fix: 'unexpected reserved bits' breaking web terminal (#9605) by crenshaw-dev · Pull Request #9895 · argoproj/argo-cd

crenshaw-dev · 2022-07-06T20:07:17Z

Hi I'm Michael, and I suck at concurrent programming.

But another issue directed me to run web terminal with the race detector enabled.

And I got a bunch of text that I didn't understand.

Very boring race detector output

==================
WARNING: DATA RACE
Write at 0x00c0016f0008 by goroutine 44:
  runtime.racewriterange()
      <autogenerated>:1 +0x29
  internal/poll.ignoringEINTRIO()
      /usr/local/go/src/internal/poll/fd_unix.go:794 +0x44b
  internal/poll.(*FD).Read()
      /usr/local/go/src/internal/poll/fd_unix.go:163 +0x26
  net.(*netFD).Read()
      /usr/local/go/src/net/fd_posix.go:55 +0x50
  net.(*conn).Read()
      /usr/local/go/src/net/net.go:183 +0xb0
  net.(*TCPConn).Read()
      <autogenerated>:1 +0x64
  github.com/soheilhy/cmux.(*bufferedReader).Read()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/github.com/soheilhy/cmux/buffer.go:53 +0x2f7
  github.com/soheilhy/cmux.(*MuxConn).Read()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/github.com/soheilhy/cmux/cmux.go:297 +0x50
  bufio.(*Reader).fill()
      /usr/local/go/src/bufio/bufio.go:106 +0x293
  bufio.(*Reader).Peek()
      /usr/local/go/src/bufio/bufio.go:144 +0xcb
  github.com/gorilla/websocket.(*Conn).read()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/github.com/gorilla/websocket/conn.go:370 +0x5a
  github.com/gorilla/websocket.(*Conn).advanceFrame()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/github.com/gorilla/websocket/conn.go:798 +0x124
  github.com/gorilla/websocket.(*Conn).NextReader()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/github.com/gorilla/websocket/conn.go:980 +0x164
  github.com/gorilla/websocket.(*Conn).ReadMessage()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/github.com/gorilla/websocket/conn.go:1064 +0x30
  github.com/argoproj/argo-cd/v2/server/application.(*terminalSession).Read()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/application/websocket.go:63 +0x69
  k8s.io/client-go/tools/remotecommand.readerWrapper.Read()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/reader.go:40 +0x79
  k8s.io/client-go/tools/remotecommand.(*readerWrapper).Read()
      <autogenerated>:1 +0x29
  io.copyBuffer()
      /usr/local/go/src/io/io.go:426 +0x28a
  io.Copy()
      /usr/local/go/src/io/io.go:385 +0x1ab
  k8s.io/client-go/tools/remotecommand.(*streamProtocolV2).copyStdin.func1()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/v2.go:104 +0xfd

Previous read at 0x00c0016f0008 by goroutine 125:
  runtime.slicecopy()
      /usr/local/go/src/runtime/slice.go:295 +0x0
  bufio.(*Reader).Read()
      /usr/local/go/src/bufio/bufio.go:249 +0x6c4
  github.com/gorilla/websocket.(*messageReader).Read()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/github.com/gorilla/websocket/conn.go:1021 +0x3cc
  io.ReadAll()
      /usr/local/go/src/io/io.go:645 +0x102
  io/ioutil.ReadAll()
      /usr/local/go/src/io/ioutil/ioutil.go:27 +0x75
  github.com/gorilla/websocket.(*Conn).ReadMessage()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/github.com/gorilla/websocket/conn.go:1068 +0x6a
  github.com/argoproj/argo-cd/v2/server/application.(*terminalSession).Read()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/application/websocket.go:63 +0x69
  k8s.io/client-go/tools/remotecommand.readerWrapper.Read()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/reader.go:40 +0x79
  k8s.io/client-go/tools/remotecommand.(*readerWrapper).Read()
      <autogenerated>:1 +0x29
  io.copyBuffer()
      /usr/local/go/src/io/io.go:426 +0x28a
  io.Copy()
      /usr/local/go/src/io/io.go:385 +0x1ab
  k8s.io/client-go/tools/remotecommand.(*streamProtocolV2).copyStdin.func1()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/v2.go:104 +0xfd

Goroutine 44 (running) created at:
  k8s.io/client-go/tools/remotecommand.(*streamProtocolV2).copyStdin()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/v2.go:96 +0x11a
  k8s.io/client-go/tools/remotecommand.(*streamProtocolV4).stream()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/v4.go:65 +0x131
  k8s.io/client-go/tools/remotecommand.(*streamExecutor).Stream()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/remotecommand.go:141 +0xbd5
  github.com/argoproj/argo-cd/v2/server/application.startProcess()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/application/terminal.go:296 +0x4cc
  github.com/argoproj/argo-cd/v2/server/application.(*terminalHandler).ServeHTTP()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/application/terminal.go:232 +0x1fee
  github.com/argoproj/argo-cd/v2/server.(*ArgoCDServer).newHTTPServer.func1()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/server.go:836 +0x6fb
  net/http.HandlerFunc.ServeHTTP()
      /usr/local/go/src/net/http/server.go:2084 +0x4d
  net/http.(*ServeMux).ServeHTTP()
      /usr/local/go/src/net/http/server.go:2462 +0xc5
  github.com/argoproj/argo-cd/v2/server.(*handlerSwitcher).ServeHTTP()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/server.go:1132 +0x1bc
  github.com/argoproj/argo-cd/v2/server.(*bug21955Workaround).ServeHTTP()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/server.go:1157 +0x235
  net/http.serverHandler.ServeHTTP()
      /usr/local/go/src/net/http/server.go:2916 +0x896
  net/http.(*conn).serve()
      /usr/local/go/src/net/http/server.go:1966 +0xbaa
  net/http.(*Server).Serve.func3()
      /usr/local/go/src/net/http/server.go:3071 +0x58

