Argo CD v2.10 Release Candidate
Argo CD v2.10 Release Candidate
We are happy to announce that the Argo CD v2.10 Release Candidate has been published! We have summed up over 52 new features, 75 bug fixes, and 44 documentation updates with a total of 230 contributors!
As always, we extend our gratitude to the incredible Argo CD community for their invaluable contributions that helped us to this remarkable milestone. In this post, you will discover some of the exciting new features, selected based on the most highly upvoted proposals and most discussed during Argo Contributor Community Meetings.
ApplicationSet Templates
Introducing a new feature that will make your ApplicationSets even more flexible and powerful: advanced templating using template patches (#14893)!
Now, thanks to the contributions of Geoffrey Muselli, we’ve added this functionality to Argo CD ApplicationSets. With this new feature, you can define templates without being limited to string-only fields. This gives you more granular control over your configurations. For example, you can toggle fields under source to generate applications from different repositories, such as Helm charts from Bitnami and customized packages from private repos.
One of the most common use cases for this feature is toggling auto sync on and off using values from AppSet generators. This is a very common practice when end users are testing changes against a specific environment and they don’t want their changes to be erased if there is a commit to Git. Check out this example here.
We hope this new feature will make it easier for you to deploy complex ApplicationSets with Argo CD, while giving you more power and flexibility in your configurations.
Apps in Any Namespace & Notifications
Next, we will briefly dive into a new feature that makes it easier for users to manage notifications for their apps in Argo CD: Self-Serve Notifications in Apps of Any Namespace (#16488)! With this update, users of the apps-in-any-namespace feature can now apply their own notifications configuration, without relying on Argo CD admins.
Up until now, notifications configuration in Argo CD had to be managed by the Argo CD admins. This created inefficiencies, as users often had to wait for admins to make changes to their apps’ notifications settings.
With the recent introduction of apps-in-any-namespace in version 2.5, users can now self-serve their apps. This has been a major improvement, allowing users to create, deploy, and manage their own apps across multiple namespaces.
Now, with the addition of the new self-serve notifications configuration feature, users can take even greater control of their apps’ settings. End-users have the ability to configure notifications for their Argo CD application in their namespaces, without having to rely on Argo CD admins to make these changes.
We believe that this new feature will dramatically increase the efficiency and autonomy of users of Argo CD’s apps-in-any-namespace feature. And as always, we’re committed to continuing to improve the overall functionality and usability of Argo CD. Thank you May Zhang for these contributions!
Argo CD Authentication
Now, presenting a new feature that makes using Argo CD’s web interface even more secure. We have added support for PKCE (Proof Key for Code Exchange) authentication flow in the web interface (#15889)!
We’ve previously supported PKCE in the CLI, but we’re excited to bring this functionality to the web interface as well. This security feature ensures that even if someone intercepts an authorization code, they won’t be able to exchange it for a token without a special verification. This helps keep your credentials safe and secure when using our web interface.
To use PKCE in the web interface, simply enable it in your configuration settings. You can do this by setting the enablePKCEAuthentication flag in your OIDC configuration file (see PR and 2.10 documentation for details). With that setting enabled, you can enjoy the same level of security in the web interface as in the CLI.
We are continually working to improve the security and user experience of our platform, and this new feature is just one example of that effort. A huge thanks to the contributions of Mayursinh Sarvaiya!
Argo CD Server-Side Diff
Finally, a new feature that will make server-side apply logic even more robust and efficient in Argo CD. We’ve introduced a new option called Server-Side Diff that enables calculating diffs using server-side apply in dry-run mode (#13663)!
Argo CD main diff strategy uses a 3-way comparison between live, desired and last-applied-configuration states. However, with the introduction of Server-Side Apply (SSA) as a new sync option in version 2.5, we implemented a new diff logic based on the kubernetes library called “structured-merge-diff”. Since then, we learned from the community about the different limitations with our new approach. See in the example below one of the issues with default values:
On the right is the git state; we set cronSpec to null. On the left is what Server Side Apply applied to the cluster; it took the default value. In reality, there is no diff. They are exactly the same because k8s will apply the default values (5 0 * * *) as the cronSpec field is mandatory.
To address these issues, we’re introducing a new diff option that performs a SSA in dry-run mode to determine the predicted live state. By caching the SSA response, we can reduce the load on the Kubernetes API and reduce inconsistencies with CRD schema updates. Comparing the SSA response with the live state will give us a more accurate and efficient assessment of resource sync.
One additional benefit of this new feature is that it addresses the current limitations with admission controllers, where mutation and validation webhooks are only executed in the cluster. With this new feature, admission controllers will be executed as part of the diffing stage. To learn more about this new feature, please take a look at our official documentation.
Thank you Leonardo Luz Almeida for your contributions!
Other Notable Changes
Below you can find a few more features that were made in the 2.10 release that we think might interest you:
- Argo CD should enqueue apps with AddRateLimited instead of Add (Issue) (by Soumya Dastidar)
- Recursive auto-population of Helm values files in UI (Issue) (by bagnaram)
- Add informer cache writebacks (like rollouts) to update the application cache faster (by Soumya Dastidar)
- Add an ARGOCD_GIT_REQUEST_TIMEOUT env variable that allows configuring git request timeouts (currently 15s by default) (by Alexander Matyushentsev)
- Expose notification secrets for request payload templating (Issue) (by Etien Rožnik)
- Adds a configurable grace period to ignore repo errors during non-manual (< level 3) app refreshes (by Soumya Dastidar)
- Add support for Kustomize components to ArgoCD (Issue) (by pasha-codefresh)
- Add sourceNamespaces in Projects UI and only show it if AppsInAnyNamespaceEnabled flag is set (by Jonas Eilers)
- Ability to optionally query OIDC UserInfo to gather group claims (by Nathanael Liechti)
- Add a status panel extension in ArgoCD UI to summarize status of resources (by Alexy Mantha)
- Add a PostDelete hook support (by Alexander Matyushentsev)
Where Can I Get the New Release?
For more details and installation instructions, check the release notes. Please try the release candidate and share your feedback via #argo-cd CNCF Slack channel or issues in Argo CD GitHub Repo. Thanks to all Argo Community contributors and users for their work, feedback, and help in testing the release!
