Sync waves feature allows executing a sync operation in a number of steps or waves. Within each synchronization phase (pre-sync, sync, post-sync) you can have one or more waves, than allows you to ensure certain resources are healthy before subsequent resources are synced.
Argo CD needs to execute git fetch
operation to access application manifests and git ls-remote
to resolve ambiguous git revision. The git ls-remote
is executed very frequently
and although the operation is very lightweight it adds unnecessary load on Git server and might cause performance issues. In v1.1 release, the application reconciliation process was
optimized which significantly reduced the number of Git requests. With v1.1 release, Argo CD should send 3x ~ 5x fewer Git requests.
User-defined Application metadata enables the user to define a list of useful URLs for their specific application and expose those links on the UI (e.g. reference tp a CI pipeline or an application-specific management tool). These links should provide helpful shortcuts that make easier to integrate Argo CD into existing systems by making it easier to find other components inside and outside Argo CD.
- Kustomize v1.0 is deprecated and support will be removed in the Argo CD v1.2 release.
- Sync waves #1544
- Adds Prune=false and IgnoreExtraneous options #1629
- Forward Git credentials to config management plugins #1628
- Improve Kustomize 2 parameters UI #1609
- Adds
argocd logout
#1210 - Make it possible to set Helm release name different from Argo CD app name. #1066
- Add ability to specify system namespace during cluster add operation #1661
- Make listener and metrics ports configurable #1647
- Using SSH keys to authenticate kustomize bases from git #827
- Adds
argocd app sync APPNAME --async
#1728 - Allow users to define app specific urls to expose in the UI #1677
- Error view instead of blank page in UI #1375
- Project Editor: Whitelisted Cluster Resources doesn't strip whitespace #1693
- Eliminate unnecessary git interactions for top-level resource changes (#1919)
- Ability to rotate the bearer token used to manage external clusters (#1084)
- Project Editor: Whitelisted Cluster Resources doesn't strip whitespace #1693
- [ui small bug] menu position outside block #1711
- UI will crash when create application without destination namespace #1701
- ArgoCD synchronization failed due to internal error #1697
- Replicasets ordering is not stable on app tree view #1668
- Stuck processor on App Controller after deleting application with incomplete operation #1665
- Role edit page fails with JS error #1662
- failed parsing on parameters with comma #1660
- Handle nil obj when processing custom actions #1700
- Account for missing fields in Rollout HealthStatus #1699
- Sync operation unnecessary waits for a healthy state of all resources #1715
- failed parsing on parameters with comma #1660
- argocd app sync hangs when cluster is not configured (#1935)
- Do not allow app-of-app child app's Missing status to affect parent (#1954)
- Argo CD don't handle well k8s objects which size exceeds 1mb (#1685)
- Secret data not redacted in last-applied-configuration (#897)
- Running app actions requires only read privileges (#1827)
- UI should allow editing repo URL (#1763)
- Make status fields as optional fields (#1779)
- Use correct healthcheck for Rollout with empty steps list (#1776)
- Add Prometheus metrics for git repo interactions (#1912)
- App controller should log additional information during app syncing (#1909)
- Make sure api server to repo server grpc calls have timeout (#1820)
- Forked tool processes should timeout (#1821)
- Add health check to the controller deployment (#1785)
- Aditya Gupta
- Alex Collins
- Alex Matyushentsev
- Danny Thomson
- jannfis
- Jesse Suen
- Liviu Costea
- narg95
- Simon Behar
See also milestone v1.1
A new way to visual application resources had been introduced to the Application Details page. The Network View visualizes connections between Ingresses, Services and Pods based on ingress reference service, service's label selectors and labels. The new view is useful to understand the application traffic flow and troubleshot connectivity issues.
Argo CD introduces Custom Resource Actions to allow users to provide their own Lua scripts to modify existing Kubernetes resources in their applications. These actions are exposed in the UI to allow easy, safe, and reliable changes to their resources. This functionality can be used to introduce functionality such as suspending and enabling a Kubernetes cronjob, continue a BlueGreen deployment with Argo Rollouts, or scaling a deployment.
- New color palette intended to highlight unhealthily and out-of-sync resources more clearly.
- The health of more resources is displayed, so it easier to quickly zoom to unhealthy pods, replica-sets, etc.
- Resources that do not have health no longer appear to be healthy.
