125 changed files with 296 additions and 6439 deletions
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@ -11,7 +11,6 @@ Checklist:
 * [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog).
 * [ ] Any new values are backwards compatible and/or have sensible default.
 * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/blob/master/community/CONTRIBUTING.md).
-* [ ] I have created a separate pull request for each chart according to [pull requests](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#pull-requests)
 * [ ] My build is green ([troubleshooting builds](https://argo-cd.readthedocs.io/en/stable/developer-guide/ci/)).

 <!-- Changes are automatically published when merged to `main`. They are not published on branches. -->
--- a/.github/workflows/lint-and-test.yml
+++ b/.github/workflows/lint-and-test.yml
@ -9,7 +9,7 @@ jobs:
  linter-artifacthub:
    runs-on: ubuntu-latest
    container:
-      image: ecr-public.aws.com/artifacthub/ah:v1.14.0
+      image: public.ecr.aws/artifacthub/ah:v1.14.0
      options: --user 1001
    steps:
      - name: Checkout
@ -27,18 +27,18 @@ jobs:
          fetch-depth: 0

      - name: Set up Helm
-        uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0
+        uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
        with:
          version: v3.10.1 # Also update in publish.yaml

      - name: Set up python
-        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
+        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
        with:
          python-version: 3.9

      - name: Setup Chart Linting
        id: lint
-        uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0
+        uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
        with:
          # Note: Also update in scripts/lint.sh
          version: v3.11.0
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@ -24,7 +24,7 @@ jobs:
          fetch-depth: 0

      - name: Install Helm
-        uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0
+        uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
        with:
          version: v3.10.1 # Also update in lint-and-test.yaml

@ -59,14 +59,14 @@ jobs:
          PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}"

      - name: Run chart-releaser
-        uses: helm/chart-releaser-action@cae68fefc6b5f367a0275617c9f83181ba54714f # v1.7.0
+        uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0
        with:
          config: "./.github/configs/cr.yaml"
        env:
          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

      - name: Login to GHCR
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
--- a/.github/workflows/renovate.yaml
+++ b/.github/workflows/renovate.yaml
@ -16,7 +16,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Get token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
+        uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
        id: get_token
        with:
          app-id: ${{ vars.RENOVATE_APP_ID }}
@ -26,13 +26,12 @@ jobs:
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Self-hosted Renovate
-        uses: renovatebot/github-action@a889a8abcb11ef7feaafaf5e483ea01d4bf7774e # v43.0.5
+        uses: renovatebot/github-action@2be773c4be8361d8182cc1b750e75bbc75af71b0 # v41.0.7
        with:
          configurationFile: .github/configs/renovate-config.js
          # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate
-          renovate-version: 41.46.8
+          renovate-version: 39.86.4
          token: '${{ steps.get_token.outputs.token }}'
-          mount-docker-socket: true
        env:
          LOG_LEVEL: 'debug'
          RENOVATE_REPOSITORIES: '${{ github.repository }}'
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -38,7 +38,7 @@ jobs:
          persist-credentials: false

      - name: "Run analysis"
-        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
        with:
          results_file: results.sarif
          results_format: sarif
@ -46,7 +46,7 @@ jobs:
          # - you want to enable the Branch-Protection check on a *public* repository, or
          # - you are installing Scorecard on a *private* repository
          # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
-          # repo_token: ${{ secrets.SCORECARD_TOKEN }}
+          repo_token: ${{ secrets.SCORECARD_TOKEN }}

          # Public repositories:
          #   - Publish results to OpenSSF REST API for easy access by consumers
@ -60,7 +60,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
        with:
          name: SARIF file
          path: results.sarif
@ -68,6 +68,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3.29.5
+        uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
        with:
          sarif_file: results.sarif
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@ -14,7 +14,7 @@ jobs:
      pull-requests: write  # for actions/stale to close stale PRs
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
+    - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0
      with:
        repo-token: ${{ secrets.GITHUB_TOKEN }}
        # Number of days of inactivity before an issue becomes stale
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -6,10 +6,6 @@ Argo Helm is a collection of **community maintained** charts. Therefore we rely

 All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project.

