From 543fc25d2f8ad1089b987df717be1c53fe802053 Mon Sep 17 00:00:00 2001 From: jannfis Date: Wed, 13 Sep 2023 08:36:32 -0400 Subject: [PATCH 1/8] fix: Allow retrieving badges in other namespaces (#15468) Signed-off-by: jannfis --- server/badge/badge.go | 62 ++++++++++++---- server/badge/badge_test.go | 145 ++++++++++++++++++++++++++++--------- server/server.go | 2 +- 3 files changed, 159 insertions(+), 50 deletions(-) diff --git a/server/badge/badge.go b/server/badge/badge.go index a87ef1d2affb10..cf291d589501e1 100644 --- a/server/badge/badge.go +++ b/server/badge/badge.go @@ -9,25 +9,28 @@ import ( healthutil "github.com/argoproj/gitops-engine/pkg/health" "k8s.io/apimachinery/pkg/api/errors" + validation "k8s.io/apimachinery/pkg/api/validation" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned" "github.com/argoproj/argo-cd/v2/util/argo" "github.com/argoproj/argo-cd/v2/util/assets" + "github.com/argoproj/argo-cd/v2/util/security" "github.com/argoproj/argo-cd/v2/util/settings" ) // NewHandler creates handler serving to do api/badge endpoint -func NewHandler(appClientset versioned.Interface, settingsMrg *settings.SettingsManager, namespace string) http.Handler { - return &Handler{appClientset: appClientset, namespace: namespace, settingsMgr: settingsMrg} +func NewHandler(appClientset versioned.Interface, settingsMrg *settings.SettingsManager, namespace string, enabledNamespaces []string) http.Handler { + return &Handler{appClientset: appClientset, namespace: namespace, settingsMgr: settingsMrg, enabledNamespaces: enabledNamespaces} } // Handler used to get application in order to access health/sync type Handler struct { - namespace string - appClientset versioned.Interface - settingsMgr *settings.SettingsManager + namespace string + appClientset versioned.Interface + settingsMgr *settings.SettingsManager + enabledNamespaces []string } var ( @@ -75,21 +78,50 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { enabled = sets.StatusBadgeEnabled } + reqNs := "" + if ns, ok := r.URL.Query()["namespace"]; ok && enabled { + if errs := validation.NameIsDNSSubdomain(strings.ToLower(ns[0]), false); len(errs) == 0 { + if security.IsNamespaceEnabled(ns[0], h.namespace, h.enabledNamespaces) { + reqNs = ns[0] + } else { + notFound = true + } + } else { + w.WriteHeader(http.StatusBadRequest) + return + } + } else { + reqNs = h.namespace + } + //Sample url: http://localhost:8080/api/badge?name=123 - if name, ok := r.URL.Query()["name"]; ok && enabled { - if app, err := h.appClientset.ArgoprojV1alpha1().Applications(h.namespace).Get(context.Background(), name[0], v1.GetOptions{}); err == nil { - health = app.Status.Health.Status - status = app.Status.Sync.Status - if app.Status.OperationState != nil && app.Status.OperationState.SyncResult != nil { - revision = app.Status.OperationState.SyncResult.Revision + if name, ok := r.URL.Query()["name"]; ok && enabled && !notFound { + if errs := validation.NameIsDNSLabel(strings.ToLower(name[0]), false); len(errs) == 0 { + if app, err := h.appClientset.ArgoprojV1alpha1().Applications(reqNs).Get(context.Background(), name[0], v1.GetOptions{}); err == nil { + health = app.Status.Health.Status + status = app.Status.Sync.Status + if app.Status.OperationState != nil && app.Status.OperationState.SyncResult != nil { + revision = app.Status.OperationState.SyncResult.Revision + } + } else { + if errors.IsNotFound(err) { + notFound = true + } } - } else if errors.IsNotFound(err) { - notFound = true + } else { + w.WriteHeader(http.StatusBadRequest) + return } } //Sample url: http://localhost:8080/api/badge?project=default - if projects, ok := r.URL.Query()["project"]; ok && enabled { - if apps, err := h.appClientset.ArgoprojV1alpha1().Applications(h.namespace).List(context.Background(), v1.ListOptions{}); err == nil { + if projects, ok := r.URL.Query()["project"]; ok && enabled && !notFound { + for _, p := range projects { + if errs := validation.NameIsDNSLabel(strings.ToLower(p), false); len(p) > 0 && len(errs) != 0 { + w.WriteHeader(http.StatusBadRequest) + return + } + } + if apps, err := h.appClientset.ArgoprojV1alpha1().Applications(reqNs).List(context.Background(), v1.ListOptions{}); err == nil { applicationSet := argo.FilterByProjects(apps.Items, projects) for _, a := range applicationSet { if a.Status.Sync.Status != appv1.SyncStatusCodeSynced { diff --git a/server/badge/badge_test.go b/server/badge/badge_test.go index c9df486d78bf70..424e7bddaa1401 100644 --- a/server/badge/badge_test.go +++ b/server/badge/badge_test.go @@ -15,6 +15,7 @@ import ( "github.com/argoproj/gitops-engine/pkg/health" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" corev1 "k8s.io/api/core/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes/fake" @@ -41,7 +42,19 @@ var ( }, } testApp = v1alpha1.Application{ - ObjectMeta: v1.ObjectMeta{Name: "testApp", Namespace: "default"}, + ObjectMeta: v1.ObjectMeta{Name: "test-app", Namespace: "default"}, + Status: v1alpha1.ApplicationStatus{ + Sync: v1alpha1.SyncStatus{Status: v1alpha1.SyncStatusCodeSynced}, + Health: v1alpha1.HealthStatus{Status: health.HealthStatusHealthy}, + OperationState: &v1alpha1.OperationState{ + SyncResult: &v1alpha1.SyncOperationResult{ + Revision: "aa29b85", + }, + }, + }, + } + testApp2 = v1alpha1.Application{ + ObjectMeta: v1.ObjectMeta{Name: "test-app", Namespace: "argocd-test"}, Status: v1alpha1.ApplicationStatus{ Sync: v1alpha1.SyncStatus{Status: v1alpha1.SyncStatusCodeSynced}, Health: v1alpha1.HealthStatus{Status: health.HealthStatusHealthy}, @@ -53,15 +66,15 @@ var ( }, } testProject = v1alpha1.AppProject{ - ObjectMeta: v1.ObjectMeta{Name: "testProject", Namespace: "default"}, + ObjectMeta: v1.ObjectMeta{Name: "test-project", Namespace: "default"}, Spec: v1alpha1.AppProjectSpec{}, } ) func TestHandlerFeatureIsEnabled(t *testing.T) { settingsMgr := settings.NewSettingsManager(context.Background(), fake.NewSimpleClientset(&argoCDCm, &argoCDSecret), "default") - handler := NewHandler(appclientset.NewSimpleClientset(&testApp), settingsMgr, "default") - req, err := http.NewRequest(http.MethodGet, "/api/badge?name=testApp", nil) + handler := NewHandler(appclientset.NewSimpleClientset(&testApp), settingsMgr, "default", []string{}) + req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app", nil) assert.NoError(t, err) rr := httptest.NewRecorder() @@ -81,6 +94,7 @@ func TestHandlerFeatureIsEnabled(t *testing.T) { func TestHandlerFeatureProjectIsEnabled(t *testing.T) { projectTests := []struct { testApp []*v1alpha1.Application + response int apiEndPoint string namespace string health string @@ -89,42 +103,105 @@ func TestHandlerFeatureProjectIsEnabled(t *testing.T) { statusColor color.RGBA }{ {createApplications([]string{"Healthy:Synced", "Healthy:Synced"}, []string{"default", "default"}, "test"), - "/api/badge?project=default", "test", "Healthy", "Synced", Green, Green}, - {createApplications([]string{"Healthy:Synced", "Healthy:OutOfSync"}, []string{"testProject", "testProject"}, "default"), - "/api/badge?project=testProject", "default", "Healthy", "OutOfSync", Green, Orange}, + http.StatusOK, "/api/badge?project=default", "test", "Healthy", "Synced", Green, Green}, + {createApplications([]string{"Healthy:Synced", "Healthy:OutOfSync"}, []string{"test-project", "test-project"}, "default"), + http.StatusOK, "/api/badge?project=test-project", "default", "Healthy", "OutOfSync", Green, Orange}, {createApplications([]string{"Healthy:Synced", "Degraded:Synced"}, []string{"default", "default"}, "test"), - "/api/badge?project=default", "test", "Degraded", "Synced", Red, Green}, - {createApplications([]string{"Healthy:Synced", "Degraded:OutOfSync"}, []string{"testProject", "testProject"}, "default"), - "/api/badge?project=testProject", "default", "Degraded", "OutOfSync", Red, Orange}, - {createApplications([]string{"Healthy:Synced", "Healthy:Synced"}, []string{"testProject", "default"}, "test"), - "/api/badge?project=default&project=testProject", "test", "Healthy", "Synced", Green, Green}, - {createApplications([]string{"Healthy:OutOfSync", "Healthy:Synced"}, []string{"testProject", "default"}, "default"), - "/api/badge?project=default&project=testProject", "default", "Healthy", "OutOfSync", Green, Orange}, - {createApplications([]string{"Degraded:Synced", "Healthy:Synced"}, []string{"testProject", "default"}, "test"), - "/api/badge?project=default&project=testProject", "test", "Degraded", "Synced", Red, Green}, - {createApplications([]string{"Degraded:OutOfSync", "Healthy:OutOfSync"}, []string{"testProject", "default"}, "default"), - "/api/badge?project=default&project=testProject", "default", "Degraded", "OutOfSync", Red, Orange}, - {createApplications([]string{"Unknown:Unknown", "Unknown:Unknown"}, []string{"testProject", "default"}, "default"), - "/api/badge?project=", "default", "Unknown", "Unknown", Purple, Purple}, + http.StatusOK, "/api/badge?project=default", "test", "Degraded", "Synced", Red, Green}, + {createApplications([]string{"Healthy:Synced", "Degraded:OutOfSync"}, []string{"test-project", "test-project"}, "default"), + http.StatusOK, "/api/badge?project=test-project", "default", "Degraded", "OutOfSync", Red, Orange}, + {createApplications([]string{"Healthy:Synced", "Healthy:Synced"}, []string{"test-project", "default"}, "test"), + http.StatusOK, "/api/badge?project=default&project=test-project", "test", "Healthy", "Synced", Green, Green}, + {createApplications([]string{"Healthy:OutOfSync", "Healthy:Synced"}, []string{"test-project", "default"}, "default"), + http.StatusOK, "/api/badge?project=default&project=test-project", "default", "Healthy", "OutOfSync", Green, Orange}, + {createApplications([]string{"Degraded:Synced", "Healthy:Synced"}, []string{"test-project", "default"}, "test"), + http.StatusOK, "/api/badge?project=default&project=test-project", "test", "Degraded", "Synced", Red, Green}, + {createApplications([]string{"Degraded:OutOfSync", "Healthy:OutOfSync"}, []string{"test-project", "default"}, "default"), + http.StatusOK, "/api/badge?project=default&project=test-project", "default", "Degraded", "OutOfSync", Red, Orange}, + {createApplications([]string{"Unknown:Unknown", "Unknown:Unknown"}, []string{"test-project", "default"}, "default"), + http.StatusOK, "/api/badge?project=", "default", "Unknown", "Unknown", Purple, Purple}, + {createApplications([]string{"Unknown:Unknown", "Unknown:Unknown"}, []string{"test-project", "default"}, "default"), + http.StatusBadRequest, "/api/badge?project=test$project", "default", "Unknown", "Unknown", Purple, Purple}, + {createApplications([]string{"Unknown:Unknown", "Unknown:Unknown"}, []string{"test-project", "default"}, "default"), + http.StatusOK, "/api/badge?project=unknown", "default", "Unknown", "Unknown", Purple, Purple}, + {createApplications([]string{"Unknown:Unknown", "Unknown:Unknown"}, []string{"test-project", "default"}, "default"), + http.StatusBadRequest, "/api/badge?name=foo_bar", "default", "Unknown", "Unknown", Purple, Purple}, + {createApplications([]string{"Unknown:Unknown", "Unknown:Unknown"}, []string{"test-project", "default"}, "default"), + http.StatusOK, "/api/badge?name=foobar", "default", "Not Found", "", Purple, Purple}, } for _, tt := range projectTests { argoCDCm.ObjectMeta.Namespace = tt.namespace argoCDSecret.ObjectMeta.Namespace = tt.namespace settingsMgr := settings.NewSettingsManager(context.Background(), fake.NewSimpleClientset(&argoCDCm, &argoCDSecret), tt.namespace) - handler := NewHandler(appclientset.NewSimpleClientset(&testProject, tt.testApp[0], tt.testApp[1]), settingsMgr, tt.namespace) + handler := NewHandler(appclientset.NewSimpleClientset(&testProject, tt.testApp[0], tt.testApp[1]), settingsMgr, tt.namespace, []string{}) rr := httptest.NewRecorder() req, err := http.NewRequest(http.MethodGet, tt.apiEndPoint, nil) assert.NoError(t, err) handler.ServeHTTP(rr, req) + require.Equal(t, tt.response, rr.Result().StatusCode) + if rr.Result().StatusCode != 400 { + assert.Equal(t, "private, no-store", rr.Header().Get("Cache-Control")) + assert.Equal(t, "*", rr.Header().Get("Access-Control-Allow-Origin")) + response := rr.Body.String() + require.Greater(t, len(response), 