- Support for configuring Git repo credentials at a domain/org level
- Support for configuring requested OIDC provider scopes and enforced RBAC scopes
- Support for configuring monitored resources whitelist in addition to excluded resources
- Remove deprecated componentParameterOverrides field #1372
argocd app wait
should have--resource
flag like sync #1206- Adds support for
kustomize edit set image
. Closes #1275 (#1324) - Allow wait to return on health or suspended (#1392)
- Application warning when a manifest is defined twice #1070
- Create new documentation website #1390
- Default view should resource view instead of diff view #1354
- Display number of errors on resource tab #1477
- Displays resources that are being deleted as "Progressing". Closes #1410 (#1426)
- Generate random name for grpc proxy unix socket file instead of time stamp (#1455)
- Issue #357 - Expose application nodes networking information (#1333)
- Issue #1404 - App controller unnecessary set namespace to cluster level resources (#1405)
- Nils health if the resource does not provide it. Closes #1383 (#1408)
- Perform health assessments on all resource nodes in the tree. Closes #1382 (#1422)
- Remove deprecated componentParameterOverrides field #1372
- Shows the health of the application. Closes #1433 (#1434)
- Surface Service/Ingress external IPs, hostname to application #908
- Surface pod status to tree view #1358
- Support for customizable resource actions as Lua scripts #86
- UI / API Errors Truncated, Time Out #1386
- UI Enhancement Proposals Quick Wins #1274
- Update argocd-util import/export to support proper backup and restore (#1328)
- Whitelisting repos/clusters in projects should consider repo/cluster permissions #1432
- Adds support for configuring repo creds at a domain/org level. (#1332)
- Implement whitelist option analogous to
resource.exclusions
(#1490) - Added ability to sync specific labels from the command line (#1241)
- Improve rendering app image information (#1552)
- Add liveness probe to repo server/api servers (#1546)
- Support configuring requested OIDC provider scopes and enforced RBAC scopes (#1471)
- Don't compare secrets in the CLI, since argo-cd doesn't have access to their data (#1459)
- Dropdown menu should not have sync item for unmanaged resources #1357
- Fixes goroutine leak. Closes #1381 (#1457)
- Improve input style #1217
- Issue #908 - Surface Service/Ingress external IPs, hostname to application (#1347)
- kustomization fields are all mandatory #1504
- Resource node details is crashing if live resource is missing $1505
- Rollback UI is not showing correct ksonnet parameters in preview #1326
- See details of applications fails with "r.nodes is undefined" #1371
- UI fails to load custom actions is resource is not deployed #1502
- Unable to create app from private repo: x509: certificate signed by unknown authority (#1171)
- Fix hardcoded 'git' user in
util/git.NewClient
(#1555) - Application controller becomes unresponsive (#1476)
- Load target resource using K8S if conversion fails (#1414)
- Can't ignore a non-existent pointer anymore (#1586)
- Impossible to sync to HEAD from UI if auto-sync is enabled (#1579)
- Application controller is unable to delete self-referenced app (#1570)
- Prevent reconciliation loop for self-managed apps (#1533)
- Controller incorrectly report health state of self managed application (#1557)
- Fix kustomize manifest generation crash is manifest has image without version (#1540)
- Supply resourceVersion to watch request to prevent reading of stale cache (#1605)
- Fix racing condition in controller cache (#1498)
- "bind: address already in use" after switching to gRPC-Web (#1451)
- Annoying warning while using --grpc-web flag (#1420)
- Delete helm temp directories (#1446)
- Fix null pointer exception in secret normalization function (#1389)
- Argo CD should not delete CRDs(#1425)
- UI is unable to load cluster level resource manifest (#1429)
- [UI] applications view blows up when user does not have permissions (#1368)
- Add k8s objects circular dependency protection to getApp method (#1374)
- App controller unnecessary set namespace to cluster level resources (#1404)
- Changing SSO login URL to be a relative link so it's affected by basehref (#101) (@arnarg)
- CLI diff should take into account resource customizations (#1294)
- Don't try deleting application resource if it already has
deletionTimestamp
(#1406) - Fix invalid group filtering in 'patch-resource' command (#1319)
- Fix null pointer dereference error in 'argocd app wait' (#1366)
- kubectl v1.13 fails to convert extensions/NetworkPolicy (#1012)
- Patch APIs are not audited (#1397)
- 'argocd app wait' should fail sooner if app transitioned to Degraded state (#733)
- Add mapping to new canonical Ingress API group - kubernetes 1.14 support (#1348) (@twz123)
- Adds support for
kustomize edit set image
. (#1275) - Allow using any name for secrets which store cluster credentials (#1218)
- Update argocd-util import/export to support proper backup and restore (#1048)
Many improvements to the UI were made, including:
- Table view when viewing applications
- Filters on applications
- Table view when viewing application resources
- YAML editor in UI
- Switch to text-based diff instead of json diff
- Ability to edit application specs
Argo CD has long been able to perform health assessments on resources, however this could only assess the health for a few native kubernetes types (deployments, statefulsets, daemonsets, etc...). Now, Argo CD can be extended to gain understanding of any CRD health, in the form of Lua scripts. For example, using this feature, Argo CD now understands the CertManager Certificate CRD and will report a Degraded status when there are issues with the cert.
