)
-}
-
-func TestListPullRequestBasicAuthCloud(t *testing.T) {
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		assert.Equal(t, "Basic dXNlcjpwYXNzd29yZA==", r.Header.Get("Authorization"))
-		defaultHandlerCloud(t)(w, r)
-	}))
-	defer ts.Close()
-	svc, err := NewBitbucketCloudServiceBasicAuth(ts.URL, "user", "password", "OWNER", "REPO")
-	assert.NoError(t, err)
-	pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{})
-	assert.NoError(t, err)
-	assert.Equal(t, 1, len(pullRequests))
-	assert.Equal(t, 101, pullRequests[0].Number)
-	assert.Equal(t, "feature/foo-bar", pullRequests[0].Branch)
-	assert.Equal(t, "1a8dd249c04a", pullRequests[0].HeadSHA)
-}
-
-func TestListPullRequestPaginationCloud(t *testing.T) {
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Content-Type", "application/json")
-		var err error
-		switch r.RequestURI {
-		case "/repositories/OWNER/REPO/pullrequests/":
-			_, err = io.WriteString(w, fmt.Sprintf(`{
-				"size": 2,
-				"pagelen": 1,
-				"page": 1,
-				"next": "http://%s/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=2",
-				"values": [
-					{
-						"id": 101,
-						"source": {
-							"branch": {
-								"name": "feature-101"
-							},
-							"commit": {
-								"type": "commit",
-								"hash": "1a8dd249c04a"
-							}
-						}
-					},
-					{
-						"id": 102,
-						"source": {
-							"branch": {
-								"name": "feature-102"
-							},
-							"commit": {
-								"type": "commit",
-								"hash": "4cf807e67a6d"
-							}
-						}
-					}
-				]
-			}`, r.Host))
-		case "/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=2":
-			_, err = io.WriteString(w, fmt.Sprintf(`{
-				"size": 2,
-				"pagelen": 1,
-				"page": 2,
-				"previous": "http://%s/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=1",
-				"values": [
-					{
-						"id": 103,
-						"source": {
-							"branch": {
-								"name": "feature-103"
-							},
-							"commit": {
-								"type": "commit",
-								"hash": "6344d9623e3b"
-							}
-						}
-					}
-				]
-			}`, r.Host))
-		default:
-			t.Fail()
-		}
-		if err != nil {
-			t.Fail()
-		}
-	}))
-	defer ts.Close()
-	svc, err := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO")
-	assert.NoError(t, err)
-	pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{})
-	assert.NoError(t, err)
-	assert.Equal(t, 3, len(pullRequests))
-	assert.Equal(t, PullRequest{
-		Number:  101,
-		Branch:  "feature-101",
-		HeadSHA: "1a8dd249c04a",
-	}, *pullRequests[0])
-	assert.Equal(t, PullRequest{
-		Number:  102,
-		Branch:  "feature-102",
-		HeadSHA: "4cf807e67a6d",
-	}, *pullRequests[1])
-	assert.Equal(t, PullRequest{
-		Number:  103,
-		Branch:  "feature-103",
-		HeadSHA: "6344d9623e3b",
-	}, *pullRequests[2])
-}
-
-func TestListResponseErrorCloud(t *testing.T) {
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.WriteHeader(500)
-	}))
-	defer ts.Close()
-	svc, _ := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO")
-	_, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{})
-	assert.Error(t, err)
-}
-
-func TestListResponseMalformedCloud(t *testing.T) {
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Content-Type", "application/json")
-		switch r.RequestURI {
-		case "/repositories/OWNER/REPO/pullrequests/":
-			_, err := io.WriteString(w, `[{
-				"size": 1,
-				"pagelen": 10,
-				"page": 1,
-				"values": [{ "id": 101 }]
-			}]`)
-			if err != nil {
-				t.Fail()
-			}
-		default:
-			t.Fail()
-		}
-	}))
-	defer ts.Close()
-	svc, _ := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO")
-	_, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{})
-	assert.Error(t, err)
-}
-
-func TestListResponseMalformedValuesCloud(t *testing.T) {
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Content-Type", "application/json")
-		switch r.RequestURI {
-		case "/repositories/OWNER/REPO/pullrequests/":
-			_, err := io.WriteString(w, `{
-				"size": 1,
-				"pagelen": 10,
-				"page": 1,
-				"values": { "id": 101 }
-			}`)
-			if err != nil {
-				t.Fail()
-			}
-		default:
-			t.Fail()
-		}
-	}))
-	defer ts.Close()
-	svc, _ := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO")
-	_, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{})
-	assert.Error(t, err)
-}
-
-func TestListResponseEmptyCloud(t *testing.T) {
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Content-Type", "application/json")
-		switch r.RequestURI {
-		case "/repositories/OWNER/REPO/pullrequests/":
-			_, err := io.WriteString(w, `{
-				"size": 1,
-				"pagelen": 10,
-				"page": 1,
-				"values": []
-			}`)
-			if err != nil {
-				t.Fail()
-			}
-		default:
-			t.Fail()
-		}
-	}))
-	defer ts.Close()
-	svc, err := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO")
-	assert.NoError(t, err)
-	pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{})
-	assert.NoError(t, err)
-	assert.Empty(t, pullRequests)
-}
-
-func TestListPullRequestBranchMatchCloud(t *testing.T) {
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Content-Type", "application/json")
-		var err error
-		switch r.RequestURI {
-		case "/repositories/OWNER/REPO/pullrequests/":
-			_, err = io.WriteString(w, fmt.Sprintf(`{
-				"size": 2,
-				"pagelen": 1,
-				"page": 1,
-				"next": "http://%s/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=2",
-				"values": [
-					{
-						"id": 101,
-						"source": {
-							"branch": {
-								"name": "feature-101"
-							},
-							"commit": {
-								"type": "commit",
-								"hash": "1a8dd249c04a"
-							}
-						}
-					},
-					{
-						"id": 200,
-						"source": {
-							"branch": {
-								"name": "feature-200"
-							},
-							"commit": {
-								"type": "commit",
-								"hash": "4cf807e67a6d"
-							}
-						}
-					}
-				]
-			}`, r.Host))
-		case "/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=2":
-			_, err = io.WriteString(w, fmt.Sprintf(`{
-				"size": 2,
-				"pagelen": 1,
-				"page": 2,
-				"previous": "http://%s/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=1",
-				"values": [
-					{
-						"id": 102,
-						"source": {
-							"branch": {
-								"name": "feature-102"
-							},
-							"commit": {
-								"type": "commit",
-								"hash": "6344d9623e3b"
-							}
-						}
-					}
-				]
-			}`, r.Host))
-		default:
-			t.Fail()
-		}
-		if err != nil {
-			t.Fail()
-		}
-	}))
-	defer ts.Close()
-	regexp := `feature-1[\d]{2}`
-	svc, err := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO")
-	assert.NoError(t, err)
-	pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{
-		{
-			BranchMatch: &regexp,
-		},
-	})
-	assert.NoError(t, err)
-	assert.Equal(t, 2, len(pullRequests))
-	assert.Equal(t, PullRequest{
-		Number:  101,
-		Branch:  "feature-101",
-		HeadSHA: "1a8dd249c04a",
-	}, *pullRequests[0])
-	assert.Equal(t, PullRequest{
-		Number:  102,
-		Branch:  "feature-102",
-		HeadSHA: "6344d9623e3b",
-	}, *pullRequests[1])
-
-	regexp = `.*2$`
-	svc, err = NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO")
-	assert.NoError(t, err)
-	pullRequests, err = ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{
-		{
-			BranchMatch: &regexp,
-		},
-	})
-	assert.NoError(t, err)
-	assert.Equal(t, 1, len(pullRequests))
-	assert.Equal(t, PullRequest{
-		Number:  102,
-		Branch:  "feature-102",
-		HeadSHA: "6344d9623e3b",
-	}, *pullRequests[0])
-
-	regexp = `[\d{2}`
-	svc, err = NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO")
-	assert.NoError(t, err)
-	_, err = ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{
-		{
-			BranchMatch: &regexp,
-		},
-	})
-	assert.Error(t, err)
-}

applicationset/services/pull_request/bitbucket_server.go

@@ -66,11 +66,10 @@ func (b *BitbucketService) List(_ context.Context) ([]*PullRequest, error) {
 
 		for _, pull := range pulls {
 			pullRequests = append(pullRequests, &PullRequest{
-				Number:       pull.ID,
-				Branch:       pull.FromRef.DisplayID, // ID: refs/heads/main DisplayID: main
-				TargetBranch: pull.ToRef.DisplayID,
-				HeadSHA:      pull.FromRef.LatestCommit, // This is not defined in the official docs, but works in practice
-				Labels:       []string{},                // Not supported by library
+				Number:  pull.ID,
+				Branch:  pull.FromRef.DisplayID,    // ID: refs/heads/main DisplayID: main
+				HeadSHA: pull.FromRef.LatestCommit, // This is not defined in the official docs, but works in practice
+				Labels:  []string{},                // Not supported by library
 			})
 		}
 

applicationset/services/pull_request/bitbucket_server_test.go

@@ -24,11 +24,6 @@ func defaultHandler(t *testing.T) func(http.ResponseWriter, *http.Request) {
 					"values": [
 						{
 							"id": 101,
-							"toRef": {
-								"latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a",
-								"displayId": "master",
-								"id": "refs/heads/master"
-							},
 							"fromRef": {
 								"id": "refs/heads/feature-ABC-123",
 								"displayId": "feature-ABC-123",
@@ -60,7 +55,6 @@ func TestListPullRequestNoAuth(t *testing.T) {
 	assert.Equal(t, 1, len(pullRequests))
 	assert.Equal(t, 101, pullRequests[0].Number)
 	assert.Equal(t, "feature-ABC-123", pullRequests[0].Branch)
-	assert.Equal(t, "master", pullRequests[0].TargetBranch)
 	assert.Equal(t, "cb3cf2e4d1517c83e720d2585b9402dbef71f992", pullRequests[0].HeadSHA)
 }
 
@@ -77,11 +71,6 @@ func TestListPullRequestPagination(t *testing.T) {
 					"values": [
 						{
 							"id": 101,
-							"toRef": {
-								"latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a",
-								"displayId": "master",
-								"id": "refs/heads/master"
-							},
 							"fromRef": {
 								"id": "refs/heads/feature-101",
 								"displayId": "feature-101",
@@ -90,11 +79,6 @@ func TestListPullRequestPagination(t *testing.T) {
 						},
 						{
 							"id": 102,
-							"toRef": {
-								"latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a",
-								"displayId": "branch",
-								"id": "refs/heads/branch"
-							},
 							"fromRef": {
 								"id": "refs/heads/feature-102",
 								"displayId": "feature-102",
@@ -112,11 +96,6 @@ func TestListPullRequestPagination(t *testing.T) {
 				"values": [
 					{
 						"id": 200,
-						"toRef": {
-							"latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a",
-							"displayId": "master",
-							"id": "refs/heads/master"
-						},
 						"fromRef": {
 							"id": "refs/heads/feature-200",
 							"displayId": "feature-200",
@@ -140,25 +119,22 @@ func TestListPullRequestPagination(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, 3, len(pullRequests))
 	assert.Equal(t, PullRequest{
-		Number:       101,
-		Branch:       "feature-101",
-		TargetBranch: "master",
-		HeadSHA:      "ab3cf2e4d1517c83e720d2585b9402dbef71f992",
-		Labels:       []string{},
+		Number:  101,
+		Branch:  "feature-101",
+		HeadSHA: "ab3cf2e4d1517c83e720d2585b9402dbef71f992",
+		Labels:  []string{},
 	}, *pullRequests[0])
 	assert.Equal(t, PullRequest{
-		Number:       102,
-		Branch:       "feature-102",
-		TargetBranch: "branch",
-		HeadSHA:      "bb3cf2e4d1517c83e720d2585b9402dbef71f992",
-		Labels:       []string{},
+		Number:  102,
+		Branch:  "feature-102",
+		HeadSHA: "bb3cf2e4d1517c83e720d2585b9402dbef71f992",
+		Labels:  []string{},
 	}, *pullRequests[1])
 	assert.Equal(t, PullRequest{
-		Number:       200,
-		Branch:       "feature-200",
-		TargetBranch: "master",
-		HeadSHA:      "cb3cf2e4d1517c83e720d2585b9402dbef71f992",
-		Labels:       []string{},
+		Number:  200,
+		Branch:  "feature-200",
+		HeadSHA: "cb3cf2e4d1517c83e720d2585b9402dbef71f992",
+		Labels:  []string{},
 	}, *pullRequests[2])
 }
 
