argoproj/argo-cd v2.7.0-rc1

on GitHub

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.7.0-rc1/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.7.0-rc1/manifests/ha/install.yaml

Release Signatures and Provenance

All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.

Upgrading

If upgrading from a different minor version, be sure to read the upgrading documentation.

Changelog

Features

• 4a50114: feat(UI): allow applications to declare default view preferences (#12019) (#12080) (@alexef)
• 04db457: feat(helm): set enableOCI in the UI when registering a repo (#12420) (@alexef)
• c41dc60: feat(kustomize): override namespace (#6067) (#10872) (@AndrewChubatiuk)
• f16b722: feat(kustomize): support envsubst in commonAnnotations and commonLabels (#11345) (@AndrewChubatiuk)
• b652a5c: feat(manifests): add app.kubernetes.io labels to notifications-controller resources (#12348) (@morey-tech)
• adb4471: feat(security): require the aud claim from OIDC providers by default (#12187) (@crenshaw-dev)
• f7011f6: feat(ui): allow sorting the application list (#11645) (@alexef)
• bc5d1ed: feat(ui): readiness gates failures alert in pod summary tab #12515 (#12621) (@Marvin9)
• 019da5a: feat: Accept ElementsYaml for list generator to get dynamic content from a git file (#12428) (#12490) (@lsoica)
• 5d53415: feat: Add kustomize edit set replicas (#11650) (#11665) (@toyamagu-2021)
• a10fde5: feat: Added warning on plugin command returning zero output (#12698) (@gczuczy)
• b600da1: feat: Allow force of basic auth for HTTP repositories (#11983) (@jannfis)
• b2a6387: feat: Always Show ReplicaSets as Pod Groups (#12051) (#12065) (@keithchong)
• 2358669: feat: App View extensions (#12006) (@rbreeze)
• a3a19ab: feat: Begin polishing top bar design (#12327) (@rbreeze)
• 0f500a5: feat: Enhanced pod logs viewer (#11030) (@alexec)
• 8e06648: feat: Improve sidebar design (#12053) (@rbreeze)
• a07256f: feat: Support configuring annotations that are preserved by the AppSet (#12507) (#12408) (@lacarvalho91)
• faa7331: feat: UI write support CMP (#11754) (#12137) (@schakrad)
• bfc381e: feat: add 'user' field to audit logs (#12644) (@crenshaw-dev)
• 0d02040: feat: add app skip reconcile annotation to optionally bypass application controller processing (#11879) (@mikeshng)
• a4c0f3c: feat: add labels to pod log navigation buttons (#10890) (@rbreeze)
• e420666: feat: add org.opencontainers.image.source label to docker images (#12270) (@james-callahan)
• b6cfe67: feat: add sync delete option (#12448) (@gdsoumya)
• 304a742: feat: allow CMP plugins to preserve repo files mode (#12940) (@alexmt)
• a610fc1: feat: allow access to cluster and project resources in app/resource deep links (#12931) (@gdsoumya)
• b8fdfb5: feat: allow injecting the target revision over an URL parameter (#12545) (#12556) (@alexef)
• 1f4c745: feat: allow using env var to set kubectl parallelism limit (#8442) (#9116) (@tomelliff)
• 974c2de: feat: enable authn + authz in proxy extension (#11694) (@leoluz)
• 6e9f28c: feat: extensions.js should respect argocd server enable gzip (#12890) (@schakrad)
• 8ee4387: feat: inversion selection support for the resource filter on sync and wait app commands (#10548) (@maheshbaliga)
• 97d75a6: feat: make discovery field optional in plugins (#12073) (@gdsoumya)
• d764cf7: feat: misc UI/UX improvements (#11769) (@alexef)
• ed6e9e9: feat: option to use cluster-info endpoint for cluster add (#12625) (#12649) (@adambkaplan)
• a454093: feat: set cluster command (#9996) (@maheshbaliga)
• c2e0026: feat: tini as ENTRYPOINT and related cosmetics (#12707) (@gczuczy)
• 25badeb: feat: upgrade Kustomize to v5.0.1 (#12299) (@crenshaw-dev)