-> **Note**
-> Please create a separate Pull Request for each chart.
-> e.g: If your changes involve both argo-cd and argo-rollouts, please submit one PR for argo-cd and another separate.
-
 ### Pull Request Title Linting

 We lint the title of your pull request to ensure it follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) specification.  This is done using GitHub actions and the [action-semantic-pull-request](.github/workflows/pr-title.yml) workflow. We require the scope of the change to be included in the title.  The scope should be the name of the chart you are changing.  For example, if you are changing the `argo-cd` chart, the title of your pull request should be `fix(argo-cd): Fix typo in values.yaml`.
--- a/charts/argo-cd/Chart.lock
+++ b/charts/argo-cd/Chart.lock
@ -1,6 +1,6 @@
 dependencies:
 - name: redis-ha
  repository: https://dandydeveloper.github.io/charts/
-  version: 4.33.7
-digest: sha256:a3eba6bba484e9fbfaca33e7f1ea3e6daed74014df7e7b077c496c2201b01996
-generated: "2025-05-25T11:18:29.356017-05:00"
+  version: 4.29.4
+digest: sha256:1257baf1c5e0db036af659d44095223e28ac0c9ec1ed8300a02d5def2281c9c7
+generated: "2024-11-13T09:07:36.494128+09:00"
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@ -1,9 +1,9 @@
 apiVersion: v2
-appVersion: v3.0.12
+appVersion: v2.13.3
 kubeVersion: ">=1.25.0-0"
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 8.2.5
+version: 7.7.13
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 sources:
@ -18,7 +18,7 @@ maintainers:
    url: https://argoproj.github.io/
 dependencies:
  - name: redis-ha
-    version: 4.33.7
+    version: 4.29.4
    repository: https://dandydeveloper.github.io/charts/
    condition: redis-ha.enabled
 annotations:
@ -26,5 +26,5 @@ annotations:
    fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
  artifacthub.io/changes: |
-    - kind: added
-      description: Add condition for rootpath in NOTES.txt
+    - kind: changed
+      description: Bump argo-cd to v2.13.3
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@ -191,7 +191,7 @@ server:
      alb.ingress.kubernetes.io/scheme: internal
      alb.ingress.kubernetes.io/target-type: ip
      alb.ingress.kubernetes.io/backend-protocol: HTTP
-      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]'
+      alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]'
      alb.ingress.kubernetes.io/ssl-redirect: '443'
    aws:
      serviceType: ClusterIP # <- Used with target-type: ip
@ -237,31 +237,6 @@ server:
        enabled: true
 ```

-## Setting the initial admin password via Argo CD Application CR
-
-> **Note:** When deploying the `argo-cd` chart via an Argo CD `Application` CR, define your bcrypt-hashed admin password under `helm.values`—not `helm.parameters`—because Argo CD performs variable substitution on `parameters`, which will mangle any `$…` in your hash.
-
-```yaml
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: argocd-testing
-spec:
-  destination:
-    namespace: testing
-    server: https://kubernetes.default.svc
-  project: default
-  source:
-    chart: argo-cd
-    repoURL: https://argoproj.github.io/argo-helm
-    targetRevision: 3.21.0
-    helm:
-      values: |
-        configs:
-          secret:
-            argocdServerAdminPassword: $2a$10$H1a30nMr9v2QE2nkyz0BoOD2J0I6FQFMtHS0csEg12RBWzfRuuoE6
-```
-
 ## Synchronizing Changes from Original Repository

 In the original [Argo CD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd).
@ -303,42 +278,6 @@ For full list of changes please check ArtifactHub [changelog].

 Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.

-### 8.0.0
-
-In this release we upgrade the Helm chart to deploy the next major version of Argo CD (v3.0.0).
-Please carefully read at least those resources:
- [v2.14 to 3.0 upgrade instructions]
- [Argo CD v3.0 Release Blog Post]
-
-### 7.9.0
-
-Chart versions from >= 7.7.2 and < 7.9.0 are using a Redis version which is no longer using an open source version of Redis.
-Thus we downgraded Redis to latest available 7.2 (from 7.4) to be in-line with upstream manifests and fully honor
-[CNCF Allowlist License Policy].
-
-**Users using redis-ha may encounter issues** which can be resolved by either deleting all redis-ha pods after the
-deployment/upgrade:
-
-```bash
-kubectl delete pods -l app=redis-ha
-```
-
-Or alternatively by temporary switching to a single redis installation, then back to HA.
-1. Evaluate current chart version in use
-   ```bash
-   $ helm ls
-   NAME  	NAMESPACE	REVISION	UPDATED                              	STATUS  	CHART         	APP VERSION
-   argocd	argocd   	3       	2025-04-29 00:07:43.099922 +0200 CEST	deployed	argo-cd-7.8.28	v2.14.11
-   ```
-2. Switch to single redis
-   ```bash
-   helm upgrade argocd argo/argo-cd --version <your current chart version> --reuse-values --set redis-ha.enabled=false
-   ```
-3. Upgrade to chart version 7.9 or newer and re-enable redis HA again
-   ```bash
-   helm upgrade argocd argo/argo-cd --version 7.9.0 --reuse-values --set redis-ha.enabled=true
-   ```
-
 ### 7.0.0

 We changed the type of `.Values.configs.clusterCredentials` from `list` to `object`.
@ -373,7 +312,7 @@ This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr
 Upstream steps in the [FAQ] are not enough, since we chose a different approach.
 (We use a Kubernetes Job with [Chart Hooks] to create the auth secret `argocd-redis`.)

-Steps to rotate the secret when using the helm chart (bold step is additional to upstream):
+Steps to roteate the secret when using the helm chart (bold step is additional to upstream):
 * Delete `argocd-redis` secret in the namespace where Argo CD is installed.
  ```bash
  kubectl delete secret argocd-redis -n <argocd namespace>
@ -731,7 +670,7 @@ NAME: my-release
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | apiVersionOverrides | object | `{}` |  |
-| crds.additionalLabels | object | `{}` | Additional labels to be added to all CRDs |
+| crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs |
 | crds.annotations | object | `{}` | Annotations to be added to all CRDs |
 | crds.install | bool | `true` | Install and upgrade CRDs |
 | crds.keep | bool | `true` | Keep CRDs on chart uninstall |
@ -746,8 +685,6 @@ NAME: my-release