@@ -255,11 +231,6 @@ func TestListPullRequestBranchMatch(t *testing.T) {
 					"values": [
 						{
 							"id": 101,
-							"toRef": {
-								"latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a",
-								"displayId": "master",
-								"id": "refs/heads/master"
-							},
 							"fromRef": {
 								"id": "refs/heads/feature-101",
 								"displayId": "feature-101",
@@ -268,11 +239,6 @@ func TestListPullRequestBranchMatch(t *testing.T) {
 						},
 						{
 							"id": 102,
-							"toRef": {
-								"latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a",
-								"displayId": "branch",
-								"id": "refs/heads/branch"
-							},
 							"fromRef": {
 								"id": "refs/heads/feature-102",
 								"displayId": "feature-102",
@@ -290,11 +256,6 @@ func TestListPullRequestBranchMatch(t *testing.T) {
 				"values": [
 					{
 						"id": 200,
-						"toRef": {
-							"latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a",
-							"displayId": "master",
-							"id": "refs/heads/master"
-						},
 						"fromRef": {
 							"id": "refs/heads/feature-200",
 							"displayId": "feature-200",
@@ -323,18 +284,16 @@ func TestListPullRequestBranchMatch(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, 2, len(pullRequests))
 	assert.Equal(t, PullRequest{
-		Number:       101,
-		Branch:       "feature-101",
-		TargetBranch: "master",
-		HeadSHA:      "ab3cf2e4d1517c83e720d2585b9402dbef71f992",
-		Labels:       []string{},
+		Number:  101,
+		Branch:  "feature-101",
+		HeadSHA: "ab3cf2e4d1517c83e720d2585b9402dbef71f992",
+		Labels:  []string{},
 	}, *pullRequests[0])
 	assert.Equal(t, PullRequest{
-		Number:       102,
-		Branch:       "feature-102",
-		TargetBranch: "branch",
-		HeadSHA:      "bb3cf2e4d1517c83e720d2585b9402dbef71f992",
-		Labels:       []string{},
+		Number:  102,
+		Branch:  "feature-102",
+		HeadSHA: "bb3cf2e4d1517c83e720d2585b9402dbef71f992",
+		Labels:  []string{},
 	}, *pullRequests[1])
 
 	regexp = `.*2$`
@@ -348,11 +307,10 @@ func TestListPullRequestBranchMatch(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, 1, len(pullRequests))
 	assert.Equal(t, PullRequest{
-		Number:       102,
-		Branch:       "feature-102",
-		TargetBranch: "branch",
-		HeadSHA:      "bb3cf2e4d1517c83e720d2585b9402dbef71f992",
-		Labels:       []string{},
+		Number:  102,
+		Branch:  "feature-102",
+		HeadSHA: "bb3cf2e4d1517c83e720d2585b9402dbef71f992",
+		Labels:  []string{},
 	}, *pullRequests[0])
 
 	regexp = `[\d{2}`

applicationset/services/pull_request/gitea.go

@@ -54,11 +54,10 @@ func (g *GiteaService) List(ctx context.Context) ([]*PullRequest, error) {
 	list := []*PullRequest{}
 	for _, pr := range prs {
 		list = append(list, &PullRequest{
-			Number:       int(pr.Index),
-			Branch:       pr.Head.Ref,
-			TargetBranch: pr.Base.Ref,
-			HeadSHA:      pr.Head.Sha,
-			Labels:       getGiteaPRLabelNames(pr.Labels),
+			Number:  int(pr.Index),
+			Branch:  pr.Head.Ref,
+			HeadSHA: pr.Head.Sha,
+			Labels:  getGiteaPRLabelNames(pr.Labels),
 		})
 	}
 	return list, nil

applicationset/services/pull_request/gitea_test.go

@@ -256,7 +256,6 @@ func TestGiteaList(t *testing.T) {
 	assert.Equal(t, len(prs), 1)
 	assert.Equal(t, prs[0].Number, 1)
 	assert.Equal(t, prs[0].Branch, "test")
-	assert.Equal(t, prs[0].TargetBranch, "main")
 	assert.Equal(t, prs[0].HeadSHA, "7bbaf62d92ddfafd9cc8b340c619abaec32bc09f")
 }
 

applicationset/services/pull_request/github.go

@@ -65,11 +65,10 @@ func (g *GithubService) List(ctx context.Context) ([]*PullRequest, error) {
 				continue
 			}
 			pullRequests = append(pullRequests, &PullRequest{
-				Number:       *pull.Number,
-				Branch:       *pull.Head.Ref,
-				TargetBranch: *pull.Base.Ref,
-				HeadSHA:      *pull.Head.SHA,
-				Labels:       getGithubPRLabelNames(pull.Labels),
+				Number:  *pull.Number,
+				Branch:  *pull.Head.Ref,
+				HeadSHA: *pull.Head.SHA,
+				Labels:  getGithubPRLabelNames(pull.Labels),
 			})
 		}
 		if resp.NextPage == 0 {

applicationset/services/pull_request/gitlab.go

@@ -3,11 +3,8 @@ package pull_request
 import (
 	"context"
 	"fmt"
-	"net/http"
 	"os"
 
-	"github.com/argoproj/argo-cd/v2/applicationset/utils"
-	"github.com/hashicorp/go-retryablehttp"
 	gitlab "github.com/xanzy/go-gitlab"
 )
 
@@ -20,7 +17,7 @@ type GitLabService struct {
 
 var _ PullRequestService = (*GitLabService)(nil)
 
-func NewGitLabService(ctx context.Context, token, url, project string, labels []string, pullRequestState string, scmRootCAPath string, insecure bool) (PullRequestService, error) {
+func NewGitLabService(ctx context.Context, token, url, project string, labels []string, pullRequestState string) (PullRequestService, error) {
 	var clientOptionFns []gitlab.ClientOptionFunc
 
 	// Set a custom Gitlab base URL if one is provided
@@ -32,14 +29,6 @@ func NewGitLabService(ctx context.Context, token, url, project string, labels []
 		token = os.Getenv("GITLAB_TOKEN")
 	}
 
-	tr := &http.Transport{
-		TLSClientConfig: utils.GetTlsConfig(scmRootCAPath, insecure),
-	}
-	retryClient := retryablehttp.NewClient()
-	retryClient.HTTPClient.Transport = tr
-
-	clientOptionFns = append(clientOptionFns, gitlab.WithHTTPClient(retryClient.HTTPClient))
-
 	client, err := gitlab.NewClient(token, clientOptionFns...)
 	if err != nil {
 		return nil, fmt.Errorf("error creating Gitlab client: %v", err)
@@ -80,11 +69,10 @@ func (g *GitLabService) List(ctx context.Context) ([]*PullRequest, error) {
 		}
 		for _, mr := range mrs {
 			pullRequests = append(pullRequests, &PullRequest{
-				Number:       mr.IID,
-				Branch:       mr.SourceBranch,
-				TargetBranch: mr.TargetBranch,
-				HeadSHA:      mr.SHA,
-				Labels:       mr.Labels,
+				Number:  mr.IID,
+				Branch:  mr.SourceBranch,
+				HeadSHA: mr.SHA,
+				Labels:  mr.Labels,
 			})
 		}
 		if resp.NextPage == 0 {

applicationset/services/pull_request/gitlab_test.go

@@ -34,7 +34,7 @@ func TestGitLabServiceCustomBaseURL(t *testing.T) {
 		writeMRListResponse(t, w)
 	})
 
-	svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", nil, "", "", false)
+	svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", nil, "")
 	assert.NoError(t, err)
 
 	_, err = svc.List(context.Background())
@@ -53,7 +53,7 @@ func TestGitLabServiceToken(t *testing.T) {
 		writeMRListResponse(t, w)
 	})
 
-	svc, err := NewGitLabService(context.Background(), "token-123", server.URL, "278964", nil, "", "", false)
+	svc, err := NewGitLabService(context.Background(), "token-123", server.URL, "278964", nil, "")
 	assert.NoError(t, err)
 
 	_, err = svc.List(context.Background())
@@ -72,7 +72,7 @@ func TestList(t *testing.T) {
 		writeMRListResponse(t, w)
 	})
 
-	svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{}, "", "", false)
+	svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{}, "")
 	assert.NoError(t, err)
 
 	prs, err := svc.List(context.Background())
@@ -80,7 +80,6 @@ func TestList(t *testing.T) {
 	assert.Len(t, prs, 1)
 	assert.Equal(t, prs[0].Number, 15442)
 	assert.Equal(t, prs[0].Branch, "use-structured-logging-for-db-load-balancer")
-	assert.Equal(t, prs[0].TargetBranch, "master")
 	assert.Equal(t, prs[0].HeadSHA, "2fc4e8b972ff3208ec63b6143e34ad67ff343ad7")
 }
 
@@ -96,7 +95,7 @@ func TestListWithLabels(t *testing.T) {
 		writeMRListResponse(t, w)
 	})
 
-	svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{"feature", "ready"}, "", "", false)
+	svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{"feature", "ready"}, "")
 	assert.NoError(t, err)
 
 	_, err = svc.List(context.Background())
@@ -115,7 +114,7 @@ func TestListWithState(t *testing.T) {
 		writeMRListResponse(t, w)
 	})
 
-	svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{}, "opened", "", false)
+	svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{}, "opened")
 	assert.NoError(t, err)
 