Bug fixes

• aa5fd43: fix(appset): git files generator in matrix generator produces no params (#12881) (@crenshaw-dev)
• eaac2c6: fix(health): Handling SparkApplication CRD health status if dynamic allocation is enabled (#7557) (#11522) (@eugen-fried)
• 133ff29: fix(helm): Update Helm binary (#12729) (#12754) (@lusu007)
• 1ec6fa4: fix(manifests): set appset controller label app.kubernetes.io/part-of to argocd (#12346) (@morey-tech)
• cd3fe2d: fix(redis): explicit bind to redis and sentinel for IPv4 clusters (#11388) (#11862) (@rumstead)
• 39cb524: fix(security): add url validation for help chat (#9956) (#10417) (@saumeya)
• 63e410a: fix(ui): trash icon for resources to be pruned, plus better tooltip (#10290) (#11171) (@schakrad)
• bd8777a: fix: Add namespace to sub-application link URLs (#11946) (@iandelahorne)
• f847670: fix: AppSet Progressive sync fixes, docs, and logging improvements (#11924) (#12103) (@wmgroot)
• 55da026: fix: Application's own link in UI (#11123) (#11124) (@alexef)
• 8f0ef8d: fix: Applications with suspended jobs now marked "Suspended" instead of "Progressing" (#11603) (#11626) (@ashutosh16)
• 3b05351: fix: Argo CD doesn't detect the repo type when repository is scoped (#11959) (@alexmt)
• 1ccaefe: fix: Explicitly set private key type for GPG key generation (#11944) (@jannfis)
• 0beda4d: fix: Fix the applicationset kind typo (#12690) (@tossmilestone)
• 8917077: fix: Fixed matrix requeueAfterSeconds for PR (#10914) (#10915) (@Aym3nTN)
• 9f9a226: fix: Lint Go code (#12522) (#12523) (@juunini)
• 9b7498c: fix: Prevent Git from waiting for terminal input (#12028) (@jannfis)
• 8ae3777: fix: Refresh message is hidden (#11303) (#12445) (@keithchong)
• c378434: fix: Remove unnecessary branch (#11963) (@Asuforce)
• 6069ded: fix: Support resource actions for apps in different Namespace (#12115) (@mikebryant)
• 6d7258c: fix: UI crashes on null Operation State (#12412) (#12413) (@keithchong)
• 3524128: fix: Upgrade gopkg.in/yaml.v2 to v2.4.0 (#12249) (@drpaneas)
• 6dad9bc: fix: Use CredsStore for GoogleCloudCreds (#12391) (@david-becher)
• 6953b43: fix: Validate chat button url only when chatUrl is set (#12655) (#12749) (@rouke-broersma)
• a825aad: fix: add CLI client IDs to default OIDC allowed audiences (#12170) (#12179) (@crenshaw-dev)
• b1d0009: fix: clarify error wording when syncing (#12156) (@drozd-A)
• afb8830: fix: create app shows dest URL instead of name (#12054) (@rbreeze)
• 4610bc8: fix: create separate API to load configured plugins (#12164) (@alexmt)
• e409818: fix: directory permisson of test/container/Dockerfile (#12538) (@toyamagu-2021)
• 59b00bb: fix: disable More button for multiple sources (#11760) (#11971) (@ishitasequeira)
• 9b86af1: fix: disable edit button on App Details Summary and Parameters tabs multi-source apps (#12048) (@ishitasequeira)
• 825a0f3: fix: disable rollback button for apps with multiple sources (#11785) (@ishitasequeira)
• 031ecaf: fix: don't dump SSG to server logs, change deprecation notice to v2.7 (#12285) (@notfromstatefarm)
• d24d9e3: fix: don't fail codegen on conflicts (#12498) (@crenshaw-dev)
• 710a0d8: fix: ensure certificate gets updated on reload (#12076) (@blakepettersson)
• 2b1d55b: fix: evaluate all possible refresh reasons for multi-source apps (#12379) (#12576) (@crenshaw-dev)
• f1875b5: fix: examples/plugin/helm subPath for get-parameters.sh (#12568) (@sakateka)
• 32e6025: fix: exclude test/fixtures from .dockerignore (#12640) (@blakepettersson)
• 13258e4: fix: fix typescript compilation errors and add ts validation in lint (#12700) (@alexmt)
• ba86be2: fix: fix typo in local variable name (#11624) (@nmiyake)
• 2fe132e: fix: ignore gitlab projects w/o repository (#12819) (#12820) (@pjoomen)