 ## Global Configs

-NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm ConfigMap.
-
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | global.addPrometheusAnnotations | bool | `false` | Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. |
@ -757,7 +694,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` |
 | global.certificateAnnotations | object | `{}` | Annotations for the all deployed Certificates |
 | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments |
-| global.deploymentLabels | object | `{}` | Labels for the all deployed Deployments |
 | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments |
 | global.domain | string | `"argocd.example.com"` | Default domain used by all components |
 | global.dualStack.ipFamilies | list | `[]` | IP families that should be supported and the order in which they should be applied to ClusterIP as well. Can be IPv4 and/or IPv6. |
@ -772,7 +708,7 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` |
 | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components |
 | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic |
-| global.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Default node selector for all components |
+| global.nodeSelector | object | `{}` | Default node selector for all components |
 | global.podAnnotations | object | `{}` | Annotations for the all deployed pods |
 | global.podLabels | object | `{}` | Labels for the all deployed pods |
 | global.priorityClassName | string | `""` | Default priority class for all components |
@ -790,17 +726,7 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | configs.clusterCredentials | object | `{}` (See [values.yaml]) | Provide one or multiple [external cluster credentials] |
 | configs.cm."admin.enabled" | bool | `true` | Enable local admin user |
 | configs.cm."application.instanceLabelKey" | string | `"argocd.argoproj.io/instance"` | The name of tracking label used by Argo CD for resource pruning |
-| configs.cm."application.sync.impersonation.enabled" | bool | `false` | Enable control of the service account used for the sync operation (alpha) |
 | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI |
-| configs.cm."resource.customizations.ignoreResourceUpdates.ConfigMap" | string | See [values.yaml] | Ignore the cluster-autoscaler status |
-| configs.cm."resource.customizations.ignoreResourceUpdates.Endpoints" | string | See [values.yaml] | Ignores update if Endpoints is not excluded globally |
-| configs.cm."resource.customizations.ignoreResourceUpdates.all" | string | See [values.yaml] | Ignoring status for all resources. An update will still be sent if the status update causes the health to change. |
-| configs.cm."resource.customizations.ignoreResourceUpdates.apps_ReplicaSet" | string | See [values.yaml] | Ignore the common scaling annotations |
-| configs.cm."resource.customizations.ignoreResourceUpdates.argoproj.io_Application" | string | See [values.yaml] | Some Application fields are generated and not related to the application updates itself |
-| configs.cm."resource.customizations.ignoreResourceUpdates.argoproj.io_Rollout" | string | See [values.yaml] | Ignore Argo Rollouts generated fields |
-| configs.cm."resource.customizations.ignoreResourceUpdates.autoscaling_HorizontalPodAutoscaler" | string | See [values.yaml] | Legacy annotations used on HPA autoscaling/v1 |
-| configs.cm."resource.customizations.ignoreResourceUpdates.discovery.k8s.io_EndpointSlice" | string | See [values.yaml] | Ignores update if EndpointSlice is not excluded globally |
-| configs.cm."resource.exclusions" | string | See [values.yaml] | Resource Exclusion/Inclusion |
 | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement |
 | configs.cm."statusbadge.enabled" | bool | `false` | Enable Status Badge |
 | configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache |
@ -823,8 +749,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. |
 | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts |
 | configs.params."controller.status.processors" | int | `20` | Number of application status processors |
-| configs.params."controller.sync.timeout.seconds" | int | `0` | Specifies the timeout after which a sync would be terminated. 0 means no timeout |
-| configs.params."hydrator.enabled" | bool | `false` | Enable the hydrator feature (hydrator is in Alpha phase) |
 | configs.params."otlp.address" | string | `""` | Open-Telemetry collector address: (e.g. "otel-collector:4317") |
 | configs.params."reposerver.parallelism.limit" | int | `0` | Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. |
 | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / |
@ -865,7 +789,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. |
 | configs.tls.annotations | object | `{}` | Annotations to be added to argocd-tls-certs-cm configmap |
 | configs.tls.certificates | object | `{}` (See [values.yaml]) | TLS certificates for Git repositories |
-| configs.tls.create | bool | `true` | Specifies if the argocd-tls-certs-cm configmap should be created by Helm. |