 	_, err = svc.List(context.Background())

applicationset/services/pull_request/interface.go

@@ -10,8 +10,6 @@ type PullRequest struct {
 	Number int
 	// Branch is the name of the branch from which the pull request originated.
 	Branch string
-	// TargetBranch is the name of the target branch of the pull request.
-	TargetBranch string
 	// HeadSHA is the SHA of the HEAD from which the pull request originated.
 	HeadSHA string
 	// Labels of the pull request.
@@ -24,6 +22,5 @@ type PullRequestService interface {
 }
 
 type Filter struct {
-	BranchMatch       *regexp.Regexp
-	TargetBranchMatch *regexp.Regexp
+	BranchMatch *regexp.Regexp
 }

applicationset/services/pull_request/utils.go

@@ -19,12 +19,6 @@ func compileFilters(filters []argoprojiov1alpha1.PullRequestGeneratorFilter) ([]
 				return nil, fmt.Errorf("error compiling BranchMatch regexp %q: %v", *filter.BranchMatch, err)
 			}
 		}
-		if filter.TargetBranchMatch != nil {
-			outFilter.TargetBranchMatch, err = regexp.Compile(*filter.TargetBranchMatch)
-			if err != nil {
-				return nil, fmt.Errorf("error compiling TargetBranchMatch regexp %q: %v", *filter.TargetBranchMatch, err)
-			}
-		}
 		outFilters = append(outFilters, outFilter)
 	}
 	return outFilters, nil
@@ -34,9 +28,6 @@ func matchFilter(pullRequest *PullRequest, filter *Filter) bool {
 	if filter.BranchMatch != nil && !filter.BranchMatch.MatchString(pullRequest.Branch) {
 		return false
 	}
-	if filter.TargetBranchMatch != nil && !filter.TargetBranchMatch.MatchString(pullRequest.TargetBranch) {
-		return false
-	}
 
 	return true
 }

applicationset/services/pull_request/utils_test.go

@@ -16,10 +16,9 @@ func TestFilterBranchMatchBadRegexp(t *testing.T) {
 		context.Background(),
 		[]*PullRequest{
 			{
-				Number:       1,
-				Branch:       "branch1",
-				TargetBranch: "master",
-				HeadSHA:      "089d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  1,
+				Branch:  "branch1",
+				HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 		},
 		nil,
@@ -38,28 +37,24 @@ func TestFilterBranchMatch(t *testing.T) {
 		context.Background(),
 		[]*PullRequest{
 			{
-				Number:       1,
-				Branch:       "one",
-				TargetBranch: "master",
-				HeadSHA:      "189d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  1,
+				Branch:  "one",
+				HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 			{
-				Number:       2,
-				Branch:       "two",
-				TargetBranch: "master",
-				HeadSHA:      "289d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  2,
+				Branch:  "two",
+				HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 			{
-				Number:       3,
-				Branch:       "three",
-				TargetBranch: "master",
-				HeadSHA:      "389d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  3,
+				Branch:  "three",
+				HeadSHA: "389d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 			{
-				Number:       4,
-				Branch:       "four",
-				TargetBranch: "master",
-				HeadSHA:      "489d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  4,
+				Branch:  "four",
+				HeadSHA: "489d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 		},
 		nil,
@@ -75,75 +70,29 @@ func TestFilterBranchMatch(t *testing.T) {
 	assert.Equal(t, "two", pullRequests[0].Branch)
 }
 
-func TestFilterTargetBranchMatch(t *testing.T) {
-	provider, _ := NewFakeService(
-		context.Background(),
-		[]*PullRequest{
-			{
-				Number:       1,
-				Branch:       "one",
-				TargetBranch: "master",
-				HeadSHA:      "189d92cbf9ff857a39e6feccd32798ca700fb958",
-			},
-			{
-				Number:       2,
-				Branch:       "two",
-				TargetBranch: "branch1",
-				HeadSHA:      "289d92cbf9ff857a39e6feccd32798ca700fb958",
-			},
-			{
-				Number:       3,
-				Branch:       "three",
-				TargetBranch: "branch2",
-				HeadSHA:      "389d92cbf9ff857a39e6feccd32798ca700fb958",
-			},
-			{
-				Number:       4,
-				Branch:       "four",
-				TargetBranch: "branch3",
-				HeadSHA:      "489d92cbf9ff857a39e6feccd32798ca700fb958",
-			},
-		},
-		nil,
-	)
-	filters := []argoprojiov1alpha1.PullRequestGeneratorFilter{
-		{
-			TargetBranchMatch: strp("1"),
-		},
-	}
-	pullRequests, err := ListPullRequests(context.Background(), provider, filters)
-	assert.NoError(t, err)
-	assert.Len(t, pullRequests, 1)
-	assert.Equal(t, "two", pullRequests[0].Branch)
-}
-
 func TestMultiFilterOr(t *testing.T) {
 	provider, _ := NewFakeService(
 		context.Background(),
 		[]*PullRequest{
 			{
-				Number:       1,
-				Branch:       "one",
-				TargetBranch: "master",
-				HeadSHA:      "189d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  1,
+				Branch:  "one",
+				HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 			{
-				Number:       2,
-				Branch:       "two",
-				TargetBranch: "master",
-				HeadSHA:      "289d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  2,
+				Branch:  "two",
+				HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 			{
-				Number:       3,
-				Branch:       "three",
-				TargetBranch: "master",
-				HeadSHA:      "389d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  3,
+				Branch:  "three",
+				HeadSHA: "389d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 			{
-				Number:       4,
-				Branch:       "four",
-				TargetBranch: "master",
-				HeadSHA:      "489d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  4,
+				Branch:  "four",
+				HeadSHA: "489d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 		},
 		nil,
@@ -164,69 +113,19 @@ func TestMultiFilterOr(t *testing.T) {
 	assert.Equal(t, "four", pullRequests[2].Branch)
 }
 
-func TestMultiFilterOrWithTargetBranchFilter(t *testing.T) {
-	provider, _ := NewFakeService(
-		context.Background(),
-		[]*PullRequest{
-			{
-				Number:       1,
-				Branch:       "one",
-				TargetBranch: "master",
-				HeadSHA:      "189d92cbf9ff857a39e6feccd32798ca700fb958",
-			},
-			{
-				Number:       2,
-				Branch:       "two",
-				TargetBranch: "branch1",
-				HeadSHA:      "289d92cbf9ff857a39e6feccd32798ca700fb958",
-			},
-			{
-				Number:       3,
-				Branch:       "three",
-				TargetBranch: "branch2",
-				HeadSHA:      "389d92cbf9ff857a39e6feccd32798ca700fb958",
-			},
-			{
-				Number:       4,
-				Branch:       "four",
-				TargetBranch: "branch3",
-				HeadSHA:      "489d92cbf9ff857a39e6feccd32798ca700fb958",
-			},
-		},
-		nil,
-	)
-	filters := []argoprojiov1alpha1.PullRequestGeneratorFilter{
-		{
-			BranchMatch:       strp("w"),
-			TargetBranchMatch: strp("1"),
-		},
-		{
-			BranchMatch:       strp("r"),
-			TargetBranchMatch: strp("3"),
-		},
-	}
-	pullRequests, err := ListPullRequests(context.Background(), provider, filters)
-	assert.NoError(t, err)
-	assert.Len(t, pullRequests, 2)
-	assert.Equal(t, "two", pullRequests[0].Branch)
-	assert.Equal(t, "four", pullRequests[1].Branch)
-}
-
 func TestNoFilters(t *testing.T) {
 	provider, _ := NewFakeService(
 		context.Background(),
 		[]*PullRequest{
 			{
-				Number:       1,
-				Branch:       "one",
-				TargetBranch: "master",
-				HeadSHA:      "189d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  1,
+				Branch:  "one",
+				HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 			{
-				Number:       2,
-				Branch:       "two",
-				TargetBranch: "master",
-				HeadSHA:      "289d92cbf9ff857a39e6feccd32798ca700fb958",
+				Number:  2,
+				Branch:  "two",
+				HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958",
 			},
 		},
 		nil,

applicationset/services/repo_service.go

@@ -3,26 +3,25 @@ package services
 import (
 	"context"
 	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
 
 	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
 	"github.com/argoproj/argo-cd/v2/util/db"
 	"github.com/argoproj/argo-cd/v2/util/git"
-	"github.com/argoproj/argo-cd/v2/util/io"
 )
 
 // RepositoryDB Is a lean facade for ArgoDB,
-// Using a lean interface makes it easier to test the functionality of the git generator
+// Using a lean interface makes it more easy to test the functionality the git generator uses
 type RepositoryDB interface {
 	GetRepository(ctx context.Context, url string) (*v1alpha1.Repository, error)
 }
 
 type argoCDService struct {
-	repositoriesDB         RepositoryDB
-	storecreds             git.CredsStore
-	submoduleEnabled       bool
-	repoServerClientSet    apiclient.Clientset
-	newFileGlobbingEnabled bool
+	repositoriesDB   RepositoryDB
+	storecreds       git.CredsStore
+	submoduleEnabled bool
 }
 
 type Repos interface {
@@ -34,63 +33,121 @@ type Repos interface {
 	GetDirectories(ctx context.Context, repoURL string, revision string) ([]string, error)
 }
 
-func NewArgoCDService(db db.ArgoDB, submoduleEnabled bool, repoClientset apiclient.Clientset, newFileGlobbingEnabled bool) (Repos, error) {
+func NewArgoCDService(db db.ArgoDB, gitCredStore git.CredsStore, submoduleEnabled bool) Repos {
+
 	return &argoCDService{
-		repositoriesDB:         db.(RepositoryDB),
-		submoduleEnabled:       submoduleEnabled,
-		repoServerClientSet:    repoClientset,
-		newFileGlobbingEnabled: newFileGlobbingEnabled,
-	}, nil
+		repositoriesDB:   db.(RepositoryDB),
+		storecreds:       gitCredStore,
+		submoduleEnabled: submoduleEnabled,
+	}
 }
 
 func (a *argoCDService) GetFiles(ctx context.Context, repoURL string, revision string, pattern string) (map[string][]byte, error) {
 	repo, err := a.repositoriesDB.GetRepository(ctx, repoURL)
 	if err != nil {
-		return nil, fmt.Errorf("error in GetRepository: %w", err)
+		return nil, fmt.Errorf("Error in GetRepository: %w", err)
 	}
 
-	fileRequest := &apiclient.GitFilesRequest{
-		Repo:                      repo,
-		SubmoduleEnabled:          a.submoduleEnabled,
-		Revision:                  revision,
-		Path:                      pattern,
-		NewGitFileGlobbingEnabled: a.newFileGlobbingEnabled,
-	}
-	closer, client, err := a.repoServerClientSet.NewRepoServerClient()
+	gitRepoClient, err := git.NewClient(repo.Repo, repo.GetGitCreds(a.storecreds), repo.IsInsecure(), repo.IsLFSEnabled(), repo.Proxy)
+
 	if err != nil {
 		return nil, err
 	}
-	defer io.Close(closer)
 
-	fileResponse, err := client.GetGitFiles(ctx, fileRequest)
+	err = checkoutRepo(gitRepoClient, revision, a.submoduleEnabled)
 	if err != nil {
 		return nil, err
 	}
-	return fileResponse.GetMap(), nil
+
+	paths, err := gitRepoClient.LsFiles(pattern)
+	if err != nil {
+		return nil, fmt.Errorf("Error during listing files of local repo: %w", err)
+	}
+
+	res := map[string][]byte{}
+	for _, filePath := range paths {
+		bytes, err := os.ReadFile(filepath.Join(gitRepoClient.Root(), filePath))
+		if err != nil {
+			return nil, err
+		}
+		res[filePath] = bytes
+	}
+
+	return res, nil
 }
 
 func (a *argoCDService) GetDirectories(ctx context.Context, repoURL string, revision string) ([]string, error) {
+
 	repo, err := a.repositoriesDB.GetRepository(ctx, repoURL)
 	if err != nil {
-		return nil, fmt.Errorf("error in GetRepository: %w", err)
+		return nil, fmt.Errorf("Error in GetRepository: %w", err)
 	}
 