2) + assert.Equal(t, toRGBString(tt.healthColor), leftRectColorPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, toRGBString(tt.statusColor), rightRectColorPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, tt.health, leftTextPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, tt.status, rightTextPattern.FindStringSubmatch(response)[1]) + } + } +} + +func TestHandlerNamespacesIsEnabled(t *testing.T) { + t.Run("Application in allowed namespace", func(t *testing.T) { + settingsMgr := settings.NewSettingsManager(context.Background(), fake.NewSimpleClientset(&argoCDCm, &argoCDSecret), "default") + handler := NewHandler(appclientset.NewSimpleClientset(&testApp2), settingsMgr, "default", []string{"argocd-test"}) + req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&namespace=argocd-test", nil) + assert.NoError(t, err) + + rr := httptest.NewRecorder() + handler.ServeHTTP(rr, req) + assert.Equal(t, "private, no-store", rr.Header().Get("Cache-Control")) assert.Equal(t, "*", rr.Header().Get("Access-Control-Allow-Origin")) + response := rr.Body.String() - assert.Equal(t, toRGBString(tt.healthColor), leftRectColorPattern.FindStringSubmatch(response)[1]) - assert.Equal(t, toRGBString(tt.statusColor), rightRectColorPattern.FindStringSubmatch(response)[1]) - assert.Equal(t, tt.health, leftTextPattern.FindStringSubmatch(response)[1]) - assert.Equal(t, tt.status, rightTextPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, toRGBString(Green), leftRectColorPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, toRGBString(Green), rightRectColorPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, "Healthy", leftTextPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, "Synced", rightTextPattern.FindStringSubmatch(response)[1]) + assert.NotContains(t, response, "(aa29b85)") + }) - } + t.Run("Application in disallowed namespace", func(t *testing.T) { + settingsMgr := settings.NewSettingsManager(context.Background(), fake.NewSimpleClientset(&argoCDCm, &argoCDSecret), "default") + handler := NewHandler(appclientset.NewSimpleClientset(&testApp2), settingsMgr, "default", []string{"argocd-test"}) + req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&namespace=kube-system", nil) + assert.NoError(t, err) + + rr := httptest.NewRecorder() + handler.ServeHTTP(rr, req) + + assert.Equal(t, http.StatusOK, rr.Result().StatusCode) + response := rr.Body.String() + assert.Equal(t, toRGBString(Purple), leftRectColorPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, toRGBString(Purple), rightRectColorPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, "Not Found", leftTextPattern.FindStringSubmatch(response)[1]) + assert.Equal(t, "", rightTextPattern.FindStringSubmatch(response)[1]) + + }) + + t.Run("Request with illegal namespace", func(t *testing.T) { + settingsMgr := settings.NewSettingsManager(context.Background(), fake.NewSimpleClientset(&argoCDCm, &argoCDSecret), "default") + handler := NewHandler(appclientset.NewSimpleClientset(&testApp2), settingsMgr, "default", []string{"argocd-test"}) + req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&namespace=kube()system", nil) + assert.NoError(t, err) + + rr := httptest.NewRecorder() + handler.ServeHTTP(rr, req) + + assert.Equal(t, http.StatusBadRequest, rr.Result().StatusCode) + }) } func createApplicationFeatureProjectIsEnabled(healthStatus health.HealthStatusCode, syncStatus v1alpha1.SyncStatusCode, appName, projectName, namespace string) *v1alpha1.Application { @@ -176,8 +253,8 @@ func createApplications(appCombo, projectName []string, namespace string) []*v1a } func TestHandlerFeatureIsEnabledRevisionIsEnabled(t *testing.T) { settingsMgr := settings.NewSettingsManager(context.Background(), fake.NewSimpleClientset(&argoCDCm, &argoCDSecret), "default") - handler := NewHandler(appclientset.NewSimpleClientset(&testApp), settingsMgr, "default") - req, err := http.NewRequest(http.MethodGet, "/api/badge?name=testApp&revision=true", nil) + handler := NewHandler(appclientset.NewSimpleClientset(&testApp), settingsMgr, "default", []string{}) + req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true", nil) assert.NoError(t, err) rr := httptest.NewRecorder() @@ -199,8 +276,8 @@ func TestHandlerRevisionIsEnabledNoOperationState(t *testing.T) { app.Status.OperationState = nil settingsMgr := settings.NewSettingsManager(context.Background(), fake.NewSimpleClientset(&argoCDCm, &argoCDSecret), "default") - handler := NewHandler(appclientset.NewSimpleClientset(app), settingsMgr, "default") - req, err := http.NewRequest(http.MethodGet, "/api/badge?name=testApp&revision=true", nil) + handler := NewHandler(appclientset.NewSimpleClientset(app), settingsMgr, "default", []string{}) + req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true", nil) assert.NoError(t, err) rr := httptest.NewRecorder() @@ -222,8 +299,8 @@ func TestHandlerRevisionIsEnabledShortCommitSHA(t *testing.T) { app.Status.OperationState.SyncResult.Revision = "abc" settingsMgr := settings.NewSettingsManager(context.Background(), fake.NewSimpleClientset(&argoCDCm, &argoCDSecret), "default") - handler := NewHandler(appclientset.NewSimpleClientset(app), settingsMgr, "default") - req, err := http.NewRequest(http.MethodGet, "/api/badge?name=testApp&revision=true", nil) + handler := NewHandler(appclientset.NewSimpleClientset(app), settingsMgr, "default", []string{}) + req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true", nil) assert.NoError(t, err) rr := httptest.NewRecorder() @@ -239,8 +316,8 @@ func TestHandlerFeatureIsDisabled(t *testing.T) { delete(argoCDCmDisabled.Data, "statusbadge.enabled") settingsMgr := settings.NewSettingsManager(context.Background(), fake.NewSimpleClientset(argoCDCmDisabled, &argoCDSecret), "default") - handler := NewHandler(appclientset.NewSimpleClientset(&testApp), settingsMgr, "default") - req, err := http.NewRequest(http.MethodGet, "/api/badge?name=testApp", nil) + handler := NewHandler(appclientset.NewSimpleClientset(&testApp), settingsMgr, "default", []string{}) + req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app", nil) assert.NoError(t, err) rr := httptest.NewRecorder() diff --git a/server/server.go b/server/server.go index 9a7b92cd02ed88..4fbae9da4682ce 100644 --- a/server/server.go +++ b/server/server.go @@ -949,7 +949,7 @@ func (a *ArgoCDServer) newHTTPServer(ctx context.Context, port int, grpcWebHandl Handler: &handlerSwitcher{ handler: mux, urlToHandler: map[string]http.Handler{ - "/api/badge": badge.NewHandler(a.AppClientset, a.settingsMgr, a.Namespace), + "/api/badge": badge.NewHandler(a.AppClientset, a.settingsMgr, a.Namespace, a.ApplicationNamespaces), common.LogoutEndpoint: logout.NewHandler(a.AppClientset, a.settingsMgr, a.sessionMgr, a.ArgoCDServerOpts.RootPath, a.ArgoCDServerOpts.BaseHRef, a.Namespace), }, contentTypeToHandler: map[string]http.Handler{ From b89c9ec6e40fb4c557dc0a2326b6016f0ad3d393 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 08:41:02 -0400 Subject: [PATCH 2/8] chore(deps): bump docker/setup-buildx-action from 2.9.1 to 3.0.0 (#15476) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.9.1 to 3.0.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/4c0219f9ac95b02789c1075625400b2acbff50b1...f95db51fddba0c2d1ec667646a06c2ce06100226) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/image-reuse.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/image-reuse.yaml b/.github/workflows/image-reuse.yaml index a0a62669fc5b15..0a6c8bdd7ce634 100644 --- a/.github/workflows/image-reuse.yaml +++ b/.github/workflows/image-reuse.yaml @@ -79,7 +79,7 @@ jobs: cosign-release: 'v2.0.0' - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - - uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1 + - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Setup tags for container image as a CSV type run: | From f33005b10427c9894d1830476423fc36b412debb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 08:45:39 -0400 Subject: [PATCH 3/8] chore(deps): bump library/node from 20.6.0 to 20.6.1 in /test/container (#15451) Bumps library/node from 20.6.0 to 20.6.1. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- test/container/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/container/Dockerfile b/test/container/Dockerfile index 8a2831db3c6b6a..a0a7c60033f58c 100644 --- a/test/container/Dockerfile +++ b/test/container/Dockerfile @@ -6,7 +6,7 @@ FROM docker.io/library/redis:7.0.11@sha256:f50031a49f41e493087fb95f96fdb3523bb25 RUN ln -s /usr/lib/$(uname -m)-linux-gnu /usr/lib/linux-gnu # Please make sure to also check the contained yarn version and update the references below when upgrading this image's version -FROM docker.io/library/node:20.6.0@sha256:d9cdfd064b359b0d521cc5f775d8ac1b31da4a32d2dcdd19efa67e29148dff64 as node +FROM docker.io/library/node:20.6.1@sha256:14bd39208dbc0eb171cbfb26ccb9ac09fa1b2eba04ccd528ab5d12983fd9ee24 as node FROM docker.io/library/golang:1.21.0@sha256:ec457a2fcd235259273428a24e09900c496d0c52207266f96a330062a01e3622 as golang From 17f5cb4613434be7c86672f2e415c0905bf6b2d7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 14:19:49 +0000 Subject: [PATCH 4/8] chore(deps): bump library/node from 20.6.0 to 20.6.1 in /ui-test (#15452) Bumps library/node from 20.6.0 to 20.6.1. --- updated-dependencies: - dependency-name: library/node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- ui-test/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ui-test/Dockerfile b/ui-test/Dockerfile index bc0995495ab682..f3e15fd0992fa9 100644 --- a/ui-test/Dockerfile +++ b/ui-test/Dockerfile @@ -1,4 +1,4 @@ -FROM docker.io/library/node:20.6.0@sha256:479e4dcd4fafcf9759ad253dcf186036926b5fa522d405ee9bb103e0c36c405f as node +FROM docker.io/library/node:20.6.1@sha256:14bd39208dbc0eb171cbfb26ccb9ac09fa1b2eba04ccd528ab5d12983fd9ee24 as node RUN apt-get update && apt-get install --no-install-recommends -y \ software-properties-common From 3fdb685c113a9ab3f18fcfff37de571ad9bce4c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 10:27:58 -0400 Subject: [PATCH 5/8] chore(deps): bump gitpod/workspace-full from `d578722` to `511cecd` (#15453) Bumps gitpod/workspace-full from `d578722` to `511cecd`. --- updated-dependencies: - dependency-name: gitpod/workspace-full dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .gitpod.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitpod.Dockerfile b/.gitpod.Dockerfile index 981c5625f678e3..d105f49fde2b1a 100644 --- a/.gitpod.Dockerfile +++ b/.gitpod.Dockerfile @@ -1,4 +1,4 @@ -FROM gitpod/workspace-full@sha256:d5787229cd062aceae91109f1690013d3f25062916492fb7f444d13de3186178 +FROM gitpod/workspace-full@sha256:511cecde4dc129ca9eb4cc4c479d61f95e5485ebe320a07f5b902f11899956a3 USER root From cfc5f9896c2dca21628a8793a3bea331c7ad0419 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 10:29:47 -0400 Subject: [PATCH 6/8] chore(deps): bump argo-ui from `13cea62` to `002d01b` in /ui (#15440) Bumps [argo-ui](https://github.com/argoproj/argo-ui) from `13cea62` to `002d01b`. - [Release notes](https://github.com/argoproj/argo-ui/releases) - [Commits](https://github.com/argoproj/argo-ui/compare/13cea62a4a0e4a14a2dd6908490e1e907709aa86...002d01b18e8aaf4b21307a3b87341ab05230483f) --- updated-dependencies: - dependency-name: argo-ui dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- ui/yarn.lock | 62 ++++++++++++++-------------------------------------- 1 file changed, 17 insertions(+), 45 deletions(-) diff --git a/ui/yarn.lock b/ui/yarn.lock index 9c46e7ca7093ef..724578b5476131 100644 --- a/ui/yarn.lock +++ b/ui/yarn.lock @@ -2513,13 +2513,14 @@ arg@^4.1.0: "argo-ui@git+https://github.com/argoproj/argo-ui.git": version "1.0.0" - resolved "git+https://github.com/argoproj/argo-ui.git#13cea62a4a0e4a14a2dd6908490e1e907709aa86" + uid "002d01b18e8aaf4b21307a3b87341ab05230483f" + resolved "git+https://github.com/argoproj/argo-ui.git#002d01b18e8aaf4b21307a3b87341ab05230483f" dependencies: "@fortawesome/fontawesome-free" "^6.2.1" "@tippy.js/react" "^3.1.1" antd "^5.6.1" classnames "^2.2.6" - core-js "^3.30.2" + core-js "^3.32.1" foundation-sites "^6.4.3" history "^4.10.1" moment "^2.29.4" @@ -2530,8 +2531,8 @@ arg@^4.1.0: react-helmet "^6.1.0" react-router-dom "^4.2.2" react-toastify "9.0.8" - rxjs "^7.5.6" - typescript "^4.8.3" + rxjs "^7.8.1" + typescript "^4.9.5" uuid "^9.0.0" xterm "^4.19.0" xterm-addon-fit "^0.5.0" @@ -3087,17 +3088,7 @@ class-utils@^0.3.5: isobject "^3.0.0" static-extend "^0.1.1" -classnames@2.x, classnames@^2.2.1, classnames@^2.2.3, classnames@^2.3.