Robot Upgrade: argo-cd chart upgrade from 8.1.0 to 9.4.3

[weizhoublue]

I am robot, upgrade: project argo-cd chart upgrade from 8.1.0 to 9.4.3

[gemini-code-assist]

Summary of Changes

Hello @weizhoublue, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request performs a significant upgrade of the Argo CD Helm chart, moving from version 8.1.0 to 9.4.3. This update encompasses a bump in the underlying Argo CD application version to v3.3.1 and its Redis-HA dependency to 4.34.11. The changes introduce expanded support for modern Kubernetes networking constructs like the Gateway API and AKS Application Routing, alongside a suite of new configuration parameters for finer control over deployment labels, resource autoscaling, and network policies. The update also includes improvements to Redis stability and general chart maintenance.

Highlights

• Argo CD Chart Upgrade: The Argo CD Helm chart has been upgraded from version 8.1.0 to 9.4.3, which includes an upgrade of the core Argo CD application to v3.3.1.
• Redis-HA Subchart Update: The Redis-HA subchart, a dependency of Argo CD, has been updated from version 4.33.7 to 4.34.11, bringing new features and stability improvements.
• Enhanced Ingress and Gateway API Support: Documentation and configuration options have been added for AKS Application Routing and experimental Gateway API resources (HTTPRoute, GRPCRoute, BackendTLSPolicy), offering more flexible ingress traffic management.
• New Configuration Options: Numerous new configuration parameters have been introduced across various components, including global deployment labels, Vertical Pod Autoscaler (VPA) for the application controller, and fine-grained network policy controls for several services.
• Refined Network Policies and Probes: Network policy definitions have been updated to be more granular, and liveness/readiness probes for the repo server and main server now have explicit enable/disable options.
• Redis Split-Brain Detection Improvement: The Redis-HA chart's split-brain detection logic has been enhanced with retry mechanisms to improve resilience and stability.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• charts/argo-cd/argo-cd/Chart.yaml
  • Updated 'artifacthub.io/changes' description to reflect Argo CD v3.3.1 bump.
  • Bumped 'appVersion' to 'v3.3.1'.
  • Bumped 'version' to '9.4.3'.
  • Updated 'dependencies.argo-cd.version' to '9.4.3'.
• charts/argo-cd/argo-cd/README.md
  • Added documentation for AKS Application Routing and Gateway API (HTTPRoute, GRPCRoute, BackendTLSPolicy).
  • Added a section on setting initial admin password via Argo CD Application CR.
  • Added changelog entries for versions 9.1.0 and 9.0.0, detailing breaking changes related to 'redis-ha' and 'configs.params'.
  • Corrected a typo from 'Addtional' to 'Additional' for 'crds.additionalLabels'.
  • Clarified the note regarding 'configs.cm' and 'configs.params' in Global Configs.
  • Added new global configuration options: 'global.deploymentLabels', 'global.extraVolumeMounts', 'global.extraVolumes'.
  • Removed 'configs.cm."server.rbac.log.enforce.enable"' parameter.
  • Removed several 'configs.params' entries, indicating a shift in how these parameters are managed.
  • Added 'controller.deploymentLabels', 'controller.networkPolicy.create', 'controller.roleRules', and 'controller.vpa' configuration options.
  • Added 'repoServer.copyutil.resources', 'repoServer.deploymentLabels', 'repoServer.livenessProbe.enabled', 'repoServer.networkPolicy.create', and 'repoServer.readinessProbe.enabled' configuration options.
  • Added 'server.backendTLSPolicy', 'server.deploymentLabels', 'server.grpcroute', 'server.httproute', 'server.livenessProbe.enabled', 'server.networkPolicy.create', and 'server.readinessProbe.enabled' configuration options.
  • Added 'dex.deploymentLabels' and 'dex.networkPolicy.create' configuration options.
  • Updated 'dex.image.tag' to 'v2.44.0'.
  • Added 'redis.deploymentLabels' and 'redis.networkPolicy.create' configuration options.
  • Updated 'redis.exporter.image.tag' to 'v1.81.0'.
  • Updated 'redis.image.tag' to '8.2.3-alpine'.
  • Updated 'redis-ha.exporter.tag' to 'v1.75.0'.
  • Updated 'redis-ha.image.tag' to '8.2.3-alpine'.
  • Added 'redisSecretInit.extraArgs', 'redisSecretInit.runtimeClassName' configuration options.
  • Added 'applicationSet.deploymentLabels' and 'applicationSet.networkPolicy.create' configuration options.
  • Added 'notifications.deploymentLabels' and 'notifications.networkPolicy.create' configuration options.