Argo CD introduces Config Management Plugins to support custom configuration management tools other than the set that Argo CD provides out-of-the-box (Helm, Kustomize, Ksonnet, Jsonnet). Using config management plugins, Argo CD can be configured to run specified commands to render manifests. This makes it possible for Argo CD to support other config management tools (kubecfg, kapitan, shell scripts, etc...).
Argo CD is now fully HA. A set HA of manifests are provided for users who wish to run Argo CD in a highly available manner. NOTE: The HA installation will require at least three different nodes due to pod anti-affinity roles in the specs.
- Support for Kustomize 2
- YAML/JSON/Jsonnet Directories can now be recursed
- Support for Jsonnet external variables and top-level arguments
Argo CD provides the following additional prometheus metrics:
- Sync counter to track sync activity and results over time
- Application reconciliation (refresh) performance to track Argo CD performance and controller activity
- Argo CD API Server metrics for monitoring HTTP/gRPC requests
Argo CD can now be configured to ignore known differences for resource types by specifying a json pointer to the field path to ignore. This helps prevent OutOfSync conditions when a user has no control over the manifests. Ignored differences can be configured either at an application level, or a system level, based on a group/kind.
Argo CD can now be configured to completely ignore entire classes of resources group/kinds. Excluding high-volume resources improves performance and memory usage, and reduces load and bandwidth to the Kubernetes API server. It also allows users to fine-tune the permissions that Argo CD needs to a cluster by preventing Argo CD from attempting to watch resources of that group/kind.
The argocd CLI can be now configured to communicate to the Argo CD API server using gRPC-Web
(HTTP1.1) using a new CLI flag --grpc-web
. This resolves some compatibility issues users were
experiencing with ingresses and gRPC (HTTP2), and should enable argocd CLI to work with virtually
any load balancer, ingress controller, or API gateway.
Argo CD introduces some additional CLI commands:
argocd app edit APPNAME
- to edit an application spec using preferred EDITORargocd proj edit PROJNAME
- to edit an project spec using preferred EDITORargocd app patch APPNAME
- to patch an application specargocd app patch-resource APPNAME
- to patch a specific resource which is part of an application
The label selectors for deployments were been renamed to use kubernetes common labels
(app.kuberentes.io/name=NAME
instead of app=NAME
). Since K8s deployment label selectors are
immutable, during an upgrade from v0.11 to v0.12, the old deployments should be deleted using
--cascade=false
which allows the new deployments to be created without introducing downtime.
Once the new deployments are ready, the older replicasets can be deleted. Use the following
instructions to upgrade from v0.11 to v0.12 without introducing downtime:
# delete the deployments with cascade=false. this orphan the replicasets, but leaves the pods running
kubectl delete deploy --cascade=false argocd-server argocd-repo-server argocd-application-controller
# apply the new manifests and wait for them to finish rolling out
kubectl apply <new install manifests>
kubectl rollout status deploy/argocd-application-controller
kubectl rollout status deploy/argocd-repo-server
kubectl rollout status deploy/argocd-application-controller
# delete old replicasets which are using the legacy label
kubectl delete rs -l app=argocd-server
kubectl delete rs -l app=argocd-repo-server
kubectl delete rs -l app=argocd-application-controller
# delete the legacy dex-server which was renamed
kubectl delete deploy dex-server
For declarative application specs, the spec.source.componentParameterOverrides
field is now
deprecated in favor of application source specific config. They are replaced with new fields
specific to their respective config management. For example, a Helm application spec using the
legacy field:
spec:
source:
componentParameterOverrides:
- name: image.tag
value: v1.2
should move to:
spec:
source:
helm:
parameters:
- name: image.tag
value: v1.2
Argo CD will automatically duplicate the legacy field values to the new locations (and vice versa)
as part of automatic migration. The legacy spec.source.componentParameterOverrides
field will be
kept around for the v0.12 release (for migration purposes) and will be removed in the next Argo CD
release.
