Skip to content

chore(chart-deps): update argocd-image-updater to version 1.2.1 #3255

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
svcAPLBot wants to merge 8 commits into
base: main
Choose a base branch
from
Open

chore(chart-deps): update argocd-image-updater to version 1.2.1 #3255

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
0d6e1d6
chore(chart-deps): update argocd-image-updater to version 1.2.1
svcAPLBot May 17, 2026
9fd4a8f
Merge branch 'main' into ci-update-argocd-image-updater-to-1.2.1
svcAPLBot May 19, 2026
5404e42
Merge branch 'main' into ci-update-argocd-image-updater-to-1.2.1
svcAPLBot May 19, 2026
fa8cef7
Merge branch 'main' into ci-update-argocd-image-updater-to-1.2.1
svcAPLBot May 19, 2026
e871273
Merge branch 'main' into ci-update-argocd-image-updater-to-1.2.1
svcAPLBot May 20, 2026
48d7237
Merge branch 'main' into ci-update-argocd-image-updater-to-1.2.1
svcAPLBot May 20, 2026
369840d
Merge branch 'main' into ci-update-argocd-image-updater-to-1.2.1
svcAPLBot May 20, 2026
b48b787
Merge branch 'main' into ci-update-argocd-image-updater-to-1.2.1
svcAPLBot May 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion chart/chart-index/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ dependencies:
version: 9.5.14
repository: https://argoproj.github.io/argo-helm
- name: argocd-image-updater
version: 1.1.5
version: 1.2.1
repository: oci://ghcr.io/argoproj/argo-helm/argocd-image-updater
- name: cert-manager
version: v1.20.2
Expand Down
6 changes: 3 additions & 3 deletions charts/argocd-image-updater/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
annotations:
artifacthub.io/changes: |
- kind: fixed
description: Remove duplicate nodePort key from Service template when service.type is NodePort
description: Update permissions for namespaced Role
artifacthub.io/signKey: |
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
apiVersion: v2
appVersion: v1.1.1
appVersion: v1.2.0
description: A Helm chart for Argo CD Image Updater, a tool to automatically update
the container images of Kubernetes workloads which are managed by Argo CD
home: https://github.com/argoproj-labs/argocd-image-updater
Expand All @@ -20,4 +20,4 @@ maintainers:
url: https://argoproj.github.io/
name: argocd-image-updater
type: application
version: 1.1.5
version: 1.2.1
17 changes: 17 additions & 0 deletions charts/argocd-image-updater/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,18 @@ For full list of changes please check ArtifactHub [changelog].

Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.

### 1.2.0 (app version 1.2.0)

Starting with this release, the webhook server runs with **TLS enabled by default**. If you previously relied on plain HTTP, you must explicitly opt out by setting the `--disable-tls` flag or the `DISABLE_TLS` environment variable like below.

```yaml
extraEnv:
- name: DISABLE_TLS
value: "false"
```

For details, see [TLS Configuration](https://argocd-image-updater.readthedocs.io/en/stable/configuration/webhook/#tls-configuration).