  • Added 'commitServer.deploymentLabels', 'commitServer.networkPolicy.create', 'commitServer.service.port', and 'commitServer.service.portName' configuration options.
• charts/argo-cd/argo-cd/charts/argo-cd/Chart.lock
  • Updated 'redis-ha' dependency version from '4.33.7' to '4.34.11'.
  • Updated 'digest' and 'generated' timestamps.
• charts/argo-cd/argo-cd/charts/argo-cd/Chart.yaml
  • Updated 'artifacthub.io/changes' description to reflect Argo CD v3.3.1 bump.
  • Bumped 'appVersion' to 'v3.3.1'.
  • Updated 'dependencies.redis-ha.version' to '4.34.11'.
  • Bumped 'version' to '9.4.3'.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/Chart.yaml
  • Updated 'appVersion' to '8.2.1'.
  • Updated 'home' URL and 'icon' image.
  • Updated 'version' to '4.34.11'.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/README.md
  • Added 'Helm v3+' requirement.
  • Added 'authSecretAnnotations' to configurable parameters.
  • Updated 'image.tag' to '8.2.1-alpine'.
  • Added 'redis.podAnnotations' to configurable parameters.
  • Updated 'redis.startupProbe' parameters.
  • Added 'restore.redis.source' to configurable parameters.
  • Changed 'serviceAccount.automountToken' default to 'false'.
  • Added 'splitBrainDetection.retryInterval' to configurable parameters.
  • Added 'tolerations' to configurable parameters.
  • Added 'haproxy.deploymentAnnotations' and 'haproxy.podAnnotations' to configurable parameters.
  • Updated 'haproxy.image.tag' to '3.0.8-alpine'.
  • Changed 'haproxy.serviceAccount.automountToken' default to 'true'.
  • Updated 'exporter.image' repository to 'quay.io/oliver006/redis_exporter'.
  • Added 'exporter.serviceMonitor.metricRelabelings' and 'exporter.serviceMonitor.relabelings'.
  • Updated 'exporter.tag' to 'v1.67.0'.
  • Updated the description of split-brain detection logic to include retry intervals.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/_configs.tpl
  • Added retry logic with 'splitBrainDetection.retryInterval' for master role and replication checks in split-brain detection script.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/_helpers.tpl
  • Added a new 'redis-ports' template to define Redis ports for network policies.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-auth-secret.yaml
  • Added support for 'authSecretAnnotations' to the Redis auth secret.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-ha-announce-service.yaml
  • Updated 'semverCompare' to use '.Capabilities.KubeVersion.Version' instead of '.Capabilities.KubeVersion.GitVersion'.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-ha-network-policy.yaml
  • Modified network policy rules to use the new 'redis-ports' template.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-ha-prometheus-rule.yaml
  • Conditionally added 'prometheusRule.additionalLabels' to the PrometheusRule metadata.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-ha-servicemonitor.yaml
  • Added 'metricRelabelings' and 'relabelings' to the ServiceMonitor configuration.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-deployment.yaml
  • Added 'component: haproxy' label to various selectors and templates.
  • Added support for 'haproxy.deploymentAnnotations' and 'haproxy.podAnnotations'.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-network-policy.yaml
  • Added 'component: haproxy' label to pod selectors.
  • Modified network policy rules to use the new 'redis-ports' template.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-pdb.yaml
  • Added 'component: haproxy' label to the pod selector.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-role.yaml
  • Changed 'component' label from '{{ template "redis-ha.fullname" . }}-haproxy' to 'haproxy'.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-rolebinding.yaml
  • Changed 'component' label from '{{ template "redis-ha.fullname" . }}-haproxy' to 'haproxy'.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-service.yaml
  • Changed 'component' label from '{{ template "redis-ha.fullname" . }}-haproxy' to 'haproxy'.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-servicemonitor.yaml
  • Changed 'component' label from '{{ template "redis-ha.fullname" . }}-haproxy' to 'haproxy'.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/templates/tests/test-redis-ha-pod.yaml
  • Added support for 'podAnnotations'.
• charts/argo-cd/argo-cd/charts/argo-cd/charts/redis-ha/values.yaml
  • Updated 'image.tag' to '8.2.1-alpine'.
  • Added 'haproxy.deploymentAnnotations' and 'haproxy.podAnnotations'.
  • Added 'redis.podAnnotations'.