Goroutine 125 (finished) created at:
  k8s.io/client-go/tools/remotecommand.(*streamProtocolV2).copyStdin()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/v2.go:96 +0x11a
  k8s.io/client-go/tools/remotecommand.(*streamProtocolV4).stream()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/v4.go:65 +0x131
  k8s.io/client-go/tools/remotecommand.(*streamExecutor).Stream()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/vendor/k8s.io/client-go/tools/remotecommand/remotecommand.go:141 +0xbd5
  github.com/argoproj/argo-cd/v2/server/application.startProcess()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/application/terminal.go:296 +0x4cc
  github.com/argoproj/argo-cd/v2/server/application.(*terminalHandler).ServeHTTP()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/application/terminal.go:232 +0x1fee
  github.com/argoproj/argo-cd/v2/server.(*ArgoCDServer).newHTTPServer.func1()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/server.go:836 +0x6fb
  net/http.HandlerFunc.ServeHTTP()
      /usr/local/go/src/net/http/server.go:2084 +0x4d
  net/http.(*ServeMux).ServeHTTP()
      /usr/local/go/src/net/http/server.go:2462 +0xc5
  github.com/argoproj/argo-cd/v2/server.(*handlerSwitcher).ServeHTTP()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/server.go:1132 +0x1bc
  github.com/argoproj/argo-cd/v2/server.(*bug21955Workaround).ServeHTTP()
      /Users/mcrenshaw/go/src/github.com/argoproj/argo-cd/server/server.go:1157 +0x235
  net/http.serverHandler.ServeHTTP()
      /usr/local/go/src/net/http/server.go:2916 +0x896
  net/http.(*conn).serve()
      /usr/local/go/src/net/http/server.go:1966 +0xbaa
  net/http.(*Server).Serve.func3()
      /usr/local/go/src/net/http/server.go:3071 +0x58
==================

Aimlessly clicking around led me to this issue linking to some websocket documentation which seems to say that when we use ReadMessage, we gotta protect it with a mutex.

So I added a mutex around ReadMessage - and everything works! Conclusion: I am a genius who is excellent at concurrent programming.

This PR also makes the shell list/order configurable, because we need that anyway. I didn't change the order.

I've tested debian:latest and alpine:latest. Both work with the default shell order.

Should we also protect the WriteMessage call with a mutex? I'm not sure. I guess maybe wait until there's a bug to fix?

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

… problem Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

notfromstatefarm

HALLELUJAH!

server/application/terminal.go

util/settings/settings.go

codecov · 2022-07-06T20:20:08Z

Codecov Report

Merging #9895 (a639956) into master (2a3c692) will increase coverage by 0.01%.
The diff coverage is 25.00%.

@@            Coverage Diff             @@
##           master    #9895      +/-   ##
==========================================
+ Coverage   45.75%   45.77%   +0.01%     
==========================================
  Files         227      227              
  Lines       26961    26989      +28     
==========================================
+ Hits        12337    12354      +17     
- Misses      12943    12952       +9     
- Partials     1681     1683       +2

Impacted Files	Coverage Δ
server/application/terminal.go	`12.83% <0.00%> (ø)`
server/application/websocket.go	`8.00% <0.00%> (-0.34%)`	⬇️
util/settings/settings.go	`48.17% <40.00%> (-0.05%)`	⬇️
server/server.go	`53.18% <100.00%> (ø)`
util/argo/resource_tracking.go	`70.11% <0.00%> (-2.97%)`	⬇️
controller/state.go	`74.21% <0.00%> (+0.56%)`	⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 2a3c692...a639956. Read the comment docs.

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

notfromstatefarm

LGTM!

I tested it in a live cluster and it works!

crenshaw-dev · 2022-07-07T13:27:22Z

@yeya24 do you have time to take a glance at this? Any thoughts on also putting WriteMessage in a mutex?

jannfis · 2022-07-07T14:50:51Z

@yeya24 do you have time to take a glance at this? Any thoughts on also putting WriteMessage in a mutex?

According to https://pkg.go.dev/github.com/gorilla/websocket#hdr-Concurrency, reading and writing do not support concurrent access. So ensuring access is locked by a mutex seems generally a good idea.

However, something feels odd. Can the web terminal connections be muxed between clients? I was assuming that each client will have a unique socket for terminal access, and therefore, the socket shouldn't have concurrent access. I have not dived into the code tho.

crenshaw-dev · 2022-07-07T15:14:49Z

I was assuming that each client will have a unique socket for terminal access, and therefore, the socket shouldn't have concurrent access.

That's my understanding as well. The terminalSession struct where I added the mutex is initialized once for each websocket connection. So if I'm reading the code correctly, the concurrent access must occur within that one connection.

crenshaw-dev · 2022-07-07T15:32:40Z

The way I'm reading this, net/http starts a goroutine for each connection received. I would expect that there would be one connection per terminal session. However, I guess it's possible that there is one connection per message sent to the websocket. In that case, you'd have to goroutines pulling off the shared read buffer.

jannfis

LGTM with just a couple of nits. WDYT?

server/application/websocket.go

util/settings/settings.go

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

crenshaw-dev · 2022-07-07T18:55:46Z

Nitpicks applied! I'll plan to release this next Tuesday afternoon.

yeya24

LGTM. Thanks for fixing this!

* fix: 'unexpected reserved bits' breaking web terminal (#9605) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * make things more like they were originally, since the mutex fixes the problem Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix typo, don't pass around a pointer when it isn't necessary Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * apply suggestions Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

crenshaw-dev · 2022-07-12T20:30:38Z

Cherry-picked onto release-2.4 for 2.4.6.