The spec.source.environment
and spec.source.valuesFiles
fields, which were deprecated in v0.11,
are now completely removed from the Application spec.
Due to API spec changes related to the deprecation of componentParameterOverrides, Argo CD v0.12 has a minimum client version of v0.12.0. Older CLI clients will be rejected.
- Improved UI
- Custom Health Assessments (CRD Health)
- Configuration Management Plugins
- High Availability
- Fuzzy Diff Logic
- Resource Exclusions
- gRPC-Web Support
- CLI features
- Additional prometheus metrics
- Sample Grafana dashboard (#1277) (@hartman17)
- Support for Kustomize 2
- YAML/JSON/Jsonnet Directories can now be recursed
- Support for Jsonnet external variables and top-level arguments
- Optimized reconciliation performance for applications with very active resources (#1267)
- Support a separate OAuth2 CLI clientID different from server (#1307)
- argocd diff: only print to stdout, if there is a diff + exit code (#1288) (@marcb1)
- Detection and handling of duplicated resource definitions (#1284)
- Support kustomize apps with remote bases in private repos in the same host (#1264)
- Support patching resource using REST API (#1186)
- Deprecate componentParameterOverrides in favor of source specific config (#1207)
- Support talking to Dex using local cluster address instead of public address (#1211)
- Use Recreate deployment strategy for controller (#1315)
- Honor os environment variables for helm commands (#1306) (@1337andre)
- Disable CGO_ENABLED for server/controller binaries (#1286)
- Documentation fixes and improvements (@twz123, @yann-soubeyrand, @OmerKahani, @dulltz)
- Fix CRD creation/deletion handling (#1249)
- Git cloning via SSH was not verifying host public key (#1276)
- Fixed multiple goroutine leaks in controller and api-server
- Fix isssue where
argocd app set -p
required repo privileges. (#1280) - Fix local diff of non-namespaced resources. Also handle duplicates in local diff (#1289)
- Deprecated resource kinds from 'extensions' groups are not reconciled correctly (#1232)
- Fix issue where CLI would panic after timeout when cli did not have get permissions (#1209)
- invalidate repo cache on delete (#1182) (@narg95)
- Adds client retry. Fixes #959 (#1119)
- Prevent deletion hotloop (#1115)
- Fix EncodeX509KeyPair function so it takes in account chained certificates (#1137) (@amarruedo)
- Exclude metrics.k8s.io from watch (#1128)
- Fix issue where dex restart could cause login failures (#1114)
- Relax ingress/service health check to accept non-empty ingress list (#1053)
- [UI] Correctly handle empty response from repository//apps API
- Allow using redis as a cache in repo-server (#1020)
- Fix controller deadlock when checking for stale cache (#1044)
- Namespaces are not being sorted during apply (#1038)
- Controller cache was susceptible to clock skew in managed cluster
- Fix ability to unset ApplicationSource specific parameters
- Fix force resource delete API (#1033)
- Incorrect PermissionDenied error during app creation when using project roles + user-defined RBAC (#1019)
- Fix
kubctl convert
issue preventing deployment of extensions/NetworkPolicy (#1012) - Do not allow metadata.creationTimestamp to affect sync status (#1021)
- Graceful handling of clusters where API resource discovery is partially successful (#1018)
- Handle k8s resources circular dependency (#1016)
- Fix
app diff --local
command (#1008)
This is Argo CD's biggest release ever and introduces a completely redesigned controller architecture.
The application controller has a completely redesigned architecture which improved performance and scalability during application reconciliation.
This was achieved by introducing an in-memory, live state cache of lightweight Kubernetes object metadata. During reconciliation, the controller no longer performs expensive, in-line queries of app related resources in K8s API server, instead relying on the metadata available in the live state cache. This dramatically improves performance and responsiveness, and is less burdensome to the K8s API server.
With the new controller design, Argo CD is now able to understand ownership relationship between all Kubernetes objects, not just the built-in types. This enables Argo CD to visualize parent/child relationships between all kubernetes objects, including CRDs.
During sync, Argo CD will now honor any explicitly set namespace in a manifest. Manifests without a
namespace will continue deploy to the "preferred" namespace, as specified in app's
spec.destination.namespace
. This enables support for a class of applications which install to
multiple namespaces. For example, Argo CD can now install the
prometheus-operator
helm chart, which deploys some resources into kube-system
, and others into the
prometheus-operator
namespace.