  • Added 'sysctls' example to 'securityContext'.
  • Added 'tolerations'.
  • Added 'exporter.serviceMonitor.relabelings' and 'exporter.serviceMonitor.metricRelabelings'.
  • Added 'authSecretAnnotations'.
  • Added 'splitBrainDetection.retryInterval'.
  • Updated 'haproxy.image.tag' to '3.0.8-alpine'.
  • Updated 'exporter.image' to 'quay.io/oliver006/redis_exporter'.
  • Updated 'exporter.tag' to 'v1.67.0'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/NOTES.txt
  • Modified the port-forward instruction to dynamically adjust the URL based on 'server.rootpath'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/_helpers.tpl
  • Added 'commitServer' to the list of components for logging presets.
  • Added 'argo-cd.kubeVersion' and 'argo-cd.apiVersions.monitoring' templates.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-application-controller/deployment.yaml
  • Added 'global.deploymentLabels' and 'controller.deploymentLabels' to deployment labels.
  • Added 'ARGOCD_SYNC_WAVE_DELAY' and 'ARGOCD_APPLICATION_CONTROLLER_COMMIT_SERVER' environment variables.
  • Concatenated 'global.extraVolumeMounts' and 'controller.volumeMounts'.
  • Concatenated 'global.extraVolumes' and 'controller.volumes'.
  • Added 'emptyDir.sizeLimit' for 'argocd-application-controller-tmp' volume.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml
  • Modified condition to include 'controller.networkPolicy.create'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-application-controller/role.yaml
  • Added conditional rendering for 'controller.roleRules'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml
  • Updated API version check to use 'argo-cd.apiVersions.monitoring' helper.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml
  • Added 'ARGOCD_SYNC_WAVE_DELAY' and 'ARGOCD_APPLICATION_CONTROLLER_COMMIT_SERVER' environment variables.
  • Concatenated 'global.extraVolumeMounts' and 'controller.volumeMounts'.
  • Concatenated 'global.extraVolumes' and 'controller.volumes'.
  • Added 'emptyDir.sizeLimit' for 'argocd-application-controller-tmp' volume.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-application-controller/vpa.yaml
  • Added new file for Vertical Pod Autoscaler for application controller.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml
  • Removed 'applicationsets/status' from the first rule.
  • Updated rules for 'applicationsets/status', 'events', 'configmaps', and 'leases'.
  • Added separate rules for 'leases' to handle 'create' with and without 'resourceNames'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-applicationset/deployment.yaml
  • Added 'global.deploymentLabels' and 'applicationSet.deploymentLabels' to deployment labels.
  • Added 'ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_GITHUB_API_METRICS' and 'ARGOCD_APPLICATIONSET_CONTROLLER_MAX_RESOURCES_STATUS_COUNT' environment variables.
  • Concatenated 'global.extraVolumeMounts' and 'applicationSet.extraVolumeMounts'.
  • Added 'argocd-cmd-params-cm' volume mount.
  • Concatenated 'global.extraVolumes' and 'applicationSet.extraVolumes'.
  • Added 'applicationsetcontroller.profile.enabled' item to 'argocd-cmd-params-cm' volume.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml
  • Modified condition to include 'applicationSet.networkPolicy.create'.
  • Removed conditional rendering for metrics port.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-applicationset/role.yaml
  • Updated rules for 'leases' to handle 'create' with and without 'resourceNames'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml
  • Updated API version check to use 'argo-cd.apiVersions.monitoring' helper.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-commit-server/deployment.yaml
  • Added 'global.deploymentLabels' and 'commitServer.deploymentLabels' to deployment labels.
  • Concatenated 'global.extraVolumeMounts' and 'commitServer.extraVolumeMounts'.
  • Removed 'copyutil' init container.
  • Concatenated 'global.extraVolumes' and 'commitServer.extraVolumes'.
  • Removed 'var-files' emptyDir volume.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-commit-server/networkpolicy.yaml
  • Modified condition to include 'commitServer.networkPolicy.create'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-commit-server/service.yaml
  • Updated service port and target port to use 'commitServer.service.portName' and 'commitServer.service.port'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-notifications/deployment.yaml
  • Added 'global.deploymentLabels' and 'notifications.deploymentLabels' to deployment labels.
