#argocd — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #argocd, aggregated by home.social.
-
@angst_ridden Oh, I am full on (30 year career in infosec and infra), #terraform , #ansible, #argocd, #gha (unfortunately because I hate it), #python and #golang Staff CloudOps Engineer.
My OP was just me bitching about it.
My cool task today is setting up a #capev2 server for #vuln and #mal testing.
-
@angst_ridden Oh, I am full on (30 year career in infosec and infra), #terraform , #ansible, #argocd, #gha (unfortunately because I hate it), #python and #golang Staff CloudOps Engineer.
My OP was just me bitching about it.
My cool task today is setting up a #capev2 server for #vuln and #mal testing.
-
@angst_ridden Oh, I am full on (30 year career in infosec and infra), #terraform , #ansible, #argocd, #gha (unfortunately because I hate it), #python and #golang Staff CloudOps Engineer.
My OP was just me bitching about it.
My cool task today is setting up a #capev2 server for #vuln and #mal testing.
-
@angst_ridden Oh, I am full on (30 year career in infosec and infra), #terraform , #ansible, #argocd, #gha (unfortunately because I hate it), #python and #golang Staff CloudOps Engineer.
My OP was just me bitching about it.
My cool task today is setting up a #capev2 server for #vuln and #mal testing.
-
@angst_ridden Oh, I am full on (30 year career in infosec and infra), #terraform , #ansible, #argocd, #gha (unfortunately because I hate it), #python and #golang Staff CloudOps Engineer.
My OP was just me bitching about it.
My cool task today is setting up a #capev2 server for #vuln and #mal testing.
-
Finishing up the migration to Envoy Gateway, the last thing I need to deal with is ArgoCD rollouts pointing to the old ingress. There's a plug-in I can add to support Gateway API so that's easily sorted. It's just the migration path is quite... convoluted. Thinking of ripping out canary releases entirely and adding it back as a separate migration. #kubernetes #envoy #argocd
-
🚨 CRITICAL: CVE-2026-42880 in Argo CD (v3.2.0 – 3.2.10, 3.3.0 – 3.3.8) allows attackers with read-only access to extract plaintext Kubernetes Secrets via the ServerSideDiff endpoint. Patch to 3.2.11/3.3.9+ now! https://radar.offseq.com/threat/cve-2026-42880-cwe-200-exposure-of-sensitive-infor-40029159 #OffSeq #ArgoCD #Kubernetes #CVE202642880
-
🚨 CRITICAL: CVE-2026-42880 in Argo CD (v3.2.0 – 3.2.10, 3.3.0 – 3.3.8) allows attackers with read-only access to extract plaintext Kubernetes Secrets via the ServerSideDiff endpoint. Patch to 3.2.11/3.3.9+ now! https://radar.offseq.com/threat/cve-2026-42880-cwe-200-exposure-of-sensitive-infor-40029159 #OffSeq #ArgoCD #Kubernetes #CVE202642880
-
🚨 CRITICAL: CVE-2026-42880 in Argo CD (v3.2.0 – 3.2.10, 3.3.0 – 3.3.8) allows attackers with read-only access to extract plaintext Kubernetes Secrets via the ServerSideDiff endpoint. Patch to 3.2.11/3.3.9+ now! https://radar.offseq.com/threat/cve-2026-42880-cwe-200-exposure-of-sensitive-infor-40029159 #OffSeq #ArgoCD #Kubernetes #CVE202642880
-
🚨 CRITICAL: CVE-2026-42880 in Argo CD (v3.2.0 – 3.2.10, 3.3.0 – 3.3.8) allows attackers with read-only access to extract plaintext Kubernetes Secrets via the ServerSideDiff endpoint. Patch to 3.2.11/3.3.9+ now! https://radar.offseq.com/threat/cve-2026-42880-cwe-200-exposure-of-sensitive-infor-40029159 #OffSeq #ArgoCD #Kubernetes #CVE202642880
-
OK that took the whole morning, mostly getting the ingress controller to correctly serve #tls (I didn't realise that in addition to setting the host names and cert secret, I also needed to ensure that each named server has an explicit rules block otherwise nginx uses the catch-all rules and doesn't apply TLS).
So now, when I push my #gnustepweb app to main, #woodpeckerCI builds and pushes to #quayio and #argoCD pulls and deploys the app in my prod cluster.
-
OK that took the whole morning, mostly getting the ingress controller to correctly serve #tls (I didn't realise that in addition to setting the host names and cert secret, I also needed to ensure that each named server has an explicit rules block otherwise nginx uses the catch-all rules and doesn't apply TLS).
