chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.15.0

[argoproj-renovate]

This PR contains the following updates:

Package	Update	Change
argoproj-labs/argocd-image-updater	minor	v0.14.0 -> v0.15.0

---

Release Notes

argoproj-labs/argocd-image-updater (argoproj-labs/argocd-image-updater)

v0.15.0

Compare Source

What's Changed

• tests: add unit tests for pkg/cache by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/770
• feat: Support other namespaces than argocd in AIU by @​sribiere-jellysmack in https://github.com/argoproj-labs/argocd-image-updater/pull/763
• chore(tests): Add unit tests to image-updater pkg/health, pkg/version and pkg/registry by @​Mangaal in https://github.com/argoproj-labs/argocd-image-updater/pull/771
• chore(lint): Enable spelling linter by @​jannfis in https://github.com/argoproj-labs/argocd-image-updater/pull/773
• chore(build): Update GitHub actions used during CI by @​jannfis in https://github.com/argoproj-labs/argocd-image-updater/pull/774
• Update dependabot by @​JunHyungJang in https://github.com/argoproj-labs/argocd-image-updater/pull/775
• chore(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/778
• chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/781
• chore(deps): bump github/codeql-action from 2 to 3 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/777
• chore(deps): bump github.com/prometheus/client_golang from 1.16.0 to 1.19.1 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/780
• Use status instead of spec for determining source types by @​Sovietaced in https://github.com/argoproj-labs/argocd-image-updater/pull/772
• Preserve field order when updating kustomization.yaml file by @​jtdoepke in https://github.com/argoproj-labs/argocd-image-updater/pull/666
• feat(actions): add create-release-draft action by @​zarbis in https://github.com/argoproj-labs/argocd-image-updater/pull/787
• fix(actions): add instruction and fix workflow trigger condition by @​zarbis in https://github.com/argoproj-labs/argocd-image-updater/pull/788
• Fix updates to multiple images when using helm values file by @​ljupchokotev in https://github.com/argoproj-labs/argocd-image-updater/pull/790
• chore(deps): bump github.com/argoproj/argo-cd/v2 from 2.11.2 to 2.11.6 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/792
• chore(deps): bump alpine from 3.19 to 3.20 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/776
• Fix release draft script by @​zarbis in https://github.com/argoproj-labs/argocd-image-updater/pull/811
• chore(release): make sure release branch exist on remote before proceeding by @​zarbis in https://github.com/argoproj-labs/argocd-image-updater/pull/813
• fix(release-draft): remove unnecessary working directory in image builder by @​zarbis in https://github.com/argoproj-labs/argocd-image-updater/pull/817
• tests: Add unit tests to image-updater pkg/image by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/810
• tests: Add unit tests for pkg/argocd by @​ishitasequeira in https://github.com/argoproj-labs/argocd-image-updater/pull/818
• chore(deps): bump go.uber.org/ratelimit from 0.3.0 to 0.3.1 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/804
• chore(deps): bump github.com/argoproj/argo-cd/v2 from 2.11.6 to 2.11.7 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/801
• chore(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc4 to 1.1.0 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/803
• docs: fix grammatical errors by @​Cornul11 in https://github.com/argoproj-labs/argocd-image-updater/pull/807
• fix: Improper parsing of image identifiers having both tag name and digest by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/815
• chore(deps): upgrade golangci-lint from v1.57.2 to v1.59.1; change golangci-lint vet to govet by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/819
• Add unit tests for pkg/argocd/gitcreds.go by @​ishitasequeira in https://github.com/argoproj-labs/argocd-image-updater/pull/820
• chore(release): disable changelog generation by @​zarbis in https://github.com/argoproj-labs/argocd-image-updater/pull/826
• feat!: Filter labels on the server instead of client to allow more label filtering options by @​jnovick in https://github.com/argoproj-labs/argocd-image-updater/pull/832
• feat: Use shallow clone to speed up performance by @​jnovick in https://github.com/argoproj-labs/argocd-image-updater/pull/830
• docs: added release process by @​kostis-codefresh in https://github.com/argoproj-labs/argocd-image-updater/pull/827
• chore: removed unused workflow by @​kostis-codefresh in https://github.com/argoproj-labs/argocd-image-updater/pull/828
• chore: add e2e tests for filtering applications by label with match-application-label command line option by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/834
• tests(e2e): Add e2e test for filtering apps by name with match-application-name option by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/841
• Allow setting new value in Helm values file by @​jnovick in https://github.com/argoproj-labs/argocd-image-updater/pull/838
• fix: Multiple aliases for the same image only 1 parameter is updated by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/846
• fix: warnings from golangci-lint: S1009 should omit nil check; non-constant format string in call to fmt.Errorf by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/849
• fix: allow the specific image platform os/arch/variant to meet the requirement for a broader image platform os/arch by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/858
• docs: use the correct annotation name platforms instead of platform; fix link to registries.md; improve table formatting by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/856
• chore(deps): bump golang from 1.22 to 1.23 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/850
• chore(deps): bump github.com/bmatcuk/doublestar/v4 from 4.6.0 to 4.6.1 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/851
• feat: Sync namespace for Event to the Application namespace (#​847) by @​jortkoopmans in https://github.com/argoproj-labs/argocd-image-updater/pull/848
• fix: failed to process a full image-spec annotation with git writeback to helmvalues by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/843
• Add e2e test for app-wide-upgrade-strategy by @​ishitasequeira in https://github.com/argoproj-labs/argocd-image-updater/pull/842
• tests: add tests for github app credentials by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/862
• fix: missing namespace on clusterrolebinding in install manifests by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/860
• chore: update argocd version in test/e2e/prereqs/argocd/kustomization.yaml by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/863
• chore: update test cmd update-strategy description to include all 4 values (semver, newest-build, alphabetical, digest) by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/864
• tests: Improve unit tests for pkg/registry/client.go by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/865
• fix: Kustomize skip commit if nothing changed by @​Fs02 in https://github.com/argoproj-labs/argocd-image-updater/pull/607
• Add e2e test for adding configMap to allow defining parameters for SSH client by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/873
• fix(git): write back to custom git branch failed by rejected push: tip of your current branch is behind by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/882
• chore(deps): bump github.com/google/uuid from 1.3.1 to 1.6.0 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/875
• chore(deps): bump google.golang.org/grpc from 1.59.0 to 1.67.1 by @​dependabot in https://github.com/argoproj-labs/argocd-image-updater/pull/876
• k8sClient get resources across all namespaces (#​601) by @​jortkoopmans in https://github.com/argoproj-labs/argocd-image-updater/pull/854
• chore: Address comments in PR #​854 by @​ishitasequeira in https://github.com/argoproj-labs/argocd-image-updater/pull/886
• Add e2e tests for apps in any namespace feature by @​ishitasequeira in https://github.com/argoproj-labs/argocd-image-updater/pull/844
• fix: Git write back to helm values is incorrect during the first pass and corrupts existing data by @​chengfang in https://github.com/argoproj-labs/argocd-image-updater/pull/885
• Release 0.15.0 by @​pasha-codefresh in https://github.com/argoproj-labs/argocd-image-updater/pull/891