Full resource objects are no longer stored in the Application CRD object status. Instead, only lightweight metadata is stored in the status, such as a resource's sync and health status. This change enabled Argo CD to support applications with a very large number of resources (e.g. istio), and reduces the bandwidth requirements when listing applications in the UI.
Resource lifecycle hooks (e.g. PreSync, PostSync) are now visible/manageable from the UI. Additionally, bare Pods with a restart policy of Never can now be used as a resource hook, as an alternative to Jobs, Workflows.
The tracking label for resources has been changed to use app.kubernetes.io/instance
, as
recommended in Kubernetes recommended labels,
(changed from applications.argoproj.io/app-name
). This will enable applications managed by Argo CD
to interoperate with other tooling which are also converging on this labeling, such as the
Kubernetes dashboard. Additionally, Argo CD no longer injects any tracking labels at the
spec.template.metadata
level.
Argo CD now supports auth delegation to an existing, external OIDC providers without the need for running Dex (e.g. Okta, OneLogin, Auth0, Microsoft, etc...)
The optional, Dex IDP OIDC provider is still bundled as part of the default installation, in order to provide a seamless out-of-box experience, enabling Argo CD to integrate with non-OIDC providers, and to benefit from Dex's full range of connectors.
OIDC group claims from an OAuth2 provider can now be bound to a Argo CD project roles. Previously,
group claims could only be managed in the centralized ConfigMap, argocd-rbac-cm
. They can now be
managed at a project level. This enables project admins to self service access to applications
within a project.
Argo CD settings can be now be configured either declaratively, or imperatively. The argocd-cm
ConfigMap now has a repositories
field, which can reference credentials in a normal Kubernetes
secret which you can create declaratively, outside of Argo CD.
Helm repositories can be configured at the system level, enabling the deployment of helm charts which have a dependency to external helm repositories.
-
Argo CD's resource names were renamed for consistency. For example, the application-controller deployment was renamed to argocd-application-controller. When upgrading from v0.10 to v0.11, the older resources should be pruned to avoid inconsistent state and controller in-fighting.
-
As a consequence to moving to recommended kubernetes labels, when upgrading from v0.10 to v0.11, all applications will immediately be OutOfSync due to the change in tracking labels. This will correct itself with another sync of the application. However, since Pods will be recreated, please take this into consideration, especially if your applications are configured with auto-sync.
-
There was significant reworking of the
app.status
fields to reduce the payload size, simplify the datastructure and remove fields which were no longer used by the controller. No breaking changes were made inapp.spec
. -
An older Argo CD CLI (v0.10 and below) will not be compatible with Argo CD v0.11. To keep CI pipelines in sync with the API server, it is recommended to have pipelines download the CLI directly from the API server https://${ARGOCD_SERVER}/download/argocd-linux-amd64 during the CI pipeline.
- Improve Application state reconciliation performance (#806)
- Refactor, consolidate and rename resource type data structures
- Declarative setup and configuration of ArgoCD (#536)
- Declaratively add helm repositories (#747)
- Switch to k8s recommended app.kubernetes.io/instance label (#857)
- Ability for a single application to deploy into multiple namespaces (#696)
- Self service group access to project applications (#742)
- Support for Pods as a sync hook (#801)
- Support 'crd-install' helm hook (#355)
- Use external 'diff' utility to render actual vs target state difference
- Show sync policy in app list view
- Remove resources state from application CRD (#758)
- API server & UI should serve argocd binaries instead of linking to GitHub (#716)
- Update versions for kubectl (v1.13.1), helm (v2.12.1), ksonnet (v0.13.1)
- Update version of aws-iam-authenticator (0.4.0-alpha.1)
- Ability to force refresh of application manifests from git
- Improve diff assessment for Secrets, ClusterRoles, Roles
- Failed to deploy helm chart with local dependencies and no internet access (#786)
- Out of sync reported if Secrets with stringData are used (#763)
- Unable to delete application in K8s v1.12 (#718)
