codefresh-io
diff --git a/‎.clomonitor.yml‎
Lines changed: 6 additions & 0 deletions b/‎.clomonitor.yml‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎CODEOWNERS‎ ‎.github/CODEOWNERS‎CODEOWNERS renamed to .github/CODEOWNERS
Lines changed: 1 addition & 9 deletions b/‎CODEOWNERS‎ ‎.github/CODEOWNERS‎CODEOWNERS renamed to .github/CODEOWNERS
Lines changed: 1 addition & 9 deletions
diff --git a/‎.github/workflows/lint-and-test.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/lint-and-test.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/pr-title.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/pr-title.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/publish.yml‎
Lines changed: 2 additions & 0 deletions b/‎.github/workflows/publish.yml‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 2 additions & 0 deletions b/‎CONTRIBUTING.md‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 2 additions & 1 deletion b/‎README.md‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎SECURITY-INSIGHTS.yml‎
Lines changed: 38 additions & 0 deletions b/‎SECURITY-INSIGHTS.yml‎
Lines changed: 38 additions & 0 deletions
diff --git a/‎SECURITY.md‎
Lines changed: 1 addition & 1 deletion b/‎SECURITY.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎charts/argo-cd/Chart.yaml‎
Lines changed: 4 additions & 8 deletions b/‎charts/argo-cd/Chart.yaml‎
Lines changed: 4 additions & 8 deletions
@@ -7,6 +7,12 @@ exemptions:
     reason: "Helm deps are not currently scanned. Maintainers are watching developments to dependabot-core #2237" # Justification of this exemption (mandatory, it will be displayed on the UI)
   - check: sbom
     reason: "Tracking Helm dependencies is not yet a stable practice."
+  - check: self_assessment
+    reason: "Refer to self assessments supplied by the codebases Argo Helm supports."
+  - check: signed_releases
+    reason: "Argo Helm releases are made via Artifact Hub, where they are signed. The unsigned GitHub releases are for reference only."
+  - check: license_scanning
+    reason: "Temporary exemption: pending response from CNCF Service Desk"
 
 # TODO:
 # License scanning information
 
@@ -1,14 +1,6 @@
-# All
-*                              @mkilchhofer @jmeridth
+* @mkilchhofer @jmeridth @yu-croco
 
-# Argo Workflows
 /charts/argo-workflows/        @vladlosev @jmeridth @yu-croco @tico24
-
-# Argo CD
 /charts/argo-cd/               @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24
-
-# Argo Events
 /charts/argo-events/           @pdrastil @jmeridth @tico24
-
-# Argo Rollouts
 /charts/argo-rollouts/         @jmeridth
@@ -38,7 +38,7 @@ jobs:
 
       - name: Setup Chart Linting
         id: lint
-        uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0
+        uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
         with:
           # Note: Also update in scripts/lint.sh
           version: v3.10.0
 
@@ -19,7 +19,7 @@ jobs:
     name: Validate PR title
     runs-on: ubuntu-latest
     steps:
-      - uses: amannn/action-semantic-pull-request@47b15d52c5c30e94a17ec87eb8dd51ff5221fed9 # v5.3.0
+      - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
 
@@ -59,6 +59,8 @@ jobs:
           PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}"
 
       - name: Run chart-releaser
+        # todo: change later to v1.6.0 (also in agro-rollouts chart)
+        # issue: https://github.com/helm/chart-releaser-action/issues/171
         uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0
         with:
           config: "./.github/configs/cr.yaml"
 
@@ -47,6 +47,8 @@ Any breaking changes to a chart (backwards incompatible) require:
 
 ### New Application Versions
 
+Helm charts are intended to be created for all non-patched releases of Argo CD, Workflows, Rollouts, and Events. Associated dependencies, such as Redis, will use the version recommended by the associated release.
+
 When selecting new application versions ensure you make the following changes:
 
 * `values.yaml`: Bump all instances of the container image version
 
@@ -6,6 +6,7 @@
 [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo)
 [![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo)
 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm)
+[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7942/badge)](https://www.bestpractices.dev/projects/7942)
 
 Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command:
 
@@ -23,7 +24,7 @@ Some users would prefer to install the CRDs _outside_ of the chart. You can disa
 
 Helm cannot upgrade custom resource definitions in the `<chart>/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `<chart>/templates` to address this design decision.
 
-If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:
+If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:
 
 Example:
 
 
@@ -0,0 +1,38 @@
+header:
+  schema-version: '1.0.0'
+  expiration-date: '2024-11-04T10:00:00.000Z'
+  project-url: https://github.com/argoproj/argo-helm
+project-lifecycle:
+  status: active
+  bug-fixes-only: false
+  core-maintainers:
+  - https://github.com/mkilchhofer
+  - https://github.com/jmeridth
+contribution-policy:
+  accepts-pull-requests: true
+  accepts-automated-pull-requests: true
+  automated-tools-list:
+    - automated-tool: dependabot
+      action: allowed
+      path:
+        - /
+  contributing-policy: https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md
+  code-of-conduct: https://github.com/cncf/foundation/blob/master/code-of-conduct.md
+distribution-points:
+  - https://argoproj.github.io/argo-helm
+  - https://artifacthub.io/packages/search?org=argoproj&repo=argo
+security-contacts:
+  - type: website
+    value: https://github.com/argoproj/argo-helm/security/advisories/new
+    primary: true
+vulnerability-reporting:
+  accepts-vulnerability-reports: true
+  email-contact: [email protected]
+  security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md
+  comment: |
+    Our preferred contact method related to vulnerabilities is the Security tab on GitHub.
+    Click the button "Report a vulnerability" to open the advisory form.
+    Please refer to the security policy for reporting information prior to using the email contact.
+dependencies:
+  env-dependencies-policy:
+    policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions
@@ -2,7 +2,7 @@
 
 ## Supported Versions and Upstream Reporting
 
-Each helm chart currently supports the designated application version in the Chart.yaml.  There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application.  Please visit that application's Security policy docueent to find out how to report the security issue.
+Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy document to find out how to report the security issue.
 
 * [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md)
 * [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md)
 
@@ -1,9 +1,9 @@
 apiVersion: v2
-appVersion: v2.8.1-cap-CR-create-apps-with-err
+appVersion: v2.9-2023.12.06-e6258156d
 kubeVersion: ">=1.23.0-0"
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 5.50.1-2-cap-CR-create-apps-with-err
+version: 5.51.6-1-cap-2.9-2023.12.06-e6258156d
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 sources:
@@ -26,9 +26,5 @@ annotations:
     fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
     url: https://argoproj.github.io/argo-helm/pgp_keys.asc
   artifacthub.io/changes: |
-    - kind: added
-      description: Add priority queue to reporter
-    - kind: fixed
-      description: Fix bug with skip-current-step
-    - kind: fixed
-      description: Support creation of apps with empty dir in reporter
+    - kind: changed
+      description: Upgrade Argo CD to v2.9-2023.12.06-e6258156d