• 048902a: fix: issue reported by sonar cloud. use forEach instead of map (#12250) (@alexef)
• 8f1b5d5: fix: log error when failing to get git client (#12876) (@crenshaw-dev)
• 3c058ea: fix: log plugin commands in a better format (#12260) (@crenshaw-dev)
• 05f5e63: fix: make verify-kube-connect broken on arm64 architectures (#12617) (@adamiBs)
• 06cd025: fix: make webhook handler work in all configured application namespaces (#11867) (#12386) (@SJrX)
• 212029d: fix: multi-source app refresh (#11772) (#12217) (@crenshaw-dev)
• 2f8da71: fix: parsed url is not exposed (#11816) (#11916) (@alexef)
• 95f9196: fix: pass env when getting param announcement (#11812) (#11815) (@crenshaw-dev)
• 2ddb777: fix: pathParamPrefix is optional (#11796) (#11943) (@crenshaw-dev)
• 584428e: fix: populate parentRefs correctly with multiple owners (#3910) (#11715) (@Jellyfrog)
• 25ca986: fix: produce better logs for health check errors (#12350) (@crenshaw-dev)
• e323880: fix: redact secret data in deep links (#11931) (@gdsoumya)
• c9d317a: fix: remove argocd-cm plugin warnings (#11740) (@crenshaw-dev)
• c683ab9: fix: remove other occurrences of externalURLS #11887 (#11889) (@alexef)
• 193cf76: fix: replace copy tooltip with copy line text (#12180) (@drozd-A)
• e510a77: fix: repo-server - prevent locked state after unclean git checkout (#7898) (#11805) (@arturhoo)
• da46381: fix: return nil if reading application set was successful (#12261) (@ishitasequeira)
• 17167fc: fix: sanitize repo creds in error messages (#12309) (#12320) (@crenshaw-dev)
• 05ab30e: fix: set Path as empty if path is not specified for a source in multiple sources (#11756) (#11774) (@ishitasequeira)
• c20b7fe: fix: setting spec.SyncPolicy crashes 'argocd appset get' output (#12424) (#12425) (@neurodrone)
• 51edf7d: fix: show full event message in pod event view (#12104) (#12267) (@schakrad)
• 323f8fd: fix: sidebar logo not aligned with different version length (#12351) (@rbreeze)
• 1d885b7: fix: sign container images by digest (#11151) (@34fathombelow)
• 66d2f1e: fix: sources.ref allow hyphen and underscore (#11775) (@toyamagu-2021)
• 72c3d0f: fix: ssa e2e tests failing after updating to kubectl 1.26 (#11753) (@leoluz)
• f3a3a57: fix: stop using fixed rxjs in Argo CD UI (#12685) (@alexmt)
• b28f306: fix: support 'project' filter field for backwards-compatibility (#12594) (@crenshaw-dev)
• 3d79487: fix: support for enabling progressive rollouts from argocd-cmd-params-cm (#11776) (@morey-tech)
• 42d1c85: fix: suppress Kubernetes API deprecation warnings from application controller (#12067) (@toVersus)
• f54bc6e: fix: test Procfile (#11075) (@patrickbardo)
• 53c3c49: fix: traverse generator tree when getting requeue time (#12407) (#12409) (@rumstead)
• 21ce221: fix: trigger ApplicationSet reconciliation for clusters matching cluster generators in matrix or merge generators (#12543) (@alexandrevilain)
• 9fb7847: fix: typo in doc link (#12744) (@iNoahNothing)
• 35fdd38: fix: ui cluster server url overlaps (#11873) (@jiwonaid)
• 82f006c: fix: update github rsa ssh key (argo-cd#12992) (#12995) (@Matt1360)
• fddb06f: fix: upgrade qs to avoid CVE-2022-24999 (#11743) (@crenshaw-dev)
• 98475bc: fix: use field-wise templating for child matrix generators (#11661) (#12287) (@crenshaw-dev)
• 15edf10: fix: valid username in webhook URL matching regex (#9055) (#12203) (@mdsjip)
• 1808539: fix: values should always be visible, even when they are empty (#11676) (#11681) (@alexef)
• 79bcaa6: fix: web terminal namespace handler (#11891) (@leoluz)
• 50b6577: fix: web terminal outside argocd namespace (#11166) (#11400) (@crenshaw-dev)
• 3d02e01: fix: when resource does not exist node menu and resource details shou… (#12360) (@jphelton)