- Fix issue preventing in-cluster app sync due to go-client changes (issue #774)
- Increase concurrency of application controller
- Update dependencies to k8s v1.12 and client-go v9.0 (#729)
- add argo cluster permission to view logs (#766) (@conorfennell)
- Fix issue where applications could not be deleted on k8s v1.12
- Allow 'syncApplication' action to reference target revision rather then hard-coding to 'HEAD' (#69) (@chrisgarland)
- Issue #768 - Fix application wizard crash
- Upgrade to Helm v0.11.0 (@amarrella)
- Health check is not discerning apiVersion when assessing CRDs (issue #753)
- Fix nil pointer dereference in util/health (@mduarte)
- Fix applying TLS version settings
- Update to kustomize 1.0.10 (@twz123)
- Update to kustomize 1.0.9 (@twz123)
- Fix app refresh err when k8s patch is too slow
- Handle case where OIDC settings become invalid after dex server restart (issue #710)
- git clean also needs to clean files under gitignore (issue #711)
- Allow more fine-grained sync (issue #508)
- Display init container logs (issue #681)
- Redirect to /auth/login instead of /login when SSO token is used for authenticaion (issue #348)
- Support ability to use a helm values files from a URL (issue #624)
- Support public not-connected repo in app creation UI (issue #426)
- Use ksonnet CLI instead of ksonnet libs (issue #626)
- We should be able to select the order of the
yaml
files while creating a Helm App (#664)
- Remove default params from app history (issue #556)
- Update to ksonnet v0.13.0
- Update to kustomize 1.0.8
- API Server fails to return apps due to grpc max message size limit (issue #690)
- App Creation UI for Helm Apps shows only files prefixed with
values-
(issue #663) - App creation UI should allow specifying values files outside of helm app directory bug (issue #658)
- argocd-server logs credentials in plain text when adding git repositories (issue #653)
- Azure Repos do not work as a repository (issue #643)
- Better update conflict error handing during app editing (issue #685)
- Cluster watch needs to be restarted when CRDs get created (issue #627)
- Credentials not being accepted for Google Source Repositories (issue #651)
- Default project is created without permission to deploy cluster level resources (issue #679)
- Generate role token click resets policy changes (issue #655)
- Input type text instead of password on Connect repo panel (issue #693)
- Metrics endpoint not reachable through the metrics kubernetes service (issue #672)
- Operation stuck in 'in progress' state if application has no resources (issue #682)
- Project should influence options for cluster and namespace during app creation (issue #592)
- Repo server unable to execute ls-remote for private repos (issue #639)
- Resource is always out of sync if it has only 'ksonnet.io/component' label (issue #686)
- Resource nodes are 'jumping' on app details page (issue #683)
- Sync always suggest using latest revision instead of target UI bug (issue #669)
- Temporary ignore service catalog resources (issue #650)
- Update to kustomize 1.0.8
- Fix issue where argocd-server logged credentials in plain text during repo add (issue #653)
- Credentials not being accepted for Google Source Repositories (issue #651)
- Azure Repos do not work as a repository (issue #643)
- Temporary ignore service catalog resources (issue #650)
- Normalize policies by always adding space after comma
- Repo server unable to execute ls-remote for private repos (issue #639)
- Cluster wide resources should be allowed in default project (due to issue #330):
argocd project allow-cluster-resource default '*' '*'
- Projects now provide the ability to allow or deny deployments of cluster-scoped resources (e.g. Namespaces, ClusterRoles, CustomResourceDefinitions). When upgrading from v0.8 to v0.9, to match the behavior of v0.8 (which did not have restrictions on deploying resources) and continue to allow deployment of cluster-scoped resources, an additional command should be run:
argocd proj allow-cluster-resource default '*' '*'
The above command allows the default
project to deploy any cluster-scoped resources which matches
the behavior of v0.8.
- The secret keys in the argocd-secret containing the TLS certificate and key, has been renamed from
server.crt
andserver.key
to the standardtls.crt
andtls.key
keys. This enables Argo CD to integrate better with Ingress and cert-manager. When upgrading to v0.9, theserver.crt
andserver.key
keys in argocd-secret should be renamed to the new keys.
