From 5540c37f3a35ab90ca3dcab7a329e70aa2308a88 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 00:37:35 -0400 Subject: [PATCH 01/20] chore(deps): bump github.com/cyphar/filepath-securejoin (#19940) Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.3.1 to 0.3.2. - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md) - [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.3.1...v0.3.2) --- updated-dependencies: - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 1245be364c067..d39821cb12c46 100644 --- a/go.mod +++ b/go.mod @@ -22,7 +22,7 @@ require ( github.com/cespare/xxhash/v2 v2.3.0 github.com/chainguard-dev/git-urls v1.0.2 github.com/coreos/go-oidc/v3 v3.11.0 - github.com/cyphar/filepath-securejoin v0.3.1 + github.com/cyphar/filepath-securejoin v0.3.2 github.com/dustin/go-humanize v1.0.1 github.com/evanphx/json-patch v5.9.0+incompatible github.com/expr-lang/expr v1.16.9 diff --git a/go.sum b/go.sum index 409ba78a0aaec..3ea06cfe39c2b 100644 --- a/go.sum +++ b/go.sum @@ -204,8 +204,8 @@ github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7Do github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= -github.com/cyphar/filepath-securejoin v0.3.1 h1:1V7cHiaW+C+39wEfpH6XlLBQo3j/PciWFrgfCLS8XrE= -github.com/cyphar/filepath-securejoin v0.3.1/go.mod h1:F7i41x/9cBF7lzCrVsYs9fuzwRZm4NQsGTBdpp6mETc= +github.com/cyphar/filepath-securejoin v0.3.2 h1:QhZu5AxQ+o1XZH0Ye05YzvJ0kAdK6VQc0z9NNMek7gc= +github.com/cyphar/filepath-securejoin v0.3.2/go.mod h1:F7i41x/9cBF7lzCrVsYs9fuzwRZm4NQsGTBdpp6mETc= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= From ddf337e89355b090a00f742d07589eee29b7051e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 00:37:53 -0400 Subject: [PATCH 02/20] chore(deps): bump bitnami/kubectl in /test/container (#19939) Bumps bitnami/kubectl from `7779e58` to `27e5f50`. --- updated-dependencies: - dependency-name: bitnami/kubectl dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- test/container/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/container/Dockerfile b/test/container/Dockerfile index 1255e4e210869..8d1cfcc98e818 100644 --- a/test/container/Dockerfile +++ b/test/container/Dockerfile @@ -12,7 +12,7 @@ FROM docker.io/library/golang:1.23@sha256:2fe82a3f3e006b4f2a316c6a21f62b66e1330a FROM docker.io/library/registry:2.8@sha256:ac0192b549007e22998eb74e8d8488dcfe70f1489520c3b144a6047ac5efbe90 as registry -FROM docker.io/bitnami/kubectl:1.31@sha256:7779e585c588adde5c8feafd584c1ffc76ffbe8475236aa14c13b8afe18d9af6 as kubectl +FROM docker.io/bitnami/kubectl:1.31@sha256:27e5f500a2de2ba249a159c4af0b075500ad8a1afaa59ba1edf09bf83c656fd4 as kubectl FROM docker.io/library/ubuntu:24.04@sha256:3f85b7caad41a95462cf5b787d8a04604c8262cdcdf9a472b8c52ef83375fe15 From e67a7b667482e4d51f1b1ff0d6edd7e6851bd0e6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 04:53:11 +0000 Subject: [PATCH 03/20] chore(deps-dev): bump @types/node from 22.5.4 to 22.5.5 in /ui-test (#19941) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 22.5.4 to 22.5.5. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- ui-test/package.json | 2 +- ui-test/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ui-test/package.json b/ui-test/package.json index 9de2b869b9253..041e43ac3160a 100644 --- a/ui-test/package.json +++ b/ui-test/package.json @@ -19,7 +19,7 @@ }, "devDependencies": { "@types/mocha": "^10.0.8", - "@types/node": "^22.5.4", + "@types/node": "^22.5.5", "dotenv": "^16.4.5", "mocha": "^10.7.3", "prettier": "^2.8.8", diff --git a/ui-test/yarn.lock b/ui-test/yarn.lock index 0bc50570178cd..1f6205097d09f 100644 --- a/ui-test/yarn.lock +++ b/ui-test/yarn.lock @@ -38,10 +38,10 @@ resolved "https://registry.yarnpkg.com/@types/mocha/-/mocha-10.0.8.tgz#a7eff5816e070c3b4d803f1d3cd780c4e42934a1" integrity sha512-HfMcUmy9hTMJh66VNcmeC9iVErIZJli2bszuXc6julh5YGuRb/W5OnkHjwLNYdFlMis0sY3If5SEAp+PktdJjw== -"@types/node@*", "@types/node@^22.5.4": - version "22.5.4" - resolved "https://registry.yarnpkg.com/@types/node/-/node-22.5.4.tgz#83f7d1f65bc2ed223bdbf57c7884f1d5a4fa84e8" - integrity sha512-FDuKUJQm/ju9fT/SeX/6+gBzoPzlVCzfzmGkwKvRHQVxi4BntVbyIwf6a4Xn62mrvndLiml6z/UBXIdEVjQLXg== +"@types/node@*", "@types/node@^22.5.5": + version "22.5.5" + resolved "https://registry.yarnpkg.com/@types/node/-/node-22.5.5.tgz#52f939dd0f65fc552a4ad0b392f3c466cc5d7a44" + integrity sha512-Xjs4y5UPO/CLdzpgR6GirZJx36yScjh73+2NlLlkFRSoQN8B0DpfXPdZGnvVmLRLOsqDpOfTNv7D9trgGhmOIA== dependencies: undici-types "~6.19.2" From 038a83276c395e09f31923ebe510bf65bb4348bb Mon Sep 17 00:00:00 2001 From: kswadi <31335049+kswadi@users.noreply.github.com> Date: Mon, 16 Sep 2024 17:09:42 +0530 Subject: [PATCH 04/20] docs: fix typo in ingress section of operator manual (#19946) Signed-off-by: kswadi --- docs/operator-manual/ingress.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/operator-manual/ingress.md b/docs/operator-manual/ingress.md index 2a462e9601349..652458c32f093 100644 --- a/docs/operator-manual/ingress.md +++ b/docs/operator-manual/ingress.md @@ -471,7 +471,7 @@ Once we create this service, we can configure the Ingress to conditionally route ``` ## [Istio](https://www.istio.io) -You can put Argo CD behind Istio using following configurations. Here we will achive both serving Argo CD behind istio and using subpath on Istio +You can put Argo CD behind Istio using following configurations. Here we will achieve both serving Argo CD behind istio and using subpath on Istio First we need to make sure that we can run Argo CD with subpath (ie /argocd). For this we have used install.yaml from argocd project as is From 757c395e64336b4f8dd8619b078dc6b3a7270358 Mon Sep 17 00:00:00 2001 From: Frederic MARTIN Date: Mon, 16 Sep 2024 15:26:55 +0200 Subject: [PATCH 05/20] docs: fix typo in upgrading section of operator manual (#19950) Signed-off-by: Frederic MARTIN --- docs/operator-manual/upgrading/2.12-2.13.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/operator-manual/upgrading/2.12-2.13.md b/docs/operator-manual/upgrading/2.12-2.13.md index c98845f9e5927..14b26f22a2d70 100644 --- a/docs/operator-manual/upgrading/2.12-2.13.md +++ b/docs/operator-manual/upgrading/2.12-2.13.md @@ -66,4 +66,4 @@ The default extension for log files generated by Argo CD when using the "Downloa If you have any custom scripts or tools that depend on the `.txt` extension, please update them accordingly. ## Added proxy to kustomize -Proxy config set on repository credentials / repository templates is now passed down to the `kustomie build` command. +Proxy config set on repository credentials / repository templates is now passed down to the `kustomize build` command. From bb1123ad7f3da78431efc8daf35120f4a0014911 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 21:06:38 +0000 Subject: [PATCH 06/20] [Bot] docs: Update Snyk reports (#19936) Signed-off-by: CI Co-authored-by: CI --- docs/snyk/index.md | 30 +- docs/snyk/master/argocd-iac-install.html | 2 +- .../master/argocd-iac-namespace-install.html | 2 +- docs/snyk/master/argocd-test.html | 175 +- .../master/ghcr.io_dexidp_dex_v2.41.1.html | 2 +- ..._docker_library_haproxy_2.6.17-alpine.html | 2 +- ...ws_docker_library_redis_7.0.15-alpine.html | 2 +- .../quay.io_argoproj_argocd_latest.html | 175 +- docs/snyk/master/redis_7.0.15-alpine.html | 2 +- docs/snyk/v2.10.16/argocd-iac-install.html | 2 +- .../argocd-iac-namespace-install.html | 2 +- docs/snyk/v2.10.16/argocd-test.html | 175 +- .../v2.10.16/ghcr.io_dexidp_dex_v2.37.0.html | 2 +- docs/snyk/v2.10.16/haproxy_2.6.14-alpine.html | 2 +- .../quay.io_argoproj_argocd_v2.10.16.html | 82 +- docs/snyk/v2.10.16/redis_7.0.15-alpine.html | 2 +- .../argocd-iac-install.html | 2 +- .../argocd-iac-namespace-install.html | 2 +- .../{v2.11.7 => v2.11.8}/argocd-test.html | 175 +- .../ghcr.io_dexidp_dex_v2.38.0.html | 2 +- .../haproxy_2.6.14-alpine.html | 2 +- .../quay.io_argoproj_argocd_v2.11.8.html} | 2638 ++++------------- .../redis_7.0.15-alpine.html | 2 +- docs/snyk/v2.12.3/argocd-iac-install.html | 2 +- .../v2.12.3/argocd-iac-namespace-install.html | 2 +- docs/snyk/v2.12.3/argocd-test.html | 175 +- .../v2.12.3/ghcr.io_dexidp_dex_v2.38.0.html | 2 +- ..._docker_library_haproxy_2.6.17-alpine.html | 2 +- ...ws_docker_library_redis_7.0.15-alpine.html | 2 +- .../quay.io_argoproj_argocd_v2.12.3.html | 88 +- docs/snyk/v2.12.3/redis_7.0.15-alpine.html | 2 +- 31 files changed, 1489 insertions(+), 2268 deletions(-) rename docs/snyk/{v2.11.7 => v2.11.8}/argocd-iac-install.html (99%) rename docs/snyk/{v2.11.7 => v2.11.8}/argocd-iac-namespace-install.html (99%) rename docs/snyk/{v2.11.7 => v2.11.8}/argocd-test.html (95%) rename docs/snyk/{v2.11.7 => v2.11.8}/ghcr.io_dexidp_dex_v2.38.0.html (99%) rename docs/snyk/{v2.11.7 => v2.11.8}/haproxy_2.6.14-alpine.html (99%) rename docs/snyk/{v2.11.7/quay.io_argoproj_argocd_v2.11.7.html => v2.11.8/quay.io_argoproj_argocd_v2.11.8.html} (68%) rename docs/snyk/{v2.11.7 => v2.11.8}/redis_7.0.15-alpine.html (99%) diff --git a/docs/snyk/index.md b/docs/snyk/index.md index f8e638488bd0d..b56336b32e637 100644 --- a/docs/snyk/index.md +++ b/docs/snyk/index.md @@ -14,11 +14,11 @@ recent minor releases. | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| | [go.mod](master/argocd-test.html) | 0 | 0 | 1 | 0 | -| [ui/yarn.lock](master/argocd-test.html) | 0 | 0 | 1 | 0 | +| [ui/yarn.lock](master/argocd-test.html) | 0 | 0 | 2 | 0 | | [dex:v2.41.1](master/ghcr.io_dexidp_dex_v2.41.1.html) | 0 | 0 | 0 | 1 | | [haproxy:2.6.17-alpine](master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html) | 0 | 0 | 2 | 3 | | [redis:7.0.15-alpine](master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:latest](master/quay.io_argoproj_argocd_latest.html) | 0 | 0 | 6 | 8 | +| [argocd:latest](master/quay.io_argoproj_argocd_latest.html) | 0 | 0 | 4 | 8 | | [redis:7.0.15-alpine](master/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | | [install.yaml](master/argocd-iac-install.html) | - | - | - | - | | [namespace-install.yaml](master/argocd-iac-namespace-install.html) | - | - | - | - | @@ -28,37 +28,37 @@ recent minor releases. | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| | [go.mod](v2.12.3/argocd-test.html) | 0 | 0 | 2 | 0 | -| [ui/yarn.lock](v2.12.3/argocd-test.html) | 0 | 0 | 1 | 0 | +| [ui/yarn.lock](v2.12.3/argocd-test.html) | 0 | 0 | 2 | 0 | | [dex:v2.38.0](v2.12.3/ghcr.io_dexidp_dex_v2.38.0.html) | 0 | 0 | 6 | 6 | | [haproxy:2.6.17-alpine](v2.12.3/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html) | 0 | 0 | 2 | 3 | | [redis:7.0.15-alpine](v2.12.3/public.ecr.aws_docker_library_redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:v2.12.3](v2.12.3/quay.io_argoproj_argocd_v2.12.3.html) | 0 | 0 | 7 | 8 | +| [argocd:v2.12.3](v2.12.3/quay.io_argoproj_argocd_v2.12.3.html) | 0 | 0 | 8 | 8 | | [redis:7.0.15-alpine](v2.12.3/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | | [install.yaml](v2.12.3/argocd-iac-install.html) | - | - | - | - | | [namespace-install.yaml](v2.12.3/argocd-iac-namespace-install.html) | - | - | - | - | -### v2.11.7 +### v2.11.8 | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| -| [go.mod](v2.11.7/argocd-test.html) | 0 | 1 | 3 | 0 | -| [ui/yarn.lock](v2.11.7/argocd-test.html) | 0 | 0 | 1 | 0 | -| [dex:v2.38.0](v2.11.7/ghcr.io_dexidp_dex_v2.38.0.html) | 0 | 0 | 6 | 6 | -| [haproxy:2.6.14-alpine](v2.11.7/haproxy_2.6.14-alpine.html) | 0 | 1 | 7 | 6 | -| [argocd:v2.11.7](v2.11.7/quay.io_argoproj_argocd_v2.11.7.html) | 0 | 0 | 10 | 20 | -| [redis:7.0.15-alpine](v2.11.7/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [install.yaml](v2.11.7/argocd-iac-install.html) | - | - | - | - | -| [namespace-install.yaml](v2.11.7/argocd-iac-namespace-install.html) | - | - | - | - | +| [go.mod](v2.11.8/argocd-test.html) | 0 | 1 | 3 | 0 | +| [ui/yarn.lock](v2.11.8/argocd-test.html) | 0 | 0 | 2 | 0 | +| [dex:v2.38.0](v2.11.8/ghcr.io_dexidp_dex_v2.38.0.html) | 0 | 0 | 6 | 6 | +| [haproxy:2.6.14-alpine](v2.11.8/haproxy_2.6.14-alpine.html) | 0 | 1 | 7 | 6 | +| [argocd:v2.11.8](v2.11.8/quay.io_argoproj_argocd_v2.11.8.html) | 0 | 0 | 7 | 16 | +| [redis:7.0.15-alpine](v2.11.8/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | +| [install.yaml](v2.11.8/argocd-iac-install.html) | - | - | - | - | +| [namespace-install.yaml](v2.11.8/argocd-iac-namespace-install.html) | - | - | - | - | ### v2.10.16 | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| | [go.mod](v2.10.16/argocd-test.html) | 0 | 1 | 4 | 0 | -| [ui/yarn.lock](v2.10.16/argocd-test.html) | 0 | 0 | 1 | 0 | +| [ui/yarn.lock](v2.10.16/argocd-test.html) | 0 | 0 | 2 | 0 | | [dex:v2.37.0](v2.10.16/ghcr.io_dexidp_dex_v2.37.0.html) | 1 | 1 | 10 | 6 | | [haproxy:2.6.14-alpine](v2.10.16/haproxy_2.6.14-alpine.html) | 0 | 1 | 7 | 6 | -| [argocd:v2.10.16](v2.10.16/quay.io_argoproj_argocd_v2.10.16.html) | 0 | 0 | 10 | 20 | +| [argocd:v2.10.16](v2.10.16/quay.io_argoproj_argocd_v2.10.16.html) | 0 | 0 | 11 | 20 | | [redis:7.0.15-alpine](v2.10.16/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | | [install.yaml](v2.10.16/argocd-iac-install.html) | - | - | - | - | | [namespace-install.yaml](v2.10.16/argocd-iac-namespace-install.html) | - | - | - | - | diff --git a/docs/snyk/master/argocd-iac-install.html b/docs/snyk/master/argocd-iac-install.html index 83c8c02de908b..c4531da3f93ef 100644 --- a/docs/snyk/master/argocd-iac-install.html +++ b/docs/snyk/master/argocd-iac-install.html @@ -456,7 +456,7 @@

Snyk test report

-

September 8th 2024, 12:20:48 am (UTC+00:00)

+

September 15th 2024, 12:20:57 am (UTC+00:00)

Scanned the following path: diff --git a/docs/snyk/master/argocd-iac-namespace-install.html b/docs/snyk/master/argocd-iac-namespace-install.html index f0a80d1987e41..020a13bf79f07 100644 --- a/docs/snyk/master/argocd-iac-namespace-install.html +++ b/docs/snyk/master/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

Snyk test report

-

September 8th 2024, 12:20:58 am (UTC+00:00)

+

September 15th 2024, 12:21:06 am (UTC+00:00)

Scanned the following path: diff --git a/docs/snyk/master/argocd-test.html b/docs/snyk/master/argocd-test.html index 7e22a5c226c0e..33e1e7ab43d33 100644 --- a/docs/snyk/master/argocd-test.html +++ b/docs/snyk/master/argocd-test.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,7 +456,7 @@

Snyk test report

-

September 8th 2024, 12:18:34 am (UTC+00:00)

+

September 15th 2024, 12:18:53 am (UTC+00:00)

Scanned the following paths: @@ -467,8 +467,8 @@

Snyk test report

-
2 known vulnerabilities
-
2 vulnerable dependency paths
+
3 known vulnerabilities
+
5 vulnerable dependency paths
2132 dependencies
@@ -477,6 +477,173 @@

Snyk test report

+
+

Regular Expression Denial of Service (ReDoS)

+
+ +
+ medium severity +
+ +
+ +
    +
  • + Manifest file: /argo-cd ui/yarn.lock +
    • +
  • + Package Manager: npm +
    • +
  • + Vulnerable module: + + path-to-regexp +
    • + +
  • Introduced through: + + + argo-cd-ui@1.0.0, react-router@4.3.1 and others +
    • +
+ +
+ + +

Detailed paths

+ +
    +
  • + Introduced through: + argo-cd-ui@1.0.0 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
    • +
  • + Introduced through: + argo-cd-ui@1.0.0 + + react-router-dom@4.3.1 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
    • +
  • + Introduced through: + argo-cd-ui@1.0.0 + + argo-ui@1.0.0 + + react-router-dom@4.3.1 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
    • +
+ +
+ +
+ +

Overview

+

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when including multiple regular expression parameters in a single segment, which will produce the regular expression /^\/([^\/]+?)-([^\/]+?)\/?$/, if two parameters within a single segment are separated by a character other than a / or .. Poor performance will block the event loop and can lead to a DoS.

+

Note: + Version 0.1.10 is patched to mitigate this but is also vulnerable if custom regular expressions are used. Due to the existence of this attack vector, the Snyk security team have decided to err on the side of caution in considering the very widely-used v0 branch vulnerable, while the 8.0.0 release has completely eliminated the vulnerable functionality.

+

Workaround

+

This vulnerability can be avoided by using a custom regular expression for parameters after the first in a segment, which excludes - and /.

+

PoC

+ 
/a${'-a'.repeat(8_000)}/a
+
+

Details

+

Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

+

The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

+

Let’s take the following regular expression as an example:

+ 
regex = /A(B|C+)+D/
+
+

This regular expression accomplishes the following:

+
    +
  • A The string must start with the letter 'A'
    • +
  • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
    • +
  • D Finally, we ensure this section of the string ends with a 'D'
    • +
+

The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

+

It most cases, it doesn't take very long for a regex engine to find a match:

+ 
$ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
+        0.04s user 0.01s system 95% cpu 0.052 total
+        
+        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
+        1.79s user 0.02s system 99% cpu 1.812 total
+
+

The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

+

Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

+

Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

+
    +
  1. CCC
    2. +
  2. CC+C
    3. +
  3. C+CC
    4. +
  4. C+C+C.
    5. +
+

The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

+

From there, the number of steps the engine must use to validate a string just continues to grow.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + +
StringNumber of C'sNumber of steps
ACCCX338
ACCCCX471
ACCCCCX5136
ACCCCCCCCCCCCCCX1465,553
+

By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

+

Remediation

+

Upgrade path-to-regexp to version 8.0.0 or higher.

+

References

+ + +
+ +
+

More about this vulnerability

+
+ +

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

diff --git a/docs/snyk/master/ghcr.io_dexidp_dex_v2.41.1.html b/docs/snyk/master/ghcr.io_dexidp_dex_v2.41.1.html index a0b181d251aec..238af83a261bc 100644 --- a/docs/snyk/master/ghcr.io_dexidp_dex_v2.41.1.html +++ b/docs/snyk/master/ghcr.io_dexidp_dex_v2.41.1.html @@ -456,7 +456,7 @@

Snyk test report

-

September 8th 2024, 12:18:44 am (UTC+00:00)

+

September 15th 2024, 12:19:03 am (UTC+00:00)

Scanned the following paths: diff --git a/docs/snyk/master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html b/docs/snyk/master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html index 69fdc1139ecbc..cd8be9cb54423 100644 --- a/docs/snyk/master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html +++ b/docs/snyk/master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html @@ -456,7 +456,7 @@

Snyk test report

-

September 8th 2024, 12:18:52 am (UTC+00:00)

+

September 15th 2024, 12:19:08 am (UTC+00:00)

Scanned the following path: diff --git a/docs/snyk/master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html b/docs/snyk/master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html index 866d510ea9622..b897f3e78df7d 100644 --- a/docs/snyk/master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html +++ b/docs/snyk/master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

Snyk test report

-

September 8th 2024, 12:18:59 am (UTC+00:00)

+

September 15th 2024, 12:19:12 am (UTC+00:00)

Scanned the following paths: diff --git a/docs/snyk/master/quay.io_argoproj_argocd_latest.html b/docs/snyk/master/quay.io_argoproj_argocd_latest.html index 819d82fbd769b..e1b0381827449 100644 --- a/docs/snyk/master/quay.io_argoproj_argocd_latest.html +++ b/docs/snyk/master/quay.io_argoproj_argocd_latest.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,7 +456,7 @@

Snyk test report

-

September 8th 2024, 12:19:18 am (UTC+00:00)

+

September 15th 2024, 12:19:30 am (UTC+00:00)

Scanned the following paths: @@ -470,8 +470,8 @@

Snyk test report

-
14 known vulnerabilities
-
68 vulnerable dependency paths
+
12 known vulnerabilities
+
66 vulnerable dependency paths
2355 dependencies
@@ -1050,7 +1050,7 @@

References

-

Integer Overflow or Wraparound

+

CVE-2024-8096

@@ -1069,7 +1069,7 @@

Integer Overflow or Wraparound

  • Vulnerable module: - expat/libexpat1 + curl/libcurl3t64-gnutls
  • Introduced through: @@ -1091,153 +1091,7 @@

    Detailed paths

    git@1:2.43.0-1ubuntu7.1 - expat/libexpat1@2.6.1-2build1 - - - -
    • - - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. - See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

    -

    An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

    -

    Remediation

    -

    There is no fixed version for Ubuntu:24.04 expat.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -
    -
    -

    XML External Entity (XXE) Injection

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:latest/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:24.04 -
      • -
    • - Vulnerable module: - - expat/libexpat1 -
      • - -
    • Introduced through: - - - docker-image|quay.io/argoproj/argocd@latest, git@1:2.43.0-1ubuntu7.1 and others -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - git@1:2.43.0-1ubuntu7.1 - - expat/libexpat1@2.6.1-2build1 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. - See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

    -

    An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.