Documentation

• 2c16980: [Bot] docs: Update Snyk reports (#11865) (@github-actions[bot])
• f6abf72: [Bot] docs: Update Snyk reports (#11908) (@github-actions[bot])
• c31d15e: [Bot] docs: Update Snyk reports (#11985) (@github-actions[bot])
• 806ab33: [Bot] docs: Update Snyk reports (#12023) (@github-actions[bot])
• 9414fb3: [Bot] docs: Update Snyk reports (#12069) (@github-actions[bot])
• a77d149: [Bot] docs: Update Snyk reports (#12198) (@github-actions[bot])
• 22c83d3: [Bot] docs: Update Snyk reports (#12290) (@github-actions[bot])
• eb75366: [Bot] docs: Update Snyk reports (#12421) (@github-actions[bot])
• 9237f25: [Bot] docs: Update Snyk reports (#12529) (@github-actions[bot])
• 6971966: [Bot] docs: Update Snyk reports (#12660) (@github-actions[bot])
• 0087261: [Bot] docs: Update Snyk reports (#12717) (@github-actions[bot])
• 5bdd42c: [Bot] docs: Update Snyk reports (#12825) (@github-actions[bot])
• 652e136: [Bot] docs: Update Snyk reports (#12860) (@github-actions[bot])
• 9e88880: [Bot] docs: Update Snyk reports (#12926) (@github-actions[bot])
• 062e245: docs(helm): clarify that helm is only used to inflate chart (#11692) (@emirot)
• 352e51f: docs: 2.6 addendum for plugin.name (#12701) (@rwong2888)
• 3c52ce1: docs: Add M1 Section in cli_installation.md (#11911) (@aliwo)
• 1373f4f: docs: Add authz and authn architectural document (#12005) (@leoluz)
• 127bd45: docs: Add working zsh completion instructions (#10535) (@dimisjim)
• ad9e8f9: docs: Clarify cascade delete of resource and finalizer (#11064) (@mcgitty)
• c043f4a: docs: Clarify directory recursion (#12037) (@kostis-codefresh)
• 558140f: docs: Enable dark mode and follow user preference (#12631) (@mortenn)
• 640439f: docs: FAQ improvements (#12146) (@jsoref)
• e681875: docs: Fix Jenkins guide link in understand_the_basics.md (#12814) (@czuhajster)
• 1960044: docs: Fix app patch doc (#12176) (@lacarvalho91)
• 977b730: docs: Fix copy that refers to a different CLI flag (#12236) (@acj)
• b9f9b78: docs: Fix heading to not include a v for the second version (#12218) (@jsoref)
• 1000ac1: docs: Fix list formatting in "Resource Actions" docs page (#12061) (@goodgravy)
• 70f9de4: docs: Fixed typos, and grammar in the High Availability Docs (#12021) (@Parsifal-M)
• 1803f64: docs: Mention Internet Bug Bounty in the security policy (#12732) (@jannfis)
• 9b682f8: docs: Post Selector moved to Generators section (#11109) (@flickers)
• 57544a6: docs: Provide example RBAC for API server in apps-in-any-namespace (#12341) (@jannfis)
• 2279d60: docs: Remove broken blog link from Readme (#11077) (@prakarsh-dt)
• 0457ce1: docs: Replace no longer working ingress class type in ingress sample yaml (#12630) (@mortenn)
• 043e5b7: docs: Update Outdated Helm initContainers documentation (#10870) (#10881) (@sonali-rajput)
• ec95d12: docs: Update bullet formatting on Progressive Rollouts.md (#11777) (@reilly3000)
• b2bdbed: docs: Update example dockerfile (#11721) (@philwc)