New Contributors

• @​sribiere-jellysmack made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/763
• @​JunHyungJang made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/775
• @​Sovietaced made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/772
• @​jtdoepke made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/666
• @​zarbis made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/787
• @​ljupchokotev made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/790
• @​ishitasequeira made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/818
• @​Cornul11 made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/807
• @​jortkoopmans made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/848
• @​Fs02 made their first contribution in https://github.com/argoproj-labs/argocd-image-updater/pull/607

Full Changelog: argoproj-labs/argocd-image-updater@v0.14.0...v0.15.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[kyleli666]

https://github.com/argoproj-labs/argocd-image-updater/blob/e9c78e0bcb490bc73e8cc3d1b07356fdfee3a404/manifests/base/rbac/argocd-image-updater-clusterrole.yaml

v0.15.0 adds new clusterrole and binding which should be included

[yu-croco]

📝 The original info is argoproj-labs/argocd-image-updater#847 .

[yu-croco]

We need to add ClusterRole and ClusterRoleBinding in rbac.yaml like below and I have two questions ... 🤔

• Can if condition be same as Role/Rolebinding, if .Values.rbac.enabled ?
• How do we define argocd namespace in ClusterRoleBinding in value.yaml ?
  • .Values.rbac.argocdNamespace ??? There is the value config.argocd.xxx but it's for flags.

@mkilchhofer @imranismail WDYT? 🫠

{{- if .Values.rbac.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    {{- include "argocd-image-updater.labels" . | nindent 4 }}
  name: {{ include "argocd-image-updater.fullname" . }}
  namespace: {{ include "argocd-image-updater.namespace" . | quote }}
rules:
  - apiGroups:
    - ""
    resources:
      - events
    verbs:
      - create
  - apiGroups:
      - argoproj.io
    resources:
      - applications
    verbs:
      - get
      - list
      - update
      - patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    {{- include "argocd-image-updater.labels" . | nindent 4 }}
  name: {{ include "argocd-image-updater.fullname" . }}
  namespace: {{ include "argocd-image-updater.namespace" . | quote }}
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: {{ include "argocd-image-updater.fullname" . }}
subjects:
  - kind: ServiceAccount
    name: {{ include "argocd-image-updater.serviceAccountName" . }}
    namespace: "argocd" # How can we define as values.yaml?
{{- end }}

[mkilchhofer]

How do we define argocd namespace in ClusterRoleBinding in value.yaml ?

• .Values.rbac.argocdNamespace ??? There is the value config.argocd.xxx but it's for flags.

I think we can use the clusterrole directly as-is from upstream. We need to grant access for creating Events to the ServiceAccount of the AIU, not reuse the ServiceAccount of Argo CD.

See: https://github.com/argoproj-labs/argocd-image-updater/pull/848/files#diff-085adbc8bea5279ae0da31de54e660d34708509979e708a566d8e5f5339822d8R84

We could use an and with a pattern used in argo-cd chart:

argo-helm/charts/argo-cd/values.yaml

Lines 23 to 24 in 85121e8

	## Used when you manage applications in the same cluster where Argo CD runs
	createClusterRoles: true

What about like this? :

{{- if and .Values.rbac.enabled .Values.createClusterRoles }}

[yu-croco]

Hi @mkilchhofer , thank you for your reply. That's a good idea.
I made a PR #2992 . 🙋

[yu-croco]

The version update will be handled in #2992

[argoproj-renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v0.15.0). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.