    -

    Remediation

    -

    There is no fixed version for Ubuntu:24.04 expat.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -
    -
    -

    Integer Overflow or Wraparound

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:latest/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:24.04 -
      • -
    • - Vulnerable module: - - expat/libexpat1 -
      • - -
    • Introduced through: - - - docker-image|quay.io/argoproj/argocd@latest, git@1:2.43.0-1ubuntu7.1 and others -
      • -
    - -
    - - -

    Detailed paths

    - -
    diff --git a/docs/snyk/master/redis_7.0.15-alpine.html b/docs/snyk/master/redis_7.0.15-alpine.html index e98eaf567ec9a..4048f7704e169 100644 --- a/docs/snyk/master/redis_7.0.15-alpine.html +++ b/docs/snyk/master/redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:19:22 am (UTC+00:00)

    +

    September 15th 2024, 12:19:34 am (UTC+00:00)

    Scanned the following paths: diff --git a/docs/snyk/v2.10.16/argocd-iac-install.html b/docs/snyk/v2.10.16/argocd-iac-install.html index 97aeab8b84d4d..f962a3756de76 100644 --- a/docs/snyk/v2.10.16/argocd-iac-install.html +++ b/docs/snyk/v2.10.16/argocd-iac-install.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:28:10 am (UTC+00:00)

    +

    September 15th 2024, 12:27:49 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/v2.10.16/argocd-iac-namespace-install.html b/docs/snyk/v2.10.16/argocd-iac-namespace-install.html index cd96c92e26894..c2f25c827ce3a 100644 --- a/docs/snyk/v2.10.16/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.10.16/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:28:21 am (UTC+00:00)

    +

    September 15th 2024, 12:27:58 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/v2.10.16/argocd-test.html b/docs/snyk/v2.10.16/argocd-test.html index 677059a594914..7cd0e72a8b29b 100644 --- a/docs/snyk/v2.10.16/argocd-test.html +++ b/docs/snyk/v2.10.16/argocd-test.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:26:11 am (UTC+00:00)

    +

    September 15th 2024, 12:25:54 am (UTC+00:00)

    Scanned the following paths: @@ -467,8 +467,8 @@

    Snyk test report

    -
    6 known vulnerabilities
    -
    160 vulnerable dependency paths
    +
    7 known vulnerabilities
    +
    163 vulnerable dependency paths
    2042 dependencies
    @@ -3139,6 +3139,173 @@

    References

    More about this vulnerability

    +
    +
    +

    Regular Expression Denial of Service (ReDoS)

    +
    + +
    + medium severity +
    + +
    + +
      +
    • + Manifest file: /argo-cd ui/yarn.lock +
      • +
    • + Package Manager: npm +
      • +
    • + Vulnerable module: + + path-to-regexp +
      • + +
    • Introduced through: + + + argo-cd-ui@1.0.0, react-router@4.3.1 and others +
      • +
    + +
    + + +

    Detailed paths

    + +
      +
    • + Introduced through: + argo-cd-ui@1.0.0 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
      • +
    • + Introduced through: + argo-cd-ui@1.0.0 + + react-router-dom@4.3.1 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
      • +
    • + Introduced through: + argo-cd-ui@1.0.0 + + argo-ui@1.0.0 + + react-router-dom@4.3.1 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
      • +
    + +
    + +
    + +

    Overview

    +

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when including multiple regular expression parameters in a single segment, which will produce the regular expression /^\/([^\/]+?)-([^\/]+?)\/?$/, if two parameters within a single segment are separated by a character other than a / or .. Poor performance will block the event loop and can lead to a DoS.

    +

    Note: + Version 0.1.10 is patched to mitigate this but is also vulnerable if custom regular expressions are used. Due to the existence of this attack vector, the Snyk security team have decided to err on the side of caution in considering the very widely-used v0 branch vulnerable, while the 8.0.0 release has completely eliminated the vulnerable functionality.

    +

    Workaround

    +

    This vulnerability can be avoided by using a custom regular expression for parameters after the first in a segment, which excludes - and /.

    +

    PoC

    + 
    /a${'-a'.repeat(8_000)}/a
+
    +

    Details

    +

    Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

    +

    The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

    +

    Let’s take the following regular expression as an example:

    + 
    regex = /A(B|C+)+D/
+
    +

    This regular expression accomplishes the following:

    +
      +
    • A The string must start with the letter 'A'
      • +
    • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
      • +
    • D Finally, we ensure this section of the string ends with a 'D'
      • +
    +

    The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

    +

    It most cases, it doesn't take very long for a regex engine to find a match:

    + 
    $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
+        0.04s user 0.01s system 95% cpu 0.052 total
+        
+        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
+        1.79s user 0.02s system 99% cpu 1.812 total
+
    +

    The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

    +

    Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

    +

    Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

    +
      +
    1. CCC
      2. +
    2. CC+C
      3. +
    3. C+CC
      4. +
    4. C+C+C.
      5. +
    +

    The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

    +

    From there, the number of steps the engine must use to validate a string just continues to grow.

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    StringNumber of C'sNumber of steps
    ACCCX338
    ACCCCX471
    ACCCCCX5136
    ACCCCCCCCCCCCCCX1465,553
    +

    By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

    +

    Remediation

    +

    Upgrade path-to-regexp to version 8.0.0 or higher.

    +

    References

    + + +
    + +
    +

    More about this vulnerability

    +
    +

    Regular Expression Denial of Service (ReDoS)

    diff --git a/docs/snyk/v2.10.16/ghcr.io_dexidp_dex_v2.37.0.html b/docs/snyk/v2.10.16/ghcr.io_dexidp_dex_v2.37.0.html index 4be4ea734f825..d2889ac440c76 100644 --- a/docs/snyk/v2.10.16/ghcr.io_dexidp_dex_v2.37.0.html +++ b/docs/snyk/v2.10.16/ghcr.io_dexidp_dex_v2.37.0.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:26:21 am (UTC+00:00)

    +

    September 15th 2024, 12:26:01 am (UTC+00:00)

    Scanned the following paths: diff --git a/docs/snyk/v2.10.16/haproxy_2.6.14-alpine.html b/docs/snyk/v2.10.16/haproxy_2.6.14-alpine.html index a7a987ff50a06..bb20c3cb21a3c 100644 --- a/docs/snyk/v2.10.16/haproxy_2.6.14-alpine.html +++ b/docs/snyk/v2.10.16/haproxy_2.6.14-alpine.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:26:26 am (UTC+00:00)

    +

    September 15th 2024, 12:26:05 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/v2.10.16/quay.io_argoproj_argocd_v2.10.16.html b/docs/snyk/v2.10.16/quay.io_argoproj_argocd_v2.10.16.html index 201409e5a534a..92b035cf413d0 100644 --- a/docs/snyk/v2.10.16/quay.io_argoproj_argocd_v2.10.16.html +++ b/docs/snyk/v2.10.16/quay.io_argoproj_argocd_v2.10.16.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:26:46 am (UTC+00:00)

    +

    September 15th 2024, 12:26:23 am (UTC+00:00)

    Scanned the following paths: @@ -470,8 +470,8 @@

    Snyk test report

    -
    33 known vulnerabilities
    -
    235 vulnerable dependency paths
    +
    34 known vulnerabilities
    +
    236 vulnerable dependency paths
    2278 dependencies
    @@ -2286,6 +2286,80 @@

    References

    More about this vulnerability

    +
    +
    +

    CVE-2024-8096

    +
    + +
    + medium severity +
    + +
    + +
      +
    • + Manifest file: quay.io/argoproj/argocd:v2.10.16/argoproj/argocd Dockerfile +
      • +
    • + Package Manager: ubuntu:22.04 +
      • +
    • + Vulnerable module: + + curl/libcurl3-gnutls +
      • + +
    • Introduced through: + + + docker-image|quay.io/argoproj/argocd@v2.10.16, git@1:2.34.1-1ubuntu1.11 and others +
      • +
    + +
    + + +

    Detailed paths

    + +
      +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.16 + + git@1:2.34.1-1ubuntu1.11 + + curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + + + +
      • +
    + +
    + +
    + +

    NVD Description

    +

    Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. + See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    +

    When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate.

    +

    Remediation

    +

    There is no fixed version for Ubuntu:22.04 curl.

    +

    References

    + + +
    + +
    +

    More about this vulnerability

    +
    +

    CVE-2023-7008

    diff --git a/docs/snyk/v2.10.16/redis_7.0.15-alpine.html b/docs/snyk/v2.10.16/redis_7.0.15-alpine.html index f0db57daa7223..dace95d6e4de1 100644 --- a/docs/snyk/v2.10.16/redis_7.0.15-alpine.html +++ b/docs/snyk/v2.10.16/redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:26:51 am (UTC+00:00)

    +

    September 15th 2024, 12:26:27 am (UTC+00:00)

    Scanned the following paths: diff --git a/docs/snyk/v2.11.7/argocd-iac-install.html b/docs/snyk/v2.11.8/argocd-iac-install.html similarity index 99% rename from docs/snyk/v2.11.7/argocd-iac-install.html rename to docs/snyk/v2.11.8/argocd-iac-install.html index c7ceb6bb1fdd6..d1f9777c282dd 100644 --- a/docs/snyk/v2.11.7/argocd-iac-install.html +++ b/docs/snyk/v2.11.8/argocd-iac-install.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:25:50 am (UTC+00:00)

    +

    September 15th 2024, 12:25:35 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/v2.11.7/argocd-iac-namespace-install.html b/docs/snyk/v2.11.8/argocd-iac-namespace-install.html similarity index 99% rename from docs/snyk/v2.11.7/argocd-iac-namespace-install.html rename to docs/snyk/v2.11.8/argocd-iac-namespace-install.html index 0f215225843bf..712325c01faa0 100644 --- a/docs/snyk/v2.11.7/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.11.8/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:26:00 am (UTC+00:00)

    +

    September 15th 2024, 12:25:43 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/v2.11.7/argocd-test.html b/docs/snyk/v2.11.8/argocd-test.html similarity index 95% rename from docs/snyk/v2.11.7/argocd-test.html rename to docs/snyk/v2.11.8/argocd-test.html index 9ff642df469fe..c47bbee9440bb 100644 --- a/docs/snyk/v2.11.7/argocd-test.html +++ b/docs/snyk/v2.11.8/argocd-test.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:23:52 am (UTC+00:00)

    +

    September 15th 2024, 12:23:42 am (UTC+00:00)

    Scanned the following paths: @@ -467,8 +467,8 @@

    Snyk test report

    -
    5 known vulnerabilities
    -
    154 vulnerable dependency paths
    +
    6 known vulnerabilities
    +
    157 vulnerable dependency paths
    2041 dependencies
    @@ -3139,6 +3139,173 @@

    References

    More about this vulnerability

    +
    +
    +

    Regular Expression Denial of Service (ReDoS)

    +
    + +
    + medium severity +
    + +
    + +
      +
    • + Manifest file: /argo-cd ui/yarn.lock +
      • +
    • + Package Manager: npm +
      • +
    • + Vulnerable module: + + path-to-regexp +
      • + +
    • Introduced through: + + + argo-cd-ui@1.0.0, react-router@4.3.1 and others +
      • +
    + +
    + + +

    Detailed paths

    + +
      +
    • + Introduced through: + argo-cd-ui@1.0.0 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
      • +
    • + Introduced through: + argo-cd-ui@1.0.0 + + react-router-dom@4.3.1 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
      • +
    • + Introduced through: + argo-cd-ui@1.0.0 + + argo-ui@1.0.0 + + react-router-dom@4.3.1 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
      • +
    + +
    + +
    + +

    Overview

    +

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when including multiple regular expression parameters in a single segment, which will produce the regular expression /^\/([^\/]+?)-([^\/]+?)\/?$/, if two parameters within a single segment are separated by a character other than a / or .. Poor performance will block the event loop and can lead to a DoS.

    +

    Note: + Version 0.1.10 is patched to mitigate this but is also vulnerable if custom regular expressions are used. Due to the existence of this attack vector, the Snyk security team have decided to err on the side of caution in considering the very widely-used v0 branch vulnerable, while the 8.0.0 release has completely eliminated the vulnerable functionality.

    +

    Workaround

    +

    This vulnerability can be avoided by using a custom regular expression for parameters after the first in a segment, which excludes - and /.

    +

    PoC

    + 
    /a${'-a'.repeat(8_000)}/a
+
    +

    Details

    +

    Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

    +

    The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

    +

    Let’s take the following regular expression as an example:

    + 
    regex = /A(B|C+)+D/
+
    +

    This regular expression accomplishes the following:

    +
      +
    • A The string must start with the letter 'A'
      • +
    • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
      • +
    • D Finally, we ensure this section of the string ends with a 'D'
      • +
    +

    The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

    +

    It most cases, it doesn't take very long for a regex engine to find a match:

    + 
    $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
+        0.04s user 0.01s system 95% cpu 0.052 total
+        
+        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
+        1.79s user 0.02s system 99% cpu 1.812 total
+
    +

    The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

    +

    Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

    +

    Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

    +
      +
    1. CCC
      2. +
    2. CC+C
      3. +
    3. C+CC
      4. +
    4. C+C+C.
      5. +
    +

    The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

    +

    From there, the number of steps the engine must use to validate a string just continues to grow.

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    StringNumber of C'sNumber of steps
    ACCCX338
    ACCCCX471
    ACCCCCX5136
    ACCCCCCCCCCCCCCX1465,553
    +

    By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

    +

    Remediation

    +

    Upgrade path-to-regexp to version 8.0.0 or higher.

    +

    References

    + + +
    + +
    +

    More about this vulnerability

    +
    +

    Denial of Service (DoS)

    diff --git a/docs/snyk/v2.11.7/ghcr.io_dexidp_dex_v2.38.0.html b/docs/snyk/v2.11.8/ghcr.io_dexidp_dex_v2.38.0.html similarity index 99% rename from docs/snyk/v2.11.7/ghcr.io_dexidp_dex_v2.38.0.html rename to docs/snyk/v2.11.8/ghcr.io_dexidp_dex_v2.38.0.html index f38f568ae95a5..af51282d2e037 100644 --- a/docs/snyk/v2.11.7/ghcr.io_dexidp_dex_v2.38.0.html +++ b/docs/snyk/v2.11.8/ghcr.io_dexidp_dex_v2.38.0.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:23:58 am (UTC+00:00)

    +

    September 15th 2024, 12:23:48 am (UTC+00:00)

    Scanned the following paths: diff --git a/docs/snyk/v2.11.7/haproxy_2.6.14-alpine.html b/docs/snyk/v2.11.8/haproxy_2.6.14-alpine.html similarity index 99% rename from docs/snyk/v2.11.7/haproxy_2.6.14-alpine.html rename to docs/snyk/v2.11.8/haproxy_2.6.14-alpine.html index f2277f045004f..ce97669944805 100644 --- a/docs/snyk/v2.11.7/haproxy_2.6.14-alpine.html +++ b/docs/snyk/v2.11.8/haproxy_2.6.14-alpine.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    September 8th 2024, 12:24:05 am (UTC+00:00)

    +

    September 15th 2024, 12:23:53 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/v2.11.7/quay.io_argoproj_argocd_v2.11.7.html b/docs/snyk/v2.11.8/quay.io_argoproj_argocd_v2.11.8.html similarity index 68% rename from docs/snyk/v2.11.7/quay.io_argoproj_argocd_v2.11.7.html rename to docs/snyk/v2.11.8/quay.io_argoproj_argocd_v2.11.8.html index 186729e481035..55093f719c826 100644 --- a/docs/snyk/v2.11.7/quay.io_argoproj_argocd_v2.11.7.html +++ b/docs/snyk/v2.11.8/quay.io_argoproj_argocd_v2.11.8.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,22 +456,22 @@

    Snyk test report

    -

    September 8th 2024, 12:24:25 am (UTC+00:00)

    +

    September 15th 2024, 12:24:11 am (UTC+00:00)

    Scanned the following paths:
      -
    • quay.io/argoproj/argocd:v2.11.7/argoproj/argocd/Dockerfile (deb)
      • -
    • quay.io/argoproj/argocd:v2.11.7/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
      • -
    • quay.io/argoproj/argocd:v2.11.7//usr/local/bin/kustomize (gomodules)
      • -
    • quay.io/argoproj/argocd:v2.11.7/helm/v3//usr/local/bin/helm (gomodules)
      • -
    • quay.io/argoproj/argocd:v2.11.7/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
      • +
    • quay.io/argoproj/argocd:v2.11.8/argoproj/argocd/Dockerfile (deb)
      • +
    • quay.io/argoproj/argocd:v2.11.8/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
      • +
    • quay.io/argoproj/argocd:v2.11.8//usr/local/bin/kustomize (gomodules)
      • +
    • quay.io/argoproj/argocd:v2.11.8/helm/v3//usr/local/bin/helm (gomodules)
      • +
    • quay.io/argoproj/argocd:v2.11.8/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
    -
    33 known vulnerabilities
    -
    235 vulnerable dependency paths
    +
    26 known vulnerabilities
    +
    168 vulnerable dependency paths
    2280 dependencies
    @@ -492,7 +492,7 @@

    Allocation of Resources Without Limits or Throttling

  • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argo-cd/v2 /usr/local/bin/argocd
  • Package Manager: golang @@ -572,7 +572,7 @@

    CVE-2024-41996

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -585,7 +585,7 @@

      CVE-2024-41996

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and openssl/libssl3@3.0.2-0ubuntu1.16 + docker-image|quay.io/argoproj/argocd@v2.11.8 and openssl/libssl3@3.0.2-0ubuntu1.18
    @@ -598,77 +598,77 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - openssl/libssl3@3.0.2-0ubuntu1.16 + openssl/libssl3@3.0.2-0ubuntu1.18
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 - openssl/libssl3@3.0.2-0ubuntu1.16 + openssl/libssl3@3.0.2-0ubuntu1.18
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 libfido2/libfido2-1@1.10.0-1 - openssl/libssl3@3.0.2-0ubuntu1.16 + openssl/libssl3@3.0.2-0ubuntu1.18
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 openssh/openssh-client@1:8.9p1-3ubuntu0.10 - openssl/libssl3@3.0.2-0ubuntu1.16 + openssl/libssl3@3.0.2-0ubuntu1.18
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ca-certificates@20230311ubuntu0.22.04.1 - openssl@3.0.2-0ubuntu1.16 + openssl@3.0.2-0ubuntu1.18 - openssl/libssl3@3.0.2-0ubuntu1.16 + openssl/libssl3@3.0.2-0ubuntu1.18
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.17 libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - openssl/libssl3@3.0.2-0ubuntu1.16 + openssl/libssl3@3.0.2-0ubuntu1.18
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -680,31 +680,31 @@

      Detailed paths

      libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4 - openssl/libssl3@3.0.2-0ubuntu1.16 + openssl/libssl3@3.0.2-0ubuntu1.18
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - openssl@3.0.2-0ubuntu1.16 + openssl@3.0.2-0ubuntu1.18
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ca-certificates@20230311ubuntu0.22.04.1 - openssl@3.0.2-0ubuntu1.16 + openssl@3.0.2-0ubuntu1.18 @@ -735,202 +735,6 @@

      References

      More about this vulnerability

    • -
    -
    -

    CVE-2024-6119

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:22.04 -
      • -
    • - Vulnerable module: - - openssl/libssl3 -
      • - -
    • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.11.7 and openssl/libssl3@3.0.2-0ubuntu1.16 - -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - libfido2/libfido2-1@1.10.0-1 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.10 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - ca-certificates@20230311ubuntu0.22.04.1 - - openssl@3.0.2-0ubuntu1.16 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - krb5/libkrb5-3@1.19.2-2ubuntu0.3 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - openssl@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - ca-certificates@20230311ubuntu0.22.04.1 - - openssl@3.0.2-0ubuntu1.16 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    -

    Issue summary: Applications performing certificate name checks (e.g., TLS - clients checking server certificates) may attempt to read an invalid memory - address resulting in abnormal termination of the application process.

    -

    Impact summary: Abnormal termination of an application can a cause a denial of - service.

    -

    Applications performing certificate name checks (e.g., TLS clients checking - server certificates) may attempt to read an invalid memory address when - comparing the expected name with an otherName subject alternative name of an - X.509 certificate. This may result in an exception that terminates the - application program.

    -

    Note that basic certificate chain validation (signatures, dates, ...) is not - affected, the denial of service can occur only when the application also - specifies an expected DNS name, Email address or IP address.

    -

    TLS servers rarely solicit client certificates, and even when they do, they - generally don't perform a name check against a reference identifier (expected - identity), but rather extract the presented identity after checking the - certificate chain. So TLS servers are generally not affected and the severity - of the issue is Moderate.

    -

    The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.

    -

    Remediation

    -

    Upgrade Ubuntu:22.04 openssl to version 3.0.2-0ubuntu1.18 or higher.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    -

    Information Exposure

    @@ -944,7 +748,7 @@

    Information Exposure

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -957,7 +761,7 @@

      Information Exposure

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and libgcrypt20@1.9.4-3ubuntu3 + docker-image|quay.io/argoproj/argocd@v2.11.8 and libgcrypt20@1.9.4-3ubuntu3
    @@ -970,7 +774,7 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 libgcrypt20@1.9.4-3ubuntu3 @@ -979,7 +783,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -990,7 +794,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -1001,11 +805,11 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - apt@2.4.12 + apt@2.4.13 - apt/libapt-pkg6.0@2.4.12 + apt/libapt-pkg6.0@2.4.13 libgcrypt20@1.9.4-3ubuntu3 @@ -1014,9 +818,9 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - apt@2.4.12 + apt@2.4.13 gnupg2/gpgv@2.2.27-3ubuntu2.1 @@ -1027,7 +831,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -1040,7 +844,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -1053,7 +857,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -1066,7 +870,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -1079,7 +883,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -1092,7 +896,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -1105,11 +909,11 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - apt@2.4.12 + apt@2.4.13 - apt/libapt-pkg6.0@2.4.12 + apt/libapt-pkg6.0@2.4.13 systemd/libsystemd0@249.11-0ubuntu3.12 @@ -1157,7 +961,7 @@

      CVE-2024-26462

      • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
      • Package Manager: ubuntu:22.04 @@ -1170,7 +974,7 @@

        CVE-2024-26462

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and krb5/libk5crypto3@1.19.2-2ubuntu0.3 + docker-image|quay.io/argoproj/argocd@v2.11.8 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
      @@ -1183,16 +987,16 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -1204,16 +1008,16 @@

        Detailed paths

        libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -1225,27 +1029,27 @@

        Detailed paths

        libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -1257,64 +1061,64 @@

        Detailed paths

        libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 openssh/openssh-client@1:8.9p1-3ubuntu0.10 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.17 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.17 libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -1326,16 +1130,16 @@

        Detailed paths

        libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libkrb5support0@1.19.2-2ubuntu0.3 + krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -1367,7 +1171,7 @@

        References

    -

    CVE-2024-37371

    +

    Denial of Service (DoS)

    @@ -1378,20 +1182,20 @@

    CVE-2024-37371

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argo-cd/v2 /usr/local/bin/argocd
    • - Package Manager: ubuntu:22.04 + Package Manager: golang
    • Vulnerable module: - krb5/libk5crypto3 + github.com/rs/cors
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and krb5/libk5crypto3@1.19.2-2ubuntu0.3 + github.com/argoproj/argo-cd/v2@* and github.com/rs/cors@v1.9.0
    @@ -1404,191 +1208,80 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - krb5/libk5crypto3@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - krb5/libk5crypto3@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + github.com/argoproj/argo-cd/v2@* - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + github.com/rs/cors@v1.9.0
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - krb5/libkrb5-3@1.19.2-2ubuntu0.3 - - +
    - -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - krb5/libkrb5-3@1.19.2-2ubuntu0.3 - - +
    • - -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - +
    + +

    Overview

    +

    Affected versions of this package are vulnerable to Denial of Service (DoS) through the processing of malicious preflight requests that include a Access-Control-Request-Headers header with excessive commas. An attacker can induce excessive memory consumption and potentially crash the server by sending specially crafted requests.