- Auto-sync option in application CRD instance (issue #79)
- Support raw jsonnet as an application source (issue #540)
- Reorder K8s resources to correct creation order (issue #102)
- Redact K8s secrets from API server payloads (issue #470)
- Support --in-cluster authentication without providing a kubeconfig (issue #527)
- Special handling of CustomResourceDefinitions (issue #613)
- Argo CD should download helm chart dependencies (issue #582)
- Export Argo CD stats as prometheus style metrics (issue #513)
- Support restricting TLS version (issue #609)
- Use 'kubectl auth reconcile' before 'kubectl apply' (issue #523)
- Projects need controls on cluster-scoped resources (issue #330)
- Support IAM Authentication for managing external K8s clusters (issue #482)
- Compatibility with cert manager (issue #617)
- Enable TLS for repo server (issue #553)
- Split out dex into it's own deployment (instead of sidecar) (issue #555)
- [UI] Support selection of helm values files in App creation wizard (issue #499)
- [UI] Support specifying source revision in App creation wizard allow (issue #503)
- [UI] Improve resource diff rendering (issue #457)
- [UI] Indicate number of ready containers in pod (issue #539)
- [UI] Indicate when app is overriding parameters (issue #503)
- [UI] Provide a YAML view of resources (issue #396)
- [UI] Project Role/Token management from UI (issue #548)
- [UI] App creation wizard should allow specifying source revision (issue #562)
- [UI] Ability to modify application from UI (issue #615)
- [UI] indicate when operation is in progress or has failed (issue #566)
- Fix issue where changes were not pulled when tracking a branch (issue #567)
- Lazy enforcement of unknown cluster/namespace restricted resources (issue #599)
- Fix controller hot loop when app source contains bad manifests (issue #568)
- Fix issue where Argo CD fails to deploy when resources are in a K8s list format (issue #584)
- Fix comparison failure when app contains unregistered custom resource (issue #583)
- Fix issue where helm hooks were being deployed as part of sync (issue #605)
- Fix race conditions in kube.GetResourcesWithLabel and DeleteResourceWithLabel (issue #587)
- [UI] Fix issue where projects filter does not work when application got changed
- [UI] Creating apps from directories is not obvious (issue #565)
- Helm hooks are being deployed as resources (issue #605)
- Disagreement in three way diff calculation (issue #597)
- SIGSEGV in kube.GetResourcesWithLabel (issue #587)
- Argo CD fails to deploy resources list (issue #584)
- Branch tracking not working properly (issue #567)
- Controller hot loop when application source has bad manifests (issue #568)
- Downgrade ksonnet from v0.12.0 to v0.11.0 due to quote unescape regression
- Fix CLI panic when performing an initial
argocd sync/wait
- [UI] Support selection of helm values files in App creation wizard (issue #499)
- [UI] Support specifying source revision in App creation wizard allow (issue #503)
- [UI] Improve resource diff rendering (issue #457)
- [UI] Indicate number of ready containers in pod (issue #539)
- [UI] Indicate when app is overriding parameters (issue #503)
- [UI] Provide a YAML view of resources (issue #396)
- Fix issue where changes were not pulled when tracking a branch (issue #567)
- Fix controller hot loop when app source contains bad manifests (issue #568)
- [UI] Fix issue where projects filter does not work when application got changed
- The RBAC model has been improved to support explicit denies. What this means is that any previous
RBAC policy rules, need to be rewritten to include one extra column with the effect:
allow
ordeny
. For example, if a rule was written like this:It should be rewritten to look like this:p, my-org:my-team, applications, get, */*
p, my-org:my-team, applications, get, */*, allow
- Support kustomize as an application source (issue #510)
- Introduce project tokens for automation access (issue #498)
- Add ability to delete a single application resource to support immutable updates (issue #262)
- Update RBAC model to support explicit denies (issue #497)
- Ability to view Kubernetes events related to application projects for auditing
- Add PVC healthcheck to controller (issue #501)
- Run all containers as an unprivileged user (issue #528)
- Upgrade ksonnet to v0.12.0
- Add readiness probes to API server (issue #522)
- Use gRPC error codes instead of fmt.Errorf (#532)
- API discovery becomes best effort when partial resource list is returned (issue #524)
- Fix
argocd app wait
printing incorrect Sync output (issue #542) - Fix issue where argocd could not sync to a tag (#541)
- Fix issue where static assets were browser cached between upgrades (issue #489)
- API discovery becomes best effort when partial resource list is returned (issue #524)
- Surface helm parameters to the application level (#485)
- [UI] Improve application creation wizard (#459)
- [UI] Show indicator when refresh is still in progress (#493)
- [UI] Improve data loading error notification (#446)
- Infer username from claims during an
argocd relogin
(#475) - Expand RBAC role to be able to create application events. Fix username claims extraction
- Fix scalability issues with the ListApps API (#494)
- Fix issue where application server was retrieving events from incorrect cluster (#478)
- Fix failure in identifying app source type when path was '.'