* Merge pull request from GHSA-pmjg-52h9-72qv Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> formatting Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fixes from comments Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix test Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-7943-82jg-wmw5 * add tests to demonstrate issue Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> more Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> docs Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> settings tests Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> tests for OIDC handlers, consolidating test helpers Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> consolidate Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> consolidate Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> docs Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix log message Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.5 * Bump version to 2.4.5 * test: check for error messages from CI env (argoproj#9953) test: check for error messages from CI env (argoproj#9953) Signed-off-by: CI <michael@crenshaw.dev> * docs: getting started notes on self-signed cert (argoproj#9429) (argoproj#9784) * Fix argoproj#9429: A couple of notes in the docs to explain that the default certificate is insecure. Signed-off-by: Jim Talbut <jim.talbut@groupgti.com> * Fixes argoproj#9429: More verbose, but complete, text for Getting Started. Signed-off-by: Jim Talbut <jim.talbut@groupgti.com> * docs: Document the possibility of rendering Helm charts with Kustomize (argoproj#9841) * Update kustomize.md Resolves argoproj#7835. Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * Removed unnecessary command flag from example. Minor text edits. Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * spelling Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * docs: small fix for plugin stream filtering (argoproj#9871) Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * argoproj#9429: Adding blank line so list is formatted correctly. (argoproj#9880) Signed-off-by: CI <michael@crenshaw.dev> * fix: argo-cd git submodule is using SSH auth instead of HTTPs (argoproj#3118) (argoproj#9821) * fix: argo-cd git submodule is using SSH auth instead of HTTPs (argoproj#3118) Signed-off-by: shunki-fujita <shunki-fujita@cybozu.co.jp> * Add submodule functions and unit tests Signed-off-by: shunki-fujita <shunki-fujita@cybozu.co.jp> * fix: Make change of tracking method work at runtime (argoproj#9820) * fix: Make change of tracking method work at runtime Signed-off-by: jannfis <jann@mistrust.net> * GetAppName() will figure tracking label or annotation on its own Signed-off-by: jannfis <jann@mistrust.net> * Correct test comments and add another test Signed-off-by: jannfis <jann@mistrust.net> * Add a read lock before getting cache settings Signed-off-by: jannfis <jann@mistrust.net> * fix: Check tracking annotation for being self-referencing (argoproj#9791) * fix: Check tracking annotation for being self-referencing Signed-off-by: jannfis <jann@mistrust.net> * Tweak isManagedLiveObj() logic Signed-off-by: jannfis <jann@mistrust.net> * Rename isManagedLiveResource to isSelfReferencedObj Signed-off-by: jannfis <jann@mistrust.net> * Add e2e test Signed-off-by: jannfis <jann@mistrust.net> * fix: add missing download CLI tool link for ppc64le, s390x (argoproj#9649) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * fix: NotAfter is not set when ValidFor is set (argoproj#9911) Signed-off-by: yongguangl <1363186473@qq.com> * fix: CMP manifest generation fails with ENHANCE_YOUR_CALM if over 40s (argoproj#9922) * fix: CMP manifest generation fails with ENHANCE_YOUR_CALM if over 40s Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * fix timeouts across all gRPC servers Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * use common consts Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * fix: argocd login just hangs on 2.4.0 argoproj#9679 (argoproj#9935) Signed-off-by: Xiao Yang <muma.378@163.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * test: Use dedicated multi-arch workloads in e2e tests (argoproj#9921) * test: Use dedicated multi-arch workloads in e2e tests Signed-off-by: jannfis <jann@mistrust.net> * Use correct tag Signed-off-by: jannfis <jann@mistrust.net> * feat: Treat connection reset as a retryable error (argoproj#9739) Signed-off-by: Yuan Tang <terrytangyuan@gmail.com> * fix: 'unexpected reserved bits' breaking web terminal (argoproj#9605) (argoproj#9895) * fix: 'unexpected reserved bits' breaking web terminal (argoproj#9605) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * make things more like they were originally, since the mutex fixes the problem Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix typo, don't pass around a pointer when it isn't necessary Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * apply suggestions Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * docs: add terminal documentation (argoproj#9948) Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * docs: fix typo in Generators-Git.md (argoproj#9949) `ApplictionSet` --> `ApplicationSet` Signed-off-by: CI <michael@crenshaw.dev> * chore: fix build error Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.6 * Bump version to 2.4.6 * docs: supported versions (argoproj#9876) * docs: supported versions Signed-off-by: Kostis Kapelonis <kostis@codefresh.io> * docs: supported versions feedback Signed-off-by: Kostis Kapelonis <kostis@codefresh.io> * fix: add missing download CLI tool URL response for ppc64le, s390x (argoproj#9983) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * fix: e2e test to use func from clusterauth instead creating one with old logic (argoproj#9989) Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * fix: updated all a tags to Link tags in app summary (argoproj#9777) * fix: updated all a tags to Link tags Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * fix: revert external links to a tags Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * fix: linting Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * docs: simplify Docker toolchain docs (argoproj#9966) (argoproj#10006) * docs: simplify Docker toolchain docs (argoproj#9966) Signed-off-by: CI <michael@crenshaw.dev> * to be or not to be Signed-off-by: CI <michael@crenshaw.dev> * pin dependencies to avoid absurdity Signed-off-by: CI <michael@crenshaw.dev> * docs: document directory app include/exclude fields (argoproj#9997) Signed-off-by: CI <michael@crenshaw.dev> * fix: terminal websocket write lock to avoid races (argoproj#10011) * fix: protect terminal WriteMessage with a lock Signed-off-by: CI <michael@crenshaw.dev> * give write its own lock Signed-off-by: CI <michael@crenshaw.dev> * docs: use quotes to emphasize that ConfigMap value is a string (argoproj#9995) Signed-off-by: CI <michael@crenshaw.dev> * Support files in argocd.argoproj.io/manifest-generate-paths annotation (argoproj#9908) Signed-off-by: Jim Wright <jmwri93@gmail.com> * chore: upgrade parse-url to avoid SNYK-JS-PARSEURL-2936249 (argoproj#9826) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.7 * Bump version to 2.4.7 * chore: update haproxy to 2.0.29 for redis-ha (argoproj#10045) Signed-off-by: Justin Marquis <34fathombelow@protonmail.com> * chore: update redis to avoid CVE-2022-2097 (argoproj#10031) * chore: update redis to avoid CVE-2022-2097 Signed-off-by: CI <michael@crenshaw.dev> * codegen Signed-off-by: CI <michael@crenshaw.dev> * chore: upgrade Dex to 2.32.0 (argoproj#10036) (argoproj#10042) Signed-off-by: CI <michael@crenshaw.dev> * docs: add argocd-server grpc metric usage (argoproj#10007) Signed-off-by: Ashutosh <mail.ashutosh8@gmail.com> Co-authored-by: Ashutosh <mail.ashutosh8@gmail.com> Signed-off-by: CI <michael@crenshaw.dev> * chore: update redis to 7.0.4 avoid CVE-2022-30065 (argoproj#10059) Signed-off-by: Justin Marquis <34fathombelow@protonmail.com> * fix: Set HOST_ARCH for yarn build from platform (argoproj#10018) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * docs: add api field example in the appset security doc (argoproj#10087) It seems like most of the work for the mentioned issue below is done under the PR argoproj#9466 but from the issue description, it's probably worth to mention the example as added here. Related argoproj#9352 Signed-off-by: Sahdev Zala <spzala@us.ibm.com> * chore: update parse-url (argoproj#10101) * chore: upgrade parse-url Signed-off-by: CI <michael@crenshaw.dev> * edit a generated file, because that's smart Signed-off-by: CI <michael@crenshaw.dev> * fix: avoid CVE-2022-28948 (argoproj#10093) Signed-off-by: CI <michael@crenshaw.dev> * docs: add OpenSSH breaking