    +

    PoC

    + 
    
+        func BenchmarkPreflightAdversarialACRH(b *testing.B) {
+            resps := makeFakeResponses(b.N)
+            req, _ := http.NewRequest(http.MethodOptions, dummyEndpoint, nil)
+            req.Header.Add(headerOrigin, dummyOrigin)
+            req.Header.Add(headerACRM, http.MethodGet)
+            req.Header[headerACRH] = adversarialACRH
+            handler := Default().Handler(testHandler)
         
-
    • -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.10 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - + b.ReportAllocs() + b.ResetTimer() + for i := 0; i < b.N; i++ { + handler.ServeHTTP(resps[i], req) + } + } -
    • -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - + var adversarialACRH []string -
    • -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - - -
    • -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - - -
    • -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - krb5/libkrb5support0@1.19.2-2ubuntu0.3 - - - -
    • - - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    -

    In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

    + func init() { // populates adversarialACRH + n := int(math.Floor(math.Sqrt(http.DefaultMaxHeaderBytes))) + commas := strings.Repeat(",", n) + res := make([]string, n) + for i := range res { + res[i] = commas + } + adversarialACRH = res + } +     +

    Details

    +

    Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

    +

    Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

    +

    One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

    +

    When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

    +

    Two common types of DoS vulnerabilities:

    +
      +

    • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

      +
      • +

    • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

      +
      • +

    Remediation

    -

    Upgrade Ubuntu:22.04 krb5 to version 1.19.2-2ubuntu0.4 or higher.

    +

    Upgrade github.com/rs/cors to version 1.11.0 or higher.

    References

    -

    More about this vulnerability

    +

    More about this vulnerability

    -

    CVE-2024-37370

    +

    Insertion of Sensitive Information into Log File

    @@ -1599,20 +1292,20 @@

    CVE-2024-37370

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argo-cd/v2 /usr/local/bin/argocd
    • - Package Manager: ubuntu:22.04 + Package Manager: golang
    • Vulnerable module: - krb5/libk5crypto3 + github.com/hashicorp/go-retryablehttp
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and krb5/libk5crypto3@1.19.2-2ubuntu0.3 + github.com/argoproj/argo-cd/v2@* and github.com/hashicorp/go-retryablehttp@v0.7.4
    @@ -1625,159 +1318,9 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - krb5/libk5crypto3@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - krb5/libk5crypto3@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - krb5/libkrb5-3@1.19.2-2ubuntu0.3 - - krb5/libk5crypto3@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - krb5/libkrb5-3@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - krb5/libkrb5-3@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.10 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + github.com/argoproj/argo-cd/v2@* - krb5/libkrb5support0@1.19.2-2ubuntu0.3 + github.com/hashicorp/go-retryablehttp@v0.7.4 @@ -1788,28 +1331,25 @@

      Detailed paths

      -

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

      -

      In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.

      +

      Overview

      +

      Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File due to not sanitizing urls when writing them to the log file. This could lead to an attacker writing sensitive HTTP basic auth credentials to the log file.

      Remediation

      -

      Upgrade Ubuntu:22.04 krb5 to version 1.19.2-2ubuntu0.4 or higher.

      +

      Upgrade github.com/hashicorp/go-retryablehttp to version 0.7.7 or higher.

      References

      -

      More about this vulnerability

      +

      More about this vulnerability

    -

    Denial of Service (DoS)

    +

    Integer Overflow or Wraparound

    @@ -1820,723 +1360,37 @@

    Denial of Service (DoS)

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • - Package Manager: golang + Package Manager: ubuntu:22.04
    • Vulnerable module: - github.com/rs/cors + expat/libexpat1
    • Introduced through: - github.com/argoproj/argo-cd/v2@* and github.com/rs/cors@v1.9.0 - -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - github.com/argoproj/argo-cd/v2@* - - github.com/rs/cors@v1.9.0 - - - -
      • -
    - -
    -
    - -

    Overview

    -

    Affected versions of this package are vulnerable to Denial of Service (DoS) through the processing of malicious preflight requests that include a Access-Control-Request-Headers header with excessive commas. An attacker can induce excessive memory consumption and potentially crash the server by sending specially crafted requests.

    -

    PoC

    - 
    
-        func BenchmarkPreflightAdversarialACRH(b *testing.B) {
-            resps := makeFakeResponses(b.N)
-            req, _ := http.NewRequest(http.MethodOptions, dummyEndpoint, nil)
-            req.Header.Add(headerOrigin, dummyOrigin)
-            req.Header.Add(headerACRM, http.MethodGet)
-            req.Header[headerACRH] = adversarialACRH
-            handler := Default().Handler(testHandler)
-        
-            b.ReportAllocs()
-            b.ResetTimer()
-            for i := 0; i < b.N; i++ {
-                handler.ServeHTTP(resps[i], req)
-            }
-        }
-        
-        var adversarialACRH []string
-        
-        func init() { // populates adversarialACRH
-            n := int(math.Floor(math.Sqrt(http.DefaultMaxHeaderBytes)))
-            commas := strings.Repeat(",", n)
-            res := make([]string, n)
-            for i := range res {
-                res[i] = commas
-            }
-            adversarialACRH = res
-        }
-
    -

    Details

    -

    Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

    -

    Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

    -

    One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

    -

    When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

    -

    Two common types of DoS vulnerabilities:

    -
      -

    • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

      -
      • -

    • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

      -
      • -
    -

    Remediation

    -

    Upgrade github.com/rs/cors to version 1.11.0 or higher.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -
    -
    -

    Insertion of Sensitive Information into Log File

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argo-cd/v2 /usr/local/bin/argocd -
      • -
    • - Package Manager: golang -
      • -
    • - Vulnerable module: - - github.com/hashicorp/go-retryablehttp -
      • - -
    • Introduced through: - - github.com/argoproj/argo-cd/v2@* and github.com/hashicorp/go-retryablehttp@v0.7.4 - -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - github.com/argoproj/argo-cd/v2@* - - github.com/hashicorp/go-retryablehttp@v0.7.4 - - - -
      • -
    - -
    - -
    - -

    Overview

    -

    Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File due to not sanitizing urls when writing them to the log file. This could lead to an attacker writing sensitive HTTP basic auth credentials to the log file.

    -

    Remediation

    -

    Upgrade github.com/hashicorp/go-retryablehttp to version 0.7.7 or higher.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -
    -
    -

    Integer Overflow or Wraparound

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:22.04 -
      • -
    • - Vulnerable module: - - expat/libexpat1 -
      • - -
    • Introduced through: - - - docker-image|quay.io/argoproj/argocd@v2.11.7, git@1:2.34.1-1ubuntu1.11 and others -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - expat/libexpat1@2.4.7-1ubuntu0.3 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    -

    An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

    -

    Remediation

    -

    There is no fixed version for Ubuntu:22.04 expat.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -
    -
    -

    XML External Entity (XXE) Injection

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:22.04 -
      • -
    • - Vulnerable module: - - expat/libexpat1 -
      • - -
    • Introduced through: - - - docker-image|quay.io/argoproj/argocd@v2.11.7, git@1:2.34.1-1ubuntu1.11 and others -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - expat/libexpat1@2.4.7-1ubuntu0.3 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    -

    An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.

    -

    Remediation

    -

    There is no fixed version for Ubuntu:22.04 expat.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -
    -
    -

    Integer Overflow or Wraparound

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:22.04 -
      • -
    • - Vulnerable module: - - expat/libexpat1 -
      • - -
    • Introduced through: - - - docker-image|quay.io/argoproj/argocd@v2.11.7, git@1:2.34.1-1ubuntu1.11 and others -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - expat/libexpat1@2.4.7-1ubuntu0.3 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    -

    An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

    -

    Remediation

    -

    There is no fixed version for Ubuntu:22.04 expat.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -
    -
    -

    Out-of-bounds Read

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:22.04 -
      • -
    • - Vulnerable module: - - curl/libcurl3-gnutls -
      • - -
    • Introduced through: - - - docker-image|quay.io/argoproj/argocd@v2.11.7, git@1:2.34.1-1ubuntu1.11 and others -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    -

    libcurl's ASN1 parser code has the GTime2str() function, used for parsing an - ASN.1 Generalized Time field. If given an syntactically incorrect field, the - parser might end up using -1 for the length of the time fraction, leading to - a strlen() getting performed on a pointer to a heap buffer area that is not - (purposely) null terminated.

    -

    This flaw most likely leads to a crash, but can also lead to heap contents - getting returned to the application when - CURLINFO_CERTINFO is used.

    -

    Remediation

    -

    Upgrade Ubuntu:22.04 curl to version 7.81.0-1ubuntu1.17 or higher.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -
    -
    -

    CVE-2023-7008

    -
    - -
    - low severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:22.04 -
      • -
    • - Vulnerable module: - - systemd/libsystemd0 -
      • - -
    • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.11.7 and systemd/libsystemd0@249.11-0ubuntu3.12 - -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - systemd/libsystemd0@249.11-0ubuntu3.12 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - apt@2.4.12 - - systemd/libsystemd0@249.11-0ubuntu3.12 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - procps/libprocps8@2:3.3.17-6ubuntu2.1 - - systemd/libsystemd0@249.11-0ubuntu3.12 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - util-linux@2.37.2-4ubuntu3.4 - - systemd/libsystemd0@249.11-0ubuntu3.12 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - util-linux/bsdutils@1:2.37.2-4ubuntu3.4 - - systemd/libsystemd0@249.11-0ubuntu3.12 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - apt@2.4.12 - - apt/libapt-pkg6.0@2.4.12 - - systemd/libsystemd0@249.11-0ubuntu3.12 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - systemd/libudev1@249.11-0ubuntu3.12 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - libfido2/libfido2-1@1.10.0-1 - - systemd/libudev1@249.11-0ubuntu3.12 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - util-linux@2.37.2-4ubuntu3.4 - - systemd/libudev1@249.11-0ubuntu3.12 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - apt@2.4.12 - - apt/libapt-pkg6.0@2.4.12 - - systemd/libudev1@249.11-0ubuntu3.12 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    -

    A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

    -

    Remediation

    -

    There is no fixed version for Ubuntu:22.04 systemd.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -
    -
    -

    Arbitrary Code Injection

    -
    - -
    - low severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:22.04 -
      • -
    • - Vulnerable module: - - shadow/passwd -
      • - -
    • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.11.7 and shadow/passwd@1:4.8.1-2ubuntu2.2 - -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - + docker-image|quay.io/argoproj/argocd@v2.11.8, git@1:2.34.1-1ubuntu1.11 and others +
      • +
    - -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.10 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - +
    -
    • + +

    Detailed paths

    + +
    -
    -

    Uncontrolled Recursion

    +
    +

    XML External Entity (XXE) Injection

    -
    - low severity +
    + medium severity
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -2589,13 +1441,13 @@

      Uncontrolled Recursion

    • Vulnerable module: - pcre3/libpcre3 + expat/libexpat1
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 + docker-image|quay.io/argoproj/argocd@v2.11.8, git@1:2.34.1-1ubuntu1.11 and others
    @@ -2607,20 +1459,11 @@

    Detailed paths

    -
    -

    Release of Invalid Pointer or Reference

    +
    +

    Integer Overflow or Wraparound

    -
    - low severity +
    + medium severity
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -2677,13 +1514,13 @@

      Release of Invalid Pointer or Reference

    • Vulnerable module: - patch + expat/libexpat1
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and patch@2.7.6-7build2 + docker-image|quay.io/argoproj/argocd@v2.11.8, git@1:2.34.1-1ubuntu1.11 and others
    @@ -2695,9 +1532,11 @@

    Detailed paths

    -
    -

    Double Free

    +
    +

    CVE-2024-8096

    -
    - low severity +
    + medium severity
    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -2747,13 +1587,13 @@

      Double Free

    • Vulnerable module: - patch + curl/libcurl3-gnutls
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and patch@2.7.6-7build2 + docker-image|quay.io/argoproj/argocd@v2.11.8, git@1:2.34.1-1ubuntu1.11 and others
    @@ -2765,9 +1605,11 @@

    Detailed paths

    -

    CVE-2024-2511

    +

    CVE-2023-7008

    @@ -2814,7 +1653,7 @@

    CVE-2024-2511

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -2822,12 +1661,12 @@

      CVE-2024-2511

    • Vulnerable module: - openssl/libssl3 + systemd/libsystemd0
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and openssl/libssl3@3.0.2-0ubuntu1.16 + docker-image|quay.io/argoproj/argocd@v2.11.8 and systemd/libsystemd0@249.11-0ubuntu3.12
    @@ -2840,113 +1679,110 @@

    Detailed paths

    -

    CVE-2024-4603

    +

    Arbitrary Code Injection

    @@ -3008,7 +1831,7 @@

    CVE-2024-4603

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -3016,12 +1839,12 @@

      CVE-2024-4603

    • Vulnerable module: - openssl/libssl3 + shadow/passwd
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and openssl/libssl3@3.0.2-0ubuntu1.16 + docker-image|quay.io/argoproj/argocd@v2.11.8 and shadow/passwd@1:4.8.1-2ubuntu2.2
    @@ -3034,113 +1857,40 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - libfido2/libfido2-1@1.10.0-1 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.10 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - ca-certificates@20230311ubuntu0.22.04.1 - - openssl@3.0.2-0ubuntu1.16 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - - openssl/libssl3@3.0.2-0ubuntu1.16 + shadow/passwd@1:4.8.1-2ubuntu2.2 -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + adduser@3.118ubuntu5 - openssl/libssl3@3.0.2-0ubuntu1.16 + shadow/passwd@1:4.8.1-2ubuntu2.2
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 + + openssh/openssh-client@1:8.9p1-3ubuntu0.10 - openssl@3.0.2-0ubuntu1.16 + shadow/passwd@1:4.8.1-2ubuntu2.2
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - ca-certificates@20230311ubuntu0.22.04.1 - - openssl@3.0.2-0ubuntu1.16 + shadow/login@1:4.8.1-2ubuntu2.2 @@ -3152,54 +1902,29 @@

      Detailed paths

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. +

      Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Ubuntu. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

      -

      Issue summary: Checking excessively long DSA keys or parameters may be very - slow.

      -

      Impact summary: Applications that use the functions EVP_PKEY_param_check() - or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may - experience long delays. Where the key or parameters that are being checked - have been obtained from an untrusted source this may lead to a Denial of - Service.

      -

      The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform - various checks on DSA parameters. Some of those computations take a long time - if the modulus (p parameter) is too large.

      -

      Trying to use a very large modulus is slow and OpenSSL will not allow using - public keys with a modulus which is over 10,000 bits in length for signature - verification. However the key and parameter check functions do not limit - the modulus size when performing the checks.

      -

      An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() - and supplies a key or parameters obtained from an untrusted source could be - vulnerable to a Denial of Service attack.

      -

      These functions are not called by OpenSSL itself on untrusted DSA keys so - only applications that directly call these functions may be vulnerable.

      -

      Also vulnerable are the OpenSSL pkey and pkeyparam command line applications - when using the -check option.

      -

      The OpenSSL SSL/TLS implementation is not affected by this issue.

      -

      The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.

      +

      In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.

      Remediation

      -

      Upgrade Ubuntu:22.04 openssl to version 3.0.2-0ubuntu1.17 or higher.

      +

      There is no fixed version for Ubuntu:22.04 shadow.

      References

      -

      More about this vulnerability

      +

      More about this vulnerability

    -

    CVE-2024-4741

    +

    Uncontrolled Recursion

    @@ -3210,7 +1935,7 @@

    CVE-2024-4741

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -3218,12 +1943,12 @@

      CVE-2024-4741

    • Vulnerable module: - openssl/libssl3 + pcre3/libpcre3
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and openssl/libssl3@3.0.2-0ubuntu1.16 + docker-image|quay.io/argoproj/argocd@v2.11.8 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
    @@ -3236,113 +1961,20 @@

    Detailed paths

    -

    CVE-2024-5535

    +

    Release of Invalid Pointer or Reference

    @@ -3381,7 +2023,7 @@

    CVE-2024-5535

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -3389,12 +2031,12 @@

      CVE-2024-5535

    • Vulnerable module: - openssl/libssl3 + patch
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and openssl/libssl3@3.0.2-0ubuntu1.16 + docker-image|quay.io/argoproj/argocd@v2.11.8 and patch@2.7.6-7build2
    @@ -3407,113 +2049,79 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - openssl/libssl3@3.0.2-0ubuntu1.16 + patch@2.7.6-7build2
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - +
    - -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - libfido2/libfido2-1@1.10.0-1 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - +
    • - -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.10 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - +
    + +

    NVD Description

    +

    Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Ubuntu. + See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    +

    An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.

    +

    Remediation

    +

    There is no fixed version for Ubuntu:22.04 patch.

    +

    References

    + -
    • -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - ca-certificates@20230311ubuntu0.22.04.1 - - openssl@3.0.2-0ubuntu1.16 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - +
    -
    • -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - +
    +

    More about this vulnerability

    +
    -
    • -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 - - krb5/libkrb5-3@1.19.2-2ubuntu0.3 - - openssl/libssl3@3.0.2-0ubuntu1.16 - - +
    • +
    +

    Double Free

    +
    - -
  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - openssl@3.0.2-0ubuntu1.16 - - +
    + low severity +
    -
    • +
    + +
      +
    • + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile +
      • +
    • + Package Manager: ubuntu:22.04 +
      • +
    • + Vulnerable module: + + patch +
      • + +
    • Introduced through: + + docker-image|quay.io/argoproj/argocd@v2.11.8 and patch@2.7.6-7build2 + +
      • +
    + +
    + + +

    Detailed paths

    + +
    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 - - ca-certificates@20230311ubuntu0.22.04.1 + docker-image|quay.io/argoproj/argocd@v2.11.8 - openssl@3.0.2-0ubuntu1.16 + patch@2.7.6-7build2 @@ -3525,84 +2133,26 @@

      Detailed paths

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. +

      Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Ubuntu. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

      -

      Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an - empty supported client protocols buffer may cause a crash or memory contents to - be sent to the peer.

      -

      Impact summary: A buffer overread can have a range of potential consequences - such as unexpected application beahviour or a crash. In particular this issue - could result in up to 255 bytes of arbitrary private data from memory being sent - to the peer leading to a loss of confidentiality. However, only applications - that directly call the SSL_select_next_proto function with a 0 length list of - supported client protocols are affected by this issue. This would normally never - be a valid scenario and is typically not under attacker control but may occur by - accident in the case of a configuration or programming error in the calling - application.

      -

      The OpenSSL API function SSL_select_next_proto is typically used by TLS - applications that support ALPN (Application Layer Protocol Negotiation) or NPN - (Next Protocol Negotiation). NPN is older, was never standardised and - is deprecated in favour of ALPN. We believe that ALPN is significantly more - widely deployed than NPN. The SSL_select_next_proto function accepts a list of - protocols from the server and a list of protocols from the client and returns - the first protocol that appears in the server list that also appears in the - client list. In the case of no overlap between the two lists it returns the - first item in the client list. In either case it will signal whether an overlap - between the two lists was found. In the case where SSL_select_next_proto is - called with a zero length client list it fails to notice this condition and - returns the memory immediately following the client list pointer (and reports - that there was no overlap in the lists).

      -

      This function is typically called from a server side application callback for - ALPN or a client side application callback for NPN. In the case of ALPN the list - of protocols supplied by the client is guaranteed by libssl to never be zero in - length. The list of server protocols comes from the application and should never - normally be expected to be of zero length. In this case if the - SSL_select_next_proto function has been called as expected (with the list - supplied by the client passed in the client/client_len parameters), then the - application will not be vulnerable to this issue. If the application has - accidentally been configured with a zero length server list, and has - accidentally passed that zero length server list in the client/client_len - parameters, and has additionally failed to correctly handle a "no overlap" - response (which would normally result in a handshake failure in ALPN) then it - will be vulnerable to this problem.

      -

      In the case of NPN, the protocol permits the client to opportunistically select - a protocol when there is no overlap. OpenSSL returns the first client protocol - in the no overlap case in support of this. The list of client protocols comes - from the application and should never normally be expected to be of zero length. - However if the SSL_select_next_proto function is accidentally called with a - client_len of 0 then an invalid memory pointer will be returned instead. If the - application uses this output as the opportunistic protocol then the loss of - confidentiality will occur.

      -

      This issue has been assessed as Low severity because applications are most - likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not - widely used. It also requires an application configuration or programming error. - Finally, this issue would not typically be under attacker control making active - exploitation unlikely.

      -

      The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.

      -

      Due to the low severity of this issue we are not issuing new releases of - OpenSSL at this time. The fix will be included in the next releases when they - become available.

      +

      A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

      Remediation

      -

      Upgrade Ubuntu:22.04 openssl to version 3.0.2-0ubuntu1.17 or higher.

      +

      There is no fixed version for Ubuntu:22.04 patch.