-	dirRequest := &apiclient.GitDirectoriesRequest{
-		Repo:             repo,
-		SubmoduleEnabled: a.submoduleEnabled,
-		Revision:         revision,
-	}
-
-	closer, client, err := a.repoServerClientSet.NewRepoServerClient()
+	gitRepoClient, err := git.NewClient(repo.Repo, repo.GetGitCreds(a.storecreds), repo.IsInsecure(), repo.IsLFSEnabled(), repo.Proxy)
 	if err != nil {
+		return nil, fmt.Errorf("error creating a new git client: %w", err)
+	}
+
+	err = checkoutRepo(gitRepoClient, revision, a.submoduleEnabled)
+	if err != nil {
+		return nil, fmt.Errorf("error while checking out repo: %w", err)
+	}
+
+	filteredPaths := []string{}
+
+	repoRoot := gitRepoClient.Root()
+
+	if err := filepath.Walk(repoRoot, func(path string, info os.FileInfo, fnErr error) error {
+		if fnErr != nil {
+			return fmt.Errorf("error walking the file tree: %w", fnErr)
+		}
+		if !info.IsDir() { // Skip files: directories only
+			return nil
+		}
+
+		fname := info.Name()
+		if strings.HasPrefix(fname, ".") { // Skip all folders starts with "."
+			return filepath.SkipDir
+		}
+
+		relativePath, err := filepath.Rel(repoRoot, path)
+		if err != nil {
+			return fmt.Errorf("error constructing relative repo path: %w", err)
+		}
+
+		if relativePath == "." { // Exclude '.' from results
+			return nil
+		}
+
+		filteredPaths = append(filteredPaths, relativePath)
+
+		return nil
+	}); err != nil {
 		return nil, err
 	}
-	defer io.Close(closer)
 
-	dirResponse, err := client.GetGitDirectories(ctx, dirRequest)
-	if err != nil {
-		return nil, err
-	}
-	return dirResponse.GetPaths(), nil
+	return filteredPaths, nil
 
 }
+
+func checkoutRepo(gitRepoClient git.Client, revision string, submoduleEnabled bool) error {
+	err := gitRepoClient.Init()
+	if err != nil {
+		return fmt.Errorf("Error during initializing repo: %w", err)
+	}
+
+	err = gitRepoClient.Fetch(revision)
+	if err != nil {
+		return fmt.Errorf("Error during fetching repo: %w", err)
+	}
+
+	commitSHA, err := gitRepoClient.LsRemote(revision)
+	if err != nil {
+		return fmt.Errorf("Error during fetching commitSHA: %w", err)
+	}
+	err = gitRepoClient.Checkout(commitSHA, submoduleEnabled)
+	if err != nil {
+		return fmt.Errorf("Error during repo checkout: %w", err)
+	}
+	return nil
+}

applicationset/services/repo_service_test.go

@@ -3,189 +3,231 @@ package services
 import (
 	"context"
 	"fmt"
+	"sort"
 	"testing"
 
-	"github.com/argoproj/argo-cd/v2/applicationset/services/mocks"
-	"github.com/argoproj/argo-cd/v2/reposerver/apiclient"
-	repo_mocks "github.com/argoproj/argo-cd/v2/reposerver/apiclient/mocks"
-	db_mocks "github.com/argoproj/argo-cd/v2/util/db/mocks"
-	"github.com/argoproj/argo-cd/v2/util/git"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
 
 	"github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
 )
 
+type ArgocdRepositoryMock struct {
+	mock *mock.Mock
+}
+
+func (a ArgocdRepositoryMock) GetRepository(ctx context.Context, url string) (*v1alpha1.Repository, error) {
+	args := a.mock.Called(ctx, url)
+
+	return args.Get(0).(*v1alpha1.Repository), args.Error(1)
+
+}
+
 func TestGetDirectories(t *testing.T) {
 
-	type fields struct {
-		repositoriesDBFuncs   []func(*mocks.RepositoryDB)
-		storecreds            git.CredsStore
-		submoduleEnabled      bool
-		repoServerClientFuncs []func(*repo_mocks.RepoServerServiceClient)
-	}
-	type args struct {
-		ctx      context.Context
-		repoURL  string
-		revision string
-	}
-	tests := []struct {
-		name    string
-		fields  fields
-		args    args
-		want    []string
-		wantErr assert.ErrorAssertionFunc
+	// Hardcode a specific revision to changes to argocd-example-apps from regressing this test:
+	//   Author: Alexander Matyushentsev <Alexander_Matyushentsev@intuit.com>
+	//   Date:   Sun Jan 31 09:54:53 2021 -0800
+	//   chore: downgrade kustomize guestbook image tag (#73)
+	exampleRepoRevision := "08f72e2a309beab929d9fd14626071b1a61a47f9"
+
+	for _, c := range []struct {
+		name          string
+		repoURL       string
+		revision      string
+		repoRes       *v1alpha1.Repository
+		repoErr       error
+		expected      []string
+		expectedError error
 	}{
-		{name: "ErrorGettingRepos", fields: fields{
-			repositoriesDBFuncs: []func(*mocks.RepositoryDB){
-				func(db *mocks.RepositoryDB) {
-					db.On("GetRepository", mock.Anything, mock.Anything).Return(nil, fmt.Errorf("unable to get repos"))
-				},
+		{
+			name:     "All child folders should be returned",
+			repoURL:  "https://github.com/argoproj/argocd-example-apps/",
+			revision: exampleRepoRevision,
+			repoRes: &v1alpha1.Repository{
+				Repo: "https://github.com/argoproj/argocd-example-apps/",
 			},
-		}, args: args{}, want: nil, wantErr: assert.Error},
-		{name: "ErrorGettingDirs", fields: fields{
-			repositoriesDBFuncs: []func(*mocks.RepositoryDB){
-				func(db *mocks.RepositoryDB) {
-					db.On("GetRepository", mock.Anything, mock.Anything).Return(&v1alpha1.Repository{}, nil)
-				},
+			repoErr: nil,
+			expected: []string{"apps", "apps/templates", "blue-green", "blue-green/templates", "guestbook", "helm-dependency",
+				"helm-guestbook", "helm-guestbook/templates", "helm-hooks", "jsonnet-guestbook", "jsonnet-guestbook-tla",
+				"ksonnet-guestbook", "ksonnet-guestbook/components", "ksonnet-guestbook/environments", "ksonnet-guestbook/environments/default",
+				"ksonnet-guestbook/environments/dev", "ksonnet-guestbook/environments/prod", "kustomize-guestbook", "plugins", "plugins/kasane",
+				"plugins/kustomized-helm", "plugins/kustomized-helm/overlays", "pre-post-sync", "sock-shop", "sock-shop/base", "sync-waves"},
+		},
+		{
+			name:     "If GetRepository returns an error, it should pass back to caller",
+			repoURL:  "https://github.com/argoproj/argocd-example-apps/",
+			revision: exampleRepoRevision,
+			repoRes: &v1alpha1.Repository{
+				Repo: "https://github.com/argoproj/argocd-example-apps/",
 			},
-			repoServerClientFuncs: []func(*repo_mocks.RepoServerServiceClient){
-				func(client *repo_mocks.RepoServerServiceClient) {
-					client.On("GetGitDirectories", mock.Anything, mock.Anything).Return(nil, fmt.Errorf("unable to get dirs"))
-				},
+			repoErr:       fmt.Errorf("Simulated error from GetRepository"),
+			expected:      nil,
+			expectedError: fmt.Errorf("Error in GetRepository: Simulated error from GetRepository"),
+		},
+		{
+			name: "Test against repository containing no directories",
+			// Here I picked an arbitrary repository in argoproj-labs, with a commit containing no folders.
+			repoURL:  "https://github.com/argoproj-labs/argo-workflows-operator/",
+			revision: "5f50933a576833b73b7a172909d8545a108685f4",
+			repoRes: &v1alpha1.Repository{
+				Repo: "https://github.com/argoproj-labs/argo-workflows-operator/",
 			},
-		}, args: args{}, want: nil, wantErr: assert.Error},
-		{name: "HappyCase", fields: fields{
-			repositoriesDBFuncs: []func(*mocks.RepositoryDB){
-				func(db *mocks.RepositoryDB) {
-					db.On("GetRepository", mock.Anything, mock.Anything).Return(&v1alpha1.Repository{}, nil)
-				},
-			},
-			repoServerClientFuncs: []func(*repo_mocks.RepoServerServiceClient){
-				func(client *repo_mocks.RepoServerServiceClient) {
-					client.On("GetGitDirectories", mock.Anything, mock.Anything).Return(&apiclient.GitDirectoriesResponse{
-						Paths: []string{"foo", "foo/bar", "bar/foo"},
-					}, nil)
-				},
-			},
-		}, args: args{}, want: []string{"foo", "foo/bar", "bar/foo"}, wantErr: assert.NoError},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			mockDb := &mocks.RepositoryDB{}
-			mockRepoClient := &repo_mocks.RepoServerServiceClient{}
-			// decorate the mocks
-			for i := range tt.fields.repositoriesDBFuncs {
-				tt.fields.repositoriesDBFuncs[i](mockDb)
-			}
-			for i := range tt.fields.repoServerClientFuncs {
-				tt.fields.repoServerClientFuncs[i](mockRepoClient)
+			repoErr:  nil,
+			expected: []string{},
+		},
+	} {
+		cc := c
+		t.Run(cc.name, func(t *testing.T) {
+			argocdRepositoryMock := ArgocdRepositoryMock{mock: &mock.Mock{}}
+
+			argocdRepositoryMock.mock.On("GetRepository", mock.Anything, cc.repoURL).Return(cc.repoRes, cc.repoErr)
+
+			argocd := argoCDService{
+				repositoriesDB: argocdRepositoryMock,
 			}
 