  • Added 'checksum/cmd-params' annotation to pod metadata.
  • Concatenated 'global.extraVolumeMounts' and 'notifications.extraVolumeMounts'.
  • Concatenated 'global.extraVolumes' and 'notifications.extraVolumes'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml
  • Modified condition to include 'notifications.networkPolicy.create'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml
  • Updated API version check to use 'argo-cd.apiVersions.monitoring' helper.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-repo-server/deployment.yaml
  • Added 'global.deploymentLabels' and 'repoServer.deploymentLabels' to deployment labels.
  • Added new environment variables for OCI manifest size, media types, built-in Git config, and gRPC max size.
  • Concatenated 'global.extraVolumeMounts' and 'repoServer.volumeMounts'.
  • Added conditional 'livenessProbe' and 'readinessProbe' based on 'repoServer.livenessProbe.enabled' and 'repoServer.readinessProbe.enabled'.
  • Updated 'copyutil' init container command and resources to use 'repoServer.copyutil.resources'.
  • Concatenated 'global.extraVolumes' and 'repoServer.volumes'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml
  • Modified condition to include 'repoServer.networkPolicy.create'.
  • Removed conditional rendering for metrics port.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml
  • Updated API version check to use 'argo-cd.apiVersions.monitoring' helper.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-server/aws/service.yaml
  • Added support for 'server.ingress.aws.serviceAnnotations'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-server/backendtlspolicy.yaml
  • Added new file for Gateway API BackendTLSPolicy.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-server/deployment.yaml
  • Added 'global.deploymentLabels' and 'server.deploymentLabels' to deployment labels.
  • Removed 'ARGOCD_SERVER_LOGIN_ATTEMPTS_EXPIRATION' environment variable.
  • Added 'ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_GITHUB_API_METRICS' environment variable.
  • Concatenated 'global.extraVolumeMounts' and 'server.volumeMounts'.
  • Added conditional 'livenessProbe' and 'readinessProbe' based on 'server.livenessProbe.enabled' and 'server.readinessProbe.enabled'.
  • Concatenated 'global.extraVolumes' and 'server.volumes'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-server/gke/ingress.yaml
  • Updated 'ingressClassName' annotation to 'kubernetes.io/ingress.class' and made it conditional.
  • Removed 'ingressClassName' field from spec.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-server/grpcroute.yaml
  • Added new file for Gateway API GRPCRoute.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-server/httproute.yaml
  • Added new file for Gateway API HTTPRoute.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-server/networkpolicy.yaml
  • Modified condition to include 'server.networkPolicy.create'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-server/service.yaml
  • Modified 'nodePort' conditions to check if 'nodePortHttp' or 'nodePortHttps' are set.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/argocd-server/servicemonitor.yaml
  • Updated API version check to use 'argo-cd.apiVersions.monitoring' helper.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/crds/crd-project.yaml
  • Updated descriptions for 'ClusterResourceRestrictionItem' and added 'name' field.
  • Added 'maxLength: 255' to project 'description'.
  • Added 'description' field to sync window.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/dex/deployment.yaml
  • Added 'global.deploymentLabels' and 'dex.deploymentLabels' to deployment labels.
  • Concatenated 'global.extraVolumeMounts' and 'dex.volumeMounts'.
  • Concatenated 'global.extraVolumes' and 'dex.volumes'.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/dex/networkpolicy.yaml
  • Modified condition to include 'dex.networkPolicy.create'.
  • Removed conditional rendering for metrics port.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/dex/servicemonitor.yaml
  • Updated API version check to use 'argo-cd.apiVersions.monitoring' helper.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/redis-secret-init/job.yaml
  • Added 'redisSecretInit.runtimeClassName' to job spec.
  • Added 'redisSecretInit.extraArgs' to command arguments.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/redis/deployment.yaml