change notes (argoproj#10104) Signed-off-by: CI <michael@crenshaw.dev> * fix: skip redirect url validation when it's the base href (argoproj#10058) (argoproj#10116) * fix: skip redirect url validation when it's the base href (argoproj#10058) Signed-off-by: CI <michael@crenshaw.dev> nicer way of doing it Signed-off-by: CI <michael@crenshaw.dev> * fix missin arg Signed-off-by: CI <michael@crenshaw.dev> * fix: upgrade moment from 2.29.2 to 2.29.3 (argoproj#9330) Snyk has created this PR to upgrade moment from 2.29.2 to 2.29.3. See this package in npm: See this project in Snyk: https://app.snyk.io/org/argoproj/project/d2931792-eef9-4d7c-b9d6-c0cbd2bd4dbe?utm_source=github&utm_medium=referral&page=upgrade-pr Signed-off-by: CI <michael@crenshaw.dev> * chore(deps): bump moment from 2.29.3 to 2.29.4 in /ui (argoproj#9897) Bumps [moment](https://github.com/moment/moment) from 2.29.3 to 2.29.4. - [Release notes](https://github.com/moment/moment/releases) - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.3...2.29.4) Signed-off-by: CI <michael@crenshaw.dev> --- updated-dependencies: - dependency-name: moment dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: support multiple extensions per resource group/kind (argoproj#9834) * feat: support multiple extensions per resource group/kind Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * apply reviewers suggestions Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * apply reviewer notes: stream extension files one by one Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * wrap errors Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * skip symlinks Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * feat: support application level extensions (argoproj#9923) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * fix: extensions is not loading for ConfigMap/Pods (argoproj#10010) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * Bump version to 2.4.8 * Bump version to 2.4.8 * docs: Fixed indentation Error (argoproj#10123) * Fixed indentation Error Signed-off-by: iflan7744 <iflan_mohamed@yahoo.com> * Fixed indentation Error for top-level data key Signed-off-by: iflan7744 <iflan_mohamed@yahoo.com> Co-authored-by: iflan7744 <iflan_mohamed@yahoo.com> Signed-off-by: CI <michael@crenshaw.dev> * docs: fix kustomize namePrefix misconception in application.yaml (argoproj#10162) * Update docs/operator-manual/application.yaml - Removed comment about what namePrefix does. (i.e. it does not add a prefix to the image) - Added examples of other supported transformers. (based on looking at the source code) - Added link to the kustomize docs where the transormers are described in more detail. * Update kustomize casing to be consistent Signed-off-by: whyvez <yves@premise.com> * docs: improve Installation.md (argoproj#10173) Signed-off-by: xin.li <xin.li@daocloud.io> * docs: Use ConfigMap to disable TLS (argoproj#10106) * docs: Use ConfigMap to disable TLS Signed-off-by: Renaud Guerin <renaud@renaudguerin.net> * Fix typo Signed-off-by: Renaud Guerin <renaud@renaudguerin.net> * docs: correct the api field description for the GitLab example (argoproj#10081) The api field description for the GitLab example seems mistakenly copied from the GitHub example. Signed-off-by: Sahdev Zala <spzala@us.ibm.com> * fix: Ignore non-self-referencing resources while pruning (argoproj#10198) * fix: Ignore non-self-referencing resources while pruning Signed-off-by: jannfis <jann@mistrust.net> * fix: UI part for logs RBAC - do not display the logs tab when no RBAC in place (argoproj#7211) (argoproj#9828) * show logs tab only upon explicit rbac allow policy Signed-off-by: reggie-k <reginakagan@gmail.com> * 2.4.7 docs edit Signed-off-by: reggie-k <reginakagan@gmail.com> * fix: Drop all references to exec unless the feature is enabled (argoproj#9920) (argoproj#10187) * fix: Drop all references to exec unless the feature is enabled argoproj#9920 Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * fixed tslint issues Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * docs(applicationset): fix layout matrix/merge generator restrictions (argoproj#10246) Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com> * docs: fix microsoft user management mapping role (argoproj#10251) Signed-off-by: CI <michael@crenshaw.dev> * docs: Document ignoreAggregatedRoles setting (argoproj#10206) Signed-off-by: Brandon High <highb@users.noreply.github.com> * docs: fix version reference for logs UI fix (argoproj#10245) Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.9 * Bump version to 2.4.9 * docs: clusterResources in declarative cluster config (argoproj#10219) * docs: clusterResources in declarative cluster config Signed-off-by: CI <michael@crenshaw.dev> * add article Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: respect ARGOCD_GIT_MODULES_ENABLED in the appset controller (argoproj#10285) (argoproj#10287) * fix: respect ARGOCD_GIT_MODULES_ENABLED in the appset controller (argoproj#10285) Signed-off-by: CI <michael@crenshaw.dev> * remove duplicate line Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: Suppressed ssh scheme url warn log (argoproj#9836) * Fixed ssh scheme warn log degrade by argoproj#8508 Signed-off-by: kenchan0130 <tt.tanishi100@gmail.com> * Expanded repository type getCAPath testing Signed-off-by: kenchan0130 <tt.tanishi100@gmail.com> * docs: Document safe concurrent processing of sidecar CMP (argoproj#10336) Signed-off-by: jsmcnair <john.mcnair@yellowdog.co> Signed-off-by: jsmcnair <john.mcnair@yellowdog.co> * docs: Add "Create Namespace" to sync options doc (argoproj#3490) (argoproj#10326) * Add create namespace to the sync options doc Signed-off-by: JesseBot <jessebot@linux.com> * Update docs/user-guide/sync-options.md Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: JesseBot <jessebot@linux.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> * fix: missing actions (argoproj#10327) (argoproj#10359) Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.10 * Bump version to 2.4.10 * docs: fix typo in upgrade notes (argoproj#10377) Signed-off-by: Xijun Dai <daixijun1990@gmail.com> Signed-off-by: Xijun Dai <daixijun1990@gmail.com> * fix: Correctly assume cluster-scoped resources to be self-referenced (argoproj#10390) Signed-off-by: jannfis <jann@mistrust.net> Signed-off-by: jannfis <jann@mistrust.net> * Pin gitops-engine to v0.7.3 Signed-off-by: jannfis <jann@mistrust.net> * Bump version to 2.4.11 * Bump version to 2.4.11 * docs: Changes for v2.4.11 Updated the CHANGES.md to represent what changes the pull request will introduce. Contributes to: automation-saas/native-AWS#2523 Signed-off-by: Sujeily Fonseca <sujeily.fonseca@ibm.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Co-authored-by: argo-bot <argoproj@gmail.com> Co-authored-by: YaytayAtWork <jim.talbut@groupgti.com> Co-authored-by: Didrik Finnøy <djfinnoy@protonmail.com> Co-authored-by: Jake <86763948+notfromstatefarm@users.noreply.github.com> Co-authored-by: Shunki <75064402+shunki-fujita@users.noreply.github.com> Co-authored-by: jannfis <jann@mistrust.net> Co-authored-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> Co-authored-by: yongguangl <1363186473@qq.com> Co-authored-by: Xiao Yang <muma.378@163.com> Co-authored-by: Yuan Tang <terrytangyuan@gmail.com> Co-authored-by: taksenov <TAksenov@users.noreply.github.com> Co-authored-by: Kostis (Codefresh) <39800303+kostis-codefresh@users.noreply.github.com> Co-authored-by: rishabh625 <43094970+rishabh625@users.noreply.github.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> Co-authored-by: Jim Wright <jmwri@users.noreply.github.com> Co-authored-by: 34FathomBelow <34fathombelow@protonmail.com> Co-authored-by: Ashutosh <11219262+ashutosh16@users.noreply.github.com> Co-authored-by: Ashutosh <mail.ashutosh8@gmail.com> Co-authored-by: Sahdev Zala <spzala@us.ibm.com> Co-authored-by: Snyk bot <snyk-bot@snyk.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Mohamed Iflan <55939511+iflan7744@users.noreply.github.com> Co-authored-by: iflan7744 <iflan_mohamed@yahoo.com> Co-authored-by: Yves Richard <yves@klaodlabs.com> Co-authored-by: my-git9 <xin.li@daocloud.io> Co-authored-by: Renaud Guérin <renaud@renaudguerin.net> Co-authored-by: reggie-k <reginakagan@gmail.com> Co-authored-by: Kerwood <patrick@kerwood.dk> Co-authored-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com> Co-authored-by: César M. Cristóbal <cesar@callepuzzle.com> Co-authored-by: Brandon High <highb@users.noreply.github.com> Co-authored-by: Tadayuki Onishi <tt.tanishi100@gmail.com> Co-authored-by: jsmcnair <john@jsmcnair.com> Co-authored-by: JesseBot <jessebot@linux.com> Co-authored-by: Xijun Dai <daixijun1990@gmail.com>