So now, when I push my #gnustepweb app to main, #woodpeckerCI builds and pushes to #quayio and #argoCD pulls and deploys the app in my prod cluster.
-
OK that took the whole morning, mostly getting the ingress controller to correctly serve #tls (I didn't realise that in addition to setting the host names and cert secret, I also needed to ensure that each named server has an explicit rules block otherwise nginx uses the catch-all rules and doesn't apply TLS).
So now, when I push my #gnustepweb app to main, #woodpeckerCI builds and pushes to #quayio and #argoCD pulls and deploys the app in my prod cluster.
-
OK that took the whole morning, mostly getting the ingress controller to correctly serve #tls (I didn't realise that in addition to setting the host names and cert secret, I also needed to ensure that each named server has an explicit rules block otherwise nginx uses the catch-all rules and doesn't apply TLS).
So now, when I push my #gnustepweb app to main, #woodpeckerCI builds and pushes to #quayio and #argoCD pulls and deploys the app in my prod cluster.
-
OK that took the whole morning, mostly getting the ingress controller to correctly serve #tls (I didn't realise that in addition to setting the host names and cert secret, I also needed to ensure that each named server has an explicit rules block otherwise nginx uses the catch-all rules and doesn't apply TLS).
So now, when I push my #gnustepweb app to main, #woodpeckerCI builds and pushes to #quayio and #argoCD pulls and deploys the app in my prod cluster.
-
Как мы поймали drift в Kubernetes и зачем после этого перешли на GitOps
История инцидента в продакшене: после планового релиза новая версия сервиса не поднялась, а откат на предыдущую версию тоже не помог. Причина оказалась не в коде, а в расхождении между тем, что было описано в Git, и тем, что реально жило в Kubernetes. Ручная правка ConfigMap несколько месяцев существовала только в кластере, пока очередной релиз не пересоздал поды и не вытащил проблему наружу. Разбираю, как мы нашли причину, почему Git не был настоящим источником правды и зачем после этого перешли на GitOps с Argo CD.
https://habr.com/ru/articles/1031108/
#gitops #kubernetes #argocd #gitlabci #cicd #devops #drift #helm #secrets #platform_engineering
-
Как мы поймали drift в Kubernetes и зачем после этого перешли на GitOps
История инцидента в продакшене: после планового релиза новая версия сервиса не поднялась, а откат на предыдущую версию тоже не помог. Причина оказалась не в коде, а в расхождении между тем, что было описано в Git, и тем, что реально жило в Kubernetes. Ручная правка ConfigMap несколько месяцев существовала только в кластере, пока очередной релиз не пересоздал поды и не вытащил проблему наружу. Разбираю, как мы нашли причину, почему Git не был настоящим источником правды и зачем после этого перешли на GitOps с Argo CD.
https://habr.com/ru/articles/1031108/
#gitops #kubernetes #argocd #gitlabci #cicd #devops #drift #helm #secrets #platform_engineering
-
Как мы поймали drift в Kubernetes и зачем после этого перешли на GitOps
История инцидента в продакшене: после планового релиза новая версия сервиса не поднялась, а откат на предыдущую версию тоже не помог. Причина оказалась не в коде, а в расхождении между тем, что было описано в Git, и тем, что реально жило в Kubernetes. Ручная правка ConfigMap несколько месяцев существовала только в кластере, пока очередной релиз не пересоздал поды и не вытащил проблему наружу. Разбираю, как мы нашли причину, почему Git не был настоящим источником правды и зачем после этого перешли на GitOps с Argo CD.
https://habr.com/ru/articles/1031108/
#gitops #kubernetes #argocd #gitlabci #cicd #devops #drift #helm #secrets #platform_engineering
-
Как мы поймали drift в Kubernetes и зачем после этого перешли на GitOps
История инцидента в продакшене: после планового релиза новая версия сервиса не поднялась, а откат на предыдущую версию тоже не помог. Причина оказалась не в коде, а в расхождении между тем, что было описано в Git, и тем, что реально жило в Kubernetes. Ручная правка ConfigMap несколько месяцев существовала только в кластере, пока очередной релиз не пересоздал поды и не вытащил проблему наружу. Разбираю, как мы нашли причину, почему Git не был настоящим источником правды и зачем после этого перешли на GitOps с Argo CD.