• 9c8f369: docs: Update kustomization example (#12555) (@jbergler)
• f957176: docs: Update the security instructions link (#12232) (@farcaller)
• 77ec784: docs: Updated link to Jenkins and added GitHub Actions link (#12465) (@wojtekidd)
• 39c00f9: docs: add 2.5->2.6 upgrade notes to list (#12283) (@crenshaw-dev)
• 9c2f996: docs: add 2.5->2.6 upgrade notes to table of contents (#12319) (@crenshaw-dev)
• d3ff975: docs: add ARGOCD_API_SERVER_REPLICAS to HA docs (#11594) (@morey-tech)
• e82a644: docs: add FOSSA badge to README (#11956) (@crenshaw-dev)
• efd3802: docs: add an example ApplicationSet to document all fields (#11799) (@crenshaw-dev)
• b17007b: docs: add destination.name example (#12242) (@ebuildy)
• 2d49e96: docs: add link to new blog (#11505) (@AmrAlaaYassen)
• e675e00: docs: add multi source app ref in helm section (#12499) (@morey-tech)
• c07df67: docs: add namespace to initial-password command (#12718) (@devarsh10)
• 7f2dd9e: docs: added deep links doc (#11888) (@gdsoumya)
• f65e0b5: docs: bump elasticsearch version to 8.5.1 (#11771) (@toyamagu-2021)
• 58ce42b: docs: clarify project destination possibilities (#11706) (@gaeljw)
• 68d1a6f: docs: clarify that all labels must exist (#11693) (@morey-tech)
• 8895b4a: docs: clarify value for disabling tools (#11395) (@morey-tech)
• c8ae6e0: docs: cleanup HA operator manual (#10409) (@prasadkatti)
• 231fab4: docs: correct SSO configuration URL in example configmap (#11720) (@mattclegg)
• 913ac50: docs: custom health check resource group wildcard (#4212) (@reggie-k)
• 872a32b: docs: document matchExpressions field for appset cluster generator (#12443) (@crenshaw-dev)
• 481ee54: docs: document more cluster fields (#11491) (@crenshaw-dev)
• fa18490: docs: fix a few typos and grammar mistakes (#12280) (@SJrX)
• 33b2702: docs: fix list formatting in keycloak.md (#11061) (@jacksgt)
• 335af2e: docs: fix syntax errors in the document (#12008) (@Fish-pro)
• 467c6c9: docs: fix typo (#12389) (@atusy)
• 7a979e3: docs: fix typo in health documentation (#12497) (@aslafy-z)
• f2d6621: docs: fix version numbers in upgrade notes (#12896) (@crenshaw-dev)
• 9bd1033: docs: how to change default view (#12140) (@alexef)
• 4ead2cc: docs: link directly to HA manifests (#11970) (@morey-tech)
• f6d5c31: docs: no longer mark parameter overrides feature as beta (#11673) (@crenshaw-dev)
• 69b3651: docs: note risks of secret-injection plugins (#11617) (@crenshaw-dev)
• 8d262f2: docs: release cycle refresh (#11137) (@crenshaw-dev)
• 221a039: docs: replace period with parenthesis (#12044) (@drozd-A)
• 52d223d: docs: sign up for 1.8 release (#12266) (@keithchong)
• 152a930: docs: unset finalizer before deleting an app non-cascadingly (#10949) (@beyondbill)
• ceb043c: docs: update config management plugin docs (#11690) (@crenshaw-dev)
• 2728680: docs: update contribution FAQ (#12768) (@34fathombelow)
• a5116be: docs: update quickstart.md (#12394) (@fengshunli)
• c9e4bcd: docs: use environment variable for argo cd user (#12024) (@rumstead)