      References

      -

      More about this vulnerability

      +

      More about this vulnerability

    @@ -3618,7 +2168,7 @@

    CVE-2023-50495

    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -3631,7 +2181,7 @@

      CVE-2023-50495

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and ncurses/libtinfo6@6.3-2ubuntu0.1 + docker-image|quay.io/argoproj/argocd@v2.11.8 and ncurses/libtinfo6@6.3-2ubuntu0.1
    @@ -3644,7 +2194,7 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libtinfo6@6.3-2ubuntu0.1 @@ -3653,7 +2203,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 bash@5.1-6ubuntu1.1 @@ -3664,7 +2214,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -3675,7 +2225,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 less@590-1ubuntu0.22.04.3 @@ -3686,7 +2236,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 libedit/libedit2@3.1-20210910-1build1 @@ -3697,7 +2247,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -3708,7 +2258,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -3719,7 +2269,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 procps@2:3.3.17-6ubuntu2.1 @@ -3730,7 +2280,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 util-linux@2.37.2-4ubuntu3.4 @@ -3741,7 +2291,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -3756,7 +2306,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3771,7 +2321,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -3780,7 +2330,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 procps@2:3.3.17-6ubuntu2.1 @@ -3791,7 +2341,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3806,7 +2356,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -3815,7 +2365,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 procps@2:3.3.17-6ubuntu2.1 @@ -3826,7 +2376,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/ncurses-base@6.3-2ubuntu0.1 @@ -3835,7 +2385,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -3882,7 +2432,7 @@

      CVE-2023-45918

      • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
      • Package Manager: ubuntu:22.04 @@ -3895,7 +2445,7 @@

        CVE-2023-45918

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and ncurses/libtinfo6@6.3-2ubuntu0.1 + docker-image|quay.io/argoproj/argocd@v2.11.8 and ncurses/libtinfo6@6.3-2ubuntu0.1
      @@ -3908,7 +2458,7 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libtinfo6@6.3-2ubuntu0.1 @@ -3917,7 +2467,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 bash@5.1-6ubuntu1.1 @@ -3928,7 +2478,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -3939,7 +2489,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 less@590-1ubuntu0.22.04.3 @@ -3950,7 +2500,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 libedit/libedit2@3.1-20210910-1build1 @@ -3961,7 +2511,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -3972,7 +2522,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -3983,7 +2533,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 procps@2:3.3.17-6ubuntu2.1 @@ -3994,7 +2544,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 util-linux@2.37.2-4ubuntu3.4 @@ -4005,7 +2555,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -4020,7 +2570,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4035,7 +2585,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -4044,7 +2594,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 procps@2:3.3.17-6ubuntu2.1 @@ -4055,7 +2605,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4070,7 +2620,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -4079,7 +2629,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 procps@2:3.3.17-6ubuntu2.1 @@ -4090,7 +2640,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/ncurses-base@6.3-2ubuntu0.1 @@ -4099,7 +2649,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -4144,7 +2694,7 @@

        Resource Exhaustion

        • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
        • Package Manager: ubuntu:22.04 @@ -4157,7 +2707,7 @@

          Resource Exhaustion

        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and libzstd/libzstd1@1.4.8+dfsg-3build1 + docker-image|quay.io/argoproj/argocd@v2.11.8 and libzstd/libzstd1@1.4.8+dfsg-3build1
        @@ -4170,7 +2720,7 @@

        Detailed paths

        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 libzstd/libzstd1@1.4.8+dfsg-3build1 @@ -4221,7 +2771,7 @@

          Integer Overflow or Wraparound

          • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
          • Package Manager: ubuntu:22.04 @@ -4234,7 +2784,7 @@

            Integer Overflow or Wraparound

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and krb5/libk5crypto3@1.19.2-2ubuntu0.3 + docker-image|quay.io/argoproj/argocd@v2.11.8 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
          @@ -4247,16 +2797,16 @@

          Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4268,16 +2818,16 @@

            Detailed paths

            libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4289,27 +2839,27 @@

            Detailed paths

            libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4321,64 +2871,64 @@

            Detailed paths

            libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 openssh/openssh-client@1:8.9p1-3ubuntu0.10 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.17 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.17 libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4390,16 +2940,16 @@

            Detailed paths

            libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libkrb5support0@1.19.2-2ubuntu0.3 + krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -4445,7 +2995,7 @@

            CVE-2024-26461

            • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
            • Package Manager: ubuntu:22.04 @@ -4458,7 +3008,7 @@

              CVE-2024-26461

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and krb5/libk5crypto3@1.19.2-2ubuntu0.3 + docker-image|quay.io/argoproj/argocd@v2.11.8 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
            @@ -4471,16 +3021,16 @@

            Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4492,16 +3042,16 @@

              Detailed paths

              libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4513,27 +3063,27 @@

              Detailed paths

              libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4545,64 +3095,64 @@

              Detailed paths

              libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 openssh/openssh-client@1:8.9p1-3ubuntu0.10 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.17 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.17 libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4614,16 +3164,16 @@

              Detailed paths

              libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libkrb5support0@1.19.2-2ubuntu0.3 + krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -4666,7 +3216,7 @@

              CVE-2024-26458

              • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
              • Package Manager: ubuntu:22.04 @@ -4679,7 +3229,7 @@

                CVE-2024-26458

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and krb5/libk5crypto3@1.19.2-2ubuntu0.3 + docker-image|quay.io/argoproj/argocd@v2.11.8 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
              @@ -4692,16 +3242,16 @@

              Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4713,16 +3263,16 @@

                Detailed paths

                libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4734,27 +3284,27 @@

                Detailed paths

                libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4 - krb5/libk5crypto3@1.19.2-2ubuntu0.3 + krb5/libk5crypto3@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4766,64 +3316,64 @@

                Detailed paths

                libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - krb5/libkrb5-3@1.19.2-2ubuntu0.3 + krb5/libkrb5-3@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 openssh/openssh-client@1:8.9p1-3ubuntu0.10 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.17 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.16 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.17 libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 adduser@3.118ubuntu5 @@ -4835,16 +3385,16 @@

                Detailed paths

                libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.3 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4
              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - krb5/libkrb5support0@1.19.2-2ubuntu0.3 + krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -4887,7 +3437,7 @@

                Out-of-bounds Write

                • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
                • Package Manager: ubuntu:22.04 @@ -4900,7 +3450,7 @@

                  Out-of-bounds Write

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and gnupg2/gpgv@2.2.27-3ubuntu2.1 + docker-image|quay.io/argoproj/argocd@v2.11.8 and gnupg2/gpgv@2.2.27-3ubuntu2.1
                @@ -4913,7 +3463,7 @@

                Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpgv@2.2.27-3ubuntu2.1 @@ -4922,9 +3472,9 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - apt@2.4.12 + apt@2.4.13 gnupg2/gpgv@2.2.27-3ubuntu2.1 @@ -4933,7 +3483,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4944,7 +3494,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -4955,7 +3505,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -4966,7 +3516,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4979,7 +3529,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4992,7 +3542,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -5001,7 +3551,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5012,7 +3562,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5025,7 +3575,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1 @@ -5034,7 +3584,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5045,7 +3595,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg-utils@2.2.27-3ubuntu2.1 @@ -5054,7 +3604,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5065,7 +3615,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -5074,7 +3624,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5085,7 +3635,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5098,7 +3648,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5111,7 +3661,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpg-agent@2.2.27-3ubuntu2.1 @@ -5120,7 +3670,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5131,7 +3681,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5144,7 +3694,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5157,7 +3707,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 @@ -5166,7 +3716,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5177,7 +3727,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 @@ -5186,7 +3736,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5197,7 +3747,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gpgsm@2.2.27-3ubuntu2.1 @@ -5206,7 +3756,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5217,7 +3767,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -5266,7 +3816,7 @@

                  Allocation of Resources Without Limits or Throttling

                • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
                • Package Manager: ubuntu:22.04 @@ -5279,7 +3829,7 @@

                  Allocation of Resources Without Limits or Throttling

                  Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and glibc/libc-bin@2.35-0ubuntu3.8 + docker-image|quay.io/argoproj/argocd@v2.11.8 and glibc/libc-bin@2.35-0ubuntu3.8
                @@ -5292,7 +3842,7 @@

                Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 glibc/libc-bin@2.35-0ubuntu3.8 @@ -5301,7 +3851,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 glibc/libc6@2.35-0ubuntu3.8 @@ -5347,7 +3897,7 @@

                  Improper Input Validation

                  • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
                  • Package Manager: ubuntu:22.04 @@ -5361,7 +3911,7 @@

                    Improper Input Validation

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7, git@1:2.34.1-1ubuntu1.11 and others + docker-image|quay.io/argoproj/argocd@v2.11.8, git@1:2.34.1-1ubuntu1.11 and others
                  @@ -5373,7 +3923,7 @@

                  Detailed paths

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 @@ -5384,7 +3934,7 @@

                    Detailed paths

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git@1:2.34.1-1ubuntu1.11 @@ -5393,7 +3943,7 @@

                    Detailed paths

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 git-lfs@3.0.2-1ubuntu0.2 @@ -5440,7 +3990,7 @@

                    Uncontrolled Recursion

                    • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
                    • Package Manager: ubuntu:22.04 @@ -5453,7 +4003,7 @@

                      Uncontrolled Recursion

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 + docker-image|quay.io/argoproj/argocd@v2.11.8 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04
                    @@ -5466,7 +4016,7 @@

                    Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 @@ -5475,9 +4025,9 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - apt@2.4.12 + apt@2.4.13 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 @@ -5486,11 +4036,11 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 - apt@2.4.12 + apt@2.4.13 - apt/libapt-pkg6.0@2.4.12 + apt/libapt-pkg6.0@2.4.13 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 @@ -5499,7 +4049,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gcc-12/gcc-12-base@12.3.0-1ubuntu1~22.04 @@ -5508,7 +4058,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 gcc-12/libgcc-s1@12.3.0-1ubuntu1~22.04 @@ -5555,7 +4105,7 @@

                      Improper Input Validation

                      • - Manifest file: quay.io/argoproj/argocd:v2.11.7/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.8/argoproj/argocd Dockerfile
                      • Package Manager: ubuntu:22.04 @@ -5568,7 +4118,7 @@

                        Improper Input Validation

                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 and coreutils@8.32-4.1ubuntu1.2 + docker-image|quay.io/argoproj/argocd@v2.11.8 and coreutils@8.32-4.1ubuntu1.2
                      @@ -5581,7 +4131,7 @@

                      Detailed paths

                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.7 + docker-image|quay.io/argoproj/argocd@v2.11.8 coreutils@8.32-4.1ubuntu1.2 diff --git a/docs/snyk/v2.11.7/redis_7.0.15-alpine.html b/docs/snyk/v2.11.8/redis_7.0.15-alpine.html similarity index 99% rename from docs/snyk/v2.11.7/redis_7.0.15-alpine.html rename to docs/snyk/v2.11.8/redis_7.0.15-alpine.html index d593e46a64e34..3f02438fedc1d 100644 --- a/docs/snyk/v2.11.7/redis_7.0.15-alpine.html +++ b/docs/snyk/v2.11.8/redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        September 8th 2024, 12:24:29 am (UTC+00:00)

                        +

                        September 15th 2024, 12:24:16 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.12.3/argocd-iac-install.html b/docs/snyk/v2.12.3/argocd-iac-install.html index 237ff252945d5..a5698e85b8c0e 100644 --- a/docs/snyk/v2.12.3/argocd-iac-install.html +++ b/docs/snyk/v2.12.3/argocd-iac-install.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        September 8th 2024, 12:23:27 am (UTC+00:00)

                        +

                        September 15th 2024, 12:23:20 am (UTC+00:00)

                        Scanned the following path: diff --git a/docs/snyk/v2.12.3/argocd-iac-namespace-install.html b/docs/snyk/v2.12.3/argocd-iac-namespace-install.html index 8f13d024c60e8..7fbc95ed64a61 100644 --- a/docs/snyk/v2.12.3/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.12.3/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        September 8th 2024, 12:23:37 am (UTC+00:00)

                        +

                        September 15th 2024, 12:23:29 am (UTC+00:00)

                        Scanned the following path: diff --git a/docs/snyk/v2.12.3/argocd-test.html b/docs/snyk/v2.12.3/argocd-test.html index bd48c6e7ff235..876ce2850c30d 100644 --- a/docs/snyk/v2.12.3/argocd-test.html +++ b/docs/snyk/v2.12.3/argocd-test.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        September 8th 2024, 12:21:25 am (UTC+00:00)

                        +

                        September 15th 2024, 12:21:28 am (UTC+00:00)

                        Scanned the following paths: @@ -467,8 +467,8 @@

                        Snyk test report

                        -
                        3 known vulnerabilities
                        -
                        3 vulnerable dependency paths
                        +
                        4 known vulnerabilities
                        +
                        6 vulnerable dependency paths
                        2061 dependencies
                        @@ -477,6 +477,173 @@

                        Snyk test report

                        +
                        +

                        Regular Expression Denial of Service (ReDoS)

                        +
                        + +
                        + medium severity +
                        + +
                        + +
                          +
                        • + Manifest file: /argo-cd ui/yarn.lock +
                          • +
                        • + Package Manager: npm +
                          • +
                        • + Vulnerable module: + + path-to-regexp +
                          • + +
                        • Introduced through: + + + argo-cd-ui@1.0.0, react-router@4.3.1 and others +
                          • +
                        + +
                        + + +

                        Detailed paths

                        + +
                          +
                        • + Introduced through: + argo-cd-ui@1.0.0 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
                          • +
                        • + Introduced through: + argo-cd-ui@1.0.0 + + react-router-dom@4.3.1 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
                          • +
                        • + Introduced through: + argo-cd-ui@1.0.0 + + argo-ui@1.0.0 + + react-router-dom@4.3.1 + + react-router@4.3.1 + + path-to-regexp@1.8.0 + + + +
                          • +
                        + +
                        + +
                        + +

                        Overview

                        +

                        Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when including multiple regular expression parameters in a single segment, which will produce the regular expression /^\/([^\/]+?)-([^\/]+?)\/?$/, if two parameters within a single segment are separated by a character other than a / or .. Poor performance will block the event loop and can lead to a DoS.

                        +

                        Note: + Version 0.1.10 is patched to mitigate this but is also vulnerable if custom regular expressions are used. Due to the existence of this attack vector, the Snyk security team have decided to err on the side of caution in considering the very widely-used v0 branch vulnerable, while the 8.0.0 release has completely eliminated the vulnerable functionality.

                        +

                        Workaround

                        +

                        This vulnerability can be avoided by using a custom regular expression for parameters after the first in a segment, which excludes - and /.

                        +

                        PoC

                        + 
                        /a${'-a'.repeat(8_000)}/a
+
                        +

                        Details

                        +

                        Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

                        +

                        The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

                        +

                        Let’s take the following regular expression as an example:

                        + 
                        regex = /A(B|C+)+D/
+
                        +

                        This regular expression accomplishes the following:

                        +
                          +
                        • A The string must start with the letter 'A'
                          • +
                        • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
                          • +
                        • D Finally, we ensure this section of the string ends with a 'D'
                          • +
                        +

                        The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

                        +

                        It most cases, it doesn't take very long for a regex engine to find a match:

                        + 
                        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
+        0.04s user 0.01s system 95% cpu 0.052 total
+        
+        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
+        1.79s user 0.02s system 99% cpu 1.812 total
+
                        +

                        The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

                        +

                        Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

                        +

                        Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

                        +
                          +
                        1. CCC
                          2. +
                        2. CC+C
                          3. +
                        3. C+CC
                          4. +
                        4. C+C+C.
                          5. +
                        +

                        The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

                        +

                        From there, the number of steps the engine must use to validate a string just continues to grow.

                        + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
                        StringNumber of C'sNumber of steps
                        ACCCX338
                        ACCCCX471
                        ACCCCCX5136
                        ACCCCCCCCCCCCCCX1465,553
                        +

                        By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

                        +

                        Remediation

                        +

                        Upgrade path-to-regexp to version 8.0.0 or higher.

                        +

                        References

                        + + +
                        + +
                        +

                        More about this vulnerability

                        +
                        + +

                        Denial of Service (DoS)

                        diff --git a/docs/snyk/v2.12.3/ghcr.io_dexidp_dex_v2.38.0.html b/docs/snyk/v2.12.3/ghcr.io_dexidp_dex_v2.38.0.html index 758da50eab505..3c557de6a1064 100644 --- a/docs/snyk/v2.12.3/ghcr.io_dexidp_dex_v2.38.0.html +++ b/docs/snyk/v2.12.3/ghcr.io_dexidp_dex_v2.38.0.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        September 8th 2024, 12:21:34 am (UTC+00:00)

                        +

                        September 15th 2024, 12:21:35 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.12.3/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html b/docs/snyk/v2.12.3/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html index 184fe5cbcf1bf..c072d3a72b314 100644 --- a/docs/snyk/v2.12.3/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html +++ b/docs/snyk/v2.12.3/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        September 8th 2024, 12:21:39 am (UTC+00:00)

                        +

                        September 15th 2024, 12:21:38 am (UTC+00:00)

                        Scanned the following path: diff --git a/docs/snyk/v2.12.3/public.ecr.aws_docker_library_redis_7.0.15-alpine.html b/docs/snyk/v2.12.3/public.ecr.aws_docker_library_redis_7.0.15-alpine.html index 0896e4094e1f5..da43180e99e7c 100644 --- a/docs/snyk/v2.12.3/public.ecr.aws_docker_library_redis_7.0.15-alpine.html +++ b/docs/snyk/v2.12.3/public.ecr.aws_docker_library_redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        September 8th 2024, 12:21:44 am (UTC+00:00)

                        +

                        September 15th 2024, 12:21:42 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.12.3/quay.io_argoproj_argocd_v2.12.3.html b/docs/snyk/v2.12.3/quay.io_argoproj_argocd_v2.12.3.html index 6f8fe4299b571..ec4329b79d670 100644 --- a/docs/snyk/v2.12.3/quay.io_argoproj_argocd_v2.12.3.html +++ b/docs/snyk/v2.12.3/quay.io_argoproj_argocd_v2.12.3.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        September 8th 2024, 12:22:02 am (UTC+00:00)

                        +

                        September 15th 2024, 12:21:58 am (UTC+00:00)

                        Scanned the following paths: @@ -470,8 +470,8 @@

                        Snyk test report

                        -
                        16 known vulnerabilities
                        -
                        80 vulnerable dependency paths
                        +
                        17 known vulnerabilities
                        +
                        81 vulnerable dependency paths
                        2292 dependencies
                        @@ -1435,7 +1435,7 @@

                        NVD Description

                        See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

                        An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

                        Remediation

                        -

                        There is no fixed version for Ubuntu:24.04 expat.

                        +

                        Upgrade Ubuntu:24.04 expat to version 2.6.1-2ubuntu0.1 or higher.

                        References

                        +
                        +
                        +

                        CVE-2024-8096

                        +
                        + +
                        + medium severity +
                        + +
                        + +
                          +
                        • + Manifest file: quay.io/argoproj/argocd:v2.12.3/argoproj/argocd Dockerfile +
                          • +
                        • + Package Manager: ubuntu:24.04 +
                          • +
                        • + Vulnerable module: + + curl/libcurl3t64-gnutls +
                          • + +
                        • Introduced through: + + + docker-image|quay.io/argoproj/argocd@v2.12.3, git@1:2.43.0-1ubuntu7.1 and others +
                          • +
                        + +
                        + + +

                        Detailed paths

                        + +
                          +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.3 + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.3 + + + +
                          • +
                        + +
                        + +
                        + +

                        NVD Description

                        +

                        Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. + See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

                        +

                        When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate.

                        +

                        Remediation

                        +

                        There is no fixed version for Ubuntu:24.04 curl.

                        +

                        References

                        + + +
                        + +
                        +

                        More about this vulnerability

                        +
                        +

                        Release of Invalid Pointer or Reference

                        diff --git a/docs/snyk/v2.12.3/redis_7.0.15-alpine.html b/docs/snyk/v2.12.3/redis_7.0.15-alpine.html index 8701ed25baf73..222dff64476b7 100644 --- a/docs/snyk/v2.12.3/redis_7.0.15-alpine.html +++ b/docs/snyk/v2.12.3/redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        September 8th 2024, 12:22:06 am (UTC+00:00)

                        +

                        September 15th 2024, 12:22:01 am (UTC+00:00)

