Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.3 #265

dependabot · 2024-09-02T18:42:01Z

Bumps github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.3.

Release notes

Sourced from github.com/argoproj/argo-cd/v2's releases.

v2.12.3

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.12.3/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.12.3/manifests/ha/install.yaml
Release Signatures and Provenance

All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.

Upgrading

If upgrading from a different minor version, be sure to read the upgrading documentation.

Changelog

Features

343dec049aaeb75cadc78aa87a8fdac7e56a6db5: feat(sourceNamespace): Regex Support (#19016) (#19017) (#19664) (@gcp-cherry-pick-bot[bot])

Bug fixes

cafd35cea7acdb3c5ad53376b57970de79fc5eb4: fix(AnyNameSpaceRegex): Additional Functions Glob to Regexexp (#19516) (#19665) (@gcp-cherry-pick-bot[bot])

Full Changelog: argoproj/argo-cd@v2.12.2...v2.12.3

v2.12.2

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.12.2/manifests/install.yaml
HA:
kubectl create namespace argocd
</tr></table> 

... (truncated)

Commits

6b9cd82 Bump version to 2.12.3 (#19694)
cafd35c fix(AnyNameSpaceRegex): Additional Functions Glob to Regexexp (#19516) (#19665)
343dec0 feat(sourceNamespace): Regex Support (#19016) (#19017) (#19664)
560953c Bump version to 2.12.2 (#19657)
7244c2d fix(appset): remove cache references (#19652)
b068220 fix(appset): informer is not a kubernetes informer (#18905) (#19618) (#19636)
c873d5c fix: Floating title content incorrect for multi-sources (#17274) (#19623) (#1...
88f85da fix: Parse hostname correctly from repoURL to fetch correct CA cert (#19488) ...
26b2039 Bump version to 2.12.1 (#19568)
952838c fix(appset): cherry-pick - fix appset-in-any-namespace issue with git generat...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/argoproj/argo-cd/v2](https://github.com/argoproj/argo-cd) from 2.11.6 to 2.12.3. - [Release notes](https://github.com/argoproj/argo-cd/releases) - [Changelog](https://github.com/argoproj/argo-cd/blob/master/CHANGELOG.md) - [Commits](argoproj/argo-cd@v2.11.6...v2.12.3) --- updated-dependencies: - dependency-name: github.com/argoproj/argo-cd/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

zapier-sre-bot · 2024-09-02T18:42:46Z

Mergecat's Review

Click to read mergecats review!

😼 Mergecat review of go.mod

@@ -1,11 +1,10 @@
 module github.com/zapier/kubechecks
 
 go 1.21
-
-toolchain go1.21.6
+toolchain go1.22.5
 
 require (
-	github.com/argoproj/argo-cd/v2 v2.11.6
+	github.com/argoproj/argo-cd/v2 v2.12.3
 	github.com/argoproj/gitops-engine v0.7.1-0.20240715141605-18ba62e1f1fb
 	github.com/aws/aws-sdk-go-v2 v1.30.1
 	github.com/aws/aws-sdk-go-v2/config v1.27.24
@@ -57,11 +56,11 @@ require (
 	google.golang.org/grpc v1.64.0
 	gopkg.in/dealancer/validate.v2 v2.1.0
 	gopkg.in/yaml.v3 v3.0.1
-	k8s.io/api v0.26.15
-	k8s.io/apiextensions-apiserver v0.26.10
-	k8s.io/apimachinery v0.26.15
-	k8s.io/client-go v0.26.15
-	sigs.k8s.io/controller-runtime v0.14.7
+	k8s.io/api v0.29.6
+	k8s.io/apiextensions-apiserver v0.29.6
+	k8s.io/apimachinery v0.29.6
+	k8s.io/client-go v0.29.6
+	sigs.k8s.io/controller-runtime v0.17.2
 	sigs.k8s.io/yaml v1.4.0
 )
 
