Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.2 #263

dependabot · 2024-08-26T18:59:10Z

Bumps github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.2.

Release notes

Sourced from github.com/argoproj/argo-cd/v2's releases.

v2.12.2

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.12.2/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.12.2/manifests/ha/install.yaml
Release Signatures and Provenance

All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.

Upgrading

If upgrading from a different minor version, be sure to read the upgrading documentation.

Changelog

Bug fixes

b06822050384bbf9c249802633744356937818a2: fix(appset): informer is not a kubernetes informer (#18905) (#19618) (#19636) (@gcp-cherry-pick-bot[bot])

7244c2d5e5879069a467afe3a69819700f5e1fac: fix(appset): remove cache references (#19652) (@rumstead)

c873d5c68a3d407a81fd7e49f5e1b234d038e63f: fix: Floating title content incorrect for multi-sources (#17274) (#19623) (#19627) (@gcp-cherry-pick-bot[bot])

88f85daf5247d851c46877e1683cc8a0ad936771: fix: Parse hostname correctly from repoURL to fetch correct CA cert (#19488) (#19602) (@gcp-cherry-pick-bot[bot])

Full Changelog: argoproj/argo-cd@v2.12.1...v2.12.2

v2.12.1

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.12.1/manifests/install.yaml
HA:
</tr></table> 

... (truncated)

Commits

560953c Bump version to 2.12.2 (#19657)
7244c2d fix(appset): remove cache references (#19652)
b068220 fix(appset): informer is not a kubernetes informer (#18905) (#19618) (#19636)
c873d5c fix: Floating title content incorrect for multi-sources (#17274) (#19623) (#1...
88f85da fix: Parse hostname correctly from repoURL to fetch correct CA cert (#19488) ...
26b2039 Bump version to 2.12.1 (#19568)
952838c fix(appset): cherry-pick - fix appset-in-any-namespace issue with git generat...
7af4526 fix: appset gpg limitation for templated project fields (#19492) (#19534)
b156b61 fix(appset): missing permissions for cluster install (#19059) (#19430) (#19435)
fd47845 fix: docs version regex changed (#18756) (#19352)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/argoproj/argo-cd/v2](https://github.com/argoproj/argo-cd) from 2.11.6 to 2.12.2. - [Release notes](https://github.com/argoproj/argo-cd/releases) - [Changelog](https://github.com/argoproj/argo-cd/blob/master/CHANGELOG.md) - [Commits](argoproj/argo-cd@v2.11.6...v2.12.2) --- updated-dependencies: - dependency-name: github.com/argoproj/argo-cd/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

zapier-sre-bot · 2024-08-26T18:59:57Z

Mergecat's Review

Click to read mergecats review!

😼 Mergecat review of go.mod

@@ -1,11 +1,10 @@
 module github.com/zapier/kubechecks
 
 go 1.21
-
-toolchain go1.21.6
+toolchain go1.22.5
 
 require (
-	github.com/argoproj/argo-cd/v2 v2.11.6
+	github.com/argoproj/argo-cd/v2 v2.12.2
 	github.com/argoproj/gitops-engine v0.7.1-0.20240715141605-18ba62e1f1fb
 	github.com/aws/aws-sdk-go-v2 v1.30.1
 	github.com/aws/aws-sdk-go-v2/config v1.27.24
@@ -57,11 +56,11 @@ require (
 	google.golang.org/grpc v1.64.0
 	gopkg.in/dealancer/validate.v2 v2.1.0
 	gopkg.in/yaml.v3 v3.0.1
-	k8s.io/api v0.26.15
-	k8s.io/apiextensions-apiserver v0.26.10
-	k8s.io/apimachinery v0.26.15
-	k8s.io/client-go v0.26.15
-	sigs.k8s.io/controller-runtime v0.14.7
+	k8s.io/api v0.29.6
+	k8s.io/apiextensions-apiserver v0.29.6
+	k8s.io/apimachinery v0.29.6
+	k8s.io/client-go v0.29.6
+	sigs.k8s.io/controller-runtime v0.17.2
 	sigs.k8s.io/yaml v1.4.0
 )
 