                        Scanned the following paths: From 14a1a552dcdd19671def1fc8a4392a0de8435251 Mon Sep 17 00:00:00 2001 From: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Date: Mon, 16 Sep 2024 17:40:25 -0400 Subject: [PATCH 07/20] chore: bump gitops-engine for performance improvements (#19953) * chore: bump gitops-engine for performance improvement Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * bump gitops-engine version Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d39821cb12c46..5e184b664f2a8 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/TomOnTime/utfutil v0.0.0-20180511104225-09c41003ee1d github.com/alicebob/miniredis/v2 v2.33.0 github.com/antonmedv/expr v1.15.1 - github.com/argoproj/gitops-engine v0.7.1-0.20240905010810-bd7681ae3f8b + github.com/argoproj/gitops-engine v0.7.1-0.20240916204218-df9b446fd7d2 github.com/argoproj/notifications-engine v0.4.1-0.20240606074338-0802cd427621 github.com/argoproj/pkg v0.13.7-0.20230626144333-d56162821bd1 github.com/aws/aws-sdk-go v1.55.5 diff --git a/go.sum b/go.sum index 3ea06cfe39c2b..fda1e8d94b0ec 100644 --- a/go.sum +++ b/go.sum @@ -83,8 +83,8 @@ github.com/antonmedv/expr v1.15.1/go.mod h1:0E/6TxnOlRNp81GMzX9QfDPAmHo2Phg00y4J github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= github.com/appscode/go v0.0.0-20191119085241-0887d8ec2ecc/go.mod h1:OawnOmAL4ZX3YaPdN+8HTNwBveT1jMsqP74moa9XUbE= -github.com/argoproj/gitops-engine v0.7.1-0.20240905010810-bd7681ae3f8b h1:wOPWJ5MBScQO767WpU55oUJDXObfvPL0EfAYWxogbSw= -github.com/argoproj/gitops-engine v0.7.1-0.20240905010810-bd7681ae3f8b/go.mod h1:b1vuwkyMUszyUK+USUJqC8vJijnQsEPNDpC+sDdDLtM= +github.com/argoproj/gitops-engine v0.7.1-0.20240916204218-df9b446fd7d2 h1:vwgeR9wMFO/T+eZns5SKDyiiCJkMoYEU3NYGVCrr7FA= +github.com/argoproj/gitops-engine v0.7.1-0.20240916204218-df9b446fd7d2/go.mod h1:b1vuwkyMUszyUK+USUJqC8vJijnQsEPNDpC+sDdDLtM= github.com/argoproj/notifications-engine v0.4.1-0.20240606074338-0802cd427621 h1:Yg1nt+D2uDK1SL2jSlfukA4yc7db184TTN7iWy3voRE= github.com/argoproj/notifications-engine v0.4.1-0.20240606074338-0802cd427621/go.mod h1:N0A4sEws2soZjEpY4hgZpQS8mRIEw6otzwfkgc3g9uQ= github.com/argoproj/pkg v0.13.7-0.20230626144333-d56162821bd1 h1:qsHwwOJ21K2Ao0xPju1sNuqphyMnMYkyB3ZLoLtxWpo= From 8f65594ca9046fde4b6cfd96bd34dbc4d14d0f3a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 Sep 2024 00:36:49 -0400 Subject: [PATCH 08/20] chore(deps): bump tj-actions/changed-files from 45.0.1 to 45.0.2 (#19958) Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 45.0.1 to 45.0.2. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/e9772d140489982e0e3704fea5ee93d536f1e275...48d8f15b2aaa3d255ca5af3eba4870f807ce6b3c) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci-build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml index 6d1032c416fb6..6096d78c40cde 100644 --- a/.github/workflows/ci-build.yaml +++ b/.github/workflows/ci-build.yaml @@ -31,7 +31,7 @@ jobs: docs: ${{ steps.filter.outputs.docs_any_changed }} steps: - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # v4.0.0 - - uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 # v45.0.1 + - uses: tj-actions/changed-files@48d8f15b2aaa3d255ca5af3eba4870f807ce6b3c # v45.0.2 id: filter with: # Any file which is not under docs/, ui/ or is not a markdown file is counted as a backend file From d636e536650ead1a27d87ac8efb8a3455f633d8c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 Sep 2024 00:38:25 -0400 Subject: [PATCH 09/20] chore(deps): bump peter-evans/create-pull-request from 7.0.2 to 7.0.3 (#19957) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.2 to 7.0.3. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/d121e62763d8cc35b5fb1710e887d6e69a52d3a4...6cd32fd93684475c31847837f87bb135d40a2b79) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/init-release.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/init-release.yaml b/.github/workflows/init-release.yaml index 1c95715b913f4..20bb6205c9f78 100644 --- a/.github/workflows/init-release.yaml +++ b/.github/workflows/init-release.yaml @@ -64,7 +64,7 @@ jobs: git stash pop - name: Create pull request - uses: peter-evans/create-pull-request@d121e62763d8cc35b5fb1710e887d6e69a52d3a4 # v7.0.2 + uses: peter-evans/create-pull-request@6cd32fd93684475c31847837f87bb135d40a2b79 # v7.0.3 with: commit-message: "Bump version to ${{ inputs.TARGET_VERSION }}" title: "Bump version to ${{ inputs.TARGET_VERSION }} on ${{ inputs.TARGET_BRANCH }} branch" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index cc516d95773ec..12cb17fcfe6fd 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -295,7 +295,7 @@ jobs: if: ${{ env.UPDATE_VERSION == 'true' }} - name: Create PR to update VERSION on master branch - uses: peter-evans/create-pull-request@d121e62763d8cc35b5fb1710e887d6e69a52d3a4 # v7.0.2 + uses: peter-evans/create-pull-request@6cd32fd93684475c31847837f87bb135d40a2b79 # v7.0.3 with: commit-message: Bump version in master title: "chore: Bump version in master" From 94e02101c6a03e1655effec7a74977b3968067ba Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 17 Sep 2024 05:37:40 +0000 Subject: [PATCH 10/20] Bump version in master (#19947) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <39732895+pasha-codefresh@users.noreply.github.com> --- SECURITY-INSIGHTS.yml | 4 ++-- VERSION | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml index 42db7962eb995..74236df3b1a27 100644 --- a/SECURITY-INSIGHTS.yml +++ b/SECURITY-INSIGHTS.yml @@ -3,9 +3,9 @@ header: expiration-date: '2024-10-31T00:00:00.000Z' # One year from initial release. last-updated: '2023-10-27' last-reviewed: '2023-10-27' - commit-hash: fe606708859574b9b6102a505e260fac5d3fb14e + commit-hash: 74a367d10e7110209610ba3ec225539ebe5f7522 project-url: https://github.com/argoproj/argo-cd - project-release: v2.13.0 + project-release: v2.14.0 changelog: https://github.com/argoproj/argo-cd/releases license: https://github.com/argoproj/argo-cd/blob/master/LICENSE project-lifecycle: diff --git a/VERSION b/VERSION index fb2c0766b7cc2..edcfe40d1984a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.13.0 +2.14.0 From c8dcd83f88668a26fff905402efbccadea4b8b74 Mon Sep 17 00:00:00 2001 From: Falanty <34582081+Falanty@users.noreply.github.com> Date: Tue, 17 Sep 2024 10:20:02 +0200 Subject: [PATCH 11/20] feat: add ARGOCD_APP_REVISION_SHORT_8 variable in build environment (#19931) Signed-off-by: Adam, Patrick Co-authored-by: Adam, Patrick --- docs/user-guide/build-environment.md | 1 + reposerver/repository/repository.go | 14 ++++++++++---- reposerver/repository/repository_test.go | 1 + 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/docs/user-guide/build-environment.md b/docs/user-guide/build-environment.md index 8e2448f4f9e7f..52fc8b1d03a5a 100644 --- a/docs/user-guide/build-environment.md +++ b/docs/user-guide/build-environment.md @@ -8,6 +8,7 @@ | `ARGOCD_APP_NAMESPACE` | The destination namespace of the application. | | `ARGOCD_APP_REVISION` | The resolved revision, e.g. `f913b6cbf58aa5ae5ca1f8a2b149477aebcbd9d8`. | | `ARGOCD_APP_REVISION_SHORT` | The resolved short revision, e.g. `f913b6c`. | +| `ARGOCD_APP_REVISION_SHORT_8` | The resolved short revision with length 8, e.g. `f913b6cb`. | | `ARGOCD_APP_SOURCE_PATH` | The path of the app within the source repo. | | `ARGOCD_APP_SOURCE_REPO_URL` | The source repo URL. | | `ARGOCD_APP_SOURCE_TARGET_REVISION` | The target revision from the spec, e.g. `master`. | diff --git a/reposerver/repository/repository.go b/reposerver/repository/repository.go index 601697778cffc..e387a5bf93380 100644 --- a/reposerver/repository/repository.go +++ b/reposerver/repository/repository.go @@ -1511,21 +1511,27 @@ func GenerateManifests(ctx context.Context, appPath, repoRoot, revision string, } func newEnv(q *apiclient.ManifestRequest, revision string) *v1alpha1.Env { - shortRevision := revision - if len(shortRevision) > 7 { - shortRevision = shortRevision[:7] - } + shortRevision := shortenRevision(revision, 7) + shortRevision8 := shortenRevision(revision, 8) return &v1alpha1.Env{ &v1alpha1.EnvEntry{Name: "ARGOCD_APP_NAME", Value: q.AppName}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_NAMESPACE", Value: q.Namespace}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_REVISION", Value: revision}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_REVISION_SHORT", Value: shortRevision}, + &v1alpha1.EnvEntry{Name: "ARGOCD_APP_REVISION_SHORT_8", Value: shortRevision8}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_SOURCE_REPO_URL", Value: q.Repo.Repo}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_SOURCE_PATH", Value: q.ApplicationSource.Path}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_SOURCE_TARGET_REVISION", Value: q.ApplicationSource.TargetRevision}, } } +func shortenRevision(revision string, length int) string { + if len(revision) > length { + return revision[:length] + } + return revision +} + func newEnvRepoQuery(q *apiclient.RepoServerAppDetailsQuery, revision string) *v1alpha1.Env { return &v1alpha1.Env{ &v1alpha1.EnvEntry{Name: "ARGOCD_APP_NAME", Value: q.AppName}, diff --git a/reposerver/repository/repository_test.go b/reposerver/repository/repository_test.go index f93c6d5165077..0c11553e5d7f4 100644 --- a/reposerver/repository/repository_test.go +++ b/reposerver/repository/repository_test.go @@ -1817,6 +1817,7 @@ func Test_newEnv(t *testing.T) { &argoappv1.EnvEntry{Name: "ARGOCD_APP_NAMESPACE", Value: "my-namespace"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_REVISION", Value: "my-revision"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_REVISION_SHORT", Value: "my-revi"}, + &argoappv1.EnvEntry{Name: "ARGOCD_APP_REVISION_SHORT_8", Value: "my-revis"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_SOURCE_REPO_URL", Value: "https://github.com/my-org/my-repo"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_SOURCE_PATH", Value: "my-path"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_SOURCE_TARGET_REVISION", Value: "my-target-revision"}, From 4b478ef2c8182ea41993da1097215dd2695837d5 Mon Sep 17 00:00:00 2001 From: Pavel Soloviev <66182149+moleus@users.noreply.github.com> Date: Tue, 17 Sep 2024 11:34:21 +0300 Subject: [PATCH 12/20] docs: Add empty GitHub.repoURL error to troubleshooting docs (#19926) Signed-off-by: Moleus --- .../notifications/troubleshooting-errors.md | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/docs/operator-manual/notifications/troubleshooting-errors.md b/docs/operator-manual/notifications/troubleshooting-errors.md index 5ae95e8e384d6..ecfcf7151c0ce 100644 --- a/docs/operator-manual/notifications/troubleshooting-errors.md +++ b/docs/operator-manual/notifications/troubleshooting-errors.md @@ -40,6 +40,27 @@ You need to check your argocd-notifications controller version. For instance, th You have not defined `xxxx` in `argocd-notifications-cm` or to fail to parse settings. +### GitHub.repoURL (\u003cno value\u003e) does not have a / using the configuration + +You probably have an Application with [multiple sources](https://argo-cd.readthedocs.io/en/stable/user-guide/multiple_sources/): + +```yaml +spec: + sources: # <- multiple sources + - repoURL: https://github.com/exampleOrg/first.git + path: sources/example + - repoURL: https://github.com/exampleOrg/second.git + targetRevision: "{{branch}}" +``` + +So standard notification template won't work (`{{.app.spec.source.repoURL}}`). You should choose a single source instead: + +```yaml +template.example: | + github: + repoURLPath: "{{ (index .app.spec.sources 0).repoURL }}" +``` + ## config referenced xxx, but key does not exist in secret - If you are using a custom secret, check that the secret is in the same namespace From 308c6cb526a643ac5e0f5904fa208b8b356a7b7f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 Sep 2024 11:37:10 +0300 Subject: [PATCH 13/20] chore(deps): bump github.com/casbin/casbin/v2 from 2.99.0 to 2.100.0 (#19960) Bumps [github.com/casbin/casbin/v2](https://github.com/casbin/casbin) from 2.99.0 to 2.100.0. - [Release notes](https://github.com/casbin/casbin/releases) - [Changelog](https://github.com/casbin/casbin/blob/master/.releaserc.json) - [Commits](https://github.com/casbin/casbin/compare/v2.99.0...v2.100.0) --- updated-dependencies: - dependency-name: github.com/casbin/casbin/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 5e184b664f2a8..938e12ea2a5e5 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/bmatcuk/doublestar/v4 v4.6.1 github.com/bombsimon/logrusr/v2 v2.0.1 github.com/bradleyfalzon/ghinstallation/v2 v2.11.0 - github.com/casbin/casbin/v2 v2.99.0 + github.com/casbin/casbin/v2 v2.100.0 github.com/casbin/govaluate v1.2.0 github.com/cespare/xxhash/v2 v2.3.0 github.com/chainguard-dev/git-urls v1.0.2 diff --git a/go.sum b/go.sum index fda1e8d94b0ec..b8beaedbcd8c6 100644 --- a/go.sum +++ b/go.sum @@ -154,8 +154,8 @@ github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0 github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/bwmarrin/discordgo v0.19.0/go.mod h1:O9S4p+ofTFwB02em7jkpkV8M3R0/PUVOwN61zSZ0r4Q= github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ= -github.com/casbin/casbin/v2 v2.99.0 h1:Y993vfRenh8Xtb4XVaK8KeYJTjD4Zn1XVewGszhzk1E= -github.com/casbin/casbin/v2 v2.99.0/go.mod h1:LO7YPez4dX3LgoTCqSQAleQDo0S0BeZBDxYnPUl95Ng= +github.com/casbin/casbin/v2 v2.100.0 h1:aeugSNjjHfCrgA22nHkVvw2xsscboHv5r0a13ljQKGQ= +github.com/casbin/casbin/v2 v2.100.0/go.mod h1:LO7YPez4dX3LgoTCqSQAleQDo0S0BeZBDxYnPUl95Ng= github.com/casbin/govaluate v1.2.0 h1:wXCXFmqyY+1RwiKfYo3jMKyrtZmOL3kHwaqDyCPOYak= github.com/casbin/govaluate v1.2.0/go.mod h1:G/UnbIjZk/0uMNaLwZZmFQrR72tYRZWQkO70si/iR7A= github.com/cenkalti/backoff v2.1.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= From bcc224b32c5e85cba01d77b01ffd1c861b42a9eb Mon Sep 17 00:00:00 2001 From: morapet Date: Tue, 17 Sep 2024 11:32:38 +0200 Subject: [PATCH 14/20] prevent crash during timer expiration after stream is closed (#19917) Reorder ticker stop and close merge to prevent send(true) happens after merge is closed, in rare situation when the timer expires exactly at the point between close(merge) and ticker.Stop() Signed-off-by: morapet --- server/application/logs.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/application/logs.go b/server/application/logs.go index 9034da9471212..778f04edec66e 100644 --- a/server/application/logs.go +++ b/server/application/logs.go @@ -144,8 +144,8 @@ func mergeLogStreams(streams []chan logEntry, bufferingDuration time.Duration) c _ = send(true) - close(merged) ticker.Stop() + close(merged) }() return merged } From 4e13b7f36c41d69f37a05aaf6dcb6f5ec6c89659 Mon Sep 17 00:00:00 2001 From: Nathan Shaaban <86252985+ctrlaltf24@users.noreply.github.com> Date: Tue, 17 Sep 2024 02:34:25 -0700 Subject: [PATCH 15/20] feat: allow auth token to be passed in via env (#19898) * feat: allow auth token to be passed in via env Allows the authentication token to come from environment if it's not found in cli args. Signed-off-by: Nathan Shaaban <86252985+ctrlaltf24@users.noreply.github.com> * chore: generate cli docs Signed-off-by: Nathan Shaaban <86252985+ctrlaltf24@users.noreply.github.com> --------- Signed-off-by: Nathan Shaaban <86252985+ctrlaltf24@users.noreply.github.com> Co-authored-by: Alexander Matyushentsev --- cmd/argocd/commands/root.go | 2 +- common/common.go | 2 ++ docs/user-guide/commands/argocd.md | 2 +- docs/user-guide/commands/argocd_account.md | 2 +- docs/user-guide/commands/argocd_account_bcrypt.md | 2 +- docs/user-guide/commands/argocd_account_can-i.md | 2 +- docs/user-guide/commands/argocd_account_delete-token.md | 2 +- docs/user-guide/commands/argocd_account_generate-token.md | 2 +- docs/user-guide/commands/argocd_account_get-user-info.md | 2 +- docs/user-guide/commands/argocd_account_get.md | 2 +- docs/user-guide/commands/argocd_account_list.md | 2 +- docs/user-guide/commands/argocd_account_update-password.md | 2 +- docs/user-guide/commands/argocd_admin.md | 2 +- docs/user-guide/commands/argocd_admin_app.md | 2 +- .../commands/argocd_admin_app_diff-reconcile-results.md | 2 +- docs/user-guide/commands/argocd_admin_app_generate-spec.md | 2 +- .../commands/argocd_admin_app_get-reconcile-results.md | 2 +- docs/user-guide/commands/argocd_admin_cluster.md | 2 +- docs/user-guide/commands/argocd_admin_cluster_generate-spec.md | 2 +- docs/user-guide/commands/argocd_admin_cluster_kubeconfig.md | 2 +- docs/user-guide/commands/argocd_admin_cluster_namespaces.md | 2 +- .../argocd_admin_cluster_namespaces_disable-namespaced-mode.md | 2 +- .../argocd_admin_cluster_namespaces_enable-namespaced-mode.md | 2 +- docs/user-guide/commands/argocd_admin_cluster_shards.md | 2 +- docs/user-guide/commands/argocd_admin_cluster_stats.md | 2 +- docs/user-guide/commands/argocd_admin_dashboard.md | 2 +- docs/user-guide/commands/argocd_admin_export.md | 2 +- docs/user-guide/commands/argocd_admin_import.md | 2 +- docs/user-guide/commands/argocd_admin_initial-password.md | 2 +- docs/user-guide/commands/argocd_admin_notifications.md | 2 +- docs/user-guide/commands/argocd_admin_notifications_template.md | 2 +- .../commands/argocd_admin_notifications_template_get.md | 2 +- .../commands/argocd_admin_notifications_template_notify.md | 2 +- docs/user-guide/commands/argocd_admin_notifications_trigger.md | 2 +- .../commands/argocd_admin_notifications_trigger_get.md | 2 +- .../commands/argocd_admin_notifications_trigger_run.md | 2 +- docs/user-guide/commands/argocd_admin_proj.md | 2 +- .../commands/argocd_admin_proj_generate-allow-list.md | 2 +- docs/user-guide/commands/argocd_admin_proj_generate-spec.md | 2 +- .../user-guide/commands/argocd_admin_proj_update-role-policy.md | 2 +- docs/user-guide/commands/argocd_admin_redis-initial-password.md | 2 +- docs/user-guide/commands/argocd_admin_repo.md | 2 +- docs/user-guide/commands/argocd_admin_repo_generate-spec.md | 2 +- docs/user-guide/commands/argocd_admin_settings.md | 2 +- docs/user-guide/commands/argocd_admin_settings_rbac.md | 2 +- docs/user-guide/commands/argocd_admin_settings_rbac_can.md | 2 +- docs/user-guide/commands/argocd_admin_settings_rbac_validate.md | 2 +- .../commands/argocd_admin_settings_resource-overrides.md | 2 +- .../commands/argocd_admin_settings_resource-overrides_health.md | 2 +- ...gocd_admin_settings_resource-overrides_ignore-differences.md | 2 +- ...admin_settings_resource-overrides_ignore-resource-updates.md | 2 +- .../argocd_admin_settings_resource-overrides_list-actions.md | 2 +- .../argocd_admin_settings_resource-overrides_run-action.md | 2 +- docs/user-guide/commands/argocd_admin_settings_validate.md | 2 +- docs/user-guide/commands/argocd_app.md | 2 +- docs/user-guide/commands/argocd_app_actions.md | 2 +- docs/user-guide/commands/argocd_app_actions_list.md | 2 +- docs/user-guide/commands/argocd_app_actions_run.md | 2 +- docs/user-guide/commands/argocd_app_add-source.md | 2 +- docs/user-guide/commands/argocd_app_create.md | 2 +- docs/user-guide/commands/argocd_app_delete-resource.md | 2 +- docs/user-guide/commands/argocd_app_delete.md | 2 +- docs/user-guide/commands/argocd_app_diff.md | 2 +- docs/user-guide/commands/argocd_app_edit.md | 2 +- docs/user-guide/commands/argocd_app_get.md | 2 +- docs/user-guide/commands/argocd_app_history.md | 2 +- docs/user-guide/commands/argocd_app_list.md | 2 +- docs/user-guide/commands/argocd_app_logs.md | 2 +- docs/user-guide/commands/argocd_app_manifests.md | 2 +- docs/user-guide/commands/argocd_app_patch-resource.md | 2 +- docs/user-guide/commands/argocd_app_patch.md | 2 +- docs/user-guide/commands/argocd_app_remove-source.md | 2 +- docs/user-guide/commands/argocd_app_resources.md | 2 +- docs/user-guide/commands/argocd_app_rollback.md | 2 +- docs/user-guide/commands/argocd_app_set.md | 2 +- docs/user-guide/commands/argocd_app_sync.md | 2 +- docs/user-guide/commands/argocd_app_terminate-op.md | 2 +- docs/user-guide/commands/argocd_app_unset.md | 2 +- docs/user-guide/commands/argocd_app_wait.md | 2 +- docs/user-guide/commands/argocd_appset.md | 2 +- docs/user-guide/commands/argocd_appset_create.md | 2 +- docs/user-guide/commands/argocd_appset_delete.md | 2 +- docs/user-guide/commands/argocd_appset_generate.md | 2 +- docs/user-guide/commands/argocd_appset_get.md | 2 +- docs/user-guide/commands/argocd_appset_list.md | 2 +- docs/user-guide/commands/argocd_cert.md | 2 +- docs/user-guide/commands/argocd_cert_add-ssh.md | 2 +- docs/user-guide/commands/argocd_cert_add-tls.md | 2 +- docs/user-guide/commands/argocd_cert_list.md | 2 +- docs/user-guide/commands/argocd_cert_rm.md | 2 +- docs/user-guide/commands/argocd_cluster.md | 2 +- docs/user-guide/commands/argocd_cluster_add.md | 2 +- docs/user-guide/commands/argocd_cluster_get.md | 2 +- docs/user-guide/commands/argocd_cluster_list.md | 2 +- docs/user-guide/commands/argocd_cluster_rm.md | 2 +- docs/user-guide/commands/argocd_cluster_rotate-auth.md | 2 +- docs/user-guide/commands/argocd_cluster_set.md | 2 +- docs/user-guide/commands/argocd_completion.md | 2 +- docs/user-guide/commands/argocd_context.md | 2 +- docs/user-guide/commands/argocd_gpg.md | 2 +- docs/user-guide/commands/argocd_gpg_add.md | 2 +- docs/user-guide/commands/argocd_gpg_get.md | 2 +- docs/user-guide/commands/argocd_gpg_list.md | 2 +- docs/user-guide/commands/argocd_gpg_rm.md | 2 +- docs/user-guide/commands/argocd_login.md | 2 +- docs/user-guide/commands/argocd_logout.md | 2 +- docs/user-guide/commands/argocd_proj.md | 2 +- .../commands/argocd_proj_add-destination-service-account.md | 2 +- docs/user-guide/commands/argocd_proj_add-destination.md | 2 +- docs/user-guide/commands/argocd_proj_add-orphaned-ignore.md | 2 +- docs/user-guide/commands/argocd_proj_add-signature-key.md | 2 +- docs/user-guide/commands/argocd_proj_add-source-namespace.md | 2 +- docs/user-guide/commands/argocd_proj_add-source.md | 2 +- docs/user-guide/commands/argocd_proj_allow-cluster-resource.md | 2 +- .../user-guide/commands/argocd_proj_allow-namespace-resource.md | 2 +- docs/user-guide/commands/argocd_proj_create.md | 2 +- docs/user-guide/commands/argocd_proj_delete.md | 2 +- docs/user-guide/commands/argocd_proj_deny-cluster-resource.md | 2 +- docs/user-guide/commands/argocd_proj_deny-namespace-resource.md | 2 +- docs/user-guide/commands/argocd_proj_edit.md | 2 +- docs/user-guide/commands/argocd_proj_get.md | 2 +- docs/user-guide/commands/argocd_proj_list.md | 2 +- .../commands/argocd_proj_remove-destination-service-account.md | 2 +- docs/user-guide/commands/argocd_proj_remove-destination.md | 2 +- docs/user-guide/commands/argocd_proj_remove-orphaned-ignore.md | 2 +- docs/user-guide/commands/argocd_proj_remove-signature-key.md | 2 +- docs/user-guide/commands/argocd_proj_remove-source-namespace.md | 2 +- docs/user-guide/commands/argocd_proj_remove-source.md | 2 +- docs/user-guide/commands/argocd_proj_role.md | 2 +- docs/user-guide/commands/argocd_proj_role_add-group.md | 2 +- docs/user-guide/commands/argocd_proj_role_add-policy.md | 2 +- docs/user-guide/commands/argocd_proj_role_create-token.md | 2 +- docs/user-guide/commands/argocd_proj_role_create.md | 2 +- docs/user-guide/commands/argocd_proj_role_delete-token.md | 2 +- docs/user-guide/commands/argocd_proj_role_delete.md | 2 +- docs/user-guide/commands/argocd_proj_role_get.md | 2 +- docs/user-guide/commands/argocd_proj_role_list-tokens.md | 2 +- docs/user-guide/commands/argocd_proj_role_list.md | 2 +- docs/user-guide/commands/argocd_proj_role_remove-group.md | 2 +- docs/user-guide/commands/argocd_proj_role_remove-policy.md | 2 +- docs/user-guide/commands/argocd_proj_set.md | 2 +- docs/user-guide/commands/argocd_proj_windows.md | 2 +- docs/user-guide/commands/argocd_proj_windows_add.md | 2 +- docs/user-guide/commands/argocd_proj_windows_delete.md | 2 +- .../commands/argocd_proj_windows_disable-manual-sync.md | 2 +- .../commands/argocd_proj_windows_enable-manual-sync.md | 