  • Added 'global.deploymentLabels' and 'redis.deploymentLabels' to deployment labels.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/redis/networkpolicy.yaml
  • Modified condition to include 'redis.networkPolicy.create'.
  • Removed conditional rendering for metrics port.
• charts/argo-cd/argo-cd/charts/argo-cd/templates/redis/servicemonitor.yaml
  • Updated API version check to use 'argo-cd.apiVersions.monitoring' helper.
• charts/argo-cd/argo-cd/charts/argo-cd/values.yaml
  • Corrected typo 'Addtional' to 'Additional' for 'crds.additionalLabels'.
  • Added 'global.deploymentLabels', 'global.extraVolumes', 'global.extraVolumeMounts'.
  • Removed 'server.rbac.log.enforce.enable' from 'configs.cm'.
  • Removed several 'configs.params' entries.
  • Added 'controller.vpa', 'controller.deploymentLabels', 'controller.roleRules', 'controller.networkPolicy.create'.
  • Updated 'dex.image.tag' to 'v2.44.0'.
  • Added 'dex.deploymentLabels', 'dex.networkPolicy.create'.
  • Updated 'redis.image.tag' to '8.2.3-alpine'.
  • Updated 'redis.exporter.image.tag' to 'v1.81.0'.
  • Added 'redis.deploymentLabels', 'redis.networkPolicy.create'.
  • Updated 'redis-ha.image.tag' to '8.2.3-alpine'.
  • Updated 'redis-ha.exporter.tag' to 'v1.75.0'.
  • Added 'redisSecretInit.extraArgs', 'redisSecretInit.runtimeClassName'.
  • Updated 'redisSecretInit.image.tag' to 'v3.3.1'.
  • Updated 'server.extensions.image.tag' to 'v0.0.9'.
  • Added 'server.deploymentLabels', 'server.readinessProbe.enabled', 'server.livenessProbe.enabled', 'server.ingress.aws.serviceAnnotations', 'server.httproute', 'server.grpcroute', 'server.backendTLSPolicy', 'server.networkPolicy.create'.
  • Added 'repoServer.copyutil', 'repoServer.deploymentLabels', 'repoServer.readinessProbe.enabled', 'repoServer.livenessProbe.enabled', 'repoServer.networkPolicy.create'.
  • Added 'applicationSet.deploymentLabels', 'applicationSet.networkPolicy.create'.
  • Added 'notifications.deploymentLabels', 'notifications.networkPolicy.create'.
  • Added 'commitServer.service.port', 'commitServer.service.portName', 'commitServer.deploymentLabels', 'commitServer.networkPolicy.create'.
• charts/argo-cd/argo-cd/values.yaml
  • Corrected typo 'Addtional' to 'Additional' for 'crds.additionalLabels'.
  • Updated 'argo-cd.image.tag' to 'v3.3.1'.
  • Added 'global.deploymentLabels', 'global.extraVolumes', 'global.extraVolumeMounts'.
  • Removed 'server.rbac.log.enforce.enable' from 'configs.cm'.
  • Removed several 'configs.params' entries.
  • Added 'controller.vpa', 'controller.deploymentLabels', 'controller.roleRules', 'controller.networkPolicy.create'.
  • Updated 'dex.image.tag' to 'v2.44.0'.
  • Added 'dex.deploymentLabels', 'dex.networkPolicy.create'.
  • Updated 'redis.image.tag' to '8.2.3-alpine'.
  • Updated 'redis.exporter.image.tag' to 'v1.81.0'.
  • Added 'redis.deploymentLabels', 'redis.networkPolicy.create'.
  • Updated 'redis-ha.image.tag' to '8.2.3-alpine'.
  • Updated 'redis-ha.exporter.tag' to 'v1.75.0'.
  • Added 'redisSecretInit.extraArgs', 'redisSecretInit.runtimeClassName'.
  • Updated 'redisSecretInit.image.tag' to 'v3.3.1'.
  • Updated 'server.extensions.image.tag' to 'v0.0.9'.
  • Added 'server.deploymentLabels', 'server.readinessProbe.enabled', 'server.livenessProbe.enabled', 'server.ingress.aws.serviceAnnotations', 'server.httproute', 'server.grpcroute', 'server.backendTLSPolicy', 'server.networkPolicy.create'.
  • Added 'repoServer.copyutil', 'repoServer.deploymentLabels', 'repoServer.readinessProbe.enabled', 'repoServer.livenessProbe.enabled', 'repoServer.networkPolicy.create'.
  • Added 'applicationSet.deploymentLabels', 'applicationSet.networkPolicy.create'.
  • Added 'notifications.deploymentLabels', 'notifications.networkPolicy.create'.
  • Added 'commitServer.service.port', 'commitServer.service.portName', 'commitServer.deploymentLabels', 'commitServer.networkPolicy.create'.
• charts/argo-cd/config
  • Updated 'VERSION' from '8.1.0' to '9.4.3'.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request upgrades the argo-cd chart from version 8.1.0 to 9.4.3, bumping the appVersion to v3.3.1 and updating its dependencies. It introduces new features such as VPA support and Gateway API integration, with corresponding documentation updates. A critical security concern has been identified: a potential command injection vulnerability in the redis-ha subchart templates, where a Helm value is directly injected into a shell script used for split-brain detection. Furthermore, a critical typo in a new template and minor grammatical and consistency issues in the documentation need to be addressed.