* Merge pull request from GHSA-pmjg-52h9-72qv Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> formatting Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fixes from comments Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix test Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-7943-82jg-wmw5 * add tests to demonstrate issue Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> more Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> docs Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> settings tests Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> tests for OIDC handlers, consolidating test helpers Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> consolidate Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> consolidate Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> docs Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix log message Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.5 * Bump version to 2.4.5 * test: check for error messages from CI env (argoproj#9953) test: check for error messages from CI env (argoproj#9953) Signed-off-by: CI <michael@crenshaw.dev> * docs: getting started notes on self-signed cert (argoproj#9429) (argoproj#9784) * Fix argoproj#9429: A couple of notes in the docs to explain that the default certificate is insecure. Signed-off-by: Jim Talbut <jim.talbut@groupgti.com> * Fixes argoproj#9429: More verbose, but complete, text for Getting Started. Signed-off-by: Jim Talbut <jim.talbut@groupgti.com> * docs: Document the possibility of rendering Helm charts with Kustomize (argoproj#9841) * Update kustomize.md Resolves argoproj#7835. Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * Removed unnecessary command flag from example. Minor text edits. Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * spelling Signed-off-by: Didrik Finnøy <djfinnoy@protonmail.com> * docs: small fix for plugin stream filtering (argoproj#9871) Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * argoproj#9429: Adding blank line so list is formatted correctly. (argoproj#9880) Signed-off-by: CI <michael@crenshaw.dev> * fix: argo-cd git submodule is using SSH auth instead of HTTPs (argoproj#3118) (argoproj#9821) * fix: argo-cd git submodule is using SSH auth instead of HTTPs (argoproj#3118) Signed-off-by: shunki-fujita <shunki-fujita@cybozu.co.jp> * Add submodule functions and unit tests Signed-off-by: shunki-fujita <shunki-fujita@cybozu.co.jp> * fix: Make change of tracking method work at runtime (argoproj#9820) * fix: Make change of tracking method work at runtime Signed-off-by: jannfis <jann@mistrust.net> * GetAppName() will figure tracking label or annotation on its own Signed-off-by: jannfis <jann@mistrust.net> * Correct test comments and add another test Signed-off-by: jannfis <jann@mistrust.net> * Add a read lock before getting cache settings Signed-off-by: jannfis <jann@mistrust.net> * fix: Check tracking annotation for being self-referencing (argoproj#9791) * fix: Check tracking annotation for being self-referencing Signed-off-by: jannfis <jann@mistrust.net> * Tweak isManagedLiveObj() logic Signed-off-by: jannfis <jann@mistrust.net> * Rename isManagedLiveResource to isSelfReferencedObj Signed-off-by: jannfis <jann@mistrust.net> * Add e2e test Signed-off-by: jannfis <jann@mistrust.net> * fix: add missing download CLI tool link for ppc64le, s390x (argoproj#9649) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * fix: NotAfter is not set when ValidFor is set (argoproj#9911) Signed-off-by: yongguangl <1363186473@qq.com> * fix: CMP manifest generation fails with ENHANCE_YOUR_CALM if over 40s (argoproj#9922) * fix: CMP manifest generation fails with ENHANCE_YOUR_CALM if over 40s Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * fix timeouts across all gRPC servers Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * use common consts Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * fix: argocd login just hangs on 2.4.0 argoproj#9679 (argoproj#9935) Signed-off-by: Xiao Yang <muma.378@163.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * test: Use dedicated multi-arch workloads in e2e tests (argoproj#9921) * test: Use dedicated multi-arch workloads in e2e tests Signed-off-by: jannfis <jann@mistrust.net> * Use correct tag Signed-off-by: jannfis <jann@mistrust.net> * feat: Treat connection reset as a retryable error (argoproj#9739) Signed-off-by: Yuan Tang <terrytangyuan@gmail.com> * fix: 'unexpected reserved bits' breaking web terminal (argoproj#9605) (argoproj#9895) * fix: 'unexpected reserved bits' breaking web terminal (argoproj#9605) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * make things more like they were originally, since the mutex fixes the problem Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix typo, don't pass around a pointer when it isn't necessary Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * apply suggestions Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * docs: add terminal documentation (argoproj#9948) Signed-off-by: notfromstatefarm <86763948+notfromstatefarm@users.noreply.github.com> * docs: fix typo in Generators-Git.md (argoproj#9949) `ApplictionSet` --> `ApplicationSet` Signed-off-by: CI <michael@crenshaw.dev> * chore: fix build error Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.6 * Bump version to 2.4.6 * docs: supported versions (argoproj#9876) * docs: supported versions Signed-off-by: Kostis Kapelonis <kostis@codefresh.io> * docs: supported versions feedback Signed-off-by: Kostis Kapelonis <kostis@codefresh.io> * fix: add missing download CLI tool URL response for ppc64le, s390x (argoproj#9983) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * fix: e2e test to use func from clusterauth instead creating one with old logic (argoproj#9989) Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * fix: updated all a tags to Link tags in app summary (argoproj#9777) * fix: updated all a tags to Link tags Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * fix: revert external links to a tags Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * fix: linting Signed-off-by: Soumya Ghosh Dastidar <gdsoumya@gmail.com> * docs: simplify Docker toolchain docs (argoproj#9966) (argoproj#10006) * docs: simplify Docker toolchain docs (argoproj#9966) Signed-off-by: CI <michael@crenshaw.dev> * to be or not to be Signed-off-by: CI <michael@crenshaw.dev> * pin dependencies to avoid absurdity Signed-off-by: CI <michael@crenshaw.dev> * docs: document directory app include/exclude fields (argoproj#9997) Signed-off-by: CI <michael@crenshaw.dev> * fix: terminal websocket write lock to avoid races (argoproj#10011) * fix: protect terminal WriteMessage with a lock Signed-off-by: CI <michael@crenshaw.dev> * give write its own lock Signed-off-by: CI <michael@crenshaw.dev> * docs: use quotes to emphasize that ConfigMap value is a string (argoproj#9995) Signed-off-by: CI <michael@crenshaw.dev> * Support files in argocd.argoproj.io/manifest-generate-paths annotation (argoproj#9908) Signed-off-by: Jim Wright <jmwri93@gmail.com> * chore: upgrade parse-url to avoid SNYK-JS-PARSEURL-2936249 (argoproj#9826) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.7 * Bump version to 2.4.7 * chore: update haproxy to 2.0.29 for redis-ha (argoproj#10045) Signed-off-by: Justin Marquis <34fathombelow@protonmail.com> * chore: update redis to avoid CVE-2022-2097 (argoproj#10031) * chore: update redis to avoid CVE-2022-2097 Signed-off-by: CI <michael@crenshaw.dev> * codegen Signed-off-by: CI <michael@crenshaw.dev> * chore: upgrade Dex to 2.32.0 (argoproj#10036) (argoproj#10042) Signed-off-by: CI <michael@crenshaw.dev> * docs: add argocd-server grpc metric usage (argoproj#10007) Signed-off-by: Ashutosh <mail.ashutosh8@gmail.com> Co-authored-by: Ashutosh <mail.ashutosh8@gmail.com> Signed-off-by: CI <michael@crenshaw.dev> * chore: update redis to 7.0.4 avoid CVE-2022-30065 (argoproj#10059) Signed-off-by: Justin Marquis <34fathombelow@protonmail.com> * fix: Set HOST_ARCH for yarn build from platform (argoproj#10018) Signed-off-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> * docs: add api field example in the appset security doc (argoproj#10087) It seems like most of the work for the mentioned issue below is done under the PR argoproj#9466 but from the issue description, it's probably worth to mention the example as added here. Related argoproj#9352 Signed-off-by: Sahdev Zala <spzala@us.ibm.com> * chore: update parse-url (argoproj#10101) * chore: upgrade parse-url Signed-off-by: CI <michael@crenshaw.dev> * edit a generated file, because that's smart Signed-off-by: CI <michael@crenshaw.dev> * fix: avoid CVE-2022-28948 (argoproj#10093) Signed-off-by: CI <michael@crenshaw.dev> * docs: add OpenSSH breaking change notes (argoproj#10104) Signed-off-by: CI <michael@crenshaw.dev> * fix: skip redirect url validation when it's the base href (argoproj#10058) (argoproj#10116) * fix: skip redirect url validation when it's the base href (argoproj#10058) Signed-off-by: CI <michael@crenshaw.dev> nicer way of doing it Signed-off-by: CI <michael@crenshaw.dev> * fix missin arg Signed-off-by: CI <michael@crenshaw.dev> * fix: upgrade moment from 2.29.2 to 2.29.3 (argoproj#9330) Snyk has created this PR to upgrade moment from 2.29.2 to 2.29.3. See this package in npm: See this project in Snyk: https://app.snyk.io/org/argoproj/project/d2931792-eef9-4d7c-b9d6-c0cbd2bd4dbe?utm_source=github&utm_medium=referral&page=upgrade-pr Signed-off-by: CI <michael@crenshaw.dev> * chore(deps): bump moment from 2.29.3 to 2.29.4 in /ui (argoproj#9897) Bumps [moment](https://github.com/moment/moment) from 2.29.3 to 2.29.4. - [Release notes](https://github.com/moment/moment/releases) - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.3...2.29.4) Signed-off-by: CI <michael@crenshaw.dev> --- updated-dependencies: - dependency-name: moment dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: support multiple extensions per resource group/kind (argoproj#9834) * feat: support multiple extensions per resource group/kind Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * apply reviewers suggestions Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * apply reviewer notes: stream extension files one by one Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * wrap errors Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * skip symlinks Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * feat: support application level extensions (argoproj#9923) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * fix: extensions is not loading for ConfigMap/Pods (argoproj#10010) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * Bump version to 2.4.8 * Bump version to 2.4.8 * docs: Fixed indentation Error (argoproj#10123) * Fixed indentation Error Signed-off-by: iflan7744 <iflan_mohamed@yahoo.com> * Fixed indentation Error for top-level data key Signed-off-by: iflan7744 <iflan_mohamed@yahoo.com> Co-authored-by: iflan7744 <iflan_mohamed@yahoo.com> Signed-off-by: CI <michael@crenshaw.dev> * docs: fix kustomize namePrefix misconception in application.yaml (argoproj#10162) * Update docs/operator-manual/application.yaml - Removed comment about what namePrefix does. (i.e. it does not add a prefix to the image) - Added examples of other supported transformers. (based on looking at the source code) - Added link to the kustomize docs where the transormers are described in more detail. * Update kustomize casing to be consistent Signed-off-by: whyvez <yves@premise.com> * docs: improve Installation.md (argoproj#10173) Signed-off-by: xin.li <xin.li@daocloud.io> * docs: Use ConfigMap to disable TLS (argoproj#10106) * docs: Use ConfigMap to disable TLS Signed-off-by: Renaud Guerin <renaud@renaudguerin.net> * Fix typo Signed-off-by: Renaud Guerin <renaud@renaudguerin.net> * docs: correct the api field description for the GitLab example (argoproj#10081) The api field description for the GitLab example seems mistakenly copied from the GitHub example. Signed-off-by: Sahdev Zala <spzala@us.ibm.com> * fix: Ignore non-self-referencing resources while pruning (argoproj#10198) * fix: Ignore non-self-referencing resources while pruning Signed-off-by: jannfis <jann@mistrust.net> * fix: UI part for logs RBAC - do not display the logs tab when no RBAC in place (argoproj#7211) (argoproj#9828) * show logs tab only upon explicit rbac allow policy Signed-off-by: reggie-k <reginakagan@gmail.com> * 2.4.7 docs edit Signed-off-by: reggie-k <reginakagan@gmail.com> * fix: Drop all references to exec unless the feature is enabled (argoproj#9920) (argoproj#10187) * fix: Drop all references to exec unless the feature is enabled argoproj#9920 Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * fixed tslint issues Signed-off-by: Patrick Kerwood <patrick@kerwood.dk> * docs(applicationset): fix layout matrix/merge generator restrictions (argoproj#10246) Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com> * docs: fix microsoft user management mapping role (argoproj#10251) Signed-off-by: CI <michael@crenshaw.dev> * docs: Document ignoreAggregatedRoles setting (argoproj#10206) Signed-off-by: Brandon High <highb@users.noreply.github.com> * docs: fix version reference for logs UI fix (argoproj#10245) Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.9 * Bump version to 2.4.9 * docs: clusterResources in declarative cluster config (argoproj#10219) * docs: clusterResources in declarative cluster config Signed-off-by: CI <michael@crenshaw.dev> * add article Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: respect ARGOCD_GIT_MODULES_ENABLED in the appset controller (argoproj#10285) (argoproj#10287) * fix: respect ARGOCD_GIT_MODULES_ENABLED in the appset controller (argoproj#10285) Signed-off-by: CI <michael@crenshaw.dev> * remove duplicate line Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: Suppressed ssh scheme url warn log (argoproj#9836) * Fixed ssh scheme warn log degrade by argoproj#8508 Signed-off-by: kenchan0130 <tt.tanishi100@gmail.com> * Expanded repository type getCAPath testing Signed-off-by: kenchan0130 <tt.tanishi100@gmail.com> * docs: Document safe concurrent processing of sidecar CMP (argoproj#10336) Signed-off-by: jsmcnair <john.mcnair@yellowdog.co> Signed-off-by: jsmcnair <john.mcnair@yellowdog.co> * docs: Add "Create Namespace" to sync options doc (argoproj#3490) (argoproj#10326) * Add create namespace to the sync options doc Signed-off-by: JesseBot <jessebot@linux.com> * Update docs/user-guide/sync-options.md Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: JesseBot <jessebot@linux.