2 +- docs/user-guide/commands/argocd_proj_windows_list.md | 2 +- docs/user-guide/commands/argocd_proj_windows_update.md | 2 +- docs/user-guide/commands/argocd_relogin.md | 2 +- docs/user-guide/commands/argocd_repo.md | 2 +- docs/user-guide/commands/argocd_repo_add.md | 2 +- docs/user-guide/commands/argocd_repo_get.md | 2 +- docs/user-guide/commands/argocd_repo_list.md | 2 +- docs/user-guide/commands/argocd_repo_rm.md | 2 +- docs/user-guide/commands/argocd_repocreds.md | 2 +- docs/user-guide/commands/argocd_repocreds_add.md | 2 +- docs/user-guide/commands/argocd_repocreds_list.md | 2 +- docs/user-guide/commands/argocd_repocreds_rm.md | 2 +- docs/user-guide/commands/argocd_version.md | 2 +- 159 files changed, 160 insertions(+), 158 deletions(-) diff --git a/cmd/argocd/commands/root.go b/cmd/argocd/commands/root.go index 000a3a81a2fd7..4386b8febd6c4 100644 --- a/cmd/argocd/commands/root.go +++ b/cmd/argocd/commands/root.go @@ -70,7 +70,7 @@ func NewCommand() *cobra.Command { command.PersistentFlags().StringVar(&clientOpts.CertFile, "server-crt", config.GetFlag("server-crt", ""), "Server certificate file") command.PersistentFlags().StringVar(&clientOpts.ClientCertFile, "client-crt", config.GetFlag("client-crt", ""), "Client certificate file") command.PersistentFlags().StringVar(&clientOpts.ClientCertKeyFile, "client-crt-key", config.GetFlag("client-crt-key", ""), "Client certificate key file") - command.PersistentFlags().StringVar(&clientOpts.AuthToken, "auth-token", config.GetFlag("auth-token", ""), "Authentication token") + command.PersistentFlags().StringVar(&clientOpts.AuthToken, "auth-token", config.GetFlag("auth-token", env.StringFromEnv(common.EnvAuthToken, "")), fmt.Sprintf("Authentication token; set this or the %s environment variable", common.EnvAuthToken)) command.PersistentFlags().BoolVar(&clientOpts.GRPCWeb, "grpc-web", config.GetBoolFlag("grpc-web"), "Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2.") command.PersistentFlags().StringVar(&clientOpts.GRPCWebRootPath, "grpc-web-root-path", config.GetFlag("grpc-web-root-path", ""), "Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root.") command.PersistentFlags().StringVar(&cmdutil.LogFormat, "logformat", config.GetFlag("logformat", "text"), "Set the logging format. One of: text|json") diff --git a/common/common.go b/common/common.go index 2383a33f844cf..79fcdba195eb6 100644 --- a/common/common.go +++ b/common/common.go @@ -254,6 +254,8 @@ const ( EnvHelmIndexCacheDuration = "ARGOCD_HELM_INDEX_CACHE_DURATION" // EnvAppConfigPath allows to override the configuration path for repo server EnvAppConfigPath = "ARGOCD_APP_CONF_PATH" + // EnvAuthToken is the environment variable name for the auth token used by the CLI + EnvAuthToken = "ARGOCD_AUTH_TOKEN" // EnvLogFormat log format that is defined by `--logformat` option EnvLogFormat = "ARGOCD_LOG_FORMAT" // EnvLogLevel log level that is defined by `--loglevel` option diff --git a/docs/user-guide/commands/argocd.md b/docs/user-guide/commands/argocd.md index fe50de4a6daf0..0514eb9447103 100644 --- a/docs/user-guide/commands/argocd.md +++ b/docs/user-guide/commands/argocd.md @@ -12,7 +12,7 @@ argocd [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_account.md b/docs/user-guide/commands/argocd_account.md index 20cd868461914..25eaa7d214542 100644 --- a/docs/user-guide/commands/argocd_account.md +++ b/docs/user-guide/commands/argocd_account.md @@ -53,7 +53,7 @@ argocd account [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_account_bcrypt.md b/docs/user-guide/commands/argocd_account_bcrypt.md index c38614424c081..d4bde8b933424 100644 --- a/docs/user-guide/commands/argocd_account_bcrypt.md +++ b/docs/user-guide/commands/argocd_account_bcrypt.md @@ -26,7 +26,7 @@ argocd account bcrypt --password YOUR_PASSWORD ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_account_can-i.md b/docs/user-guide/commands/argocd_account_can-i.md index 149d2ef6e53d4..f6fd5a01880a8 100644 --- a/docs/user-guide/commands/argocd_account_can-i.md +++ b/docs/user-guide/commands/argocd_account_can-i.md @@ -36,7 +36,7 @@ Resources: [clusters projects applications applicationsets repositories certific ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_account_delete-token.md b/docs/user-guide/commands/argocd_account_delete-token.md index 739481569c892..25d5b9a37d17a 100644 --- a/docs/user-guide/commands/argocd_account_delete-token.md +++ b/docs/user-guide/commands/argocd_account_delete-token.md @@ -29,7 +29,7 @@ argocd account delete-token --account ID ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_account_generate-token.md b/docs/user-guide/commands/argocd_account_generate-token.md index 1ee8a551b3036..e149548374894 100644 --- a/docs/user-guide/commands/argocd_account_generate-token.md +++ b/docs/user-guide/commands/argocd_account_generate-token.md @@ -31,7 +31,7 @@ argocd account generate-token --account ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_account_get-user-info.md b/docs/user-guide/commands/argocd_account_get-user-info.md index 7f223f06c7aa2..577f103b48c0d 100644 --- a/docs/user-guide/commands/argocd_account_get-user-info.md +++ b/docs/user-guide/commands/argocd_account_get-user-info.md @@ -29,7 +29,7 @@ argocd account get-user-info [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_account_get.md b/docs/user-guide/commands/argocd_account_get.md index af44a3493313d..70d181e702a17 100644 --- a/docs/user-guide/commands/argocd_account_get.md +++ b/docs/user-guide/commands/argocd_account_get.md @@ -30,7 +30,7 @@ argocd account get --account ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_account_list.md b/docs/user-guide/commands/argocd_account_list.md index 14a024b244e51..6af9d8a6d0ee0 100644 --- a/docs/user-guide/commands/argocd_account_list.md +++ b/docs/user-guide/commands/argocd_account_list.md @@ -25,7 +25,7 @@ argocd account list ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_account_update-password.md b/docs/user-guide/commands/argocd_account_update-password.md index e770207a9f6d1..3a31b6ee06274 100644 --- a/docs/user-guide/commands/argocd_account_update-password.md +++ b/docs/user-guide/commands/argocd_account_update-password.md @@ -41,7 +41,7 @@ argocd account update-password [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin.md b/docs/user-guide/commands/argocd_admin.md index d1a3581a40ce6..ec1de309c135b 100644 --- a/docs/user-guide/commands/argocd_admin.md +++ b/docs/user-guide/commands/argocd_admin.md @@ -31,7 +31,7 @@ $ argocd admin initial-password reset ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_app.md b/docs/user-guide/commands/argocd_admin_app.md index 2906cc7bb5607..12fa400c8c94d 100644 --- a/docs/user-guide/commands/argocd_admin_app.md +++ b/docs/user-guide/commands/argocd_admin_app.md @@ -33,7 +33,7 @@ argocd admin app get-reconcile-results APPNAME ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_app_diff-reconcile-results.md b/docs/user-guide/commands/argocd_admin_app_diff-reconcile-results.md index ee707903187ac..c77a3d3db57e0 100644 --- a/docs/user-guide/commands/argocd_admin_app_diff-reconcile-results.md +++ b/docs/user-guide/commands/argocd_admin_app_diff-reconcile-results.md @@ -18,7 +18,7 @@ argocd admin app diff-reconcile-results PATH1 PATH2 [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_app_generate-spec.md b/docs/user-guide/commands/argocd_admin_app_generate-spec.md index e17d9ce97aa5d..2826917d4765c 100644 --- a/docs/user-guide/commands/argocd_admin_app_generate-spec.md +++ b/docs/user-guide/commands/argocd_admin_app_generate-spec.md @@ -107,7 +107,7 @@ argocd admin app generate-spec APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_app_get-reconcile-results.md b/docs/user-guide/commands/argocd_admin_app_get-reconcile-results.md index 4748b75b57b05..a985a7d0e8484 100644 --- a/docs/user-guide/commands/argocd_admin_app_get-reconcile-results.md +++ b/docs/user-guide/commands/argocd_admin_app_get-reconcile-results.md @@ -44,7 +44,7 @@ argocd admin app get-reconcile-results PATH [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_cluster.md b/docs/user-guide/commands/argocd_admin_cluster.md index 380b9577cfc2c..7abe6fd1a42f8 100644 --- a/docs/user-guide/commands/argocd_admin_cluster.md +++ b/docs/user-guide/commands/argocd_admin_cluster.md @@ -32,7 +32,7 @@ argocd admin cluster namespaces my-cluster ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_cluster_generate-spec.md b/docs/user-guide/commands/argocd_admin_cluster_generate-spec.md index 0a1fb959cb585..01a0fe6ff3a07 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_generate-spec.md +++ b/docs/user-guide/commands/argocd_admin_cluster_generate-spec.md @@ -41,7 +41,7 @@ argocd admin cluster generate-spec CONTEXT [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_cluster_kubeconfig.md b/docs/user-guide/commands/argocd_admin_cluster_kubeconfig.md index 2eec1d91b8d66..37092a4ef303a 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_kubeconfig.md +++ b/docs/user-guide/commands/argocd_admin_cluster_kubeconfig.md @@ -55,7 +55,7 @@ argocd admin cluster kubeconfig https://cluster-api-url:6443 /path/to/output/kub ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_cluster_namespaces.md b/docs/user-guide/commands/argocd_admin_cluster_namespaces.md index f7f339964e500..791f61ec1c1f0 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_namespaces.md +++ b/docs/user-guide/commands/argocd_admin_cluster_namespaces.md @@ -38,7 +38,7 @@ argocd admin cluster namespaces [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_cluster_namespaces_disable-namespaced-mode.md b/docs/user-guide/commands/argocd_admin_cluster_namespaces_disable-namespaced-mode.md index e2d89d36e02e3..57b776ff1cc3d 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_namespaces_disable-namespaced-mode.md +++ b/docs/user-guide/commands/argocd_admin_cluster_namespaces_disable-namespaced-mode.md @@ -39,7 +39,7 @@ argocd admin cluster namespaces disable-namespaced-mode PATTERN [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_cluster_namespaces_enable-namespaced-mode.md b/docs/user-guide/commands/argocd_admin_cluster_namespaces_enable-namespaced-mode.md index 9f8dd9047c8a9..cfbfd2fb891ab 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_namespaces_enable-namespaced-mode.md +++ b/docs/user-guide/commands/argocd_admin_cluster_namespaces_enable-namespaced-mode.md @@ -41,7 +41,7 @@ argocd admin cluster namespaces enable-namespaced-mode PATTERN [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_cluster_shards.md b/docs/user-guide/commands/argocd_admin_cluster_shards.md index 59c8d4b17a27f..b624c8dbe6c49 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_shards.md +++ b/docs/user-guide/commands/argocd_admin_cluster_shards.md @@ -54,7 +54,7 @@ argocd admin cluster shards [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_cluster_stats.md b/docs/user-guide/commands/argocd_admin_cluster_stats.md index 9238049782b62..b894959c1c0c3 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_stats.md +++ b/docs/user-guide/commands/argocd_admin_cluster_stats.md @@ -68,7 +68,7 @@ argocd admin cluster stats target-cluster ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_dashboard.md b/docs/user-guide/commands/argocd_admin_dashboard.md index f19fcb8785ee8..ecfee6be3a242 100644 --- a/docs/user-guide/commands/argocd_admin_dashboard.md +++ b/docs/user-guide/commands/argocd_admin_dashboard.md @@ -55,7 +55,7 @@ $ argocd admin dashboard --redis-compress gzip ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_export.md b/docs/user-guide/commands/argocd_admin_export.md index 2da5df239cc10..f4fe070f2d1f5 100644 --- a/docs/user-guide/commands/argocd_admin_export.md +++ b/docs/user-guide/commands/argocd_admin_export.md @@ -41,7 +41,7 @@ argocd admin export [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_import.md b/docs/user-guide/commands/argocd_admin_import.md index 07a79636d307a..b373184a3796d 100644 --- a/docs/user-guide/commands/argocd_admin_import.md +++ b/docs/user-guide/commands/argocd_admin_import.md @@ -45,7 +45,7 @@ argocd admin import SOURCE [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_initial-password.md b/docs/user-guide/commands/argocd_admin_initial-password.md index 3df3bdc666559..92feb9e8ad9f5 100644 --- a/docs/user-guide/commands/argocd_admin_initial-password.md +++ b/docs/user-guide/commands/argocd_admin_initial-password.md @@ -38,7 +38,7 @@ argocd admin initial-password [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_notifications.md b/docs/user-guide/commands/argocd_admin_notifications.md index 9159d1af3c0cb..58f2b832bebbb 100644 --- a/docs/user-guide/commands/argocd_admin_notifications.md +++ b/docs/user-guide/commands/argocd_admin_notifications.md @@ -43,7 +43,7 @@ argocd admin notifications [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_notifications_template.md b/docs/user-guide/commands/argocd_admin_notifications_template.md index 9ac47ec7c0889..2a93df1a9a9f1 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_template.md +++ b/docs/user-guide/commands/argocd_admin_notifications_template.md @@ -24,7 +24,7 @@ argocd admin notifications template [flags] --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_notifications_template_get.md b/docs/user-guide/commands/argocd_admin_notifications_template_get.md index e82bca7716114..e48bb8271d4db 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_template_get.md +++ b/docs/user-guide/commands/argocd_admin_notifications_template_get.md @@ -36,7 +36,7 @@ argocd admin notifications template get app-sync-succeeded -o=yaml --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_notifications_template_notify.md b/docs/user-guide/commands/argocd_admin_notifications_template_notify.md index 64ab824453321..cfcb6bc08db89 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_template_notify.md +++ b/docs/user-guide/commands/argocd_admin_notifications_template_notify.md @@ -37,7 +37,7 @@ argocd admin notifications template notify app-sync-succeeded guestbook --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_notifications_trigger.md b/docs/user-guide/commands/argocd_admin_notifications_trigger.md index faa9fb3674fc5..74b8460151e2e 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_trigger.md +++ b/docs/user-guide/commands/argocd_admin_notifications_trigger.md @@ -24,7 +24,7 @@ argocd admin notifications trigger [flags] --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_notifications_trigger_get.md b/docs/user-guide/commands/argocd_admin_notifications_trigger_get.md index d439ada6634eb..6d3f7aa9b3200 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_trigger_get.md +++ b/docs/user-guide/commands/argocd_admin_notifications_trigger_get.md @@ -36,7 +36,7 @@ argocd admin notifications trigger get on-sync-failed -o=yaml --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_notifications_trigger_run.md b/docs/user-guide/commands/argocd_admin_notifications_trigger_run.md index 68a39f102da17..6b27a7a54d27f 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_trigger_run.md +++ b/docs/user-guide/commands/argocd_admin_notifications_trigger_run.md @@ -36,7 +36,7 @@ argocd admin notifications trigger run on-sync-status-unknown ./sample-app.yaml --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_proj.md b/docs/user-guide/commands/argocd_admin_proj.md index 61753e9dd8bf9..e4f11de54cab1 100644 --- a/docs/user-guide/commands/argocd_admin_proj.md +++ b/docs/user-guide/commands/argocd_admin_proj.md @@ -18,7 +18,7 @@ argocd admin proj [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_proj_generate-allow-list.md b/docs/user-guide/commands/argocd_admin_proj_generate-allow-list.md index b6c025e9beb3f..753d0fa68a704 100644 --- a/docs/user-guide/commands/argocd_admin_proj_generate-allow-list.md +++ b/docs/user-guide/commands/argocd_admin_proj_generate-allow-list.md @@ -46,7 +46,7 @@ argocd admin proj generate-allow-list /path/to/clusterrole.yaml my-project ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_proj_generate-spec.md b/docs/user-guide/commands/argocd_admin_proj_generate-spec.md index 7c2f22a8eba30..c94eba4365ef8 100644 --- a/docs/user-guide/commands/argocd_admin_proj_generate-spec.md +++ b/docs/user-guide/commands/argocd_admin_proj_generate-spec.md @@ -45,7 +45,7 @@ argocd admin proj generate-spec PROJECT [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_proj_update-role-policy.md b/docs/user-guide/commands/argocd_admin_proj_update-role-policy.md index 7617fc95c9f72..09dc8994d2a7f 100644 --- a/docs/user-guide/commands/argocd_admin_proj_update-role-policy.md +++ b/docs/user-guide/commands/argocd_admin_proj_update-role-policy.md @@ -54,7 +54,7 @@ argocd admin proj update-role-policy PROJECT_GLOB MODIFICATION ACTION [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_redis-initial-password.md b/docs/user-guide/commands/argocd_admin_redis-initial-password.md index a35a7d55e54f8..de2653e962f5e 100644 --- a/docs/user-guide/commands/argocd_admin_redis-initial-password.md +++ b/docs/user-guide/commands/argocd_admin_redis-initial-password.md @@ -38,7 +38,7 @@ argocd admin redis-initial-password [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_repo.md b/docs/user-guide/commands/argocd_admin_repo.md index 4a900f727b185..33944fda2d87c 100644 --- a/docs/user-guide/commands/argocd_admin_repo.md +++ b/docs/user-guide/commands/argocd_admin_repo.md @@ -18,7 +18,7 @@ argocd admin repo [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_repo_generate-spec.md b/docs/user-guide/commands/argocd_admin_repo_generate-spec.md index b25d3d035940f..3616e057c53c7 100644 --- a/docs/user-guide/commands/argocd_admin_repo_generate-spec.md +++ b/docs/user-guide/commands/argocd_admin_repo_generate-spec.md @@ -66,7 +66,7 @@ argocd admin repo generate-spec REPOURL [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_settings.md b/docs/user-guide/commands/argocd_admin_settings.md index 902f4a1d80016..d2726048afc42 100644 --- a/docs/user-guide/commands/argocd_admin_settings.md +++ b/docs/user-guide/commands/argocd_admin_settings.md @@ -41,7 +41,7 @@ argocd admin settings [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_settings_rbac.md b/docs/user-guide/commands/argocd_admin_settings_rbac.md index 776fabdc6d7b6..5cb18ba1a0580 100644 --- a/docs/user-guide/commands/argocd_admin_settings_rbac.md +++ b/docs/user-guide/commands/argocd_admin_settings_rbac.md @@ -23,7 +23,7 @@ argocd admin settings rbac [flags] --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_settings_rbac_can.md b/docs/user-guide/commands/argocd_admin_settings_rbac_can.md index a428740e20869..5697d68530c4d 100644 --- a/docs/user-guide/commands/argocd_admin_settings_rbac_can.md +++ b/docs/user-guide/commands/argocd_admin_settings_rbac_can.md @@ -75,7 +75,7 @@ argocd admin settings rbac can someuser create application 'default/app' --defau --argocd-cm-path string Path to local argocd-cm.yaml file --argocd-context string The name of the Argo-CD server context to use --argocd-secret-path string Path to local argocd-secret.yaml file - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_settings_rbac_validate.md b/docs/user-guide/commands/argocd_admin_settings_rbac_validate.md index b0647bce80324..6e5721e705fb1 100644 --- a/docs/user-guide/commands/argocd_admin_settings_rbac_validate.md +++ b/docs/user-guide/commands/argocd_admin_settings_rbac_validate.md @@ -67,7 +67,7 @@ argocd admin settings rbac validate --namespace argocd --argocd-cm-path string Path to local argocd-cm.yaml file --argocd-context string The name of the Argo-CD server context to use --argocd-secret-path string Path to local argocd-secret.yaml file - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides.md index 4a031ec3c6414..095ae66f6fb39 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides.md @@ -23,7 +23,7 @@ argocd admin settings resource-overrides [flags] --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_health.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_health.md index f7478fa9a21ea..8d1afb6e81b42 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_health.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_health.md @@ -34,7 +34,7 @@ argocd admin settings resource-overrides health ./deploy.yaml --argocd-cm-path . --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-differences.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-differences.md index 78aefbb8ff522..c10989511069e 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-differences.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-differences.md @@ -34,7 +34,7 @@ argocd admin settings resource-overrides ignore-differences ./deploy.yaml --argo --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-resource-updates.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-resource-updates.md index b2154319b46ca..f562e3557ccfd 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-resource-updates.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-resource-updates.md @@ -35,7 +35,7 @@ argocd admin settings resource-overrides ignore-resource-updates ./deploy.yaml - --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_list-actions.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_list-actions.md index 442c0febc6710..144a7d0b9d92b 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_list-actions.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_list-actions.md @@ -34,7 +34,7 @@ argocd admin settings resource-overrides action list /tmp/deploy.yaml --argocd-c --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_run-action.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_run-action.md index e1a58c6da99e1..99f5c903d11c2 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_run-action.