### 1.0.3 (app version 1.0.2)

The upstream project changed the recommended installation namespace from `argocd-image-updater-system` to the same
Expand Down Expand Up @@ -82,6 +94,11 @@ The `config.registries` value can be used exactly as it looks in the documentati
| authScripts.enabled | bool | `false` | Whether to mount the defined scripts that can be used to authenticate with a registry, the scripts will be mounted at `/scripts` |
| authScripts.name | string | `"argocd-image-updater-authscripts"` | Name of the authentication scripts ConfigMap |
| authScripts.scripts | object | `{}` | Map of key-value pairs where the key consists of the name of the script and the value the contents. |
| certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-repo-server-tls secret |
| certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) |
| certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret |
| certificateSecret.key | string | `""` | Certificate private key |
| certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret |
| config."git.commit-message-template" | string | `""` | Changing the Git commit message |
| config."git.commit-sign-off" | bool | `false` | Enables sign off on commits |
| config."git.commit-signing-key" | string | `""` | Path to public SSH key mounted in container, or GPG key ID used to sign commits |
Expand Down
170 changes: 123 additions & 47 deletions charts/argocd-image-updater/crds/crd-imageupdaters.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.1
controller-gen.kubebuilder.io/version: v0.19.0
"helm.sh/resource-policy": keep
name: imageupdaters.argocd-image-updater.argoproj.io
spec:
Expand All @@ -16,7 +16,20 @@ spec:
singular: imageupdater
scope: Namespaced
versions:
- name: v1alpha1
- additionalPrinterColumns:
- jsonPath: .status.applicationsMatched
name: Apps
type: integer
- jsonPath: .status.imagesManaged
name: Images
type: integer
- jsonPath: .status.lastCheckedAt
name: Last Checked
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: ImageUpdater is the Schema for the imageupdaters API
Expand Down Expand Up @@ -308,6 +321,25 @@ spec:
Branch to commit updates to.
Required if write-back method is Git and this is not specified at the spec level.
type: string
pullRequest:
description: |-
PullRequest configures creation of pull requests when writing back image updates to Git.
When set, the controller opens a PR instead of pushing to the branch.
If not specified write back config method is `git`.
properties:
github:
description: GitHub configures PR creation via the
GitHub API.
type: object
gitlab:
description: GitLab configures MR creation via the
GitLab API.
type: object
type: object
x-kubernetes-validations:
- message: Exactly one of github or gitlab must be set
rule: '(has(self.github) ? 1 : 0) + (has(self.gitlab)
? 1 : 0) == 1'
repository:
description: |-
Repository URL to commit changes to.
Expand All @@ -318,7 +350,7 @@ spec:
description: |-
WriteBackTarget defines the path and type of file to update in the Git repository.
Examples: "helmvalues:./helm/values.yaml", "kustomization:./kustomize/overlays/production".
For ApplicationSet usage, `"{{ .app.path.path }}"` should be resolved by ApplicationSet
For ApplicationSet usage, `{{ .app.path.path }}` should be resolved by ApplicationSet
before this CR is generated, resulting in a concrete path here.
Required if write-back method is Git and this is not specified at the spec level.
type: string
Expand Down Expand Up @@ -392,14 +424,6 @@ spec:
This acts as the default if not overridden at a more specific level.
type: string
type: object
namespace:
description: |-
Namespace indicates the target namespace of the applications.

