4 changed files with 11 additions and 26 deletions
--- a/.ci/podman.mk
+++ b/.ci/podman.mk
@ -46,7 +46,7 @@ test:: ## test built artificats
 scan: ## Scan image using trivy
 	echo "Scanning $(IMAGE):$(TAG)-$(_ARCH) using Trivy $(TRIVY_REMOTE)"
-	trivy image $(TRIVY_OPTS) --quiet --no-progress --ignorefile ./.trivyignore.yaml localhost/$(IMAGE):$(TAG)-$(_ARCH)
+	trivy image $(TRIVY_OPTS) --quiet --no-progress localhost/$(IMAGE):$(TAG)-$(_ARCH)
 # first tag and push all actual images
 # create new manifest for each tag and add all available TAG-ARCH before pushing
@ -73,10 +73,8 @@ rm-remote-untagged: ## delete all remote untagged and in-dev images, keep 10 tag
 clean:: ## clean up source folder
 rm-image:
-	for t in $(TAG) latest $(EXTRA_TAGS); do \
+	test -z "$$(podman image ls -q $(IMAGE):$(TAG)-$(_ARCH))" || podman image rm -f $(IMAGE):$(TAG)-$(_ARCH) > /dev/null
-		test -z "$$(podman image ls -q $(IMAGE):$${t}-$(_ARCH))" || podman image rm -f $(IMAGE):$${t}-$(_ARCH); \
+	test -z "$$(podman image ls -q $(IMAGE):$(TAG)-$(_ARCH))" || echo "Error: Removing image failed"
 		test -z "$$(podman image ls -q $(IMAGE):$${t})" || podman image rm -f $(IMAGE):$${t}; \
 	done
 ## some useful tasks during development
 ci-pull-upstream: ## pull latest shared .ci subtree
--- a/12
+++ b/12
@ -1,9 +1,9 @@
-ARG ARGOCD_VERSION="v2.12.4"
+ARG ARGOCD_VERSION="v2.11.0"
-FROM quay.io/argoproj/argocd:$ARGOCD_VERSION
+FROM argoproj/argocd:$ARGOCD_VERSION
-ARG SOPS_VERSION="3.9.1"
+ARG SOPS_VERSION="3.8.1"
-ARG VALS_VERSION="0.37.6"
+ARG VALS_VERSION="0.37.1"
-ARG HELM_SECRETS_VERSION="4.6.2"
+ARG HELM_SECRETS_VERSION="4.6.0"
 ARG ARGOCD_USER_ID="999"
 # vals or sops
 ENV HELM_SECRETS_BACKEND="vals" \
@ -41,4 +41,4 @@ ADD sa2kubeconfig.sh /usr/local/bin/sa2kubeconfig.sh
 USER ${ARGOCD_USER_ID}
 RUN helm plugin install --version ${HELM_SECRETS_VERSION} https://github.com/jkroepke/helm-secrets
-RUN mkdir -p /home/argocd/.kube && sed -i -e 's/secrets/secrets --evaluate-templates/' "$(helm env HELM_PLUGINS)/helm-secrets/scripts/wrapper/helm.sh"
+RUN sed -i -e 's/secrets/secrets --evaluate-templates/' "$(helm env HELM_PLUGINS)/helm-secrets/scripts/wrapper/helm.sh"
--- a/renovate.json
+++ b/renovate.json
@ -1,10 +0,0 @@
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
    "config:recommended",
    ":label(renovate)",
    ":semanticCommits",
    "group:allNonMajor"
  ],
  "prHourlyLimit": 0
 }
--- a/sa2kubeconfig.sh
+++ b/sa2kubeconfig.sh
@ -1,12 +1,11 @@
 #!/bin/sh -e
-KUBECONFIG=$1
+SA_NAME=argocd-repo-server
 SA_NAME=argo-argocd-repo-server
 CA64=$(cat /run/secrets/kubernetes.io/serviceaccount/ca.crt | base64 -w0)
 TOKEN=$(cat /run/secrets/kubernetes.io/serviceaccount/token)
-cat > $KUBECONFIG << EOF
+cat << EOF
 apiVersion: v1
 kind: Config
 clusters:
@ -25,5 +24,3 @@ contexts:
    user: $SA_NAME
 current-context: ${SA_NAME}_context
 EOF
 chmod 600 $KUBECONFIG