Argo CD - v2.9.4
Security
Quick Start
Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.9.4/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.9.4/manifests/ha/install.yaml
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changes
This log fixes a security issue: https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg
🚨 Important: The security fix includes a breaking API change. Please read the GHSA before upgrading! 🚨
Bug fixes (7)
- fix: enforce content type header for API requests (#16860) (Cherry-pick release-2.9 ) (#16878)
- fix: add list permission deployments (#16785) (#16804)
- fix(ui):Fixed log horizontal scroll for issue #16411 (#16727) (#16761)
- fix(action): Add missing owner refs and annotation to create-job action (#16607) (#16608)
- fix(grpcproxy): add missing GRPCKeepAliveEnforcementMinimum (#15708) (#16576)
- fix(appset): don't emit k8s events for unchanged apps, log at debug (#16562)
- fix(appset): Don't use revision cache when reconciling after webhook (#16062) (#16241) (#16536)
Documentation (1)
- docs: Fix format issue in rbac.md (#16521) (#16538)
Other (3)
- chore(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.11.0 (#16912)
- Added missing 'alias:' prefix for repository name as described here: (#15902) (#16535)
- chore: upgrade k8s client from v0.24.2 to v0.24.17 (#16554)
Security
Security wording was detected, but no CVEs were found.
Details
date
Jan. 18, 2024, 9:24 p.m.
name
v2.9.4
type
Patch
official page
👇
Register or login to:
- 🔍View and search all Argo CD releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!