@@ -83,7 +82,7 @@ require (
 	github.com/Masterminds/sprig/v3 v3.2.3 // indirect
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/OneOfOne/xxhash v1.2.8 // indirect
-	github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect
+	github.com/ProtonMail/go-crypto v1.0.0 // indirect
 	github.com/TomOnTime/utfutil v0.0.0-20180511104225-09c41003ee1d // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/agnivade/levenshtein v1.1.1 // indirect
@@ -119,23 +118,24 @@ require (
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/distribution/reference v0.5.0 // indirect
+	github.com/dlclark/regexp2 v1.11.2 // indirect
 	github.com/docker/distribution v2.8.3+incompatible // indirect
 	github.com/docker/go-connections v0.4.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
-	github.com/emicklei/go-restful/v3 v3.10.2 // indirect
+	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
 	github.com/evanphx/json-patch v5.9.0+incompatible // indirect
-	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
+	github.com/evanphx/json-patch/v5 v5.8.0 // indirect
 	github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
 	github.com/fatih/camelcase v1.0.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
-	github.com/fvbommel/sortorder v1.0.1 // indirect
+	github.com/fvbommel/sortorder v1.1.0 // indirect
 	github.com/go-akka/configuration v0.0.0-20200606091224-a002c0330665 // indirect
 	github.com/go-errors/errors v1.4.2 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/go-git/go-billy/v5 v5.5.0 // indirect
-	github.com/go-git/go-git/v5 v5.11.0 // indirect
+	github.com/go-git/go-git/v5 v5.12.0 // indirect
 	github.com/go-ini/ini v1.67.0 // indirect
 	github.com/go-jose/go-jose/v3 v3.0.3 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
@@ -152,6 +152,7 @@ require (
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/btree v1.1.2 // indirect
 	github.com/google/gnostic v0.6.9 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/go-github/v53 v53.2.0 // indirect
 	github.com/google/go-jsonnet v0.20.0 // indirect
@@ -171,7 +172,7 @@ require (
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-getter v1.7.5 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
 	github.com/hashicorp/go-safetemp v1.0.0 // indirect
 	github.com/hashicorp/go-version v1.6.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
@@ -200,6 +201,7 @@ require (
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-runewidth v0.0.15 // indirect
+	github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 // indirect
 	github.com/mitchellh/copystructure v1.0.0 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
@@ -234,7 +236,7 @@ require (
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect
-	github.com/sergi/go-diff v1.3.1 // indirect
+	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
 	github.com/shopspring/decimal v1.2.0 // indirect
 	github.com/shteou/go-ignore v0.3.1 // indirect
 	github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466 // indirect
@@ -267,8 +269,7 @@ require (
 	go.opentelemetry.io/otel/metric v1.28.0 // indirect
 	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
 	go.starlark.net v0.0.0-20231121155337-90ade8b19d09 // indirect
-	go.uber.org/atomic v1.11.0 // indirect
-	go.uber.org/multierr v1.9.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/crypto v0.24.0 // indirect
 	golang.org/x/mod v0.17.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
@@ -288,23 +289,23 @@ require (
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	k8s.io/apiserver v0.26.15 // indirect
-	k8s.io/cli-runtime v0.26.15 // indirect
-	k8s.io/component-base v0.26.15 // indirect
-	k8s.io/component-helpers v0.26.15 // indirect
-	k8s.io/klog/v2 v2.100.1 // indirect
-	k8s.io/kube-aggregator v0.26.15 // indirect
-	k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect
-	k8s.io/kubectl v0.26.15 // indirect
-	k8s.io/kubernetes v1.26.15 // indirect
+	k8s.io/apiserver v0.29.6 // indirect
+	k8s.io/cli-runtime v0.29.6 // indirect
+	k8s.io/component-base v0.29.6 // indirect
+	k8s.io/component-helpers v0.29.6 // indirect
+	k8s.io/klog/v2 v2.110.1 // indirect
+	k8s.io/kube-aggregator v0.29.6 // indirect
+	k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
+	k8s.io/kubectl v0.29.6 // indirect
+	k8s.io/kubernetes v1.29.6 // indirect
 	k8s.io/utils v0.0.0-20240102154912-e7106e64919e // indirect
 	layeh.com/gopher-json v0.0.0-20190114024228-97fed8db8427 // indirect
 	muzzammil.xyz/jsonc v1.0.0 // indirect
 	olympos.io/encoding/edn v0.0.0-20201019073823-d3554ca0b0a3 // indirect
 	oras.land/oras-go/v2 v2.3.1 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/kustomize/api v0.12.1 // indirect
-	sigs.k8s.io/kustomize/kyaml v0.13.9 // indirect
+	sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
+	sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 )