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/classnames/-/classnames-2.3.1.tgz#dfcfa3891e306ec1dad105d0e88f4417b8535e8e" - integrity sha512-OlQdbZ7gLfGarSqxesMesDa5uz7KFbID8Kpq/SxIoNGDqY8lSYs0D+hhtBXhcdB3rcbXArFr7vlHheLk1voeNA== - -classnames@^2.2.5, classnames@^2.2.6: - version "2.2.6" - resolved "https://registry.yarnpkg.com/classnames/-/classnames-2.2.6.tgz#43935bffdd291f326dad0a205309b38d00f650ce" - integrity sha512-JR/iSQOSt+LQIWwrwEzJ9uk0xfN3mTVYMwt1Ir5mUcSN6pU+V4zQFFaJsclJbPuAUQH+yfWef6tm7l1quW3C8Q== - -classnames@^2.3.2: +classnames@2.x, classnames@^2.2.1, classnames@^2.2.3, classnames@^2.2.5, classnames@^2.2.6, classnames@^2.3.1, classnames@^2.3.2: version "2.3.2" resolved "https://registry.yarnpkg.com/classnames/-/classnames-2.3.2.tgz#351d813bf0137fcc6a76a16b88208d2560a0d924" integrity sha512-CSbhY4cFEJRe6/GQzIk5qXZ4Jeg5pcsP7b5peFSDpffpe1cqjASH/n9UTjBwOp6XpMSTwQ8Za2K5V02ueA7Tmw== @@ -3374,10 +3365,10 @@ core-js@^2.4.0: resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.6.12.tgz#d9333dfa7b065e347cc5682219d6f690859cc2ec" integrity sha512-Kb2wC0fvsWfQrgk8HU5lW6U/Lcs8+9aaYcy4ZFc6DDlo4nZ7n70dEgE5rtR0oG6ufKDUnrwfWL1mXR5ljDatrQ== -core-js@^3.30.2: - version "3.30.2" - resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.30.2.tgz#6528abfda65e5ad728143ea23f7a14f0dcf503fc" - integrity sha512-uBJiDmwqsbJCWHAwjrx3cvjbMXP7xD72Dmsn5LOJpiRmE3WbBbN5rCqQ2Qh6Ek6/eOrjlWngEynBWo4VxerQhg== +core-js@^3.32.1: + version "3.32.2" + resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.32.2.tgz#172fb5949ef468f93b4be7841af6ab1f21992db7" + integrity sha512-pxXSw1mYZPDGvTQqEc5vgIb83jGQKFGYWY76z4a7weZXUolw3G+OvpZqSRcfYOoOVUQJYEPsWeQK8pKEnUtWxQ== core-util-is@~1.0.0: version "1.0.2" @@ -7813,7 +7804,7 @@ react-fast-compare@^3.1.1: resolved "https://registry.yarnpkg.com/react-fast-compare/-/react-fast-compare-3.2.0.tgz#641a9da81b6a6320f270e89724fb45a0b39e43bb" integrity sha512-rtGImPZ0YyLrscKI9xTpV8psd6I8VAtjKCzQDlzyDvqJA8XOW78TXYQwNRNd8g8JZnDu8q9Fu/1v4HPAVwVdHA== -react-form@2.16.3: +react-form@2.16.3, react-form@^2.16.0: version "2.16.3" resolved "https://registry.yarnpkg.com/react-form/-/react-form-2.16.3.tgz#c45a575483696ea3f99cf271984fcabcf470f1b2" integrity sha512-Pp0XFvEUkIWUImEsyi8DQ7j3Ls6h8J7BCXPwIzBOv5ZgOynLFwJX+/gYqQRNtSZbjPP4+3FVA4zW3Qktq7H+lw== @@ -7827,20 +7818,6 @@ react-form@2.16.3: redux-logger "^3.0.6" redux-thunk "^2.2.0" -react-form@^2.16.0: - version "2.16.0" - resolved "https://registry.yarnpkg.com/react-form/-/react-form-2.16.0.tgz#db7c4d1145a0daa0056010c12bbc5a2f0d749f5f" - integrity sha512-Y2MAqOTplvmw34THQmXhfzus6IMW5w/7xr7t3RQ0Zfb7YCOfT/hP8YeRDU8QWhyGatSunpc3e/CA3rgfWN8i0A== - dependencies: - babel-runtime "^6.26.0" - circular-json "^0.4.0" - classnames "^2.2.5" - prop-types "^15.5.10" - react-redux "^5.0.6" - redux "^3.7.2" - redux-logger "^3.0.6" - redux-thunk "^2.2.0" - react-ga@^2.7.0: version "2.7.0" resolved "https://registry.yarnpkg.com/react-ga/-/react-ga-2.7.0.tgz#24328f157f31e8cffbf4de74a3396536679d8d7c" @@ -8326,7 +8303,7 @@ run-parallel@^1.1.9: dependencies: queue-microtask "^1.2.2" -rxjs@6.6.7, rxjs@^6.6.6, rxjs@^7.5.6: +rxjs@6.6.7, rxjs@^6.6.6, rxjs@^7.8.1: version "6.6.7" resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.6.7.tgz#90ac018acabf491bf65044235d5863c4dab804c9" integrity sha512-hTdwr+7yYNIT5n4AMYp85KA6yw2Va0FLa3Rguvbpa4W3I5xynaBZo41cM3XM+4Q6fRMj3sBYIR1VAmZMXYJvRQ== @@ -8465,11 +8442,6 @@ selfsigned@^2.0.0: dependencies: node-forge "^1" -semver@^6.0.0, semver@^6.3.0: - version "6.3.1" - resolved "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4" - integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA== - semver@7.x, semver@^7.3.2, semver@^7.3.5, semver@^7.3.8: version "7.5.2" resolved "https://registry.npmjs.org/semver/-/semver-7.5.2.tgz#5b851e66d1be07c1cdaf37dfc856f543325a2beb" @@ -8482,6 +8454,11 @@ semver@^5.3.0, semver@^5.4.1, semver@^5.5.0, semver@^5.6.0: resolved "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz#48d55db737c3287cd4835e17fa13feace1c41ef8" integrity sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g== +semver@^6.0.0, semver@^6.3.0: + version "6.3.1" + resolved "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4" + integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA== + send@0.17.2: version "0.17.2" resolved "https://registry.npmjs.org/send/-/send-0.17.2.tgz#926622f76601c41808012c8bf1688fe3906f7820" @@ -9416,11 +9393,6 @@ typedarray-to-buffer@^3.1.5: dependencies: is-typedarray "^1.0.0" -typescript@^4.8.3: - version "4.8.3" - resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.8.3.tgz#d59344522c4bc464a65a730ac695007fdb66dd88" - integrity sha512-goMHfm00nWPa8UvR/CPSvykqf6dVV8x/dp0c5mFTMTIu0u0FlGWRioyy7Nn0PGAdHxpJZnuO/ut+PpQ8UiHAig== - typescript@^4.9.5: version "4.9.5" resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.9.5.tgz#095979f9bcc0d09da324d58d03ce8f8374cbe65a" From 472482c47baff4ba2e406b61547cdf9c6ff8fa1a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 10:30:26 -0400 Subject: [PATCH 7/8] chore(deps): bump library/golang in /test/remote (#15419) Bumps library/golang from `970907c` to `62e5883`. --- updated-dependencies: - dependency-name: library/golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- test/remote/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/remote/Dockerfile b/test/remote/Dockerfile index 2fd13144df72b1..f03e5e7ba77ce7 100644 --- a/test/remote/Dockerfile +++ b/test/remote/Dockerfile @@ -1,6 +1,6 @@ ARG BASE_IMAGE=docker.io/library/ubuntu:22.04 -FROM docker.io/library/golang:1.21.1@sha256:970907c870214ecc19784036f9ba93414213473b03c2b0dc1fa90eeb3a563b8f AS go +FROM docker.io/library/golang:1.21.1@sha256:cffaba795c36f07e372c7191b35ceaae114d74c31c3763d442982e3a4df3b39e AS go RUN go install github.com/mattn/goreman@latest && \ go install github.com/kisielk/godepgraph@latest From 5c0deaedb3f01418ac025ef70f0739dd3c818fa0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 10:30:55 -0400 Subject: [PATCH 8/8] chore(deps): bump library/golang from `970907c` to `62e5883` (#15415) Bumps library/golang from `970907c` to `62e5883`. --- updated-dependencies: - dependency-name: library/golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 13a23b68033cf2..8740c04717737f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ ARG BASE_IMAGE=docker.io/library/ubuntu:22.04@sha256:0bced47fffa3361afa981854fca # Initial stage which pulls prepares build dependencies and CLI tooling we need for our final image # Also used as the image in CI jobs so needs all dependencies #################################################################################################### -FROM docker.io/library/golang:1.21.1@sha256:970907c870214ecc19784036f9ba93414213473b03c2b0dc1fa90eeb3a563b8f AS builder +FROM docker.io/library/golang:1.21.1@sha256:cffaba795c36f07e372c7191b35ceaae114d74c31c3763d442982e3a4df3b39e AS builder RUN echo 'deb http://deb.debian.org/debian buster-backports main' >> /etc/apt/sources.list @@ -101,7 +101,7 @@ RUN HOST_ARCH=$TARGETARCH NODE_ENV='production' NODE_ONLINE_ENV='online' NODE_OP #################################################################################################### # Argo CD Build stage which performs the actual build of Argo CD binaries #################################################################################################### -FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.21.1@sha256:970907c870214ecc19784036f9ba93414213473b03c2b0dc1fa90eeb3a563b8f AS argocd-build +FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.21.1@sha256:cffaba795c36f07e372c7191b35ceaae114d74c31c3763d442982e3a4df3b39e AS argocd-build WORKDIR /go/src/github.com/argoproj/argo-cd