@@ -83,7 +82,7 @@ require (
 	github.com/Masterminds/sprig/v3 v3.2.3 // indirect
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/OneOfOne/xxhash v1.2.8 // indirect
-	github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect
+	github.com/ProtonMail/go-crypto v1.0.0 // indirect
 	github.com/TomOnTime/utfutil v0.0.0-20180511104225-09c41003ee1d // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/agnivade/levenshtein v1.1.1 // indirect
@@ -122,20 +121,20 @@ require (
 	github.com/docker/distribution v2.8.3+incompatible // indirect
 	github.com/docker/go-connections v0.4.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
-	github.com/emicklei/go-restful/v3 v3.10.2 // indirect
+	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
 	github.com/evanphx/json-patch v5.9.0+incompatible // indirect
-	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
+	github.com/evanphx/json-patch/v5 v5.8.0 // indirect
 	github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
 	github.com/fatih/camelcase v1.0.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
-	github.com/fvbommel/sortorder v1.0.1 // indirect
+	github.com/fvbommel/sortorder v1.1.0 // indirect
 	github.com/go-akka/configuration v0.0.0-20200606091224-a002c0330665 // indirect
 	github.com/go-errors/errors v1.4.2 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/go-git/go-billy/v5 v5.5.0 // indirect
-	github.com/go-git/go-git/v5 v5.11.0 // indirect
+	github.com/go-git/go-git/v5 v5.12.0 // indirect
 	github.com/go-ini/ini v1.67.0 // indirect
 	github.com/go-jose/go-jose/v3 v3.0.3 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
@@ -152,6 +151,7 @@ require (
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/btree v1.1.2 // indirect
 	github.com/google/gnostic v0.6.9 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/go-github/v53 v53.2.0 // indirect
 	github.com/google/go-jsonnet v0.20.0 // indirect
@@ -171,7 +171,7 @@ require (
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-getter v1.7.5 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
 	github.com/hashicorp/go-safetemp v1.0.0 // indirect
 	github.com/hashicorp/go-version v1.6.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
@@ -200,6 +200,7 @@ require (
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-runewidth v0.0.15 // indirect
+	github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 // indirect
 	github.com/mitchellh/copystructure v1.0.0 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
@@ -234,7 +235,7 @@ require (
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect
-	github.com/sergi/go-diff v1.3.1 // indirect
+	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
 	github.com/shopspring/decimal v1.2.0 // indirect
 	github.com/shteou/go-ignore v0.3.1 // indirect
 	github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466 // indirect
@@ -267,8 +268,7 @@ require (
 	go.opentelemetry.io/otel/metric v1.28.0 // indirect
 	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
 	go.starlark.net v0.0.0-20231121155337-90ade8b19d09 // indirect
-	go.uber.org/atomic v1.11.0 // indirect
-	go.uber.org/multierr v1.9.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/crypto v0.24.0 // indirect
 	golang.org/x/mod v0.17.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
@@ -288,23 +288,23 @@ require (
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	k8s.io/apiserver v0.26.15 // indirect
-	k8s.io/cli-runtime v0.26.15 // indirect
-	k8s.io/component-base v0.26.15 // indirect
-	k8s.io/component-helpers v0.26.15 // indirect
-	k8s.io/klog/v2 v2.100.1 // indirect
-	k8s.io/kube-aggregator v0.26.15 // indirect
-	k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect
-	k8s.io/kubectl v0.26.15 // indirect
-	k8s.io/kubernetes v1.26.15 // indirect
+	k8s.io/apiserver v0.29.6 // indirect
+	k8s.io/cli-runtime v0.29.6 // indirect
+	k8s.io/component-base v0.29.6 // indirect
+	k8s.io/component-helpers v0.29.6 // indirect
+	k8s.io/klog/v2 v2.110.1 // indirect
+	k8s.io/kube-aggregator v0.29.6 // indirect
+	k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
+	k8s.io/kubectl v0.29.6 // indirect
+	k8s.io/kubernetes v1.29.6 // indirect
 	k8s.io/utils v0.0.0-20240102154912-e7106e64919e // indirect
 	layeh.com/gopher-json v0.0.0-20190114024228-97fed8db8427 // indirect
 	muzzammil.xyz/jsonc v1.0.0 // indirect
 	olympos.io/encoding/edn v0.0.0-20201019073823-d3554ca0b0a3 // indirect
 	oras.land/oras-go/v2 v2.3.1 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/kustomize/api v0.12.1 // indirect
-	sigs.k8s.io/kustomize/kyaml v0.13.9 // indirect
+	sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
+	sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 )