Deprecated: This field is deprecated and will be removed in a future release.
The controller now uses the ImageUpdater CR's namespace (metadata.namespace)
to determine which namespace to search for applications. This field is ignored.
type: string
writeBackConfig:
description: |-
WriteBackConfig provides global default settings for how and where to write back image updates.
Expand All @@ -415,6 +439,25 @@ spec:
Branch to commit updates to.
Required if write-back method is Git and this is not specified at the spec level.
type: string
pullRequest:
description: |-
PullRequest configures creation of pull requests when writing back image updates to Git.
When set, the controller opens a PR instead of pushing to the branch.
If not specified write back config method is `git`.
properties:
github:
description: GitHub configures PR creation via the GitHub
API.
type: object
gitlab:
description: GitLab configures MR creation via the GitLab
API.
type: object
type: object
x-kubernetes-validations:
- message: Exactly one of github or gitlab must be set
rule: '(has(self.github) ? 1 : 0) + (has(self.gitlab) ?
1 : 0) == 1'
repository:
description: |-
Repository URL to commit changes to.
Expand All @@ -425,7 +468,7 @@ spec:
description: |-
WriteBackTarget defines the path and type of file to update in the Git repository.
Examples: "helmvalues:./helm/values.yaml", "kustomization:./kustomize/overlays/production".
For ApplicationSet usage, `"{{ .app.path.path }}"` should be resolved by ApplicationSet
For ApplicationSet usage, `{{ .app.path.path }}` should be resolved by ApplicationSet
before this CR is generated, resulting in a concrete path here.
Required if write-back method is Git and this is not specified at the spec level.
type: string
Expand All @@ -446,7 +489,15 @@ spec:
status:
description: ImageUpdaterStatus defines the observed state of ImageUpdater
properties:
applicationsMatched:
description: ApplicationsMatched is the number of Argo CD applications
matched by this CR's selectors.
format: int32
minimum: 0
type: integer
conditions:
description: Conditions represent the latest available observations
of the resource's state.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
Expand Down Expand Up @@ -502,48 +553,73 @@ spec:
- type
type: object
type: array
imageStatus:
description: ImageStatus indicates the detailed status for the list
of managed images
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
imagesManaged:
description: ImagesManaged is the number of images that were eligible
for update checking.
format: int32
minimum: 0
type: integer
lastCheckedAt:
description: LastCheckedAt indicates when the controller last checked
for image updates.
format: date-time
type: string
lastUpdatedAt:
description: LastUpdatedAt indicates when the controller last performed
an image update.
format: date-time
type: string
observedGeneration:
description: ObservedGeneration is the most recent generation observed
by the controller.
format: int64
minimum: 0
type: integer
recentUpdates:
description: RecentUpdates contains the list of image updates performed
during the last update cycle.
items:
description: ImageStatus contains information for an image:version
and its update status in hosting applications
description: RecentUpdate records a single image update performed
during the last update.
properties:
applications:
description: Applications contains a list of applications and
when the image was last updated therein
items:
description: ImageApplicationLastUpdated contains information
for an application and when the image was last updated therein
properties:
appName:
description: AppName indicates and namespace and the application
name
type: string
lastUpdatedAt:
description: LastUpdatedAt indicates when the image in
this application was last updated
format: date-time
type: string
required:
- appName
type: object
type: array
name:
description: Name indicates the image name
alias:
description: Alias is the alias of the image configuration that
was updated.
type: string
version:
description: Version indicates the image version
applicationsUpdated:
description: ApplicationsUpdated is the number of applications
in which this image was updated.
format: int32
minimum: 0
type: integer
image:
description: Image is the full image reference.
type: string
message:
description: Message provides a human-readable description of
the update action.
type: string
newVersion:
description: NewVersion is the new tag or digest the image was
updated to.
type: string
updatedAt:
description: UpdatedAt is the timestamp when the update was
applied.
format: date-time
type: string
required:
- name
- version
- alias
- applicationsUpdated
- image
- newVersion
- updatedAt
type: object
type: array
reconciledAt:
description: LastUpdatedAt indicates when the image updater last ran
format: date-time
type: string
x-kubernetes-list-type: atomic
type: object
type: object
served: true
Expand Down
48 changes: 48 additions & 0 deletions charts/argocd-image-updater/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,12 @@ spec:
key: argocd.namespace
name: {{ .Values.config.name }}
optional: true
- name: IMAGE_UPDATER_WATCH_NAMESPACES
valueFrom:
configMapKeyRef:
name: {{ .Values.config.name }}
key: watch.namespaces
optional: true
- name: IMAGE_UPDATER_INTERVAL
valueFrom:
configMapKeyRef:
Expand Down Expand Up @@ -149,12 +155,42 @@ spec:
name: argocd-image-updater-secret
key: webhook.harbor-secret
optional: true
- name: ALIYUN_ACR_WEBHOOK_SECRET
valueFrom:
secretKeyRef:
name: argocd-image-updater-secret
key: webhook.aliyun-acr-secret
optional: true
- name: WEBHOOK_RATELIMIT_ALLOWED
valueFrom:
configMapKeyRef:
name: {{ .Values.config.name }}
key: webhook.ratelimit-allowed
optional: true
- name: DISABLE_TLS
valueFrom:
configMapKeyRef:
name: {{ .Values.config.name }}
key: disable-tls
optional: true
- name: TLS_MIN_VERSION
valueFrom:
configMapKeyRef:
name: {{ .Values.config.name }}
key: tls.min-version
optional: true
- name: TLS_MAX_VERSION
valueFrom:
configMapKeyRef:
name: {{ .Values.config.name }}
key: tls.max-version
optional: true
- name: TLS_CIPHERS
valueFrom:
configMapKeyRef:
name: {{ .Values.config.name }}
key: tls.ciphers
optional: true
{{- with .Values.extraEnv }}
{{- toYaml . | nindent 10 }}
{{- end }}
Expand Down Expand Up @@ -205,6 +241,9 @@ spec:
mountPath: /app/ssh-keys/id_rsa
readOnly: true
subPath: sshPrivateKey
- name: argocd-image-updater-tls
mountPath: /app/config/tls
readOnly: true
{{- if .Values.authScripts.enabled }}
- mountPath: /scripts
name: authscripts
Expand Down Expand Up @@ -241,6 +280,15 @@ spec:
secret:
secretName: ssh-git-creds
optional: true
- name: argocd-image-updater-tls
secret:
secretName: argocd-image-updater-tls
optional: true
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
- emptyDir: {}
name: tmp
{{- with .Values.volumes }}
Expand Down
Loading
Loading