[gemini-code-assist]

There is a typo in the key annnotaions. It should be annotations. This will prevent any annotations from being applied to the VerticalPodAutoscaler resource.

  annotations:

[gemini-code-assist]

The template directly injects the value of .Values.splitBrainDetection.retryInterval into a shell script without any validation or quoting. If an attacker can control this Helm value (e.g., via an Argo CD Application override), they can achieve arbitrary command execution within the container by providing a value like 10; touch /tmp/pwned.

Recommendation: Ensure the value is a number by casting it to an integer in the template.

                sleep {{ .Values.splitBrainDetection.retryInterval | int }}

[gemini-code-assist]

The template directly injects the value of .Values.splitBrainDetection.retryInterval into a shell script without any validation or quoting. If an attacker can control this Helm value (e.g., via an Argo CD Application override), they can achieve arbitrary command execution within the container by providing a value like 10; touch /tmp/pwned.

Recommendation: Ensure the value is a number by casting it to an integer in the template.

                sleep {{ .Values.splitBrainDetection.retryInterval | int }}

[gemini-code-assist]

For consistency with the rest of the document and the project's official name, ArgoCD should be written as Argo CD.

Suggested change

This chart contains a breaking change (if using `redis-ha`), which was introduced by the dependency `redis-ha` (as seen [here](https://github.com/DandyDeveloper/charts/blob/a03b6a6f4d72b6606ce9a218c7d0026350b48ad0/charts/redis-ha/README.md#4341---upgrade-may-complain-about-selector-label-changes-being-immutable)). The upgrade will complain about selector label changes being immutable, which requires a replacement of the `argocd-redis-ha-haproxy` deployment. To overcome this, you will need to delete (orphaning children) this deployment, updated ArgoCD to disable server-side diffing, then allow the new deployment of `argocd-redis-ha-haproxy` to rollout with the updated label selectors.

This chart contains a breaking change (if using `redis-ha`), which was introduced by the dependency `redis-ha` (as seen [here](https://github.com/DandyDeveloper/charts/blob/a03b6a6f4d72b6606ce9a218c7d0026350b48ad0/charts/redis-ha/README.md#4341---upgrade-may-complain-about-selector-label-changes-being-immutable)). The upgrade will complain about selector label changes being immutable, which requires a replacement of the `argocd-redis-ha-haproxy` deployment. To overcome this, you will need to delete (orphaning children) this deployment, updated Argo CD to disable server-side diffing, then allow the new deployment of `argocd-redis-ha-haproxy` to rollout with the updated label selectors.

[gemini-code-assist]

There's a grammatical error here. its is possessive, but it's (a contraction of "it is") is needed for "it is suggested".

