All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Features
23a07991348d0fc573006539220888ccd4372d82: feat: add css to support external custom style (#13279) (#13746) (@gcp-cherry-pick-bot[bot])
ed828e9ddbd66972b58accab19fdc1f66fac5f64: feat: add ssh.github.com to SSH known hosts (#13592) (#13765) (@gcp-cherry-pick-bot[bot])
Bug fixes
f4848bbaaa1d1268c7cef6e3601836e570dad721: fix(appset): add ApplicationSet ProgressiveSync handling to clean up old appStatus entries when Applications are removed or RollingSync is disabled (#13419) (#13759) (@gcp-cherry-pick-bot[bot])
7562607e2b6b042c813e2ccebac42f9089a22da6: fix(appset): Post selector with Go templates in ApplicationSet (cherry-pick #13584) (#13822) (@m13t)
9697cbf1e9a07c7d2dfb63a3e1ed08aef6b0c14a: fix(appset): allow cluster urls to be matched (#13715) (#13770) (@blakepettersson)
2db86afb78745066cee44b286b1cacfe4f7fd97a: fix(ui): Stop using the deprecated url format for gitlab instances (#13687) (#13767) (@gcp-cherry-pick-bot[bot])
b3f0979e71b59a19dcad4a222cfec08f2ccb377b: fix: CMPv2 does not allow symlinks to adjacent files in same git repo. Fixes #13342 (#13360) (#13669) (@gcp-cherry-pick-bot[bot])
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/argoproj/argo-cd/v2 from 2.7.2 to 2.7.4.
Release notes
Sourced from github.com/argoproj/argo-cd/v2's releases.
... (truncated)
Commits
a33baa3Bump version to 2.7.4 (#13910)ca5acedfix: CVE-2023-1732 (#13748) (#13893)7c9b1c5fix(ui): Fix Link warnings (#13694) (#13854) (#13890)6f4b4d3docs: redirect old CMP page to new one (#13877) (#13878)f1c4ed2fix(ui): Patch Resource missing appNamespace (#13839) (#13840)25d5ad9fix(doc): deep links example fix (#13855) (#13857)7562607fix(appset): Post selector with Go templates in ApplicationSet (cherry-pick #...8d23f51docs: fix deep links docs formatting (#13747) (#13837)fb2e33bdocs: update openunison authChainName (#13531) (#13793)97cf0bfdocs: Update disaster_recovery.md to reflect quay.io as docker container regi...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)