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> * fix: missing actions (argoproj#10327) (argoproj#10359) Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * Bump version to 2.4.10 * Bump version to 2.4.10 * docs: fix typo in upgrade notes (argoproj#10377) Signed-off-by: Xijun Dai <daixijun1990@gmail.com> Signed-off-by: Xijun Dai <daixijun1990@gmail.com> * fix: Correctly assume cluster-scoped resources to be self-referenced (argoproj#10390) Signed-off-by: jannfis <jann@mistrust.net> Signed-off-by: jannfis <jann@mistrust.net> * Pin gitops-engine to v0.7.3 Signed-off-by: jannfis <jann@mistrust.net> * Bump version to 2.4.11 * Bump version to 2.4.11 * fix: invalid error handling (argoproj#10384) (argoproj#10385) os.IsNotExist only supports errors returned by the os package Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com> Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com> * fix: appset controller should preserve argocd refresh annotation (argoproj#10510) Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: Added mock for gitea response in appset PR,SCM generator (argoproj#9400) * fix: Added mock for gitea response Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * applied reviewers comment Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * test: fix flaky gitea tests (argoproj#10354) * test: fix flaky gitea tests Signed-off-by: CI <michael@crenshaw.dev> * embed test data Signed-off-by: CI <michael@crenshaw.dev> Signed-off-by: CI <michael@crenshaw.dev> * fix: added github and gitlab response mock and replaced external calls (argoproj#9305) * Added mock for gitlab and github for Unit test Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * Added missing mock endpoint Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * removed println and aserted for 1 master branch Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * removed auth header assertion Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * procfile to run binaries instead go run Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * procfile to run binaries instead go run Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * reverted unintentional testdata change Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * Added test for branch do not exists Signed-off-by: rishabh625 <rishabhmishra625@gmail.com> * fix: hide terminal on the non-pod resource kind (argoproj#9980) (argoproj#10556) Signed-off-by: ashutosh16 <11219262+ashutosh16@users.noreply.github.com> Signed-off-by: ashutosh16 <11219262+ashutosh16@users.noreply.github.com> * docs: remove duplicate word in user-management doc (argoproj#10546) Signed-off-by: Mickaël Canévet <mickael.canevet@jellysmack.com> Signed-off-by: Mickaël Canévet <mickael.canevet@jellysmack.com> * fix: update deploymentConfig's healthcheck to wait for replicationController to be Available (argoproj#10462) * update deploymentConfig's healthcheck to wait for replicationController to be available Signed-off-by: Roncajolo Gerald <groncajolo@softwaymedical.fr> * Add Softway Medical to users Signed-off-by: Roncajolo Gerald <groncajolo@softwaymedical.fr> Signed-off-by: Roncajolo Gerald <groncajolo@softwaymedical.fr> * docs: Fix Broken Link in Getting Started Docs (argoproj#10585) * Fix Broken Link Signed-off-by: Greg Knoblauch <knoblauch.greg@gmail.com> * Update docs/getting_started.md Co-authored-by: asingh <11219262+ashutosh16@users.noreply.github.com> Signed-off-by: Greg Knoblauch <knoblauch.greg@gmail.com> Signed-off-by: Greg Knoblauch <knoblauch.greg@gmail.com> Co-authored-by: asingh <11219262+ashutosh16@users.noreply.github.com> * docs: update description of policy.csv example in rbac.md (argoproj#10565) Signed-off-by: Minchao <minchao.220@gmail.com> Signed-off-by: Minchao <minchao.220@gmail.com> * fix: add skip-test-tls flag to optionally skip testing for tls (argoproj#9679) (argoproj#10484) * feat: add skip-test-tls flag to optionally skip testing for tls, fixes argoproj#9679 Signed-off-by: msvechla <m.svechla@gmail.com> * docs: update cli documentation Signed-off-by: msvechla <m.svechla@gmail.com> Signed-off-by: msvechla <m.svechla@gmail.com> * docs: decision about logs RBAC enforcement in release notes for 2.4 (argoproj#10564) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.4.12 * Bump version to 2.4.12 * docs: Changes for v2.4.12 Updated the CHANGES.md to represent what changes the pull request will introduce. Contributes to: automation-saas/native-AWS#2523 Signed-off-by: Sujeily Fonseca <sujeily.fonseca@ibm.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Co-authored-by: argo-bot <argoproj@gmail.com> Co-authored-by: YaytayAtWork <jim.talbut@groupgti.com> Co-authored-by: Didrik Finnøy <djfinnoy@protonmail.com> Co-authored-by: Jake <86763948+notfromstatefarm@users.noreply.github.com> Co-authored-by: Shunki <75064402+shunki-fujita@users.noreply.github.com> Co-authored-by: jannfis <jann@mistrust.net> Co-authored-by: Hyeonmin Park <hyeonmin.park@kennysoft.kr> Co-authored-by: yongguangl <1363186473@qq.com> Co-authored-by: Xiao Yang <muma.378@163.com> Co-authored-by: Yuan Tang <terrytangyuan@gmail.com> Co-authored-by: taksenov <TAksenov@users.noreply.github.com> Co-authored-by: Kostis (Codefresh) <39800303+kostis-codefresh@users.noreply.github.com> Co-authored-by: rishabh625 <43094970+rishabh625@users.noreply.github.com> Co-authored-by: Soumya Ghosh Dastidar <44349253+gdsoumya@users.noreply.github.com> Co-authored-by: Jim Wright <jmwri@users.noreply.github.com> Co-authored-by: 34FathomBelow <34fathombelow@protonmail.com> Co-authored-by: Ashutosh <11219262+ashutosh16@users.noreply.github.com> Co-authored-by: Ashutosh <mail.ashutosh8@gmail.com> Co-authored-by: Sahdev Zala <spzala@us.ibm.com> Co-authored-by: Snyk bot <snyk-bot@snyk.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Mohamed Iflan <55939511+iflan7744@users.noreply.github.com> Co-authored-by: iflan7744 <iflan_mohamed@yahoo.com> Co-authored-by: Yves Richard <yves@klaodlabs.com> Co-authored-by: my-git9 <xin.li@daocloud.io> Co-authored-by: Renaud Guérin <renaud@renaudguerin.net> Co-authored-by: reggie-k <reginakagan@gmail.com> Co-authored-by: Kerwood <patrick@kerwood.dk> Co-authored-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com> Co-authored-by: César M. Cristóbal <cesar@callepuzzle.com> Co-authored-by: Brandon High <highb@users.noreply.github.com> Co-authored-by: Tadayuki Onishi <tt.tanishi100@gmail.com> Co-authored-by: jsmcnair <john@jsmcnair.com> Co-authored-by: JesseBot <jessebot@linux.com> Co-authored-by: Xijun Dai <daixijun1990@gmail.com> Co-authored-by: Takumi Sue <23391543+mikutas@users.noreply.github.com> Co-authored-by: Jesse Suen <jessesuen@users.noreply.github.com> Co-authored-by: Mickaël Canévet <mickael.canevet@jellysmack.com> Co-authored-by: Gerald Roncajolo <grc@necol.org> Co-authored-by: Greg Knoblauch <knoblauch.greg@gmail.com> Co-authored-by: Minchao <minchao.220@gmail.com> Co-authored-by: msvechla <m.svechla@gmail.com>