 ## Argo CD Controller

@ -878,7 +801,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | controller.containerPorts.metrics | int | `8082` | Metrics container port |
 | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context |
 | controller.deploymentAnnotations | object | `{}` | Annotations for the application controller Deployment |
-| controller.deploymentLabels | object | `{}` | Labels for the application controller Deployment |
 | controller.dnsConfig | object | `{}` | [DNS configuration] |
 | controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods |
 | controller.dynamicClusterDistribution | bool | `false` | Enable dynamic cluster distribution (alpha) Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution |
@ -922,7 +844,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
 | controller.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
 | controller.name | string | `"application-controller"` | Application controller name string |
-| controller.networkPolicy.create | bool | `false` (defaults to global.networkPolicy.create) | Default network policy rules used by application controller |
 | controller.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
 | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb |
 | controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller |
@ -978,7 +899,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | repoServer.containerPorts.server | int | `8081` | Repo server container port |
 | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context |
 | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment |
-| repoServer.deploymentLabels | object | `{}` | Labels for the repo server Deployment |
 | repoServer.deploymentStrategy | object | `{}` | Deployment strategy to be added to the repo server Deployment |
 | repoServer.dnsConfig | object | `{}` | [DNS configuration] |
 | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods |
@ -1020,7 +940,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
 | repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
 | repoServer.name | string | `"repo-server"` | Repo server name |
-| repoServer.networkPolicy.create | bool | `false` (defaults to global.networkPolicy.create) | Default network policy rules used by repo server |
 | repoServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
 | repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb |
 | repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server |
@ -1043,7 +962,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | repoServer.service.labels | object | `{}` | Repo server service labels |
 | repoServer.service.port | int | `8081` | Repo server service port |
 | repoServer.service.portName | string | `"tcp-repo-server"` | Repo server service port name |
-| repoServer.service.trafficDistribution | string | `""` | Traffic distribution preference for the repo server service. If the field is not set, the implementation will apply its default routing strategy. |
 | repoServer.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
 | repoServer.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
 | repoServer.serviceAccount.create | bool | `true` | Create repo server service account |
@ -1095,7 +1013,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | server.containerPorts.server | int | `8080` | Server container port |
 | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context |
 | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment |
-| server.deploymentLabels | object | `{}` | Labels for the server Deployment |
 | server.deploymentStrategy | object | `{}` | Deployment strategy to be added to the server Deployment |
 | server.dnsConfig | object | `{}` | [DNS configuration] |
 | server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods |
@ -1174,7 +1091,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
 | server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
 | server.name | string | `"server"` | Argo CD server name |
-| server.networkPolicy.create | bool | `false` (defaults to global.networkPolicy.create) | Default network policy rules used by ArgoCD Server |
 | server.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
 | server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb |
 | server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server |
@ -1241,7 +1157,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | dex.containerPorts.metrics | int | `5558` | Metrics container port |
 | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context |
 | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment |
-| dex.deploymentLabels | object | `{}` | Labels for the Dex server Deployment |
 | dex.deploymentStrategy | object | `{}` | Deployment strategy to be added to the Dex server Deployment |
 | dex.dnsConfig | object | `{}` | [DNS configuration] |
 | dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods |
@ -1253,7 +1168,7 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod |
 | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy |
 | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository |
-| dex.image.tag | string | `"v2.43.1"` | Dex image tag |
+| dex.image.tag | string | `"v2.41.1"` | Dex image tag |
 | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
 | dex.initContainers | list | `[]` | Init containers to add to the dex pod |
 | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy |
@ -1269,6 +1184,8 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | dex.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
 | dex.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
 | dex.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