Suggested change

> Note: If server-side diffing is enabled, you will need to revert this to use client-side diffing, otherwise ArgoCD will be in an Unknown status. More information [here](https://github.com/argoproj/argo-cd/issues/25184). If you happened to upgrade this helm chart before configuring client-side diffing, you will need to delete (orphaning children) the `argocd-redis-ha-haproxy` deployment; once the newest deployment has rolled out, its suggested to cleanup the orphaned ReplicaSets

> Note: If server-side diffing is enabled, you will need to revert this to use client-side diffing, otherwise ArgoCD will be in an Unknown status. More information [here](https://github.com/argoproj/argo-cd/issues/25184). If you happened to upgrade this helm chart before configuring client-side diffing, you will need to delete (orphaning children) the `argocd-redis-ha-haproxy` deployment; once the newest deployment has rolled out, it's suggested to cleanup the orphaned ReplicaSets

[gemini-code-assist]

The phrase "as the same way" is grammatically incorrect. It should be "in the same way" for better clarity.

Suggested change

	**Though we removed the parameters from values.yaml in argo-helm, we keep providing the interface to override `.Values.configs.params` as the same way. **
	**Though we removed the parameters from values.yaml in argo-helm, we keep providing the interface to override `.Values.configs.params` in the same way. **

[gemini-code-assist]

For consistency with the rest of the document and the project's official name, ArgoCD should be written as Argo CD.

Suggested change

This chart contains a breaking change (if using `redis-ha`), which was introduced by the dependency `redis-ha` (as seen [here](https://github.com/DandyDeveloper/charts/blob/a03b6a6f4d72b6606ce9a218c7d0026350b48ad0/charts/redis-ha/README.md#4341---upgrade-may-complain-about-selector-label-changes-being-immutable)). The upgrade will complain about selector label changes being immutable, which requires a replacement of the `argocd-redis-ha-haproxy` deployment. To overcome this, you will need to delete (orphaning children) this deployment, updated ArgoCD to disable server-side diffing, then allow the new deployment of `argocd-redis-ha-haproxy` to rollout with the updated label selectors.

This chart contains a breaking change (if using `redis-ha`), which was introduced by the dependency `redis-ha` (as seen [here](https://github.com/DandyDeveloper/charts/blob/a03b6a6f4d72b6606ce9a218c7d0026350b48ad0/charts/redis-ha/README.md#4341---upgrade-may-complain-about-selector-label-changes-being-immutable)). The upgrade will complain about selector label changes being immutable, which requires a replacement of the `argocd-redis-ha-haproxy` deployment. To overcome this, you will need to delete (orphaning children) this deployment, updated Argo CD to disable server-side diffing, then allow the new deployment of `argocd-redis-ha-haproxy` to rollout with the updated label selectors.

[gemini-code-assist]

There's a grammatical error here. its is possessive, but it's (a contraction of "it is") is needed for "it is suggested".

Suggested change

> Note: If server-side diffing is enabled, you will need to revert this to use client-side diffing, otherwise ArgoCD will be in an Unknown status. More information [here](https://github.com/argoproj/argo-cd/issues/25184). If you happened to upgrade this helm chart before configuring client-side diffing, you will need to delete (orphaning children) the `argocd-redis-ha-haproxy` deployment; once the newest deployment has rolled out, its suggested to cleanup the orphaned ReplicaSets

> Note: If server-side diffing is enabled, you will need to revert this to use client-side diffing, otherwise ArgoCD will be in an Unknown status. More information [here](https://github.com/argoproj/argo-cd/issues/25184). If you happened to upgrade this helm chart before configuring client-side diffing, you will need to delete (orphaning children) the `argocd-redis-ha-haproxy` deployment; once the newest deployment has rolled out, it's suggested to cleanup the orphaned ReplicaSets

[gemini-code-assist]

The phrase "as the same way" is grammatically incorrect. It should be "in the same way" for better clarity.

Suggested change

	**Though we removed the parameters from values.yaml in argo-helm, we keep providing the interface to override `.Values.configs.params` as the same way. **
	**Though we removed the parameters from values.yaml in argo-helm, we keep providing the interface to override `.Values.configs.params` in the same way. **