https://habr.com/ru/articles/1031108/
#gitops #kubernetes #argocd #gitlabci #cicd #devops #drift #helm #secrets #platform_engineering
-
⚠️ HIGH-severity vuln (CVE-2026-43824) in Argo CD 3.2.0 – 3.2.10 & 3.3.0 – 3.3.8: ServerSideDiff leaks cleartext Kubernetes Secrets. Restrict feature use & monitor for patches. Details: https://radar.offseq.com/threat/cve-2026-43824-cwe-212-improper-removal-of-sensiti-5eb1043e #OffSeq #ArgoCD #Kubernetes #Vuln
-
⚠️ HIGH-severity vuln (CVE-2026-43824) in Argo CD 3.2.0 – 3.2.10 & 3.3.0 – 3.3.8: ServerSideDiff leaks cleartext Kubernetes Secrets. Restrict feature use & monitor for patches. Details: https://radar.offseq.com/threat/cve-2026-43824-cwe-212-improper-removal-of-sensiti-5eb1043e #OffSeq #ArgoCD #Kubernetes #Vuln
-
⚠️ HIGH-severity vuln (CVE-2026-43824) in Argo CD 3.2.0 – 3.2.10 & 3.3.0 – 3.3.8: ServerSideDiff leaks cleartext Kubernetes Secrets. Restrict feature use & monitor for patches. Details: https://radar.offseq.com/threat/cve-2026-43824-cwe-212-improper-removal-of-sensiti-5eb1043e #OffSeq #ArgoCD #Kubernetes #Vuln
-
⚠️ HIGH-severity vuln (CVE-2026-43824) in Argo CD 3.2.0 – 3.2.10 & 3.3.0 – 3.3.8: ServerSideDiff leaks cleartext Kubernetes Secrets. Restrict feature use & monitor for patches. Details: https://radar.offseq.com/threat/cve-2026-43824-cwe-212-improper-removal-of-sensiti-5eb1043e #OffSeq #ArgoCD #Kubernetes #Vuln
-
So apparently ArgoCD refreshing all of my apps at once (about 50) from my git repo hosted at codeberg.org ... creates enough SSH connections that my IP gets temp-banned.
Ouch
And I only didn't notice because my other devices are all on IPv6 so they have their own IP addresses? If I force IPv4 for the SSH clone the connection gets killed/never establishes.
Anyone has any experience with throttling ArgoCD git/ssh connections?
-
So apparently ArgoCD refreshing all of my apps at once (about 50) from my git repo hosted at codeberg.org ... creates enough SSH connections that my IP gets temp-banned.
Ouch
And I only didn't notice because my other devices are all on IPv6 so they have their own IP addresses? If I force IPv4 for the SSH clone the connection gets killed/never establishes.
Anyone has any experience with throttling ArgoCD git/ssh connections?
-
So apparently ArgoCD refreshing all of my apps at once (about 50) from my git repo hosted at codeberg.org ... creates enough SSH connections that my IP gets temp-banned.
Ouch
And I only didn't notice because my other devices are all on IPv6 so they have their own IP addresses? If I force IPv4 for the SSH clone the connection gets killed/never establishes.
Anyone has any experience with throttling ArgoCD git/ssh connections?
-
nxs-universal-chart v3.0: новое поколение универсального Helm-чарта
Релиз nxs-universal-chart 2.8.3 был более двух лет назад и за это время многое поменялось: Ingress Nginx ушел на покой, GitOps по факту стал стандартом управления инфраструктурой, а AI все сильнее входит в наши жизни. Все эти изменения не могли пройти мимо и заставили нас задуматься о том, как адаптировать наши подход и технологии DevOps к вызовам нового времени. Результатом этих размышлений стал релиз новой версия nxs-universal-chart v3.x : из универсального набора встроенных шаблонов мы постарались превратить его в модульную платформу для поставки приложений в Kubernetes с упором на надежность и современные практики CI/CD процессов. Всем привет, на связи Пётр, инженер
https://habr.com/ru/articles/1023822/
#devops #kubernetes #helm #gitops #cd #manifest #argocd #helm_chart #deploy #cloudnative
-
nxs-universal-chart v3.0: новое поколение универсального Helm-чарта
Релиз nxs-universal-chart 2.8.3 был более двух лет назад и за это время многое поменялось: Ingress Nginx ушел на покой, GitOps по факту стал стандартом управления инфраструктурой, а AI все сильнее входит в наши жизни. Все эти изменения не могли пройти мимо и заставили нас задуматься о том, как адаптировать наши подход и технологии DevOps к вызовам нового времени. Результатом этих размышлений стал релиз новой версия nxs-universal-chart v3.x : из универсального набора встроенных шаблонов мы постарались превратить его в модульную платформу для поставки приложений в Kubernetes с упором на надежность и современные практики CI/CD процессов. Всем привет, на связи Пётр, инженер