-			a := &argoCDService{
-				repositoriesDB:      mockDb,
-				storecreds:          tt.fields.storecreds,
-				submoduleEnabled:    tt.fields.submoduleEnabled,
-				repoServerClientSet: &repo_mocks.Clientset{RepoServerServiceClient: mockRepoClient},
+			got, err := argocd.GetDirectories(context.TODO(), cc.repoURL, cc.revision)
+
+			if cc.expectedError != nil {
+				assert.EqualError(t, err, cc.expectedError.Error())
+			} else {
+				sort.Strings(got)
+				sort.Strings(cc.expected)
+
+				assert.Equal(t, got, cc.expected)
+				assert.NoError(t, err)
 			}
-			got, err := a.GetDirectories(tt.args.ctx, tt.args.repoURL, tt.args.revision)
-			if !tt.wantErr(t, err, fmt.Sprintf("GetDirectories(%v, %v, %v)", tt.args.ctx, tt.args.repoURL, tt.args.revision)) {
-				return
-			}
-			assert.Equalf(t, tt.want, got, "GetDirectories(%v, %v, %v)", tt.args.ctx, tt.args.repoURL, tt.args.revision)
 		})
 	}
 }
 
 func TestGetFiles(t *testing.T) {
-	type fields struct {
-		repositoriesDBFuncs   []func(*mocks.RepositoryDB)
-		storecreds            git.CredsStore
-		submoduleEnabled      bool
-		repoServerClientFuncs []func(*repo_mocks.RepoServerServiceClient)
-	}
-	type args struct {
-		ctx      context.Context
+
+	// Hardcode a specific commit, so that changes to argoproj/argocd-example-apps/ don't break our tests
+	// "chore: downgrade kustomize guestbook image tag (#73)"
+	commitID := "08f72e2a309beab929d9fd14626071b1a61a47f9"
+
+	tests := []struct {
+		name     string
 		repoURL  string
 		revision string
 		pattern  string
-	}
-	tests := []struct {
-		name    string
-		fields  fields
-		args    args
-		want    map[string][]byte
-		wantErr assert.ErrorAssertionFunc
+		repoRes  *v1alpha1.Repository
+		repoErr  error
+
+		expectSubsetOfPaths []string
+		doesNotContainPaths []string
+		expectedError       error
 	}{
-		{name: "ErrorGettingRepos", fields: fields{
-			repositoriesDBFuncs: []func(*mocks.RepositoryDB){
-				func(db *mocks.RepositoryDB) {
-					db.On("GetRepository", mock.Anything, mock.Anything).Return(nil, fmt.Errorf("unable to get repos"))
-				},
+		{
+			name: "pull a specific revision of example apps and verify the list is expected",
+			repoRes: &v1alpha1.Repository{
+				Insecure:              true,
+				InsecureIgnoreHostKey: true,
+				Repo:                  "https://github.com/argoproj/argocd-example-apps/",
 			},
-		}, args: args{}, want: nil, wantErr: assert.Error},
-		{name: "ErrorGettingFiles", fields: fields{
-			repositoriesDBFuncs: []func(*mocks.RepositoryDB){
-				func(db *mocks.RepositoryDB) {
-					db.On("GetRepository", mock.Anything, mock.Anything).Return(&v1alpha1.Repository{}, nil)
-				},
+			repoURL:  "https://github.com/argoproj/argocd-example-apps/",
+			revision: commitID,
+			pattern:  "*",
+			expectSubsetOfPaths: []string{
+				"apps/Chart.yaml",
+				"apps/templates/helm-guestbook.yaml",
+				"apps/templates/helm-hooks.yaml",
+				"apps/templates/kustomize-guestbook.yaml",
+				"apps/templates/namespaces.yaml",
+				"apps/templates/sync-waves.yaml",
+				"apps/values.yaml",
+				"blue-green/.helmignore",
+				"blue-green/Chart.yaml",
+				"blue-green/README.md",
+				"blue-green/templates/NOTES.txt",
+				"blue-green/templates/rollout.yaml",
+				"blue-green/templates/services.yaml",
+				"blue-green/values.yaml",
+				"guestbook/guestbook-ui-deployment.yaml",
+				"guestbook/guestbook-ui-svc.yaml",
+				"kustomize-guestbook/guestbook-ui-deployment.yaml",
+				"kustomize-guestbook/guestbook-ui-svc.yaml",
+				"kustomize-guestbook/kustomization.yaml",
 			},
-			repoServerClientFuncs: []func(*repo_mocks.RepoServerServiceClient){
-				func(client *repo_mocks.RepoServerServiceClient) {
-					client.On("GetGitFiles", mock.Anything, mock.Anything).Return(nil, fmt.Errorf("unable to get files"))
-				},
+		},
+		{
+			name: "pull an invalid revision, and confirm an error is returned",
+			repoRes: &v1alpha1.Repository{
+				Insecure:              true,
+				InsecureIgnoreHostKey: true,
+				Repo:                  "https://github.com/argoproj/argocd-example-apps/",
 			},
-		}, args: args{}, want: nil, wantErr: assert.Error},
-		{name: "HappyCase", fields: fields{
-			repositoriesDBFuncs: []func(*mocks.RepositoryDB){
-				func(db *mocks.RepositoryDB) {
-					db.On("GetRepository", mock.Anything, mock.Anything).Return(&v1alpha1.Repository{}, nil)
-				},
+			repoURL:             "https://github.com/argoproj/argocd-example-apps/",
+			revision:            "this-tag-does-not-exist",
+			pattern:             "*",
+			expectSubsetOfPaths: []string{},
+			expectedError:       fmt.Errorf("Error during fetching repo: `git fetch origin this-tag-does-not-exist --tags --force --prune` failed exit status 128: fatal: couldn't find remote ref this-tag-does-not-exist"),
+		},
+		{
+			name: "pull a specific revision of example apps, and use a ** pattern",
+			repoRes: &v1alpha1.Repository{
+				Insecure:              true,
+				InsecureIgnoreHostKey: true,
+				Repo:                  "https://github.com/argoproj/argocd-example-apps/",
 			},
-			repoServerClientFuncs: []func(*repo_mocks.RepoServerServiceClient){
-				func(client *repo_mocks.RepoServerServiceClient) {
-					client.On("GetGitFiles", mock.Anything, mock.Anything).Return(&apiclient.GitFilesResponse{
-						Map: map[string][]byte{
-							"foo.json": []byte("hello: world!"),
-							"bar.yaml": []byte("yay: appsets"),
-						},
-					}, nil)
-				},
+			repoURL:  "https://github.com/argoproj/argocd-example-apps/",
+			revision: commitID,
+			pattern:  "**/*.yaml",
+			expectSubsetOfPaths: []string{
+				"apps/Chart.yaml",
+				"apps/templates/helm-guestbook.yaml",
+				"apps/templates/helm-hooks.yaml",
+				"apps/templates/kustomize-guestbook.yaml",
+				"apps/templates/namespaces.yaml",
+				"apps/templates/sync-waves.yaml",
+				"apps/values.yaml",
+				"blue-green/templates/rollout.yaml",
+				"blue-green/templates/services.yaml",
+				"blue-green/values.yaml",
+				"guestbook/guestbook-ui-deployment.yaml",
+				"guestbook/guestbook-ui-svc.yaml",
+				"kustomize-guestbook/guestbook-ui-deployment.yaml",
+				"kustomize-guestbook/guestbook-ui-svc.yaml",
+				"kustomize-guestbook/kustomization.yaml",
 			},
-		}, args: args{}, want: map[string][]byte{
-			"foo.json": []byte("hello: world!"),
-			"bar.yaml": []byte("yay: appsets"),
-		}, wantErr: assert.NoError},
+			doesNotContainPaths: []string{
+				"blue-green/.helmignore",
+				"blue-green/README.md",
+				"blue-green/templates/NOTES.txt",
+			},
+		},
 	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			mockDb := &mocks.RepositoryDB{}
-			mockRepoClient := &repo_mocks.RepoServerServiceClient{}
-			// decorate the mocks
-			for i := range tt.fields.repositoriesDBFuncs {
-				tt.fields.repositoriesDBFuncs[i](mockDb)
-			}
-			for i := range tt.fields.repoServerClientFuncs {
-				tt.fields.repoServerClientFuncs[i](mockRepoClient)
+
+	for _, cc := range tests {
+
+		// Get all the paths for a repository, and confirm that the expected subset of paths is found (or the expected error is returned)
+		t.Run(cc.name, func(t *testing.T) {
+			argocdRepositoryMock := ArgocdRepositoryMock{mock: &mock.Mock{}}
+
+			argocdRepositoryMock.mock.On("GetRepository", mock.Anything, cc.repoURL).Return(cc.repoRes, cc.repoErr)
+
+			argocd := argoCDService{
+				repositoriesDB: argocdRepositoryMock,
 			}
 
-			a := &argoCDService{
-				repositoriesDB:      mockDb,
-				storecreds:          tt.fields.storecreds,
-				submoduleEnabled:    tt.fields.submoduleEnabled,
-				repoServerClientSet: &repo_mocks.Clientset{RepoServerServiceClient: mockRepoClient},
+			getPathsRes, err := argocd.GetFiles(context.Background(), cc.repoURL, cc.revision, cc.pattern)
+
+			if cc.expectedError == nil {
+
+				assert.NoError(t, err)
+				for _, path := range cc.expectSubsetOfPaths {
+					assert.Contains(t, getPathsRes, path, "Unable to locate path: %s", path)
+				}
+
+				for _, shouldNotContain := range cc.doesNotContainPaths {
+					assert.NotContains(t, getPathsRes, shouldNotContain, "GetPaths should not contain %s", shouldNotContain)
+				}
+
+			} else {
+				assert.EqualError(t, err, cc.expectedError.Error())
 			}
-			got, err := a.GetFiles(tt.args.ctx, tt.args.repoURL, tt.args.revision, tt.args.pattern)
-			if !tt.wantErr(t, err, fmt.Sprintf("GetFiles(%v, %v, %v, %v)", tt.args.ctx, tt.args.repoURL, tt.args.revision, tt.args.pattern)) {
-				return
-			}
-			assert.Equalf(t, tt.want, got, "GetFiles(%v, %v, %v, %v)", tt.args.ctx, tt.args.repoURL, tt.args.revision, tt.args.pattern)
 		})
 	}
 }
-
-func TestNewArgoCDService(t *testing.T) {
-	service, err := NewArgoCDService(&db_mocks.ArgoDB{}, false, &repo_mocks.Clientset{}, false)
-	assert.NoError(t, err, err)
-	assert.NotNil(t, service)
-}