- AppProjectSpec SourceRepos mislabeled (#490)
- Failed e2e test was not failing CI workflow
- Fix linux download link in getting_started.md (#487) (@chocopowwwa)
- Support helm charts and yaml directories as an application source
- Audit trails in the form of API call logs
- Generate kubernetes events for application state changes
- Add ksonnet version to version endpoint (#433)
- Show CLI progress for sync and rollback
- Make use of dex refresh tokens and store them into local config
- Expire local superuser tokens when their password changes
- Add
argocd relogin
command as a convenience around login to current context
- Fix saving default connection status for repos and clusters
- Fix undesired fail-fast behavior of health check
- Fix memory leak in the cluster resource watch
- Health check for StatefulSets, DaemonSet, and ReplicaSets were failing due to use of wrong converters
- Health check for StatefulSets, DaemonSet, and ReplicaSets were failing due to use of wrong converters
- Fix regression where deployment health check incorrectly reported Healthy
- Intercept dex SSO errors and present them in Argo login page
- Support PreSync, Sync, PostSync resource hooks
- Introduce Application Projects for finer grain RBAC controls
- Swagger Docs & UI
- Support in-cluster deployments internal kubernetes service name
- Refactoring & Improvements
- Improved error handling, status and condition reporting
- Remove installer in favor of kubectl apply instructions
- Add validation when setting application parameters
- Cascade deletion is decided during app deletion, instead of app creation
- Fix git authentication implementation when using using SSH key
- app-name label was inadvertently injected into spec.selector if selector was omitted from v1beta1 specs
- Refresh flag to sync should be optional, not required
- Support cluster management using the internal k8s API address https://kubernetes.default.svc (#307)
- Support diffing a local ksonnet app to the live application state (resolves #239) (#298)
- Add ability to show last operation result in app get. Show path in app list -o wide (#297)
- Update dependencies: ksonnet v0.11, golang v1.10, debian v9.4 (#296)
- Add ability to force a refresh of an app during get (resolves #269) (#293)
- Automatically restart API server upon certificate changes (#292)
- Resource events tab on application details page (#286)
- Display pod status on application details page (#231)
- API server incorrectly compose application fully qualified name for RBAC check (#283)
- UI crash while rendering application operation info if operation failed
- RBAC access control
- Repository/Cluster state monitoring
- Argo CD settings import/export
- Application creation UI wizard
- argocd app manifests for printing the application manifests
- argocd app unset command to unset parameter overrides
- Fail app sync if prune flag is required (#276)
- Take into account number of unavailable replicas to decided if deployment is healthy or not #270
- Add ability to show parameters and overrides in CLI (resolves #240)
- Repo names containing underscores were not being accepted (#258)
- Cookie token was not parsed properly when mixed with other site cookies
- Fix argocd app wait health checking logic
- Retry argocd app wait connection errors from EOF watch. Show detailed state changes
- Add argocd app unset command to unset parameter overrides
- Cookie token was not parsed properly when mixed with other site cookies
- Add ability to show parameters and overrides in CLI (resolves #240)
- Add Events API endpoint
- Issue #238 - add upsert flag to 'argocd app create' command
- Add repo browsing endpoint (#229)
- Support subscribing to settings updates and auto-restart of dex and API server
- Issue #233 - Controller does not persist rollback operation result
- App sync frequently fails due to concurrent app modification
- Move local branch deletion as part of git Reset() (resolves #185) (#222)
- Fix exit code for app wait (#219)
- Show URL in argocd app get
- Remove interactive context name prompt during login which broke login automation
- Rename force flag to cascade in argocd app delete
- Implemented argocd app wait command
- SSO Integration
- GitHub Webhook
- Add application health status
- Sync/Rollback/Delete is asynchronously handled by controller
- Refactor CRUD operation on clusters and repos
- Sync will always perform kubectl apply
- Synced Status considers last-applied-configuration annotatoin
- Server & namespace are mandatory fields (still inferred from app.yaml)
- Manifests are memoized in repo server
- Fix connection timeouts to SSH repos
- Application sync should delete 'unexpected' resources #139
- Update ksonnet to v0.10.1
- Detect unexpected resources
- Fix: App sync frequently fails due to concurrent app modification #147
- Fix: improve app state comparator: #136, #132
- Add new rollback RPC with numeric identifiers
- New argo app history and argo app rollback command
- Switch to gogo/protobuf for golang code generation
- Fix: create .argocd directory during argo login (issue #123)
- Fix: Allow overriding server or namespace separately (issue #110)
- Auth support
- TLS support
- DAG-based application view
- Bulk watch
- ksonnet v0.10.0-alpha.3
- kubectl apply deployment strategy
- CLI improvements for app management
- Rollback UI
- Override parameters
- Define app in Github with dev and preprod environment using KSonnet
- Add cluster Diff App with a cluster Deploy app in a cluster
- Deploy a new version of the app in the cluster
- App sync based on Github app config change - polling only
- Basic UI: App diff between Git and k8s cluster for all environments Basic GUI