https://habr.com/ru/articles/1023822/
#devops #kubernetes #helm #gitops #cd #manifest #argocd #helm_chart #deploy #cloudnative
-
nxs-universal-chart v3.0: новое поколение универсального Helm-чарта
Релиз nxs-universal-chart 2.8.3 был более двух лет назад и за это время многое поменялось: Ingress Nginx ушел на покой, GitOps по факту стал стандартом управления инфраструктурой, а AI все сильнее входит в наши жизни. Все эти изменения не могли пройти мимо и заставили нас задуматься о том, как адаптировать наши подход и технологии DevOps к вызовам нового времени. Результатом этих размышлений стал релиз новой версия nxs-universal-chart v3.x : из универсального набора встроенных шаблонов мы постарались превратить его в модульную платформу для поставки приложений в Kubernetes с упором на надежность и современные практики CI/CD процессов. Всем привет, на связи Пётр, инженер
https://habr.com/ru/articles/1023822/
#devops #kubernetes #helm #gitops #cd #manifest #argocd #helm_chart #deploy #cloudnative
-
nxs-universal-chart v3.0: новое поколение универсального Helm-чарта
Релиз nxs-universal-chart 2.8.3 был более двух лет назад и за это время многое поменялось: Ingress Nginx ушел на покой, GitOps по факту стал стандартом управления инфраструктурой, а AI все сильнее входит в наши жизни. Все эти изменения не могли пройти мимо и заставили нас задуматься о том, как адаптировать наши подход и технологии DevOps к вызовам нового времени. Результатом этих размышлений стал релиз новой версия nxs-universal-chart v3.x : из универсального набора встроенных шаблонов мы постарались превратить его в модульную платформу для поставки приложений в Kubernetes с упором на надежность и современные практики CI/CD процессов. Всем привет, на связи Пётр, инженер
https://habr.com/ru/articles/1023822/
#devops #kubernetes #helm #gitops #cd #manifest #argocd #helm_chart #deploy #cloudnative
-
Found this nice tui for kubernetes this weekend - https://github.com/janosmiko/lfk
One of the things I like about it is that it has #argocd specific logic - you can use it to alter argo settings and do other things you might otherwise do with the argocd command line tool
Looks pretty neat, especially for #homelab @homelab #k8s users
-
Found this nice tui for kubernetes this weekend - https://github.com/janosmiko/lfk
One of the things I like about it is that it has #argocd specific logic - you can use it to alter argo settings and do other things you might otherwise do with the argocd command line tool
Looks pretty neat, especially for #homelab @homelab #k8s users
-
Found this nice tui for kubernetes this weekend - https://github.com/janosmiko/lfk
One of the things I like about it is that it has #argocd specific logic - you can use it to alter argo settings and do other things you might otherwise do with the argocd command line tool
Looks pretty neat, especially for #homelab @homelab #k8s users
-
Found this nice tui for kubernetes this weekend - https://github.com/janosmiko/lfk
One of the things I like about it is that it has #argocd specific logic - you can use it to alter argo settings and do other things you might otherwise do with the argocd command line tool
Looks pretty neat, especially for #homelab @homelab #k8s users
-
Found this nice tui for kubernetes this weekend - https://github.com/janosmiko/lfk
One of the things I like about it is that it has #argocd specific logic - you can use it to alter argo settings and do other things you might otherwise do with the argocd command line tool
Looks pretty neat, especially for #homelab @homelab #k8s users
-
@electret nice, I‘m currently also experimenting with #k3s controlled through #ArgoCD with a self hosted #Forgejo. #renovatebot updates the helm chart of the #appOfApps each night and creates pull requests which gets validated by a #forgejorunner worklow before merging. Still at the beginning of the journey from single host docker to a cluster though.
-
@electret nice, I‘m currently also experimenting with #k3s controlled through #ArgoCD with a self hosted #Forgejo. #renovatebot updates the helm chart of the #appOfApps each night and creates pull requests which gets validated by a #forgejorunner worklow before merging. Still at the beginning of the journey from single host docker to a cluster though.