applicationset/services/scm_provider/aws_codecommit.go

@@ -1,376 +0,0 @@
-package scm_provider
-
-import (
-	"context"
-	"fmt"
-	"github.com/aws/aws-sdk-go/aws/request"
-	pathpkg "path"
-	"path/filepath"
-	"strings"
-
-	application "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
-	"github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/aws/arn"
-	"github.com/aws/aws-sdk-go/aws/awserr"
-	"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
-	"github.com/aws/aws-sdk-go/aws/session"
-	"github.com/aws/aws-sdk-go/service/codecommit"
-	"github.com/aws/aws-sdk-go/service/resourcegroupstaggingapi"
-	log "github.com/sirupsen/logrus"
-	"golang.org/x/exp/maps"
-	"k8s.io/utils/strings/slices"
-)
-
-const (
-	resourceTypeCodeCommitRepository = "codecommit:repository"
-	prefixGitUrlHttps                = "https://git-codecommit."
-	prefixGitUrlHttpsFIPS            = "https://git-codecommit-fips."
-)
-
-// AWSCodeCommitClient is a lean facade to the codecommitiface.CodeCommitAPI
-// it helps to reduce the mockery generated code.
-type AWSCodeCommitClient interface {
-	ListRepositoriesWithContext(aws.Context, *codecommit.ListRepositoriesInput, ...request.Option) (*codecommit.ListRepositoriesOutput, error)
-	GetRepositoryWithContext(aws.Context, *codecommit.GetRepositoryInput, ...request.Option) (*codecommit.GetRepositoryOutput, error)
-	ListBranchesWithContext(aws.Context, *codecommit.ListBranchesInput, ...request.Option) (*codecommit.ListBranchesOutput, error)
-	GetFolderWithContext(aws.Context, *codecommit.GetFolderInput, ...request.Option) (*codecommit.GetFolderOutput, error)
-}
-
-// AWSTaggingClient is a lean facade to the resourcegroupstaggingapiiface.ResourceGroupsTaggingAPIAPI
-// it helps to reduce the mockery generated code.
-type AWSTaggingClient interface {
-	GetResourcesWithContext(aws.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) (*resourcegroupstaggingapi.GetResourcesOutput, error)
-}
-
-type AWSCodeCommitProvider struct {
-	codeCommitClient AWSCodeCommitClient
-	taggingClient    AWSTaggingClient
-	tagFilters       []*application.TagFilter
-	allBranches      bool
-}
-
-func NewAWSCodeCommitProvider(ctx context.Context, tagFilters []*application.TagFilter, role string, region string, allBranches bool) (*AWSCodeCommitProvider, error) {
-	taggingClient, codeCommitClient, err := createAWSDiscoveryClients(ctx, role, region)
-	if err != nil {
-		return nil, err
-	}
-	return &AWSCodeCommitProvider{
-		codeCommitClient: codeCommitClient,
-		taggingClient:    taggingClient,
-		tagFilters:       tagFilters,
-		allBranches:      allBranches,
-	}, nil
-}
-
-func (p *AWSCodeCommitProvider) ListRepos(ctx context.Context, cloneProtocol string) ([]*Repository, error) {
-	repos := make([]*Repository, 0)
-
-	repoNames, err := p.listRepoNames(ctx)
-	if err != nil {
-		return nil, fmt.Errorf("failed to list codecommit repository: %w", err)
-	}
-
-	for _, repoName := range repoNames {
-		repo, err := p.codeCommitClient.GetRepositoryWithContext(ctx, &codecommit.GetRepositoryInput{
-			RepositoryName: aws.String(repoName),
-		})
-		if err != nil {
-			// we don't want to skip at this point. It's a valid repo, we don't want to have flapping Application on an AWS outage.
-			return nil, fmt.Errorf("failed to get codecommit repository: %w", err)
-		}
-		if repo == nil || repo.RepositoryMetadata == nil {
-			// unlikely to happen, but just in case to protect nil pointer dereferences.
-			log.Warnf("codecommit returned invalid response for repository %s, skipped", repoName)
-			continue
-		}
-		if aws.StringValue(repo.RepositoryMetadata.DefaultBranch) == "" {
-			// if a codecommit repo doesn't have default branch, it's uninitialized. not going to bother with it.
-			log.Warnf("repository %s does not have default branch, skipped", repoName)
-			continue
-		}
-		var url string
-		switch cloneProtocol {
-		// default to SSH if unspecified (i.e. if "").
-		case "", "ssh":
-			url = aws.StringValue(repo.RepositoryMetadata.CloneUrlSsh)
-		case "https":
-			url = aws.StringValue(repo.RepositoryMetadata.CloneUrlHttp)
-		case "https-fips":
-			url, err = getCodeCommitFIPSEndpoint(aws.StringValue(repo.RepositoryMetadata.CloneUrlHttp))
-			if err != nil {
-				return nil, fmt.Errorf("https-fips is provided but repoUrl can't be transformed to FIPS endpoint: %w", err)
-			}
-		default:
-			return nil, fmt.Errorf("unknown clone protocol for codecommit %v", cloneProtocol)
-		}
-		repos = append(repos, &Repository{
-			// there's no "organization" level at codecommit.
-			// we are just using AWS accountId for now.
-			Organization: aws.StringValue(repo.RepositoryMetadata.AccountId),
-			Repository:   aws.StringValue(repo.RepositoryMetadata.RepositoryName),
-			URL:          url,
-			Branch:       aws.StringValue(repo.RepositoryMetadata.DefaultBranch),
-			// we could propagate repo tag keys, but without value not sure if it's any useful.
-			Labels:       []string{},
-			RepositoryId: aws.StringValue(repo.RepositoryMetadata.RepositoryId),
-		})
-	}
-
-	return repos, nil
-}
-
-func (p *AWSCodeCommitProvider) RepoHasPath(ctx context.Context, repo *Repository, path string) (bool, error) {
-	// we use GetFolder instead of GetFile here because GetFile always downloads the full blob which has scalability problem.
-	// GetFolder is slightly less concerning.
-
-	path = toAbsolutePath(path)
-	// shortcut: if it's root folder ('/'), we always return true.
-	if path == "/" {
-		return true, nil
-	}
-	// here we are sure it's not root folder, strip the suffix for easier comparison.
-	path = strings.TrimSuffix(path, "/")
-
-	// we always get the parent folder, so we could support both submodule, file, symlink and folder cases.
-	parentPath := pathpkg.Dir(path)
-	basePath := pathpkg.Base(path)
-
-	input := &codecommit.GetFolderInput{
-		CommitSpecifier: aws.String(repo.Branch),
-		FolderPath:      aws.String(parentPath),
-		RepositoryName:  aws.String(repo.Repository),
-	}
-	output, err := p.codeCommitClient.GetFolderWithContext(ctx, input)
-	if err != nil {
-		if hasAwsError(err,
-			codecommit.ErrCodeRepositoryDoesNotExistException,
-			codecommit.ErrCodeCommitDoesNotExistException,
-			codecommit.ErrCodeFolderDoesNotExistException,
-		) {
-			return false, nil
-		}
-		// unhandled exception, propagate out
-		return false, err
-	}
-
-	// anything that matches.
-	for _, submodule := range output.SubModules {
-		if basePath == aws.StringValue(submodule.RelativePath) {
-			return true, nil
-		}
-	}
-	for _, subpath := range output.SubFolders {
-		if basePath == aws.StringValue(subpath.RelativePath) {
-			return true, nil
-		}
-	}
-	for _, subpath := range output.Files {
-		if basePath == aws.StringValue(subpath.RelativePath) {
-			return true, nil
-		}
-	}
-	for _, subpath := range output.SymbolicLinks {
-		if basePath == aws.StringValue(subpath.RelativePath) {
-			return true, nil
-		}
-	}
-	return false, nil
-}
-
-func (p *AWSCodeCommitProvider) GetBranches(ctx context.Context, repo *Repository) ([]*Repository, error) {
-	repos := make([]*Repository, 0)
-	if !p.allBranches {
-		output, err := p.codeCommitClient.GetRepositoryWithContext(ctx, &codecommit.GetRepositoryInput{
-			RepositoryName: aws.String(repo.Repository),
-		})
-		if err != nil {
-			return nil, err
-		}
-		repos = append(repos, &Repository{
-			Organization: repo.Organization,
-			Repository:   repo.Repository,
-			URL:          repo.URL,
-			Branch:       aws.StringValue(output.RepositoryMetadata.DefaultBranch),
-			RepositoryId: repo.RepositoryId,
-			Labels:       repo.Labels,
-			// getting SHA of the branch requires a separate GetBranch call.
-			// too expensive. for now, we just don't support it.
-			// SHA:          "",
-		})
-	} else {
-		input := &codecommit.ListBranchesInput{
-			RepositoryName: aws.String(repo.Repository),
-		}
-		for {
-			output, err := p.codeCommitClient.ListBranchesWithContext(ctx, input)
-			if err != nil {
-				return nil, err
-			}
-			for _, branch := range output.Branches {
-				repos = append(repos, &Repository{
-					Organization: repo.Organization,
-					Repository:   repo.Repository,
-					URL:          repo.URL,
-					Branch:       aws.StringValue(branch),
-					RepositoryId: repo.RepositoryId,
-					Labels:       repo.Labels,
-					// getting SHA of the branch requires a separate GetBranch call.
-					// too expensive. for now, we just don't support it.
-					// SHA:          "",
-				})
-			}
-			input.NextToken = output.NextToken
-			if aws.StringValue(output.NextToken) == "" {
-				break
-			}
-		}
-	}
-
-	return repos, nil
-}
-
-func (p *AWSCodeCommitProvider) listRepoNames(ctx context.Context) ([]string, error) {
-	tagFilters := p.getTagFilters()
-	repoNames := make([]string, 0)
-	var err error
-
-	if len(tagFilters) < 1 {
-		log.Debugf("no tag filer, calling codecommit api to list repos")
-		listReposInput := &codecommit.ListRepositoriesInput{}
-		var output *codecommit.ListRepositoriesOutput
-		for {
-			output, err = p.codeCommitClient.ListRepositoriesWithContext(ctx, listReposInput)
-			if err != nil {
-				break
-			}
-			for _, repo := range output.Repositories {
-				repoNames = append(repoNames, aws.StringValue(repo.RepositoryName))
-			}
-			listReposInput.NextToken = output.NextToken
-			if aws.StringValue(output.NextToken) == "" {
-				break
-			}
-		}
-	} else {
-		log.Debugf("tag filer is specified, calling tagging api to list repos")
-		discoveryInput := &resourcegroupstaggingapi.GetResourcesInput{
-			ResourceTypeFilters: aws.StringSlice([]string{resourceTypeCodeCommitRepository}),
-			TagFilters:          tagFilters,
-		}
-		var output *resourcegroupstaggingapi.GetResourcesOutput
-		for {
-			output, err = p.taggingClient.GetResourcesWithContext(ctx, discoveryInput)
-			if err != nil {
-				break
-			}
-			for _, resource := range output.ResourceTagMappingList {
-				repoArn := aws.StringValue(resource.ResourceARN)
-				log.Debugf("discovered codecommit repo with arn %s", repoArn)
-				repoName, extractErr := getCodeCommitRepoName(repoArn)
-				if extractErr != nil {
-					log.Warnf("discovered codecommit repoArn %s cannot be parsed due to %v", repoArn, err)
-					continue
-				}
-				repoNames = append(repoNames, repoName)
-			}
-			discoveryInput.PaginationToken = output.PaginationToken
-			if aws.StringValue(output.PaginationToken) == "" {
-				break
-			}
-		}
-	}
-	return repoNames, err
-}
-
-func (p *AWSCodeCommitProvider) getTagFilters() []*resourcegroupstaggingapi.TagFilter {
-	filters := make(map[string]*resourcegroupstaggingapi.TagFilter)
-	for _, tagFilter := range p.tagFilters {
-		filter, hasKey := filters[tagFilter.Key]
-		if !hasKey {
-			filter = &resourcegroupstaggingapi.TagFilter{
-				Key: aws.String(tagFilter.Key),
-			}
-			filters[tagFilter.Key] = filter
-		}
-		if tagFilter.Value != "" {
-			filter.Values = append(filter.Values, aws.String(tagFilter.Value))
-		}
-	}
-	return maps.Values(filters)
-}
-
-func getCodeCommitRepoName(repoArn string) (string, error) {
-	parsedArn, err := arn.Parse(repoArn)
-	if err != nil {
-		return "", fmt.Errorf("failed to parse codecommit repository ARN: %w", err)
-	}
-	// see: https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html
-	// arn:aws:codecommit:region:account-id:repository-name
-	return parsedArn.Resource, nil
-}
-
-// getCodeCommitFIPSEndpoint transforms provided https:// codecommit URL to a FIPS-compliant endpoint.
-// note that the specified region must support FIPS, otherwise the returned URL won't be reachable
-// see: https://docs.aws.amazon.com/codecommit/latest/userguide/regions.html#regions-git
-func getCodeCommitFIPSEndpoint(repoUrl string) (string, error) {
-	if strings.HasPrefix(repoUrl, prefixGitUrlHttpsFIPS) {
-		log.Debugf("provided repoUrl %s is already a fips endpoint", repoUrl)
-		return repoUrl, nil
-	}
-	if !strings.HasPrefix(repoUrl, prefixGitUrlHttps) {
-		return "", fmt.Errorf("the provided https endpoint isn't recognized, cannot be transformed to FIPS endpoint: %s", repoUrl)
-	}
-	// we already have the prefix, so we guarantee to replace exactly the prefix only.
-	return strings.Replace(repoUrl, prefixGitUrlHttps, prefixGitUrlHttpsFIPS, 1), nil
-}
-
-func hasAwsError(err error, codes ...string) bool {
-	if awsErr, ok := err.(awserr.Error); ok {
-		return slices.Contains(codes, awsErr.Code())
-	}
-	return false
-}
-
-// toAbsolutePath transforms a path input to absolute path, as required by AWS CodeCommit
-// see https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetFolder.html
-func toAbsolutePath(path string) string {
-	if filepath.IsAbs(path) {
-		return path
-	}
-	return filepath.ToSlash(filepath.Join("/", path))
-}
-
-func createAWSDiscoveryClients(_ context.Context, role string, region string) (*resourcegroupstaggingapi.ResourceGroupsTaggingAPI, *codecommit.CodeCommit, error) {
-	podSession, err := session.NewSession()
-	if err != nil {
-		return nil, nil, fmt.Errorf("error creating new AWS pod session: %w", err)
-	}
-	discoverySession := podSession
-	// assume role if provided - this allows cross account CodeCommit repo discovery.
-	if role != "" {
-		log.Debugf("role %s is provided for AWS CodeCommit discovery", role)
-		assumeRoleCreds := stscreds.NewCredentials(podSession, role)
-		discoverySession, err = session.NewSession(&aws.Config{
-			Credentials: assumeRoleCreds,
-		})
-		if err != nil {
-			return nil, nil, fmt.Errorf("error creating new AWS discovery session: %s", err)
-		}
-	} else {
-		log.Debugf("role is not provided for AWS CodeCommit discovery, using pod role")
-	}
-	// use region explicitly if provided  - this allows cross region CodeCommit repo discovery.
-	if region != "" {
-		log.Debugf("region %s is provided for AWS CodeCommit discovery", region)
-		discoverySession = discoverySession.Copy(&aws.Config{
-			Region: aws.String(region),
-		})
-	} else {
-		log.Debugf("region is not provided for AWS CodeCommit discovery, using pod region")
-	}
-
-	taggingClient := resourcegroupstaggingapi.New(discoverySession)
-	codeCommitClient := codecommit.New(discoverySession)
-
-	return taggingClient, codeCommitClient, nil
-}