Dependency updates

• 566d50f: chore(deps): bump actions/cache from 3.0.11 to 3.2.0 (#11809) (@dependabot[bot])
• abf6d73: chore(deps): bump actions/cache from 3.2.0 to 3.2.2 (#11839) (@dependabot[bot])
• 1ab4026: chore(deps): bump actions/cache from 3.2.2 to 3.2.3 (#11928) (@dependabot[bot])
• 4242cfc: chore(deps): bump actions/cache from 3.2.3 to 3.2.4 (#12228) (@dependabot[bot])
• 82ade01: chore(deps): bump actions/cache from 3.2.4 to 3.2.5 (#12433) (@dependabot[bot])
• 0fee4d2: chore(deps): bump actions/cache from 3.2.5 to 3.2.6 (#12567) (@dependabot[bot])
• 4c1bb61: chore(deps): bump actions/cache from 3.2.6 to 3.3.1 (#12845) (@dependabot[bot])
• 88936be: chore(deps): bump actions/checkout from 3.2.0 to 3.3.0 (#11895) (@dependabot[bot])
• e6a008b: chore(deps): bump actions/checkout from 3.3.0 to 3.4.0 (#12889) (@dependabot[bot])
• 983b9ca: chore(deps): bump actions/download-artifact from 3.0.1 to 3.0.2 (#11894) (@dependabot[bot])
• 852f62c: chore(deps): bump actions/setup-go from 3.4.0 to 3.5.0 (#11697) (@dependabot[bot])
• 713c794: chore(deps): bump actions/setup-go from 3.5.0 to 4.0.0 (#12888) (@dependabot[bot])
• 1c6d280: chore(deps): bump actions/setup-node from 3.5.1 to 3.6.0 (#11896) (@dependabot[bot])
• 720858f: chore(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2 (#11929) (@dependabot[bot])
• d8524e9: chore(deps): bump amannn/action-semantic-pull-request (#12434) (@dependabot[bot])
• 8d5b9f8: chore(deps): bump bitnami/kubectl in /test/container (#12786) (@dependabot[bot])
• 8fd3302: chore(deps): bump dawidd6/action-homebrew-bump-formula (#12597) (@dependabot[bot])
• 445de54: chore(deps): bump docker/build-push-action from 3.3.0 to 4.0.0 (#12908) (@dependabot[bot])
• 06b98c5: chore(deps): bump docker/setup-buildx-action from 2.2.1 to 2.4.0 (#12227) (@dependabot[bot])
• cbb8d21: chore(deps): bump docker/setup-buildx-action from 2.4.0 to 2.4.1 (#12308) (@dependabot[bot])
• cf870f8: chore(deps): bump docker/setup-buildx-action from 2.4.0 to 2.5.0 (#12910) (@dependabot[bot])
• 7dacdc6: chore(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0 (#12831) (@dependabot[bot])
• 82a1e55: chore(deps): bump github.com/aws/aws-sdk-go from 1.44.156 to 1.44.164 (#11791) (@dependabot[bot])
• f8bc471: chore(deps): bump github.com/fsnotify/fsnotify from 1.5.1 to 1.6.0 (#11553) (@dependabot[bot])
• 7db483b: chore(deps): bump github.com/go-git/go-git/v5 from 5.4.2 to 5.6.1 (#12907) (@dependabot[bot])
• d7baab2: chore(deps): bump github.com/itchyny/gojq from 0.12.9 to 0.12.10 (#11677) (@dependabot[bot])
• ed4e80c: chore(deps): bump golang.org/x/term from 0.1.0 to 0.3.0 (#11792) (@dependabot[bot])
• 0e86f10: chore(deps): bump imjasonh/setup-crane from 0.2 to 0.3 (#12504) (@dependabot[bot])
• f602e81: chore(deps): bump library/registry in /test/container (#12844) (@dependabot[bot])
• 7fafcb6: chore(deps): bump peter-evans/create-pull-request from 4.2.3 to 4.2.4 (#12911) (@dependabot[bot])
• 51c9f3e: chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#12689) (@dependabot[bot])

