GitOps has continued in its popularity and has become the standard way to manage Kubernetes cluster configuration and applications. Red Hat continues to see the widespread adoption of the GitOps methodology across our portfolio as customers look for ways to increase efficiency in their operations and development teams.
Red Hat is pleased to announce that version 1.16 of OpenShift GitOps has been released, bringing with it some exciting new capabilities.
New in version 1.16
Support for FIPS Environments
This release adds support for OpenShift environments running in Federal Information Processing Standards (FIPS) mode. When deployed in these environments OpenShift GitOps will use the Red Hat Enterprise Linux (RHEL) cryptographic libraries that have been submitted to National Institute of Standards and Technology (NIST) for FIPS validation.
Support for respectRBAC in the Argo CD Custom Resource
Previously, if you wanted to enable the respectRBAC flag for Argo CD it had to be done via the extraConfig field. In OpenShift GitOps 1.16 it can now be configured directly in the ArgoCD custom resource.
Improved Error Reporting in Argo CD Custom Resource Status
Previously, when deploying Argo CD via the ArgoCD custom resource details about failures would not be reported in the status requiring users to inspect the operator logs. This could be problematic in use cases where the user provisioning the Argo CD instance did not have access to the operator namespace. With this update, detailed information about failures are reported in the .status field of the ArgoCD custom resource mitigating this need.
ApplicationSet Policies
This release enables policies to determine what modifications to an Application that ApplicationSets are permitted to make. This can be useful in a variety of instances, for example preventing an ApplicationSet from deleting an Application when the associated generator is no longer providing it.
Argo Rollouts Dashboard
A new dashboard for Argo Rollouts is now available in the OpenShift Console Observability > Dashboards to enable Operation teams to monitor the Rollouts on the cluster.
Differentiating Argo CD Instances with installationID
When multiple instances of Argo CD deploy Applications with the same name the annotation tracking is unaware of which instance of Argo CD is managing the Application causing confusion. A new spec.installationID field can be set in the ArgoCD custom resource will be used to differentiate the instances for the resource in a new argocd.argoproj.io/tracking-id annotation.
Argo CD 2.14 Available
With this version, Argo CD has been upgraded to 2.14 which brings a number of new features and benefits including:
- A new global sync parameter has been added to Argo CD, this is useful in cases where the sync is running indefinitely such as when resources are failing to start properly and sync is being continuously retried. The controller.sync.timeout.seconds parameter can be configured in the OpenShift GitOps extraConfig parameter.
- When using deleting or pruning of critical resources, such as namespaces, it can be desirable to have the removal be manually confirmed. A new sync option, Prune=confirm and Delete=confirm, has been added to support this enabling the confirmation via an annotation.
- A new annotation has been added to enable ignoring health checks on specific resources for the purpose of calculating the Application health status. This enables the Application to report a Healthy status even if these resources are not healthy. This can be useful for resources that have known and accepted failure patterns.
- Sensitive annotations on Secrets can now be masked in the Argo CD UI and CLI using the resource.sensitive.mask.annotations specifying the list of annotation keys.
- An Alpha (Dev Preview in OpenShift GitOps) release of the Source Hydrator is included which is intended to simplify the Rendered Manifests pattern. The Rendered Manifests pattern is when manifests managed by Helm/Kustomize/etc are rendered, i.e. hydrated, to a git repository. This enables users to more easily understand changes and differences between different versions of the manifests and reduces the amount of work the Argo CD repo component must do.
View more information about the Argo CD 2.14 release in the following blog with detailed release notes here.
Conclusion
OpenShift GitOps 1.16 is a significant update with many new features, to learn more about this update please review the official documentation and release notes.