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_run-action.md @@ -34,7 +34,7 @@ argocd admin settings resource-overrides action run /tmp/deploy.yaml restart --a --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_admin_settings_validate.md b/docs/user-guide/commands/argocd_admin_settings_validate.md index d94bd701e02d0..1565397fb5117 100644 --- a/docs/user-guide/commands/argocd_admin_settings_validate.md +++ b/docs/user-guide/commands/argocd_admin_settings_validate.md @@ -39,7 +39,7 @@ argocd admin settings validate --group accounts --group plugins --load-cluster-s --as string Username to impersonate for the operation --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --certificate-authority string Path to a cert file for the certificate authority --client-certificate string Path to a client certificate file for TLS --client-crt string Client certificate file diff --git a/docs/user-guide/commands/argocd_app.md b/docs/user-guide/commands/argocd_app.md index 1a366b04383ab..ea5bf74d6a56a 100644 --- a/docs/user-guide/commands/argocd_app.md +++ b/docs/user-guide/commands/argocd_app.md @@ -50,7 +50,7 @@ argocd app [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_actions.md b/docs/user-guide/commands/argocd_app_actions.md index 662f15333bf44..21df6d1f1564e 100644 --- a/docs/user-guide/commands/argocd_app_actions.md +++ b/docs/user-guide/commands/argocd_app_actions.md @@ -28,7 +28,7 @@ argocd app actions [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_actions_list.md b/docs/user-guide/commands/argocd_app_actions_list.md index 3e896eba202dd..513042b746278 100644 --- a/docs/user-guide/commands/argocd_app_actions_list.md +++ b/docs/user-guide/commands/argocd_app_actions_list.md @@ -30,7 +30,7 @@ argocd app actions list APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_actions_run.md b/docs/user-guide/commands/argocd_app_actions_run.md index 8d6d60301b8b5..8dc105243793b 100644 --- a/docs/user-guide/commands/argocd_app_actions_run.md +++ b/docs/user-guide/commands/argocd_app_actions_run.md @@ -30,7 +30,7 @@ argocd app actions run APPNAME ACTION [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_add-source.md b/docs/user-guide/commands/argocd_app_add-source.md index a91a04c9a4bb7..b6bc3ae3de6c2 100644 --- a/docs/user-guide/commands/argocd_app_add-source.md +++ b/docs/user-guide/commands/argocd_app_add-source.md @@ -84,7 +84,7 @@ argocd app add-source APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_create.md b/docs/user-guide/commands/argocd_app_create.md index a524b840cb0ba..662ee0b92644a 100644 --- a/docs/user-guide/commands/argocd_app_create.md +++ b/docs/user-guide/commands/argocd_app_create.md @@ -108,7 +108,7 @@ argocd app create APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_delete-resource.md b/docs/user-guide/commands/argocd_app_delete-resource.md index 6907d5fb36a23..892de087ec811 100644 --- a/docs/user-guide/commands/argocd_app_delete-resource.md +++ b/docs/user-guide/commands/argocd_app_delete-resource.md @@ -26,7 +26,7 @@ argocd app delete-resource APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_delete.md b/docs/user-guide/commands/argocd_app_delete.md index 80dec827fc7ed..15ccb486220ad 100644 --- a/docs/user-guide/commands/argocd_app_delete.md +++ b/docs/user-guide/commands/argocd_app_delete.md @@ -41,7 +41,7 @@ argocd app delete APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_diff.md b/docs/user-guide/commands/argocd_app_diff.md index 9896d9b3ceadc..07efe70af6b40 100644 --- a/docs/user-guide/commands/argocd_app_diff.md +++ b/docs/user-guide/commands/argocd_app_diff.md @@ -37,7 +37,7 @@ argocd app diff APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_edit.md b/docs/user-guide/commands/argocd_app_edit.md index 90fe001639056..684e77e12ce5a 100644 --- a/docs/user-guide/commands/argocd_app_edit.md +++ b/docs/user-guide/commands/argocd_app_edit.md @@ -19,7 +19,7 @@ argocd app edit APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_get.md b/docs/user-guide/commands/argocd_app_get.md index 56141a592449b..8785e5b52637b 100644 --- a/docs/user-guide/commands/argocd_app_get.md +++ b/docs/user-guide/commands/argocd_app_get.md @@ -59,7 +59,7 @@ argocd app get APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_history.md b/docs/user-guide/commands/argocd_app_history.md index c0b68c6dad62b..81c2127ab8d6c 100644 --- a/docs/user-guide/commands/argocd_app_history.md +++ b/docs/user-guide/commands/argocd_app_history.md @@ -20,7 +20,7 @@ argocd app history APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_list.md b/docs/user-guide/commands/argocd_app_list.md index 9c5ce915460a8..843716f549771 100644 --- a/docs/user-guide/commands/argocd_app_list.md +++ b/docs/user-guide/commands/argocd_app_list.md @@ -38,7 +38,7 @@ argocd app list [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_logs.md b/docs/user-guide/commands/argocd_app_logs.md index 7e8e2f8edb455..decb6b05fd808 100644 --- a/docs/user-guide/commands/argocd_app_logs.md +++ b/docs/user-guide/commands/argocd_app_logs.md @@ -69,7 +69,7 @@ argocd app logs APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_manifests.md b/docs/user-guide/commands/argocd_app_manifests.md index 0857668782004..3238a7cfcf2d3 100644 --- a/docs/user-guide/commands/argocd_app_manifests.md +++ b/docs/user-guide/commands/argocd_app_manifests.md @@ -37,7 +37,7 @@ argocd app manifests APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_patch-resource.md b/docs/user-guide/commands/argocd_app_patch-resource.md index e1abda78807a0..392c3c87e7014 100644 --- a/docs/user-guide/commands/argocd_app_patch-resource.md +++ b/docs/user-guide/commands/argocd_app_patch-resource.md @@ -26,7 +26,7 @@ argocd app patch-resource APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_patch.md b/docs/user-guide/commands/argocd_app_patch.md index c681ea887b417..90375448ce3af 100644 --- a/docs/user-guide/commands/argocd_app_patch.md +++ b/docs/user-guide/commands/argocd_app_patch.md @@ -31,7 +31,7 @@ argocd app patch APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_remove-source.md b/docs/user-guide/commands/argocd_app_remove-source.md index 6482c8a600087..d9741e108ce86 100644 --- a/docs/user-guide/commands/argocd_app_remove-source.md +++ b/docs/user-guide/commands/argocd_app_remove-source.md @@ -27,7 +27,7 @@ argocd app remove-source APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_resources.md b/docs/user-guide/commands/argocd_app_resources.md index e789ed642a043..9e3b43c5e1bfa 100644 --- a/docs/user-guide/commands/argocd_app_resources.md +++ b/docs/user-guide/commands/argocd_app_resources.md @@ -21,7 +21,7 @@ argocd app resources APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_rollback.md b/docs/user-guide/commands/argocd_app_rollback.md index 04a9106892353..47adea4a19a3a 100644 --- a/docs/user-guide/commands/argocd_app_rollback.md +++ b/docs/user-guide/commands/argocd_app_rollback.md @@ -22,7 +22,7 @@ argocd app rollback APPNAME [ID] [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_set.md b/docs/user-guide/commands/argocd_app_set.md index 43de3ee205d34..878d6e098e3ca 100644 --- a/docs/user-guide/commands/argocd_app_set.md +++ b/docs/user-guide/commands/argocd_app_set.md @@ -94,7 +94,7 @@ argocd app set APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_sync.md b/docs/user-guide/commands/argocd_app_sync.md index 5cbf3fb06c367..00d37d33747ff 100644 --- a/docs/user-guide/commands/argocd_app_sync.md +++ b/docs/user-guide/commands/argocd_app_sync.md @@ -76,7 +76,7 @@ argocd app sync [APPNAME... | -l selector | --project project-name] [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_terminate-op.md b/docs/user-guide/commands/argocd_app_terminate-op.md index 112dba5189957..37cf70b9ea058 100644 --- a/docs/user-guide/commands/argocd_app_terminate-op.md +++ b/docs/user-guide/commands/argocd_app_terminate-op.md @@ -18,7 +18,7 @@ argocd app terminate-op APPNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_unset.md b/docs/user-guide/commands/argocd_app_unset.md index f0de506336ed9..177f1b095dd69 100644 --- a/docs/user-guide/commands/argocd_app_unset.md +++ b/docs/user-guide/commands/argocd_app_unset.md @@ -49,7 +49,7 @@ argocd app unset APPNAME parameters [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_app_wait.md b/docs/user-guide/commands/argocd_app_wait.md index e0be1f5e62a53..867484e3432b1 100644 --- a/docs/user-guide/commands/argocd_app_wait.md +++ b/docs/user-guide/commands/argocd_app_wait.md @@ -56,7 +56,7 @@ argocd app wait [APPNAME.. | -l selector] [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_appset.md b/docs/user-guide/commands/argocd_appset.md index fddda16860a62..39c25dcca8fa7 100644 --- a/docs/user-guide/commands/argocd_appset.md +++ b/docs/user-guide/commands/argocd_appset.md @@ -53,7 +53,7 @@ argocd appset [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_appset_create.md b/docs/user-guide/commands/argocd_appset_create.md index 718074a950f97..ac0b1427dd7af 100644 --- a/docs/user-guide/commands/argocd_appset_create.md +++ b/docs/user-guide/commands/argocd_appset_create.md @@ -31,7 +31,7 @@ argocd appset create [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_appset_delete.md b/docs/user-guide/commands/argocd_appset_delete.md index 3e9b09c2262ac..90510a42073c0 100644 --- a/docs/user-guide/commands/argocd_appset_delete.md +++ b/docs/user-guide/commands/argocd_appset_delete.md @@ -26,7 +26,7 @@ argocd appset delete [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_appset_generate.md b/docs/user-guide/commands/argocd_appset_generate.md index dc98dad11926b..8c7db6e8ac9c0 100644 --- a/docs/user-guide/commands/argocd_appset_generate.md +++ b/docs/user-guide/commands/argocd_appset_generate.md @@ -26,7 +26,7 @@ argocd appset generate [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_appset_get.md b/docs/user-guide/commands/argocd_appset_get.md index b73139efb4659..76b3e3946988b 100644 --- a/docs/user-guide/commands/argocd_appset_get.md +++ b/docs/user-guide/commands/argocd_appset_get.md @@ -27,7 +27,7 @@ argocd appset get APPSETNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_appset_list.md b/docs/user-guide/commands/argocd_appset_list.md index 52135d7975d58..fad42ce7e240c 100644 --- a/docs/user-guide/commands/argocd_appset_list.md +++ b/docs/user-guide/commands/argocd_appset_list.md @@ -29,7 +29,7 @@ argocd appset list [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cert.md b/docs/user-guide/commands/argocd_cert.md index 3a5b101f2c85e..1e0db72b0452b 100644 --- a/docs/user-guide/commands/argocd_cert.md +++ b/docs/user-guide/commands/argocd_cert.md @@ -60,7 +60,7 @@ argocd cert [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cert_add-ssh.md b/docs/user-guide/commands/argocd_cert_add-ssh.md index 1e1eaa7bf3703..a32d12e18ea32 100644 --- a/docs/user-guide/commands/argocd_cert_add-ssh.md +++ b/docs/user-guide/commands/argocd_cert_add-ssh.md @@ -21,7 +21,7 @@ argocd cert add-ssh --batch [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cert_add-tls.md b/docs/user-guide/commands/argocd_cert_add-tls.md index 2ac40be8f5620..0208a502836ac 100644 --- a/docs/user-guide/commands/argocd_cert_add-tls.md +++ b/docs/user-guide/commands/argocd_cert_add-tls.md @@ -20,7 +20,7 @@ argocd cert add-tls SERVERNAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cert_list.md b/docs/user-guide/commands/argocd_cert_list.md index 63d4f0500a4ec..d3b80dfeac97f 100644 --- a/docs/user-guide/commands/argocd_cert_list.md +++ b/docs/user-guide/commands/argocd_cert_list.md @@ -22,7 +22,7 @@ argocd cert list [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cert_rm.md b/docs/user-guide/commands/argocd_cert_rm.md index 9636256422f09..f76fb6a9a38c9 100644 --- a/docs/user-guide/commands/argocd_cert_rm.md +++ b/docs/user-guide/commands/argocd_cert_rm.md @@ -20,7 +20,7 @@ argocd cert rm REPOSERVER [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cluster.md b/docs/user-guide/commands/argocd_cluster.md index edb8e4399495a..6f30e5a9308e4 100644 --- a/docs/user-guide/commands/argocd_cluster.md +++ b/docs/user-guide/commands/argocd_cluster.md @@ -57,7 +57,7 @@ argocd cluster [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cluster_add.md b/docs/user-guide/commands/argocd_cluster_add.md index 842eb8cf213a2..cf1d9ba2d588e 100644 --- a/docs/user-guide/commands/argocd_cluster_add.md +++ b/docs/user-guide/commands/argocd_cluster_add.md @@ -40,7 +40,7 @@ argocd cluster add CONTEXT [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cluster_get.md b/docs/user-guide/commands/argocd_cluster_get.md index 4a4001b4dd8af..8b3fd5e410a04 100644 --- a/docs/user-guide/commands/argocd_cluster_get.md +++ b/docs/user-guide/commands/argocd_cluster_get.md @@ -26,7 +26,7 @@ argocd cluster get in-cluster ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cluster_list.md b/docs/user-guide/commands/argocd_cluster_list.md index f4be1312eda0f..d7ffbeb7baa9f 100644 --- a/docs/user-guide/commands/argocd_cluster_list.md +++ b/docs/user-guide/commands/argocd_cluster_list.md @@ -41,7 +41,7 @@ argocd cluster list -o server ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cluster_rm.md b/docs/user-guide/commands/argocd_cluster_rm.md index b74c185480823..667e5f9143cd4 100644 --- a/docs/user-guide/commands/argocd_cluster_rm.md +++ b/docs/user-guide/commands/argocd_cluster_rm.md @@ -26,7 +26,7 @@ argocd cluster rm cluster-name ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cluster_rotate-auth.md b/docs/user-guide/commands/argocd_cluster_rotate-auth.md index 98b19643e856f..f91c10f3ea6e2 100644 --- a/docs/user-guide/commands/argocd_cluster_rotate-auth.md +++ b/docs/user-guide/commands/argocd_cluster_rotate-auth.md @@ -25,7 +25,7 @@ argocd cluster rotate-auth cluster-name ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_cluster_set.md b/docs/user-guide/commands/argocd_cluster_set.md index eece336c95af9..3d26a6ec29702 100644 --- a/docs/user-guide/commands/argocd_cluster_set.md +++ b/docs/user-guide/commands/argocd_cluster_set.md @@ -30,7 +30,7 @@ argocd cluster set NAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_completion.md b/docs/user-guide/commands/argocd_completion.md index 304b46b35ad51..32c91ccbc2707 100644 --- a/docs/user-guide/commands/argocd_completion.md +++ b/docs/user-guide/commands/argocd_completion.md @@ -53,7 +53,7 @@ $ source ~/.config/fish/completions/argocd.fish ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_context.md b/docs/user-guide/commands/argocd_context.md index 75e3b8f921338..1805bb7e0a1e0 100644 --- a/docs/user-guide/commands/argocd_context.md +++ b/docs/user-guide/commands/argocd_context.md @@ -32,7 +32,7 @@ argocd context cd.argoproj.io --delete ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_gpg.md b/docs/user-guide/commands/argocd_gpg.md index 12c2438700d97..41941b1f2739c 100644 --- a/docs/user-guide/commands/argocd_gpg.md +++ b/docs/user-guide/commands/argocd_gpg.md @@ -37,7 +37,7 @@ argocd gpg [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_gpg_add.md b/docs/user-guide/commands/argocd_gpg_add.md index e8760a98d5c80..e0fd7ac55116f 100644 --- a/docs/user-guide/commands/argocd_gpg_add.md +++ b/docs/user-guide/commands/argocd_gpg_add.md @@ -26,7 +26,7 @@ argocd gpg add [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_gpg_get.md b/docs/user-guide/commands/argocd_gpg_get.md index 8547b22d8fc10..5e738b60d8906 100644 --- a/docs/user-guide/commands/argocd_gpg_get.md +++ b/docs/user-guide/commands/argocd_gpg_get.md @@ -32,7 +32,7 @@ argocd gpg get KEYID [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_gpg_list.md b/docs/user-guide/commands/argocd_gpg_list.md index 13ad13e5f7cd0..2d193caf677a6 100644 --- a/docs/user-guide/commands/argocd_gpg_list.md +++ b/docs/user-guide/commands/argocd_gpg_list.md @@ -32,7 +32,7 @@ argocd gpg list [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_gpg_rm.md b/docs/user-guide/commands/argocd_gpg_rm.md index 7bee10529c970..125f193bb473c 100644 --- a/docs/user-guide/commands/argocd_gpg_rm.md +++ b/docs/user-guide/commands/argocd_gpg_rm.md @@ -18,7 +18,7 @@ argocd gpg rm KEYID [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_login.md b/docs/user-guide/commands/argocd_login.md index 767c8876ed17c..c20247b01b283 100644 --- a/docs/user-guide/commands/argocd_login.md +++ b/docs/user-guide/commands/argocd_login.md @@ -42,7 +42,7 @@ argocd login cd.argoproj.io --core ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_logout.md b/docs/user-guide/commands/argocd_logout.md index dad73d0b84b79..132e73fa5033f 100644 --- a/docs/user-guide/commands/argocd_logout.md +++ b/docs/user-guide/commands/argocd_logout.md @@ -31,7 +31,7 @@ $ argocd logout ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj.md b/docs/user-guide/commands/argocd_proj.md index b595c9108b3c1..8f35188d33634 100644 --- a/docs/user-guide/commands/argocd_proj.md +++ b/docs/user-guide/commands/argocd_proj.md @@ -53,7 +53,7 @@ argocd proj [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_add-destination-service-account.md b/docs/user-guide/commands/argocd_proj_add-destination-service-account.md index 58091bbe21ffc..b1c0be6de7c85 100644 --- a/docs/user-guide/commands/argocd_proj_add-destination-service-account.md +++ b/docs/user-guide/commands/argocd_proj_add-destination-service-account.md @@ -29,7 +29,7 @@ argocd proj add-destination-service-account PROJECT SERVER NAMESPACE SERVICE_ACC ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_add-destination.md b/docs/user-guide/commands/argocd_proj_add-destination.md index a4766008322d7..d13f1a5234f7b 100644 --- a/docs/user-guide/commands/argocd_proj_add-destination.md +++ b/docs/user-guide/commands/argocd_proj_add-destination.md @@ -29,7 +29,7 @@ argocd proj add-destination PROJECT SERVER/NAME NAMESPACE [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_add-orphaned-ignore.md b/docs/user-guide/commands/argocd_proj_add-orphaned-ignore.md index 97b24ff0340e9..c32ba8c010300 100644 --- a/docs/user-guide/commands/argocd_proj_add-orphaned-ignore.md +++ b/docs/user-guide/commands/argocd_proj_add-orphaned-ignore.md @@ -29,7 +29,7 @@ argocd proj add-orphaned-ignore PROJECT GROUP KIND [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_add-signature-key.md b/docs/user-guide/commands/argocd_proj_add-signature-key.md index 9c1f9827583e4..406f554b61195 100644 --- a/docs/user-guide/commands/argocd_proj_add-signature-key.md +++ b/docs/user-guide/commands/argocd_proj_add-signature-key.md @@ -25,7 +25,7 @@ argocd proj add-signature-key PROJECT KEY-ID [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_add-source-namespace.md b/docs/user-guide/commands/argocd_proj_add-source-namespace.md index c74e8c2436375..45c4b0cba6781 100644 --- a/docs/user-guide/commands/argocd_proj_add-source-namespace.md +++ b/docs/user-guide/commands/argocd_proj_add-source-namespace.md @@ -25,7 +25,7 @@ argocd proj add-source-namespace PROJECT NAMESPACE [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_add-source.md b/docs/user-guide/commands/argocd_proj_add-source.md index 670f399020f54..0e64e29d0a3f4 100644 --- a/docs/user-guide/commands/argocd_proj_add-source.md +++ b/docs/user-guide/commands/argocd_proj_add-source.md @@ -25,7 +25,7 @@ argocd proj add-source PROJECT URL [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_allow-cluster-resource.md b/docs/user-guide/commands/argocd_proj_allow-cluster-resource.md index 14b1ac0ae87f4..11a8cfc158ff0 100644 --- a/docs/user-guide/commands/argocd_proj_allow-cluster-resource.md +++ b/docs/user-guide/commands/argocd_proj_allow-cluster-resource.md @@ -26,7 +26,7 @@ argocd proj allow-cluster-resource PROJECT GROUP KIND [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_allow-namespace-resource.md b/docs/user-guide/commands/argocd_proj_allow-namespace-resource.md index 73b895af9d3b4..89bb7197cf2bc 100644 --- a/docs/user-guide/commands/argocd_proj_allow-namespace-resource.md +++ b/docs/user-guide/commands/argocd_proj_allow-namespace-resource.md @@ -26,7 +26,7 @@ argocd proj allow-namespace-resource PROJECT GROUP KIND [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_create.md b/docs/user-guide/commands/argocd_proj_create.md index 17fb12c6a6b44..c8b27e35bb762 100644 --- a/docs/user-guide/commands/argocd_proj_create.md +++ b/docs/user-guide/commands/argocd_proj_create.md @@ -41,7 +41,7 @@ argocd proj create PROJECT [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_delete.md b/docs/user-guide/commands/argocd_proj_delete.md index 76ea1538b5e87..b955732eb6067 100644 --- a/docs/user-guide/commands/argocd_proj_delete.md +++ b/docs/user-guide/commands/argocd_proj_delete.md @@ -25,7 +25,7 @@ argocd proj delete PROJECT [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_deny-cluster-resource.md b/docs/user-guide/commands/argocd_proj_deny-cluster-resource.md index 1ef0d03b71f22..bc9bfcfae0d5a 100644 --- a/docs/user-guide/commands/argocd_proj_deny-cluster-resource.md +++ b/docs/user-guide/commands/argocd_proj_deny-cluster-resource.md @@ -26,7 +26,7 @@ argocd proj deny-cluster-resource PROJECT GROUP KIND [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_deny-namespace-resource.md b/docs/user-guide/commands/argocd_proj_deny-namespace-resource.md index d02ef85f85a68..97367b23cb9c7 100644 --- a/docs/user-guide/commands/argocd_proj_deny-namespace-resource.md +++ b/docs/user-guide/commands/argocd_proj_deny-namespace-resource.md @@ -26,7 +26,7 @@ argocd proj deny-namespace-resource PROJECT GROUP KIND [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_edit.md b/docs/user-guide/commands/argocd_proj_edit.md index 8c2d07627cc45..1955aa11ba2c4 100644 --- a/docs/user-guide/commands/argocd_proj_edit.md +++ b/docs/user-guide/commands/argocd_proj_edit.md @@ -25,7 +25,7 @@ argocd proj edit PROJECT [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_get.md b/docs/user-guide/commands/argocd_proj_get.md index 6aff7cf0c5ef6..930972018db05 100644 --- a/docs/user-guide/commands/argocd_proj_get.md +++ b/docs/user-guide/commands/argocd_proj_get.md @@ -29,7 +29,7 @@ argocd proj get PROJECT [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_list.md b/docs/user-guide/commands/argocd_proj_list.md index 503b63762ef81..2a71f43d68c3a 100644 --- a/docs/user-guide/commands/argocd_proj_list.md +++ b/docs/user-guide/commands/argocd_proj_list.md @@ -29,7 +29,7 @@ argocd proj list [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_remove-destination-service-account.md b/docs/user-guide/commands/argocd_proj_remove-destination-service-account.md index c43189ff14b9a..bcb2a2bc3605e 100644 --- a/docs/user-guide/commands/argocd_proj_remove-destination-service-account.md +++ b/docs/user-guide/commands/argocd_proj_remove-destination-service-account.md @@ -25,7 +25,7 @@ argocd proj remove-destination-service-account PROJECT SERVER NAMESPACE SERVICE_ ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_remove-destination.md b/docs/user-guide/commands/argocd_proj_remove-destination.md index e4547d1748668..88a702b2ed2b5 100644 --- a/docs/user-guide/commands/argocd_proj_remove-destination.md +++ b/docs/user-guide/commands/argocd_proj_remove-destination.md @@ -25,7 +25,7 @@ argocd proj remove-destination PROJECT SERVER NAMESPACE [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_remove-orphaned-ignore.md b/docs/user-guide/commands/argocd_proj_remove-orphaned-ignore.md index 4adb28f0e5fb1..79ff167f1c394 100644 --- a/docs/user-guide/commands/argocd_proj_remove-orphaned-ignore.md +++ b/docs/user-guide/commands/argocd_proj_remove-orphaned-ignore.md @@ -29,7 +29,7 @@ argocd proj remove-orphaned-ignore PROJECT GROUP KIND [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_remove-signature-key.md b/docs/user-guide/commands/argocd_proj_remove-signature-key.md index 3b880def1e233..0f81b6ec52270 100644 --- a/docs/user-guide/commands/argocd_proj_remove-signature-key.md +++ b/docs/user-guide/commands/argocd_proj_remove-signature-key.md @@ -25,7 +25,7 @@ argocd proj remove-signature-key PROJECT KEY-ID [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_remove-source-namespace.md b/docs/user-guide/commands/argocd_proj_remove-source-namespace.md index 8bcb081d17b73..a26bebcee38bb 100644 --- a/docs/user-guide/commands/argocd_proj_remove-source-namespace.md +++ b/docs/user-guide/commands/argocd_proj_remove-source-namespace.md @@ -25,7 +25,7 @@ argocd proj remove-source-namespace PROJECT NAMESPACE [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_remove-source.md b/docs/user-guide/commands/argocd_proj_remove-source.md index b7fc972fe7b86..66c016fadd7e5 100644 --- a/docs/user-guide/commands/argocd_proj_remove-source.md +++ b/docs/user-guide/commands/argocd_proj_remove-source.md @@ -25,7 +25,7 @@ argocd proj remove-source PROJECT URL [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role.md b/docs/user-guide/commands/argocd_proj_role.md index bbc687932632d..89d7abe87de4d 100644 --- a/docs/user-guide/commands/argocd_proj_role.md +++ b/docs/user-guide/commands/argocd_proj_role.md @@ -18,7 +18,7 @@ argocd proj role [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_add-group.md b/docs/user-guide/commands/argocd_proj_role_add-group.md index 96743b827d154..9d818665cd487 100644 --- a/docs/user-guide/commands/argocd_proj_role_add-group.md +++ b/docs/user-guide/commands/argocd_proj_role_add-group.md @@ -18,7 +18,7 @@ argocd proj role add-group PROJECT ROLE-NAME GROUP-CLAIM [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_add-policy.md b/docs/user-guide/commands/argocd_proj_role_add-policy.md index 5d887fc190931..d37469d1f8d36 100644 --- a/docs/user-guide/commands/argocd_proj_role_add-policy.md +++ b/docs/user-guide/commands/argocd_proj_role_add-policy.md @@ -50,7 +50,7 @@ ID ISSUED-AT EXPIRES-AT ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_create-token.md b/docs/user-guide/commands/argocd_proj_role_create-token.md index 8974c2ef8abb2..faacc8a01b72d 100644 --- a/docs/user-guide/commands/argocd_proj_role_create-token.md +++ b/docs/user-guide/commands/argocd_proj_role_create-token.md @@ -33,7 +33,7 @@ Create token succeeded for proj:test-project:test-role. ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_create.md b/docs/user-guide/commands/argocd_proj_role_create.md index 1fe6adde29267..885c79f1672b3 100644 --- a/docs/user-guide/commands/argocd_proj_role_create.md +++ b/docs/user-guide/commands/argocd_proj_role_create.md @@ -26,7 +26,7 @@ argocd proj role create PROJECT ROLE-NAME [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_delete-token.md b/docs/user-guide/commands/argocd_proj_role_delete-token.md index f0cd71f0a84fb..c9c5a7fc17eca 100644 --- a/docs/user-guide/commands/argocd_proj_role_delete-token.md +++ b/docs/user-guide/commands/argocd_proj_role_delete-token.md @@ -50,7 +50,7 @@ $ argocd proj role delete-token test-project test-role 1696769937 ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_delete.md b/docs/user-guide/commands/argocd_proj_role_delete.md index 5140ae097497a..97e01627e371a 100644 --- a/docs/user-guide/commands/argocd_proj_role_delete.md +++ b/docs/user-guide/commands/argocd_proj_role_delete.md @@ -24,7 +24,7 @@ $ argocd proj role delete test-project test-role ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_get.md b/docs/user-guide/commands/argocd_proj_role_get.md index 7eeaeb42087a6..d35b8768b47b2 100644 --- a/docs/user-guide/commands/argocd_proj_role_get.md +++ b/docs/user-guide/commands/argocd_proj_role_get.md @@ -33,7 +33,7 @@ ID ISSUED-AT EXPIRES-AT ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_list-tokens.md b/docs/user-guide/commands/argocd_proj_role_list-tokens.md index 2bf7ab3f64c1e..7df6b0c64e0aa 100644 --- a/docs/user-guide/commands/argocd_proj_role_list-tokens.md +++ b/docs/user-guide/commands/argocd_proj_role_list-tokens.md @@ -29,7 +29,7 @@ fa9d3517-c52d-434c-9bff-215b38508842 2023-10-08T11:08:18+01:00 Never ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_list.md b/docs/user-guide/commands/argocd_proj_role_list.md index bdf71af22ed30..34b62a3cf4beb 100644 --- a/docs/user-guide/commands/argocd_proj_role_list.md +++ b/docs/user-guide/commands/argocd_proj_role_list.md @@ -29,7 +29,7 @@ argocd proj role list PROJECT [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_remove-group.md b/docs/user-guide/commands/argocd_proj_role_remove-group.md index 3b31f7c820c4f..b4db5dee8b882 100644 --- a/docs/user-guide/commands/argocd_proj_role_remove-group.md +++ b/docs/user-guide/commands/argocd_proj_role_remove-group.md @@ -18,7 +18,7 @@ argocd proj role remove-group PROJECT ROLE-NAME GROUP-CLAIM [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_role_remove-policy.md b/docs/user-guide/commands/argocd_proj_role_remove-policy.md index 069d1b7dcdcb4..df0fd403542af 100644 --- a/docs/user-guide/commands/argocd_proj_role_remove-policy.md +++ b/docs/user-guide/commands/argocd_proj_role_remove-policy.md @@ -50,7 +50,7 @@ ID ISSUED-AT EXPIRES-AT ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_set.md b/docs/user-guide/commands/argocd_proj_set.md index 20f4c03cc73c5..7b4d79ff13588 100644 --- a/docs/user-guide/commands/argocd_proj_set.md +++ b/docs/user-guide/commands/argocd_proj_set.md @@ -39,7 +39,7 @@ argocd proj set PROJECT [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_windows.md b/docs/user-guide/commands/argocd_proj_windows.md index c5b0cdfd2c9ca..b02a6772a8582 100644 --- a/docs/user-guide/commands/argocd_proj_windows.md +++ b/docs/user-guide/commands/argocd_proj_windows.md @@ -35,7 +35,7 @@ argocd proj windows list ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_windows_add.md b/docs/user-guide/commands/argocd_proj_windows_add.md index 9610020c3a1bd..beb158b9c6243 100644 --- a/docs/user-guide/commands/argocd_proj_windows_add.md +++ b/docs/user-guide/commands/argocd_proj_windows_add.md @@ -49,7 +49,7 @@ argocd proj windows add PROJECT \ ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_windows_delete.md b/docs/user-guide/commands/argocd_proj_windows_delete.md index 8ca1ad28dfd84..2fc4ef2c43390 100644 --- a/docs/user-guide/commands/argocd_proj_windows_delete.md +++ b/docs/user-guide/commands/argocd_proj_windows_delete.md @@ -29,7 +29,7 @@ argocd proj windows delete new-project 1 ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_windows_disable-manual-sync.md b/docs/user-guide/commands/argocd_proj_windows_disable-manual-sync.md index b4bbccef0ef1f..011a394b8848a 100644 --- a/docs/user-guide/commands/argocd_proj_windows_disable-manual-sync.md +++ b/docs/user-guide/commands/argocd_proj_windows_disable-manual-sync.md @@ -33,7 +33,7 @@ argocd proj windows disable-manual-sync default 0 ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_windows_enable-manual-sync.md b/docs/user-guide/commands/argocd_proj_windows_enable-manual-sync.md index a8a2402037ca9..1f51fe038e3b8 100644 --- a/docs/user-guide/commands/argocd_proj_windows_enable-manual-sync.md +++ b/docs/user-guide/commands/argocd_proj_windows_enable-manual-sync.md @@ -36,7 +36,7 @@ argocd proj windows enable-manual-sync my-app-project --message "Manual sync ini ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_windows_list.md b/docs/user-guide/commands/argocd_proj_windows_list.md index 828406438c31d..5f15f34dfe948 100644 --- a/docs/user-guide/commands/argocd_proj_windows_list.md +++ b/docs/user-guide/commands/argocd_proj_windows_list.md @@ -33,7 +33,7 @@ argocd proj windows list test-project ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_proj_windows_update.md b/docs/user-guide/commands/argocd_proj_windows_update.md index de10f76b766fa..a3405c0650be8 100644 --- a/docs/user-guide/commands/argocd_proj_windows_update.md +++ b/docs/user-guide/commands/argocd_proj_windows_update.md @@ -37,7 +37,7 @@ argocd proj windows update PROJECT ID \ ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_relogin.md b/docs/user-guide/commands/argocd_relogin.md index 9e15447b08ec4..8891d35b896dd 100644 --- a/docs/user-guide/commands/argocd_relogin.md +++ b/docs/user-guide/commands/argocd_relogin.md @@ -42,7 +42,7 @@ argocd login cd.argoproj.io --core ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_repo.md b/docs/user-guide/commands/argocd_repo.md index da44cd722ac1b..3e6548df9a5a7 100644 --- a/docs/user-guide/commands/argocd_repo.md +++ b/docs/user-guide/commands/argocd_repo.md @@ -55,7 +55,7 @@ argocd repo rm https://github.com/yourusername/your-repo.git ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_repo_add.md b/docs/user-guide/commands/argocd_repo_add.md index a6516d02329e0..4abb437cf7bdc 100644 --- a/docs/user-guide/commands/argocd_repo_add.md +++ b/docs/user-guide/commands/argocd_repo_add.md @@ -80,7 +80,7 @@ argocd repo add REPOURL [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_repo_get.md b/docs/user-guide/commands/argocd_repo_get.md index d25e6ee2ff1e7..b28d30e1e0037 100644 --- a/docs/user-guide/commands/argocd_repo_get.md +++ b/docs/user-guide/commands/argocd_repo_get.md @@ -21,7 +21,7 @@ argocd repo get [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_repo_list.md b/docs/user-guide/commands/argocd_repo_list.md index a78520696545d..5a13cff85c5fc 100644 --- a/docs/user-guide/commands/argocd_repo_list.md +++ b/docs/user-guide/commands/argocd_repo_list.md @@ -20,7 +20,7 @@ argocd repo list [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_repo_rm.md b/docs/user-guide/commands/argocd_repo_rm.md index 70549f0ae09d4..4b784e0a6d1c1 100644 --- a/docs/user-guide/commands/argocd_repo_rm.md +++ b/docs/user-guide/commands/argocd_repo_rm.md @@ -19,7 +19,7 @@ argocd repo rm REPO [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_repocreds.md b/docs/user-guide/commands/argocd_repocreds.md index 0679f80aef5c5..cac91d9700bf5 100644 --- a/docs/user-guide/commands/argocd_repocreds.md +++ b/docs/user-guide/commands/argocd_repocreds.md @@ -50,7 +50,7 @@ argocd repocreds [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_repocreds_add.md b/docs/user-guide/commands/argocd_repocreds_add.md index 8adc3a919a016..39405519def40 100644 --- a/docs/user-guide/commands/argocd_repocreds_add.md +++ b/docs/user-guide/commands/argocd_repocreds_add.md @@ -56,7 +56,7 @@ argocd repocreds add REPOURL [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_repocreds_list.md b/docs/user-guide/commands/argocd_repocreds_list.md index 64acfe837cb6f..ebcf308bdc766 100644 --- a/docs/user-guide/commands/argocd_repocreds_list.md +++ b/docs/user-guide/commands/argocd_repocreds_list.md @@ -35,7 +35,7 @@ argocd repocreds list [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_repocreds_rm.md b/docs/user-guide/commands/argocd_repocreds_rm.md index 96d2898fb495c..6893bd3dc3db9 100644 --- a/docs/user-guide/commands/argocd_repocreds_rm.md +++ b/docs/user-guide/commands/argocd_repocreds_rm.md @@ -25,7 +25,7 @@ argocd repocreds rm CREDSURL [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") diff --git a/docs/user-guide/commands/argocd_version.md b/docs/user-guide/commands/argocd_version.md index 5a99c1bb63daa..bd6505cc1c622 100644 --- a/docs/user-guide/commands/argocd_version.md +++ b/docs/user-guide/commands/argocd_version.md @@ -57,7 +57,7 @@ argocd version [flags] ``` --argocd-context string The name of the Argo-CD server context to use - --auth-token string Authentication token + --auth-token string Authentication token; set this or the ARGOCD_AUTH_TOKEN environment variable --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") From dce41c430efa779dd164ed0bbff8cb3822390c04 Mon Sep 17 00:00:00 2001 From: Dmytro Bondar Date: Tue, 17 Sep 2024 11:40:49 +0200 Subject: [PATCH 16/20] fix: Get pull request target branch for Azure DevOps (#19869) (#19871) Signed-off-by: Dmytro Bondar --- .../services/pull_request/azure_devops.go | 14 ++++++++------ .../services/pull_request/azure_devops_test.go | 2 ++ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/applicationset/services/pull_request/azure_devops.go b/applicationset/services/pull_request/azure_devops.go index ff3cfede5c8a9..1d263212cdea1 100644 --- a/applicationset/services/pull_request/azure_devops.go +++ b/applicationset/services/pull_request/azure_devops.go @@ -82,6 +82,7 @@ func (a *AzureDevOpsService) List(ctx context.Context) ([]*PullRequest, error) { pr.Repository.Name == nil || pr.PullRequestId == nil || pr.SourceRefName == nil || + pr.TargetRefName == nil || pr.LastMergeSourceCommit == nil || pr.LastMergeSourceCommit.CommitId == nil { continue @@ -94,12 +95,13 @@ func (a *AzureDevOpsService) List(ctx context.Context) ([]*PullRequest, error) { if *pr.Repository.Name == a.repo { pullRequests = append(pullRequests, &PullRequest{ - Number: *pr.PullRequestId, - Title: *pr.Title, - Branch: strings.Replace(*pr.SourceRefName, "refs/heads/", "", 1), - HeadSHA: *pr.LastMergeSourceCommit.CommitId, - Labels: azureDevOpsLabels, - Author: strings.Split(*pr.CreatedBy.UniqueName, "@")[0], // Get the part before the @ in the email-address + Number: *pr.PullRequestId, + Title: *pr.Title, + Branch: strings.Replace(*pr.SourceRefName, "refs/heads/", "", 1), + TargetBranch: strings.Replace(*pr.TargetRefName, "refs/heads/", "", 1), + HeadSHA: *pr.LastMergeSourceCommit.CommitId, + Labels: azureDevOpsLabels, + Author: strings.Split(*pr.CreatedBy.UniqueName, "@")[0], // Get the part before the @ in the email-address }) } } diff --git a/applicationset/services/pull_request/azure_devops_test.go b/applicationset/services/pull_request/azure_devops_test.go index 50f9f7511e0ff..24453c93a2195 100644 --- a/applicationset/services/pull_request/azure_devops_test.go +++ b/applicationset/services/pull_request/azure_devops_test.go @@ -72,6 +72,7 @@ func TestListPullRequest(t *testing.T) { PullRequestId: createIntPtr(pr_id), Title: createStringPtr(pr_title), SourceRefName: createStringPtr("refs/heads/feature-branch"), + TargetRefName: createStringPtr("refs/heads/main"), LastMergeSourceCommit: &git.GitCommitRef{ CommitId: createStringPtr(pr_head_sha), }, @@ -106,6 +107,7 @@ func TestListPullRequest(t *testing.T) { require.NoError(t, err) assert.Len(t, list, 1) assert.Equal(t, "feature-branch", list[0].Branch) + assert.Equal(t, "main", list[0].TargetBranch) assert.Equal(t, pr_head_sha, list[0].HeadSHA) assert.Equal(t, "feat(123)", list[0].Title) assert.Equal(t, pr_id, list[0].Number) From 20f97190019163390d0ed7e3e140d2d5565bbb34 Mon Sep 17 00:00:00 2001 From: ilia-medvedev-codefresh Date: Tue, 17 Sep 2024 12:45:32 +0300 Subject: [PATCH 17/20] fix: cleanup tempdir when errors occur in Helm chart extraction (#19861) Fixed merge conflicts. Signed-off-by: Ilia Medvedev Signed-off-by: Dan Garfield Co-authored-by: Dan Garfield --- util/helm/client.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/util/helm/client.go b/util/helm/client.go index 4f6e2ed37ac45..3ddbcec4333a6 100644 --- a/util/helm/client.go +++ b/util/helm/client.go @@ -163,6 +163,7 @@ func (c *nativeHelmChart) ExtractChart(chart string, version string, project str cachedChartPath, err := c.getCachedChartPath(chart, version, project) if err != nil { + _ = os.RemoveAll(tempDir) return "", nil, fmt.Errorf("error getting cached chart path: %w", err) } @@ -172,6 +173,7 @@ func (c *nativeHelmChart) ExtractChart(chart string, version string, project str // check if chart tar is already downloaded exists, err := fileExist(cachedChartPath) if err != nil { + _ = os.RemoveAll(tempDir) return "", nil, fmt.Errorf("error checking existence of cached chart path: %w", err) } @@ -179,6 +181,7 @@ func (c *nativeHelmChart) ExtractChart(chart string, version string, project str // create empty temp directory to extract chart from the registry tempDest, err := files.CreateTempDir(os.TempDir()) if err != nil { + _ = os.RemoveAll(tempDir) return "", nil, fmt.Errorf("error creating temporary destination directory: %w", err) } defer func() { _ = os.RemoveAll(tempDest) }() @@ -187,6 +190,7 @@ func (c *nativeHelmChart) ExtractChart(chart string, version string, project str if c.creds.Password != "" && c.creds.Username != "" { _, err = helmCmd.RegistryLogin(c.repoURL, c.creds) if err != nil { + _ = os.RemoveAll(tempDir) return "", nil, fmt.Errorf("error logging into OCI registry: %w", err) } @@ -198,11 +202,13 @@ func (c *nativeHelmChart) ExtractChart(chart string, version string, project str // 'helm pull' ensures that chart is downloaded into temp directory _, err = helmCmd.PullOCI(c.repoURL, chart, version, tempDest, c.creds) if err != nil { + _ = os.RemoveAll(tempDir) return "", nil, fmt.Errorf("error pulling OCI chart: %w", err) } } else { _, err = helmCmd.Fetch(c.repoURL, chart, version, tempDest, c.creds, passCredentials) if err != nil { + _ = os.RemoveAll(tempDir) return "", nil, fmt.Errorf("error fetching chart: %w", err) } } From a8e70e43ac2da903828aca88d8b7d4cbbcd9eaaf Mon Sep 17 00:00:00 2001 From: Regina Voloshin Date: Tue, 17 Sep 2024 16:49:01 +0300 Subject: [PATCH 18/20] chore: Make dev env redis password protected (#19863) * create pr Signed-off-by: reggie-k * create pr Signed-off-by: reggie-k * create pr Signed-off-by: reggie-k * initial Signed-off-by: reggie-k * initial Signed-off-by: reggie-k * initial Signed-off-by: reggie-k * checking Redis is installed locally per Nitish's suggestion Signed-off-by: reggie-k * Update hack/start-redis-with-password.sh Co-authored-by: Nitish Kumar Signed-off-by: Regina Voloshin <19544836+reggie-k@users.noreply.github.com> * Update hack/start-redis-with-password.sh Co-authored-by: Nitish Kumar Signed-off-by: Regina Voloshin <19544836+reggie-k@users.noreply.github.com> * fixed unreachable code Signed-off-by: reggie-k --------- Signed-off-by: reggie-k Signed-off-by: Regina Voloshin <19544836+reggie-k@users.noreply.github.com> Co-authored-by: Nitish Kumar --- Procfile | 2 +- hack/start-redis-with-password.sh | 30 ++++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100755 hack/start-redis-with-password.sh diff --git a/Procfile b/Procfile index 25f9c7206eef6..fd955a39ac416 100644 --- a/Procfile +++ b/Procfile @@ -1,7 +1,7 @@ controller: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "GOCOVERDIR=${ARGOCD_COVERAGE_DIR:-/tmp/coverage/app-controller} HOSTNAME=testappcontroller-1 FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-application-controller $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --otlp-address=${ARGOCD_OTLP_ADDRESS} --application-namespaces=${ARGOCD_APPLICATION_NAMESPACES:-''} --server-side-diff-enabled=${ARGOCD_APPLICATION_CONTROLLER_SERVER_SIDE_DIFF:-'false'}" api-server: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "GOCOVERDIR=${ARGOCD_COVERAGE_DIR:-/tmp/coverage/api-server} FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-server $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --disable-auth=${ARGOCD_E2E_DISABLE_AUTH:-'true'} --insecure --dex-server http://localhost:${ARGOCD_E2E_DEX_PORT:-5556} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --port ${ARGOCD_E2E_APISERVER_PORT:-8080} --otlp-address=${ARGOCD_OTLP_ADDRESS} --application-namespaces=${ARGOCD_APPLICATION_NAMESPACES:-''}" dex: sh -c "ARGOCD_BINARY_NAME=argocd-dex go run github.com/argoproj/argo-cd/v2/cmd gendexcfg -o `pwd`/dist/dex.yaml && (test -f dist/dex.yaml || { echo 'Failed to generate dex configuration'; exit 1; }) && docker run --rm -p ${ARGOCD_E2E_DEX_PORT:-5556}:${ARGOCD_E2E_DEX_PORT:-5556} -v `pwd`/dist/dex.yaml:/dex.yaml ghcr.io/dexidp/dex:$(grep "image: ghcr.io/dexidp/dex" manifests/base/dex/argocd-dex-server-deployment.yaml | cut -d':' -f3) dex serve /dex.yaml" -redis: bash -c "if [ \"$ARGOCD_REDIS_LOCAL\" = 'true' ]; then redis-server --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; else docker run --rm --name argocd-redis -i -p ${ARGOCD_E2E_REDIS_PORT:-6379}:${ARGOCD_E2E_REDIS_PORT:-6379} docker.io/library/redis:$(grep "image: redis" manifests/base/redis/argocd-redis-deployment.yaml | cut -d':' -f3) --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; fi" +redis: hack/start-redis-with-password.sh repo-server: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "GOCOVERDIR=${ARGOCD_COVERAGE_DIR:-/tmp/coverage/repo-server} FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_GNUPGHOME=${ARGOCD_GNUPGHOME:-/tmp/argocd-local/gpg/keys} ARGOCD_PLUGINSOCKFILEPATH=${ARGOCD_PLUGINSOCKFILEPATH:-./test/cmp} ARGOCD_GPG_DATA_PATH=${ARGOCD_GPG_DATA_PATH:-/tmp/argocd-local/gpg/source} ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-repo-server ARGOCD_GPG_ENABLED=${ARGOCD_GPG_ENABLED:-false} $COMMAND --loglevel debug --port ${ARGOCD_E2E_REPOSERVER_PORT:-8081} --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --otlp-address=${ARGOCD_OTLP_ADDRESS}" cmp-server: [ "$ARGOCD_E2E_TEST" = 'true' ] && exit 0 || [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_BINARY_NAME=argocd-cmp-server ARGOCD_PLUGINSOCKFILEPATH=${ARGOCD_PLUGINSOCKFILEPATH:-./test/cmp} $COMMAND --config-dir-path ./test/cmp --loglevel debug --otlp-address=${ARGOCD_OTLP_ADDRESS}" ui: sh -c 'cd ui && ${ARGOCD_E2E_YARN_CMD:-yarn} start' diff --git a/hack/start-redis-with-password.sh b/hack/start-redis-with-password.sh new file mode 100755 index 0000000000000..e42ecaf28f54d --- /dev/null +++ b/hack/start-redis-with-password.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# Default values for environment variables +REDIS_PORT="${ARGOCD_E2E_REDIS_PORT:-6379}" +REDIS_IMAGE_TAG=$(grep 'image: redis' manifests/base/redis/argocd-redis-deployment.yaml | cut -d':' -f3) + +if [ "$ARGOCD_REDIS_LOCAL" = 'true' ]; then + if ! command -v redis-server &>/dev/null; then + echo "Redis server is not installed locally. Please install Redis or set ARGOCD_REDIS_LOCAL to false." + exit 1 + fi + + # Start local Redis server with password if defined + if [ -z "$REDIS_PASSWORD" ]; then + echo "Starting local Redis server without password." + redis-server --save '' --appendonly no --port "$REDIS_PORT" + else + echo "Starting local Redis server with password." + redis-server --save '' --appendonly no --port "$REDIS_PORT" --requirepass "$REDIS_PASSWORD" + fi +else + # Run Redis in a Docker container with password if defined + if [ -z "$REDIS_PASSWORD" ]; then + echo "Starting Docker container without password." + docker run --rm --name argocd-redis -i -p "$REDIS_PORT:$REDIS_PORT" docker.io/library/redis:"$REDIS_IMAGE_TAG" --save '' --appendonly no --port "$REDIS_PORT" + else + echo "Starting Docker container with password." + docker run --rm --name argocd-redis -i -p "$REDIS_PORT:$REDIS_PORT" -e REDIS_PASSWORD="$REDIS_PASSWORD" docker.io/library/redis:"$REDIS_IMAGE_TAG" redis-server --save '' --requirepass "$REDIS_PASSWORD" --appendonly no --port "$REDIS_PORT" + fi +fi \ No newline at end of file From 21d1f88106b9e7eed8e0d0f0b0d34e8e3ecc06bd Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Tue, 17 Sep 2024 17:33:46 +0200 Subject: [PATCH 19/20] docs: include cluster-management.md in TOC (#19964) While it is searchable in the docs UI, the Cluster Management page is not included in the Table of contents of https://argo-cd.readthedocs.io Add it to increase it's discoverability. We put it just before cluster-bootstrapping since an user would be expected to add a cluster to argocd just before "bootstrapping" Signed-off-by: Max Gautier --- mkdocs.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/mkdocs.yml b/mkdocs.yml index 25c187ab83075..1fea9734a8710 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -47,6 +47,7 @@ nav: - snyk/index.md - operator-manual/signed-release-assets.md - operator-manual/tls.md + - operator-manual/cluster-management.md - operator-manual/cluster-bootstrapping.md - operator-manual/secret-management.md - operator-manual/disaster_recovery.md From fcc186bdd56b38ff08a75d37046d5d98c4c6359b Mon Sep 17 00:00:00 2001 From: Netanel Kadosh Date: Tue, 17 Sep 2024 19:18:40 +0300 Subject: [PATCH 20/20] fix: Add redis password to `forwardCacheClient` struct (#19599) Signed-off-by: Netanel Kadosh --- cmd/argocd/commands/headless/headless.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cmd/argocd/commands/headless/headless.go b/cmd/argocd/commands/headless/headless.go index 50ee56c8a0686..f4d4503a9b723 100644 --- a/cmd/argocd/commands/headless/headless.go +++ b/cmd/argocd/commands/headless/headless.go @@ -48,6 +48,7 @@ type forwardCacheClient struct { err error redisHaProxyName string redisName string + redisPassword string } func (c *forwardCacheClient) doLazy(action func(client cache.CacheClient) error) error { @@ -64,7 +65,7 @@ func (c *forwardCacheClient) doLazy(action func(client cache.CacheClient) error) return } - redisClient := redis.NewClient(&redis.Options{Addr: fmt.Sprintf("localhost:%d", redisPort)}) + redisClient := redis.NewClient(&redis.Options{Addr: fmt.Sprintf("localhost:%d", redisPort), Password: c.redisPassword}) c.client = cache.NewRedisCache(redisClient, time.Hour, c.compression) }) if c.err != nil { @@ -251,12 +252,12 @@ func MaybeStartLocalServer(ctx context.Context, clientOpts *apiclient.ClientOpti if err != nil { return fmt.Errorf("error running miniredis: %w", err) } - appstateCache := appstatecache.NewCache(cache.NewCache(&forwardCacheClient{namespace: namespace, context: ctxStr, compression: compression, redisHaProxyName: clientOpts.RedisHaProxyName, redisName: clientOpts.RedisName}), time.Hour) - redisOptions := &redis.Options{Addr: mr.Addr()} if err = common.SetOptionalRedisPasswordFromKubeConfig(ctx, kubeClientset, namespace, redisOptions); err != nil { log.Warnf("Failed to fetch & set redis password for namespace %s: %v", namespace, err) } + + appstateCache := appstatecache.NewCache(cache.NewCache(&forwardCacheClient{namespace: namespace, context: ctxStr, compression: compression, redisHaProxyName: clientOpts.RedisHaProxyName, redisName: clientOpts.RedisName, redisPassword: redisOptions.Password}), time.Hour) srv := server.NewServer(ctx, server.ArgoCDServerOpts{ EnableGZip: false, Namespace: namespace,