feat: upgrade argo to version 3.0 by squidboylan · Pull Request #536 · cnoe-io/idpbuilder

squidboylan · 2025-07-30T21:20:39Z

No description provided.

Signed-off-by: Caleb Boylan <calebboylan@gmail.com>

punkwalker · 2025-07-30T21:28:18Z

@squidboylan Do we know what additional Argo CD resources are created?

squidboylan · 2025-07-30T21:32:38Z

@squidboylan Do we know what additional Argo CD resources are created?

looks to be:

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: redis
    app.kubernetes.io/name: argocd-redis
    app.kubernetes.io/part-of: argocd
  name: argocd-redis
rules:
- apiGroups:
  - ""
  resourceNames:
  - argocd-redis
  resources:
  - secrets
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - secrets
  verbs:
  - create

and

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: redis
    app.kubernetes.io/name: argocd-redis
    app.kubernetes.io/part-of: argocd
  name: argocd-redis
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: argocd-redis
subjects:
- kind: ServiceAccount
  name: argocd-redis

based on my analysis of the diff.

Confirmed by deploying upstream/main:

squid@korhal:~/hacking/go/idpbuilder$ k get role -n argocd
NAME                               CREATED AT
argocd-application-controller      2025-07-30T21:34:12Z
argocd-applicationset-controller   2025-07-30T21:34:12Z
argocd-dex-server                  2025-07-30T21:34:12Z
argocd-notifications-controller    2025-07-30T21:34:12Z
argocd-server                      2025-07-30T21:34:12Z
squid@korhal:~/hacking/go/idpbuilder$ k get rolebinding -n argocd
NAME                               ROLE                                    AGE
argocd-application-controller      Role/argocd-application-controller      2m
argocd-applicationset-controller   Role/argocd-applicationset-controller   2m
argocd-dex-server                  Role/argocd-dex-server                  2m
argocd-notifications-controller    Role/argocd-notifications-controller    2m
argocd-server                      Role/argocd-server                      2m

punkwalker · 2025-07-30T21:47:32Z

@squidboylan Do we know what additional Argo CD resources are created?

looks to be:

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: redis
    app.kubernetes.io/name: argocd-redis
    app.kubernetes.io/part-of: argocd
  name: argocd-redis
rules:
- apiGroups:
  - ""
  resourceNames:
  - argocd-redis
  resources:
  - secrets
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - secrets
  verbs:
  - create

and

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: redis
    app.kubernetes.io/name: argocd-redis
    app.kubernetes.io/part-of: argocd
  name: argocd-redis
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: argocd-redis
subjects:
- kind: ServiceAccount
  name: argocd-redis

based on my analysis of the diff.

Confirmed by deploying upstream/main:

squid@korhal:~/hacking/go/idpbuilder$ k get role -n argocd
NAME                               CREATED AT
argocd-application-controller      2025-07-30T21:34:12Z
argocd-applicationset-controller   2025-07-30T21:34:12Z
argocd-dex-server                  2025-07-30T21:34:12Z
argocd-notifications-controller    2025-07-30T21:34:12Z
argocd-server                      2025-07-30T21:34:12Z
squid@korhal:~/hacking/go/idpbuilder$ k get rolebinding -n argocd
NAME                               ROLE                                    AGE
argocd-application-controller      Role/argocd-application-controller      2m
argocd-applicationset-controller   Role/argocd-applicationset-controller   2m
argocd-dex-server                  Role/argocd-dex-server                  2m
argocd-notifications-controller    Role/argocd-notifications-controller    2m
argocd-server                      Role/argocd-server                      2m

Should we disable argocd-dex-server as we are not using it?

squidboylan · 2025-07-30T21:50:05Z

Should we disable argocd-dex-server as we are not using it?

yeah, let's look into that separately though as it's a separate problem from the upgrade. Feel free to open an issue if you want, in either case I'll start looking into that.

squidboylan · 2025-07-30T21:52:26Z

Ah we do have its pods disabled at least https://github.com/cnoe-io/idpbuilder/blob/main/hack/argo-cd/dex-server.yaml , so there's probably not much more to do there. We could patch out all of the references but it's probably not worth maintaining that. I like the current fix of setting its replicas to 0

punkwalker

LGTM 🚀

feat: upgrade argo to version 3.0

7e61cc9

Signed-off-by: Caleb Boylan <calebboylan@gmail.com>

squidboylan force-pushed the upgrade-argo-3.0 branch from 9987706 to 7e61cc9 Compare July 30, 2025 21:27

squidboylan mentioned this pull request Jul 30, 2025

update gitea and argocd #422

Closed

punkwalker approved these changes Jul 30, 2025

View reviewed changes

punkwalker merged commit c003a60 into cnoe-io:main Jul 30, 2025
5 checks passed

squidboylan mentioned this pull request Aug 30, 2025

update argocd version #407

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: upgrade argo to version 3.0#536

feat: upgrade argo to version 3.0#536
punkwalker merged 1 commit intocnoe-io:mainfrom
squidboylan:upgrade-argo-3.0

squidboylan commented Jul 30, 2025

Uh oh!

punkwalker commented Jul 30, 2025

Uh oh!

squidboylan commented Jul 30, 2025 •

edited

Loading

Uh oh!

punkwalker commented Jul 30, 2025

Uh oh!

squidboylan commented Jul 30, 2025

Uh oh!

squidboylan commented Jul 30, 2025

Uh oh!

punkwalker left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

squidboylan commented Jul 30, 2025

Uh oh!

punkwalker commented Jul 30, 2025

Uh oh!

squidboylan commented Jul 30, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

punkwalker commented Jul 30, 2025

Uh oh!

squidboylan commented Jul 30, 2025

Uh oh!

squidboylan commented Jul 30, 2025

Uh oh!

punkwalker left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

squidboylan commented Jul 30, 2025 •

edited

Loading