Feedback & Suggestions:

Toolchain Update:
- The update from go1.21.6 to go1.22.5 is generally good for staying current. Ensure that all dependencies are compatible with Go 1.22.5.
Dependency Updates:
- Argo CD: Upgrading github.com/argoproj/argo-cd/v2 from v2.11.6 to v2.12.2 is a good practice to get the latest features and fixes. Ensure to test for any breaking changes.
- Kubernetes Dependencies: Upgrading k8s.io dependencies from v0.26.15 to v0.29.6 and sigs.k8s.io/controller-runtime from v0.14.7 to v0.17.2 is significant. Verify compatibility and test thoroughly.
- ProtonMail Crypto: Upgrading github.com/ProtonMail/go-crypto from a commit hash to v1.0.0 is a good move for stability.
- Other Libraries: Updates to libraries like github.com/emicklei/go-restful/v3, github.com/evanphx/json-patch/v5, github.com/go-git/go-git/v5, etc., are beneficial. Ensure to review their changelogs for any breaking changes.
New Indirect Dependencies:
- gnostic-models: Adding github.com/google/gnostic-models v0.6.8 as an indirect dependency is fine, but ensure it doesn't introduce any conflicts.
- minio/blake2b-simd: Adding github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 is quite old. Verify if a more recent version is available or if this is the best choice.
Removed Indirect Dependency:
- go.uber.org/atomic: The removal of go.uber.org/atomic v1.11.0 should be checked to ensure no part of the codebase relies on it.
General Advice:
- Testing: After such updates, extensive testing is crucial to ensure that the application behaves as expected.
- Changelogs: Review the changelogs of all updated dependencies to understand the changes and potential impacts.

Dependency Review

Click to read mergecats review!

No suggestions found

dependabot · 2024-09-02T18:42:03Z

Superseded by #265.

dependabot bot added the dependencies Pull requests that update a dependency file label Aug 26, 2024

dependabot bot mentioned this pull request Aug 26, 2024

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.1 #260

Closed

dependabot bot closed this Sep 2, 2024

dependabot bot deleted the dependabot/go_modules/github.com/argoproj/argo-cd/v2-2.12.2 branch September 2, 2024 18:42

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.2 #263

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.2 #263

dependabot bot commented on behalf of github Aug 26, 2024

zapier-sre-bot commented Aug 26, 2024

😼 Mergecat review of go.mod

Feedback & Suggestions:

dependabot bot commented on behalf of github Sep 2, 2024

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.2 #263

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.2 #263

Conversation

dependabot bot commented on behalf of github Aug 26, 2024

v2.12.2

Quick Start

Non-HA:

HA:

Release Signatures and Provenance

Upgrading

Changelog

Bug fixes

v2.12.1

Quick Start

Non-HA:

HA:

zapier-sre-bot commented Aug 26, 2024

Mergecat's Review

😼 Mergecat review of go.mod

Feedback & Suggestions:

Dependency Review

dependabot bot commented on behalf of github Sep 2, 2024