Feedback & Suggestions:

Toolchain Update:
- The update from go1.21.6 to go1.22.5 is good for staying current. Ensure that all dependencies are compatible with Go 1.22.5 to avoid any runtime issues.
Dependency Updates:
- Argo CD: The update from v2.11.6 to v2.12.3 is beneficial for getting the latest features and bug fixes. Ensure to test thoroughly as major updates can introduce breaking changes.
- Kubernetes Dependencies: The update from v0.26.15 to v0.29.6 for various Kubernetes modules is significant. This might include breaking changes or deprecations. Ensure to review the release notes and test the integration.
- Controller Runtime: The update from v0.14.7 to v0.17.2 is a major version bump. Check for any breaking changes or new features that need to be handled.
- ProtonMail Crypto: The update from a specific commit to v1.0.0 is good for stability. Ensure that the new version does not introduce any breaking changes.
- New Dependencies: The addition of github.com/dlclark/regexp2 and github.com/google/gnostic-models is noted. Ensure these are necessary and do not introduce any security vulnerabilities.
- Indirect Dependencies: Updates to indirect dependencies like go-retryablehttp, go-git, and others should be tested to ensure they do not introduce any regressions.
Security Considerations:
- Regularly check for any known vulnerabilities in the updated dependencies using tools like go list -m -u all and go mod tidy.
- Ensure that the new versions of dependencies do not introduce any security vulnerabilities.
Testing:
- After updating dependencies, run the full suite of tests to ensure that nothing is broken.
- Consider adding integration tests if not already present to cover the updated dependencies.
Documentation:
- Update any relevant documentation to reflect the changes in dependencies and toolchain versions.

Dependency Review

Click to read mergecats review!

No suggestions found

dependabot · 2024-09-16T19:04:46Z

Superseded by #277.

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 2, 2024

dependabot bot mentioned this pull request Sep 2, 2024

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.2 #263

Closed

dependabot bot closed this Sep 16, 2024

dependabot bot deleted the dependabot/go_modules/github.com/argoproj/argo-cd/v2-2.12.3 branch September 16, 2024 19:04

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.3 #265

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.3 #265

Uh oh!

dependabot bot commented on behalf of github Sep 2, 2024

Uh oh!

zapier-sre-bot commented Sep 2, 2024

😼 Mergecat review of go.mod

Feedback & Suggestions:

Uh oh!

dependabot bot commented on behalf of github Sep 16, 2024

Uh oh!

Uh oh!

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.3 #265

Bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.12.3 #265

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 2, 2024

v2.12.3

Quick Start

Non-HA:

HA:

Release Signatures and Provenance

Upgrading

Changelog

Features

Bug fixes

v2.12.2

Quick Start

Non-HA:

HA:

Uh oh!

zapier-sre-bot commented Sep 2, 2024

Mergecat's Review

😼 Mergecat review of go.mod

Feedback & Suggestions:

Dependency Review

Uh oh!

dependabot bot commented on behalf of github Sep 16, 2024

Uh oh!

Uh oh!