Jann Fischer
Jann Fischer
I still have issues testing this code locally. What is the proper way to use the new `sources` field? Is it complementary to `source`, or is a `source` xor `sources`...
Yes, I actually merged the linked PR without looking at this issue. I'm totally in favor of this enhancement proposal. Thanks.
I'm not necessarily fond of exposing it as a ~~first class~~ top level command. I think the right place where it should live is at `argocd admin account` - WDYT?
To me it seems that the kubelet performing the readiness check does not like TLS 1.2, and wants TLS 1.3 on the probe?
> Does anyone know if this is something that will be looked into during the merge? During the merge, there most likely won't be any functional changes. But support for...
Hm, according to our [Casbin model](https://github.com/argoproj/argo-cd/blob/master/assets/model.conf), we don't use any priority model. I think our model uses simple allow/deny patterns, with deny overriding any allow statement. But we should verify...
This change should also be reflected in the `argocd admin settings rbac can` command, which can operate from the live configuration to check certain RBAC constraints. Probably https://github.com/argoproj/argo-cd/blob/33fa916bf5fdad348e164db713e17321749bb083/cmd/argocd/commands/admin/settings_rbac.go#L248 should return...
Thanks for taking this forward, @jessesuen. My personal opinion is, that implementing such a feature - along with other changes in how permissions are managed - would be a real...
I want to remind about https://github.com/argoproj/argo-cd/security/policy#a-word-about-security-scanners Please re-evaluate the list of CVEs reported for the image. I did some random check of some of the CVEs from your list, and...
Another random one from your list: [ CVE-2022-21235](https://github.com/advisories/GHSA-6635-c626-vj4r), which affects the package `github.com/Masterminds/vcs`. However, this is not even part of our dependencies. I wonder how Twistlock would come up with...