Other work

• ab5527c: Add Loom as user (#12953) (@wmiller112)
• 3a28c8a: Merge pull request from GHSA-2q5c-qw9c-fmvq (@crenshaw-dev)
• fbb0b99: Merge pull request from GHSA-3jfq-742w-xg8j (@crenshaw-dev)
• 95da518: Merge pull request from GHSA-6p4m-hw2h-6gmw (@czchen)
• b38bc00: Merge pull request from GHSA-q9hr-j4rf-8fjc (@crenshaw-dev)
• 9b994c4: Replace width:webkit-fill-avail with left/right 0 (#11991) (@davidusken)
• 3f10af5: Use margin-left vs left to center banner (#11642) (@drcapulet)
• 052a5d2: bug: fix url parsing for non git urls (oci://, no protocol etc) (#11819) (@alexef)
• b9b6f6f: build: Enable CI checks on PRs to release branches (#12887) (@jannfis)
• 156dbd6: chore(helm): Update helm binary to 3.11.2 (#12809) (@crabique)
• cc2a27e: chore: Add K8s v1.26, v1.25 to CI and remove v1.22 (#11957) (@jannfis)
• 4a06cb2: chore: Add Omni to list of users (#12078) (@karol-szymanowski)
• 9b3d37d: chore: Add OpenGov to USERS.md (#12566) (@highb)
• 7dcfe1f: chore: Add Sauce Labs to USERS.md (#12252) (@vherzog-sauce)
• a1cbbe4: chore: Add Vectra.ai as a user (#12765) (@omgapuppy)
• 6c7c4ec: chore: Add adyen to adopters (#12955) (@santosh-d3vpl3x)
• 2f2d44f: chore: Add help to makefile (#12134) (@jsoref)
• f9e6526: chore: Add unit tests for the shared health resource feature and fix docs (#12715) (#12720) (@reggie-k)
• eaad893: chore: CVE 2022 24999 upgrade qs (#12664) (@ciiay)
• cc0072c: chore: Clean up repeated package import (#12431) (@Fish-pro)
• b1376e9: chore: Pinned container images by digest hashes in test/container/Dockerfile (#12622) (#12623) (@adamiBs)
• 5a6f969: chore: Refactor terminal handler to use auth-middleware (#12052) (@leoluz)
• 49412a1: chore: Remove dependency on github.com/pkg/errors (#11886) (@Fish-pro)
• e18adb5: chore: Replaced /bin/rm with os.RemoveAll (#12699) (@gczuczy)
• 707cab1: chore: Reused argo define api Kind and Group (#11844) (@yanggangtony)
• 3da1eaa: chore: Reused common.DefaultRepoServerAddr (#11842) (@yanggangtony)
• 96b0eb0: chore: Support running dockerized toolchain using sudo (#11955) (@jannfis)
• 3cb1115: chore: Update USERS.md (#12193) (@bagl3y)
• 1e6a47c: chore: Update dex's image tag that is forgotten to be updated (#12234) (@nobuyo)
• e4e2077: chore: Upgrade json5 to avoid CVE-2022-46175 (#12646) (@ciiay)
• 7702d2a: chore: Upgrade loader-utils to avoid CVE (#12681) (@ciiay)
• 4b7c55a: chore: Upgrade notifications engine (#12670) (@lacarvalho91)
• 9e11f87: chore: Use topology.kubernetes.io labels for HA manifests (#12100) (@pdrastil)
• 842b55b: chore: Verbose release notes (#11144) (@crenshaw-dev)
• 74cd495: chore: add DigitalOcean to USERS.md (#12427) (@neurodrone)
• 5c656ae: chore: add Groww to USERS.md (#12365) (@md-akhtar-groww)
• 9e392fa: chore: add OpsMx to USERS.md (#11765) (@balajisiva)
• f9a5dae: chore: add alexef as reviewer (#12262) (@crenshaw-dev)
• c20301f: chore: add btech user (#12116) (@misskecupbung)
• 743b09f: chore: add cherry-pick-bot (#12591) (@34fathombelow)
• 85826e4: chore: add dist to path to use our kustomize version (#12352) (@crenshaw-dev)
• b637bc2: chore: add farfetch.com to USERS.md (@flowdopip)
• 1cc1d4a: chore: add needs context to deploy, formatting (#12920) (@34fathombelow)
• 88b6cfc: chore: add platform9 to USERS.md (#12126) (@Rohitrajak1807)
• 1cc154f: chore: better error messages (#11738) (@crenshaw-dev)
• 0c5d4d8: chore: change logging level to Debug (#11773) (@ishitasequeira)