applicationset/services/scm_provider/aws_codecommit/mocks/AWSCodeCommitClient.go

@@ -1,321 +0,0 @@
-// Code generated by mockery v2.26.1. DO NOT EDIT.
-
-package mocks
-
-import (
-	context "context"
-
-	codecommit "github.com/aws/aws-sdk-go/service/codecommit"
-
-	mock "github.com/stretchr/testify/mock"
-
-	request "github.com/aws/aws-sdk-go/aws/request"
-)
-
-// AWSCodeCommitClient is an autogenerated mock type for the AWSCodeCommitClient type
-type AWSCodeCommitClient struct {
-	mock.Mock
-}
-
-type AWSCodeCommitClient_Expecter struct {
-	mock *mock.Mock
-}
-
-func (_m *AWSCodeCommitClient) EXPECT() *AWSCodeCommitClient_Expecter {
-	return &AWSCodeCommitClient_Expecter{mock: &_m.Mock}
-}
-
-// GetFolderWithContext provides a mock function with given fields: _a0, _a1, _a2
-func (_m *AWSCodeCommitClient) GetFolderWithContext(_a0 context.Context, _a1 *codecommit.GetFolderInput, _a2 ...request.Option) (*codecommit.GetFolderOutput, error) {
-	_va := make([]interface{}, len(_a2))
-	for _i := range _a2 {
-		_va[_i] = _a2[_i]
-	}
-	var _ca []interface{}
-	_ca = append(_ca, _a0, _a1)
-	_ca = append(_ca, _va...)
-	ret := _m.Called(_ca...)
-
-	var r0 *codecommit.GetFolderOutput
-	var r1 error
-	if rf, ok := ret.Get(0).(func(context.Context, *codecommit.GetFolderInput, ...request.Option) (*codecommit.GetFolderOutput, error)); ok {
-		return rf(_a0, _a1, _a2...)
-	}
-	if rf, ok := ret.Get(0).(func(context.Context, *codecommit.GetFolderInput, ...request.Option) *codecommit.GetFolderOutput); ok {
-		r0 = rf(_a0, _a1, _a2...)
-	} else {
-		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*codecommit.GetFolderOutput)
-		}
-	}
-
-	if rf, ok := ret.Get(1).(func(context.Context, *codecommit.GetFolderInput, ...request.Option) error); ok {
-		r1 = rf(_a0, _a1, _a2...)
-	} else {
-		r1 = ret.Error(1)
-	}
-
-	return r0, r1
-}
-
-// AWSCodeCommitClient_GetFolderWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetFolderWithContext'
-type AWSCodeCommitClient_GetFolderWithContext_Call struct {
-	*mock.Call
-}
-
-// GetFolderWithContext is a helper method to define mock.On call
-//   - _a0 context.Context
-//   - _a1 *codecommit.GetFolderInput
-//   - _a2 ...request.Option
-func (_e *AWSCodeCommitClient_Expecter) GetFolderWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSCodeCommitClient_GetFolderWithContext_Call {
-	return &AWSCodeCommitClient_GetFolderWithContext_Call{Call: _e.mock.On("GetFolderWithContext",
-		append([]interface{}{_a0, _a1}, _a2...)...)}
-}
-
-func (_c *AWSCodeCommitClient_GetFolderWithContext_Call) Run(run func(_a0 context.Context, _a1 *codecommit.GetFolderInput, _a2 ...request.Option)) *AWSCodeCommitClient_GetFolderWithContext_Call {
-	_c.Call.Run(func(args mock.Arguments) {
-		variadicArgs := make([]request.Option, len(args)-2)
-		for i, a := range args[2:] {
-			if a != nil {
-				variadicArgs[i] = a.(request.Option)
-			}
-		}
-		run(args[0].(context.Context), args[1].(*codecommit.GetFolderInput), variadicArgs...)
-	})
-	return _c
-}
-
-func (_c *AWSCodeCommitClient_GetFolderWithContext_Call) Return(_a0 *codecommit.GetFolderOutput, _a1 error) *AWSCodeCommitClient_GetFolderWithContext_Call {
-	_c.Call.Return(_a0, _a1)
-	return _c
-}
-
-func (_c *AWSCodeCommitClient_GetFolderWithContext_Call) RunAndReturn(run func(context.Context, *codecommit.GetFolderInput, ...request.Option) (*codecommit.GetFolderOutput, error)) *AWSCodeCommitClient_GetFolderWithContext_Call {
-	_c.Call.Return(run)
-	return _c
-}
-
-// GetRepositoryWithContext provides a mock function with given fields: _a0, _a1, _a2
-func (_m *AWSCodeCommitClient) GetRepositoryWithContext(_a0 context.Context, _a1 *codecommit.GetRepositoryInput, _a2 ...request.Option) (*codecommit.GetRepositoryOutput, error) {
-	_va := make([]interface{}, len(_a2))
-	for _i := range _a2 {
-		_va[_i] = _a2[_i]
-	}
-	var _ca []interface{}
-	_ca = append(_ca, _a0, _a1)
-	_ca = append(_ca, _va...)
-	ret := _m.Called(_ca...)
-
-	var r0 *codecommit.GetRepositoryOutput
-	var r1 error
-	if rf, ok := ret.Get(0).(func(context.Context, *codecommit.GetRepositoryInput, ...request.Option) (*codecommit.GetRepositoryOutput, error)); ok {
-		return rf(_a0, _a1, _a2...)
-	}
-	if rf, ok := ret.Get(0).(func(context.Context, *codecommit.GetRepositoryInput, ...request.Option) *codecommit.GetRepositoryOutput); ok {
-		r0 = rf(_a0, _a1, _a2...)
-	} else {
-		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*codecommit.GetRepositoryOutput)
-		}
-	}
-
-	if rf, ok := ret.Get(1).(func(context.Context, *codecommit.GetRepositoryInput, ...request.Option) error); ok {
-		r1 = rf(_a0, _a1, _a2...)
-	} else {
-		r1 = ret.Error(1)
-	}
-
-	return r0, r1
-}
-
-// AWSCodeCommitClient_GetRepositoryWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetRepositoryWithContext'
-type AWSCodeCommitClient_GetRepositoryWithContext_Call struct {
-	*mock.Call
-}
-
-// GetRepositoryWithContext is a helper method to define mock.On call
-//   - _a0 context.Context
-//   - _a1 *codecommit.GetRepositoryInput
-//   - _a2 ...request.Option
-func (_e *AWSCodeCommitClient_Expecter) GetRepositoryWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSCodeCommitClient_GetRepositoryWithContext_Call {
-	return &AWSCodeCommitClient_GetRepositoryWithContext_Call{Call: _e.mock.On("GetRepositoryWithContext",
-		append([]interface{}{_a0, _a1}, _a2...)...)}
-}
-
-func (_c *AWSCodeCommitClient_GetRepositoryWithContext_Call) Run(run func(_a0 context.Context, _a1 *codecommit.GetRepositoryInput, _a2 ...request.Option)) *AWSCodeCommitClient_GetRepositoryWithContext_Call {
-	_c.Call.Run(func(args mock.Arguments) {
-		variadicArgs := make([]request.Option, len(args)-2)
-		for i, a := range args[2:] {
-			if a != nil {
-				variadicArgs[i] = a.(request.Option)
-			}
-		}
-		run(args[0].(context.Context), args[1].(*codecommit.GetRepositoryInput), variadicArgs...)
-	})
-	return _c
-}
-
-func (_c *AWSCodeCommitClient_GetRepositoryWithContext_Call) Return(_a0 *codecommit.GetRepositoryOutput, _a1 error) *AWSCodeCommitClient_GetRepositoryWithContext_Call {
-	_c.Call.Return(_a0, _a1)
-	return _c
-}
-
-func (_c *AWSCodeCommitClient_GetRepositoryWithContext_Call) RunAndReturn(run func(context.Context, *codecommit.GetRepositoryInput, ...request.Option) (*codecommit.GetRepositoryOutput, error)) *AWSCodeCommitClient_GetRepositoryWithContext_Call {
-	_c.Call.Return(run)
-	return _c
-}
-
-// ListBranchesWithContext provides a mock function with given fields: _a0, _a1, _a2
-func (_m *AWSCodeCommitClient) ListBranchesWithContext(_a0 context.Context, _a1 *codecommit.ListBranchesInput, _a2 ...request.Option) (*codecommit.ListBranchesOutput, error) {
-	_va := make([]interface{}, len(_a2))
-	for _i := range _a2 {
-		_va[_i] = _a2[_i]
-	}
-	var _ca []interface{}
-	_ca = append(_ca, _a0, _a1)
-	_ca = append(_ca, _va...)
-	ret := _m.Called(_ca...)
-
-	var r0 *codecommit.ListBranchesOutput
-	var r1 error
-	if rf, ok := ret.Get(0).(func(context.Context, *codecommit.ListBranchesInput, ...request.Option) (*codecommit.ListBranchesOutput, error)); ok {
-		return rf(_a0, _a1, _a2...)
-	}
-	if rf, ok := ret.Get(0).(func(context.Context, *codecommit.ListBranchesInput, ...request.Option) *codecommit.ListBranchesOutput); ok {
-		r0 = rf(_a0, _a1, _a2...)
-	} else {
-		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*codecommit.ListBranchesOutput)
-		}
-	}
-
-	if rf, ok := ret.Get(1).(func(context.Context, *codecommit.ListBranchesInput, ...request.Option) error); ok {
-		r1 = rf(_a0, _a1, _a2...)
-	} else {
-		r1 = ret.Error(1)
-	}
-
-	return r0, r1
-}
-
-// AWSCodeCommitClient_ListBranchesWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'ListBranchesWithContext'
-type AWSCodeCommitClient_ListBranchesWithContext_Call struct {
-	*mock.Call
-}
-
-// ListBranchesWithContext is a helper method to define mock.On call
-//   - _a0 context.Context
-//   - _a1 *codecommit.ListBranchesInput
-//   - _a2 ...request.Option
-func (_e *AWSCodeCommitClient_Expecter) ListBranchesWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSCodeCommitClient_ListBranchesWithContext_Call {
-	return &AWSCodeCommitClient_ListBranchesWithContext_Call{Call: _e.mock.On("ListBranchesWithContext",
-		append([]interface{}{_a0, _a1}, _a2...)...)}
-}
-
-func (_c *AWSCodeCommitClient_ListBranchesWithContext_Call) Run(run func(_a0 context.Context, _a1 *codecommit.ListBranchesInput, _a2 ...request.Option)) *AWSCodeCommitClient_ListBranchesWithContext_Call {
-	_c.Call.Run(func(args mock.Arguments) {
-		variadicArgs := make([]request.Option, len(args)-2)
-		for i, a := range args[2:] {
-			if a != nil {
-				variadicArgs[i] = a.(request.Option)
-			}
-		}
-		run(args[0].(context.Context), args[1].(*codecommit.ListBranchesInput), variadicArgs...)
-	})
-	return _c
-}
-
-func (_c *AWSCodeCommitClient_ListBranchesWithContext_Call) Return(_a0 *codecommit.ListBranchesOutput, _a1 error) *AWSCodeCommitClient_ListBranchesWithContext_Call {
-	_c.Call.Return(_a0, _a1)
-	return _c
-}
-
-func (_c *AWSCodeCommitClient_ListBranchesWithContext_Call) RunAndReturn(run func(context.Context, *codecommit.ListBranchesInput, ...request.Option) (*codecommit.ListBranchesOutput, error)) *AWSCodeCommitClient_ListBranchesWithContext_Call {
-	_c.Call.Return(run)
-	return _c
-}
-
-// ListRepositoriesWithContext provides a mock function with given fields: _a0, _a1, _a2
-func (_m *AWSCodeCommitClient) ListRepositoriesWithContext(_a0 context.Context, _a1 *codecommit.ListRepositoriesInput, _a2 ...request.Option) (*codecommit.ListRepositoriesOutput, error) {
-	_va := make([]interface{}, len(_a2))
-	for _i := range _a2 {
-		_va[_i] = _a2[_i]
-	}
-	var _ca []interface{}
-	_ca = append(_ca, _a0, _a1)
-	_ca = append(_ca, _va...)
-	ret := _m.Called(_ca...)
-
-	var r0 *codecommit.ListRepositoriesOutput
-	var r1 error
-	if rf, ok := ret.Get(0).(func(context.Context, *codecommit.ListRepositoriesInput, ...request.Option) (*codecommit.ListRepositoriesOutput, error)); ok {
-		return rf(_a0, _a1, _a2...)
-	}
-	if rf, ok := ret.Get(0).(func(context.Context, *codecommit.ListRepositoriesInput, ...request.Option) *codecommit.ListRepositoriesOutput); ok {
-		r0 = rf(_a0, _a1, _a2...)
-	} else {
-		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*codecommit.ListRepositoriesOutput)
-		}
-	}
-
-	if rf, ok := ret.Get(1).(func(context.Context, *codecommit.ListRepositoriesInput, ...request.Option) error); ok {
-		r1 = rf(_a0, _a1, _a2...)
-	} else {
-		r1 = ret.Error(1)
-	}
-
-	return r0, r1
-}
-
-// AWSCodeCommitClient_ListRepositoriesWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'ListRepositoriesWithContext'
-type AWSCodeCommitClient_ListRepositoriesWithContext_Call struct {
-	*mock.Call
-}
-
-// ListRepositoriesWithContext is a helper method to define mock.On call
-//   - _a0 context.Context
-//   - _a1 *codecommit.ListRepositoriesInput
-//   - _a2 ...request.Option
-func (_e *AWSCodeCommitClient_Expecter) ListRepositoriesWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSCodeCommitClient_ListRepositoriesWithContext_Call {
-	return &AWSCodeCommitClient_ListRepositoriesWithContext_Call{Call: _e.mock.On("ListRepositoriesWithContext",
-		append([]interface{}{_a0, _a1}, _a2...)...)}
-}
-
-func (_c *AWSCodeCommitClient_ListRepositoriesWithContext_Call) Run(run func(_a0 context.Context, _a1 *codecommit.ListRepositoriesInput, _a2 ...request.Option)) *AWSCodeCommitClient_ListRepositoriesWithContext_Call {
-	_c.Call.Run(func(args mock.Arguments) {
-		variadicArgs := make([]request.Option, len(args)-2)
-		for i, a := range args[2:] {
-			if a != nil {
-				variadicArgs[i] = a.(request.Option)
-			}
-		}
-		run(args[0].(context.Context), args[1].(*codecommit.ListRepositoriesInput), variadicArgs...)
-	})
-	return _c
-}
-
-func (_c *AWSCodeCommitClient_ListRepositoriesWithContext_Call) Return(_a0 *codecommit.ListRepositoriesOutput, _a1 error) *AWSCodeCommitClient_ListRepositoriesWithContext_Call {
-	_c.Call.Return(_a0, _a1)
-	return _c
-}
-
-func (_c *AWSCodeCommitClient_ListRepositoriesWithContext_Call) RunAndReturn(run func(context.Context, *codecommit.ListRepositoriesInput, ...request.Option) (*codecommit.ListRepositoriesOutput, error)) *AWSCodeCommitClient_ListRepositoriesWithContext_Call {
-	_c.Call.Return(run)
-	return _c
-}
-
-type mockConstructorTestingTNewAWSCodeCommitClient interface {
-	mock.TestingT
-	Cleanup(func())
-}
-
-// NewAWSCodeCommitClient creates a new instance of AWSCodeCommitClient. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
-func NewAWSCodeCommitClient(t mockConstructorTestingTNewAWSCodeCommitClient) *AWSCodeCommitClient {
-	mock := &AWSCodeCommitClient{}
-	mock.Mock.Test(t)
-
-	t.Cleanup(func() { mock.AssertExpectations(t) })
-
-	return mock
-}