crenshaw-dev added 2 commits July 6, 2022 15:53

fix: 'unexpected reserved bits' breaking web terminal (argoproj#9605)

bc8456e

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

make things more like they were originally, since the mutex fixes the…

e36d4d0

… problem Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

crenshaw-dev added the cherry-pick/2.4 Candidate for cherry picking into the 2.4 release branch label Jul 6, 2022

crenshaw-dev mentioned this pull request Jul 6, 2022

Problem with Terminal and linux shell different from bash #9641

Closed

crenshaw-dev changed the title ~~Fix web terminal~~ fix: 'unexpected reserved bits' breaking web terminal (#9605) Jul 6, 2022

notfromstatefarm suggested changes Jul 6, 2022

View reviewed changes

server/application/terminal.go Outdated Show resolved Hide resolved

util/settings/settings.go Show resolved Hide resolved

fix typo, don't pass around a pointer when it isn't necessary

a1b194d

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

crenshaw-dev marked this pull request as ready for review July 6, 2022 20:27

notfromstatefarm approved these changes Jul 6, 2022

View reviewed changes

crenshaw-dev requested a review from jannfis July 7, 2022 13:26

jannfis approved these changes Jul 7, 2022

View reviewed changes

server/application/websocket.go Outdated Show resolved Hide resolved

util/settings/settings.go Outdated Show resolved Hide resolved

apply suggestions

a639956

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

yeya24 approved these changes Jul 7, 2022

View reviewed changes

crenshaw-dev enabled auto-merge (squash) July 7, 2022 19:38

crenshaw-dev merged commit cbc7966 into argoproj:master Jul 7, 2022

crenshaw-dev deleted the fix-web-terminal branch July 12, 2022 12:34

notfromstatefarm mentioned this pull request Jul 12, 2022

Terminal does not work with windows containers #9951

Closed

3 tasks

tooptoop4 mentioned this pull request Sep 10, 2022

Web Shell - Unable to type commands into Alpine based pods #10503

Closed

3 tasks

This was referenced Feb 27, 2026

🌱 CNCF mission generation 2026-02-27 kubestellar/console-kb#6

Closed

🌱 CNCF mission generation 2026-02-27 kubestellar/console-kb#11

Merged

Conversation

crenshaw-dev commented Jul 6, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

notfromstatefarm left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

codecov bot commented Jul 6, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

notfromstatefarm left a comment

Choose a reason for hiding this comment

Uh oh!

crenshaw-dev commented Jul 7, 2022

Uh oh!

jannfis commented Jul 7, 2022

Uh oh!

crenshaw-dev commented Jul 7, 2022

Uh oh!

crenshaw-dev commented Jul 7, 2022

Uh oh!

jannfis left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

crenshaw-dev commented Jul 7, 2022

Uh oh!

yeya24 left a comment

Choose a reason for hiding this comment

Uh oh!

crenshaw-dev commented Jul 12, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

crenshaw-dev commented Jul 6, 2022 •

edited

Loading

codecov bot commented Jul 6, 2022 •

edited

Loading