• b9c09b9: chore: disable codeql workflow on cherry-pick branches (#12893) (@34fathombelow)
• 61f8876: chore: disable docker sbom and attestations (#12059) (@34fathombelow)
• 6050fc7: chore: don't hardcode argo-e2e* namespaces (#12871) (@blakepettersson)
• 3fd0b86: chore: fix image deploy (#12916) (@34fathombelow)
• b1e1295: chore: fix image name (#12905) (@34fathombelow)
• 100495d: chore: fix lint (#12972) (@crenshaw-dev)
• bb33e8c: chore: fix lint error (#11788) (@34fathombelow)
• 70ac450: chore: fix pre-existing Sonar bug (#12756) (@alexec)
• ac96269: chore: fix target name in comment (#11696) (@emirot)
• 90a7556: chore: fix target_version inputs (#12928) (@34fathombelow)
• 17b8180: chore: generate attestations during a release (#12484) (@34fathombelow)
• a50a67e: chore: get image digest in seperate step (#11778) (@34fathombelow)
• a9c3126: chore: inform user when a plugin's name is required (#12680) (@crenshaw-dev)
• f6e3139: chore: pin docker images by hash (#12517) (@crenshaw-dev)
• 6bef7fb: chore: pin mkdocs Python version (#12956) (@crenshaw-dev)
• 2494657: chore: rename 'progressive rollouts' to 'progressive syncs' (#12265) (@crenshaw-dev)
• 61f6530: chore: repo command give more hints. (#11849) (@yanggangtony)
• ab75405: chore: retry 'app logs' to avoid flakes (#12603) (@crenshaw-dev)
• df3bd34: chore: revert Go from 1.20 to 1.19 to avoid dev issues (#12558) (@leoluz)
• 91aff09: chore: set env in correct place for deploy (#12918) (@34fathombelow)
• 7b7c5ae: chore: slim down production image (#12620) (@blakepettersson)
• 7b74e19: chore: update redis client to v9 (#12746) (@emirot)
• 95626ee: chore: update yarn to node container's version (#12952) (@Roshick)
• 02eb67a: chore: upgrade cookiejar to avoid CVE-2022-25901 (#12030) (@crenshaw-dev)
• 1ad9125: chore: upgrade go-oidc (#11579) (@crenshaw-dev)
• 4a7f01d: chore: upgrade haproxy to 2.6.9 to avoid multiple CVEs (#12628) (@34fathombelow)
• 15b284b: chore: upgrade net/http2 to avoid CVE-2022-41717 (#11616) (@crenshaw-dev)
• 0227f87: chore: upgrade node to latest LTS (#12779) (@crenshaw-dev)
• 9923159: chore: upgrade redis to 7.0.7 to avoid CVE-2022-3996 (#11925) (@crenshaw-dev)
• 5b46eb8: chore: upgrade redis to 7.0.8 to avoid several CVEs (#12627) (@34fathombelow)
• f2810b8: chore: upgrade redis to 7.0.9 (#12790) (@crenshaw-dev)
• e75cf73: chore: upgrade to go 1.20 (#12014) (@crenshaw-dev)
• 57d01a4: chore: use format to replace fmt in log output (#11854) (@Fish-pro)
• c85902c: chore: use http constants instead of string (#12334) (@Fish-pro)
• 338245e: chore: use openssf scorecard and enable badge (#12306) (@34fathombelow)
• 58a3079: chore: use registry.k8s.io instead of k8s.gcr.io (#12362) (@34fathombelow)
• 6ee8e46: chore: 📝 Add NYCU, CS IT Center as a user (#12874) (@t106362512)
• ffff911: ci: add security warnings for PR workflow (#11803) (@crenshaw-dev)
• 43c928e: ci: enforce semantic PR title (#11779) (@crenshaw-dev)
• 8df3c19: doc: correct kustomize demo path (#11762) (@yanyixing)
• cca5e1a: docs(USERS.md): add Cloud Posse (#12923) (@dudymas)
• 7bff6c1: fix /setting only show help field if chatURL is not empty (#12316) (@shin04)
• 8b45165: fix log Filter string toggle button tooltip (#12191) (@marcio-pessoa)
• 9962620: refactor: Make fsnotify event more readable. (#11836) (@yanggangtony)
• f8407b8: test(server): add test for list repositories (#11035) (@emirot)
• 474964d: update mkdocs 1.2.3 to 1.3.0 (#12293) (@fynntang)

Full Changelog: v2.6.7...v2.7.0-rc1