applicationset/services/scm_provider/aws_codecommit/mocks/AWSTaggingClient.go

@@ -1,110 +0,0 @@
-// Code generated by mockery v2.26.1. DO NOT EDIT.
-
-package mocks
-
-import (
-	context "context"
-
-	request "github.com/aws/aws-sdk-go/aws/request"
-	mock "github.com/stretchr/testify/mock"
-
-	resourcegroupstaggingapi "github.com/aws/aws-sdk-go/service/resourcegroupstaggingapi"
-)
-
-// AWSTaggingClient is an autogenerated mock type for the AWSTaggingClient type
-type AWSTaggingClient struct {
-	mock.Mock
-}
-
-type AWSTaggingClient_Expecter struct {
-	mock *mock.Mock
-}
-
-func (_m *AWSTaggingClient) EXPECT() *AWSTaggingClient_Expecter {
-	return &AWSTaggingClient_Expecter{mock: &_m.Mock}
-}
-
-// GetResourcesWithContext provides a mock function with given fields: _a0, _a1, _a2
-func (_m *AWSTaggingClient) GetResourcesWithContext(_a0 context.Context, _a1 *resourcegroupstaggingapi.GetResourcesInput, _a2 ...request.Option) (*resourcegroupstaggingapi.GetResourcesOutput, error) {
-	_va := make([]interface{}, len(_a2))
-	for _i := range _a2 {
-		_va[_i] = _a2[_i]
-	}
-	var _ca []interface{}
-	_ca = append(_ca, _a0, _a1)
-	_ca = append(_ca, _va...)
-	ret := _m.Called(_ca...)
-
-	var r0 *resourcegroupstaggingapi.GetResourcesOutput
-	var r1 error
-	if rf, ok := ret.Get(0).(func(context.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) (*resourcegroupstaggingapi.GetResourcesOutput, error)); ok {
-		return rf(_a0, _a1, _a2...)
-	}
-	if rf, ok := ret.Get(0).(func(context.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) *resourcegroupstaggingapi.GetResourcesOutput); ok {
-		r0 = rf(_a0, _a1, _a2...)
-	} else {
-		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*resourcegroupstaggingapi.GetResourcesOutput)
-		}
-	}
-
-	if rf, ok := ret.Get(1).(func(context.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) error); ok {
-		r1 = rf(_a0, _a1, _a2...)
-	} else {
-		r1 = ret.Error(1)
-	}
-
-	return r0, r1
-}
-
-// AWSTaggingClient_GetResourcesWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetResourcesWithContext'
-type AWSTaggingClient_GetResourcesWithContext_Call struct {
-	*mock.Call
-}
-
-// GetResourcesWithContext is a helper method to define mock.On call
-//   - _a0 context.Context
-//   - _a1 *resourcegroupstaggingapi.GetResourcesInput
-//   - _a2 ...request.Option
-func (_e *AWSTaggingClient_Expecter) GetResourcesWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSTaggingClient_GetResourcesWithContext_Call {
-	return &AWSTaggingClient_GetResourcesWithContext_Call{Call: _e.mock.On("GetResourcesWithContext",
-		append([]interface{}{_a0, _a1}, _a2...)...)}
-}
-
-func (_c *AWSTaggingClient_GetResourcesWithContext_Call) Run(run func(_a0 context.Context, _a1 *resourcegroupstaggingapi.GetResourcesInput, _a2 ...request.Option)) *AWSTaggingClient_GetResourcesWithContext_Call {
-	_c.Call.Run(func(args mock.Arguments) {
-		variadicArgs := make([]request.Option, len(args)-2)
-		for i, a := range args[2:] {
-			if a != nil {
-				variadicArgs[i] = a.(request.Option)
-			}
-		}
-		run(args[0].(context.Context), args[1].(*resourcegroupstaggingapi.GetResourcesInput), variadicArgs...)
-	})
-	return _c
-}
-
-func (_c *AWSTaggingClient_GetResourcesWithContext_Call) Return(_a0 *resourcegroupstaggingapi.GetResourcesOutput, _a1 error) *AWSTaggingClient_GetResourcesWithContext_Call {
-	_c.Call.Return(_a0, _a1)
-	return _c
-}
-
-func (_c *AWSTaggingClient_GetResourcesWithContext_Call) RunAndReturn(run func(context.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) (*resourcegroupstaggingapi.GetResourcesOutput, error)) *AWSTaggingClient_GetResourcesWithContext_Call {
-	_c.Call.Return(run)
-	return _c
-}
-
-type mockConstructorTestingTNewAWSTaggingClient interface {
-	mock.TestingT
-	Cleanup(func())
-}
-
-// NewAWSTaggingClient creates a new instance of AWSTaggingClient. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
-func NewAWSTaggingClient(t mockConstructorTestingTNewAWSTaggingClient) *AWSTaggingClient {
-	mock := &AWSTaggingClient{}
-	mock.Mock.Test(t)
-
-	t.Cleanup(func() { mock.AssertExpectations(t) })
-
-	return mock
-}