-
@electret nice, I‘m currently also experimenting with #k3s controlled through #ArgoCD with a self hosted #Forgejo. #renovatebot updates the helm chart of the #appOfApps each night and creates pull requests which gets validated by a #forgejorunner worklow before merging. Still at the beginning of the journey from single host docker to a cluster though.
-
@electret nice, I‘m currently also experimenting with #k3s controlled through #ArgoCD with a self hosted #Forgejo. #renovatebot updates the helm chart of the #appOfApps each night and creates pull requests which gets validated by a #forgejorunner worklow before merging. Still at the beginning of the journey from single host docker to a cluster though.
-
@electret nice, I‘m currently also experimenting with #k3s controlled through #ArgoCD with a self hosted #Forgejo. #renovatebot updates the helm chart of the #appOfApps each night and creates pull requests which gets validated by a #forgejorunner worklow before merging. Still at the beginning of the journey from single host docker to a cluster though.
-
The LPI DevOps Tools Engineer 2.0 certification expects candidates to have familiarity with #Helm, #Kustomize, #FluxCD, and #ArgoCD.
Explore exam objective 703.3: Kubernetes Package Management with Fabian Thorns and Uirá Ribeiro to learn more: https://lpi.org/tb0t
Prepare for your DevOps exam with free LPI Learning Materials!
#kubernetes #devops #gitops #cloudnative #opensource #FOSS #LPI
-
The LPI DevOps Tools Engineer 2.0 certification expects candidates to have familiarity with #Helm, #Kustomize, #FluxCD, and #ArgoCD.
Explore exam objective 703.3: Kubernetes Package Management with Fabian Thorns and Uirá Ribeiro to learn more: https://lpi.org/tb0t
Prepare for your DevOps exam with free LPI Learning Materials!
#kubernetes #devops #gitops #cloudnative #opensource #FOSS #LPI
-
The LPI DevOps Tools Engineer 2.0 certification expects candidates to have familiarity with #Helm, #Kustomize, #FluxCD, and #ArgoCD.
Explore exam objective 703.3: Kubernetes Package Management with Fabian Thorns and Uirá Ribeiro to learn more: https://lpi.org/tb0t
Prepare for your DevOps exam with free LPI Learning Materials!
#kubernetes #devops #gitops #cloudnative #opensource #FOSS #LPI
-
The LPI DevOps Tools Engineer 2.0 certification expects candidates to have familiarity with #Helm, #Kustomize, #FluxCD, and #ArgoCD.
Explore exam objective 703.3: Kubernetes Package Management with Fabian Thorns and Uirá Ribeiro to learn more: https://lpi.org/tb0t
Prepare for your DevOps exam with free LPI Learning Materials!
#kubernetes #devops #gitops #cloudnative #opensource #FOSS #LPI
-
The LPI DevOps Tools Engineer 2.0 certification expects candidates to have familiarity with #Helm, #Kustomize, #FluxCD, and #ArgoCD.
Explore exam objective 703.3: Kubernetes Package Management with Fabian Thorns and Uirá Ribeiro to learn more: https://lpi.org/tb0t
Prepare for your DevOps exam with free LPI Learning Materials!
#kubernetes #devops #gitops #cloudnative #opensource #FOSS #LPI
-
After a month of conferences, I'm back at my desk and joining two online discussions this week. Come and join in!
MONDAY
Argo Unpacked: Argo CD vs the worldhttps://www.youtube.com/watch?v=XasDjuPVSdw
WEDNESDAY
Techstrong: The real impact of AI -
After a month of conferences, I'm back at my desk and joining two online discussions this week. Come and join in!
MONDAY
Argo Unpacked: Argo CD vs the worldhttps://www.youtube.com/watch?v=XasDjuPVSdw
WEDNESDAY
Techstrong: The real impact of AI -
After a month of conferences, I'm back at my desk and joining two online discussions this week. Come and join in!
MONDAY
Argo Unpacked: Argo CD vs the worldhttps://www.youtube.com/watch?v=XasDjuPVSdw
WEDNESDAY
Techstrong: The real impact of AI -
After a month of conferences, I'm back at my desk and joining two online discussions this week. Come and join in!
MONDAY
Argo Unpacked: Argo CD vs the worldhttps://www.youtube.com/watch?v=XasDjuPVSdw
WEDNESDAY
Techstrong: The real impact of AI -
After a month of conferences, I'm back at my desk and joining two online discussions this week. Come and join in!
MONDAY
Argo Unpacked: Argo CD vs the worldhttps://www.youtube.com/watch?v=XasDjuPVSdw
WEDNESDAY
Techstrong: The real impact of AI