+| dex.logFormat | string | `""` (defaults to global.logging.format) | Dex log format. Either `text` or `json` |
+| dex.logLevel | string | `""` (defaults to global.logging.level) | Dex log level. One of: `debug`, `info`, `warn`, `error` |
 | dex.metrics.enabled | bool | `false` | Deploy metrics service |
 | dex.metrics.service.annotations | object | `{}` | Metrics service annotations |
 | dex.metrics.service.labels | object | `{}` | Metrics service labels |
@ -1285,7 +1202,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
 | dex.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
 | dex.name | string | `"dex-server"` | Dex name |
-| dex.networkPolicy.create | bool | `false` (defaults to global.networkPolicy.create) | Default network policy rules used by Dex server |
 | dex.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
 | dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb |
 | dex.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Dex server |
@ -1333,7 +1249,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | redis.containerPorts.redis | int | `6379` | Redis container port |
 | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context |
 | redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment |
-| redis.deploymentLabels | object | `{}` | Labels for the Redis server Deployment |
 | redis.dnsConfig | object | `{}` | [DNS configuration] |
 | redis.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Redis server pods |
 | redis.enabled | bool | `true` | Enable redis |
@ -1343,8 +1258,8 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar |
 | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter |
 | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter |
-| redis.exporter.image.repository | string | `"ghcr.io/oliver006/redis_exporter"` | Repository to use for the redis-exporter |
-| redis.exporter.image.tag | string | `"v1.74.0"` | Tag to use for the redis-exporter |
+| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter |
+| redis.exporter.image.tag | string | `"1.58.0"` | Tag to use for the redis-exporter |
 | redis.exporter.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis exporter |
 | redis.exporter.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
 | redis.exporter.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated |
@ -1361,8 +1276,8 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server |
 | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod |
 | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy |
-| redis.image.repository | string | `"ecr-public.aws.com/docker/library/redis"` | Redis repository |
-| redis.image.tag | string | `"7.2.8-alpine"` | Redis tag |
+| redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository |
+| redis.image.tag | string | `"7.4.1-alpine"` | Redis tag |
 | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
 | redis.initContainers | list | `[]` | Init containers to add to the redis pod |
 | redis.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis server |
@ -1390,7 +1305,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf
 | redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
 | redis.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
 | redis.name | string | `"redis"` | Redis name |
-| redis.networkPolicy.create | bool | `false` (defaults to global.networkPolicy.create) | Default network policy rules used by redis |
 | redis.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
 | redis.pdb.annotations | object | `{}` | Annotations to be added to Redis pdb |
 | redis.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Redis |
@ -1437,20 +1351,19 @@ The main options are listed here:
 | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment |
 | redis-ha.existingSecret | string | `"argocd-redis"` | Existing Secret to use for redis-ha authentication. By default the redis-secret-init Job is generating this Secret. |
 | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar |
-| redis-ha.exporter.image | string | `"ghcr.io/oliver006/redis_exporter"` | Repository to use for the redis-exporter |
-| redis-ha.exporter.tag | string | `"v1.69.0"` | Tag to use for the redis-exporter |
+| redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter |
+| redis-ha.exporter.tag | string | `"1.58.0"` | Tag to use for the redis-exporter |
 | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. |
 | redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. |
 | redis-ha.haproxy.containerSecurityContext | object | See [values.yaml] | HAProxy container-level security context |
 | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy |
 | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. |
-| redis-ha.haproxy.image.repository | string | `"ecr-public.aws.com/docker/library/haproxy"` | HAProxy Image Repository |
 | redis-ha.haproxy.labels | object | `{"app.kubernetes.io/name":"argocd-redis-ha-haproxy"}` | Custom labels for the haproxy pod. This is relevant for Argo CD CLI. |
 | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping |
 | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. |
 | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. |
-| redis-ha.image.repository | string | `"ecr-public.aws.com/docker/library/redis"` | Redis repository |
-| redis-ha.image.tag | string | `"7.2.8-alpine"` | Redis tag |
+| redis-ha.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository |
+| redis-ha.image.tag | string | `"7.4.1-alpine"` | Redis tag |
 | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes |
 | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) |
 | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""`  is disabled |
@ -1473,7 +1386,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide

 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| externalRedis.existingSecret | string | `""` | The name of an existing secret with Redis (must contain key `redis-password`. And should contain `redis-username` if username is not `default`) and Sentinel credentials. When it's set, the `externalRedis.username` and `externalRedis.password` parameters are ignored |
+| externalRedis.existingSecret | string | `""` | The name of an existing secret with Redis (must contain key `redis-password`) and Sentinel credentials. When it's set, the `externalRedis.password` parameter is ignored |
 | externalRedis.host | string | `""` | External Redis server host |
 | externalRedis.password | string | `""` | External Redis password |
 | externalRedis.port | int | `6379` | External Redis server port |
@ -1533,7 +1446,6 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
 | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port |
 | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context |
 | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment |
-| applicationSet.deploymentLabels | object | `{}` | Labels for the ApplicationSet controller Deployment |
 | applicationSet.deploymentStrategy | object | `{}` | Deployment strategy to be added to the ApplicationSet controller Deployment |
 | applicationSet.dnsConfig | object | `{}` | [DNS configuration] |
 | applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods |
@ -1587,7 +1499,6 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
 | applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
 | applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
 | applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string |
-| applicationSet.networkPolicy.create | bool | `false` (defaults to global.networkPolicy.create) | Default network policy rules used by ApplicationSet controller |
 | applicationSet.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
 | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb |
 | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller |
@ -1633,7 +1544,6 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
 | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context |
 | notifications.context | object | `{}` | Define user-defined context |
 | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment |
-| notifications.deploymentLabels | object | `{}` | Labels for the notifications controller Deployment |
 | notifications.deploymentStrategy | object | `{"type":"Recreate"}` | Deployment strategy to be added to the notifications controller Deployment |
 | notifications.dnsConfig | object | `{}` | [DNS configuration] |
 | notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods |
@ -1655,6 +1565,8 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
 | notifications.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
 | notifications.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
 | notifications.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
+| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` |
+| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` |
 | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server |
 | notifications.metrics.port | int | `9001` | Metrics port |
 | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations |
@ -1672,7 +1584,6 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
 | notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
 | notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
 | notifications.name | string | `"notifications-controller"` | Notifications controller name string |
-| notifications.networkPolicy.create | bool | `false` (defaults to global.networkPolicy.create) | Default network policy rules used by notifications controller |
 | notifications.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
 | notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook |
 | notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb |
@ -1708,69 +1619,6 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
 | notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller |
 | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent |

-## Commit server (Manifest Hydrator)
-
-The Argo CD Commit Server provides push access to git repositories for hydrated manifests.
-
-To read more about this component, please read [Argo CD Manifest Hydrator] and [Manifest Hydrator].
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| commitServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
-| commitServer.automountServiceAccountToken | bool | `false` | Automount API credentials for the Service Account into the pod. |
-| commitServer.containerSecurityContext | object | See [values.yaml] | commit server container-level security context |
-| commitServer.deploymentAnnotations | object | `{}` | Annotations to be added to commit server Deployment |
-| commitServer.deploymentLabels | object | `{}` | Labels for the commit server Deployment |
-| commitServer.deploymentStrategy | object | `{}` | Deployment strategy to be added to the commit server Deployment |
-| commitServer.dnsConfig | object | `{}` | [DNS configuration] |
-| commitServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for commit server pods |
-| commitServer.enabled | bool | `false` | Enable commit server |
-| commitServer.extraArgs | list | `[]` | commit server command line flags |
-| commitServer.extraEnv | list | `[]` | Environment variables to pass to the commit server |
-| commitServer.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the commit server |
-| commitServer.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) |
-| commitServer.extraVolumes | list | `[]` | List of extra volumes to add |
-| commitServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the commit server |
-| commitServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the commit server |
-| commitServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the commit server |
-| commitServer.livenessProbe.enabled | bool | `true` | Enable Kubernetes liveness probe for commit server |
-| commitServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
-| commitServer.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated |
-| commitServer.livenessProbe.periodSeconds | int | `30` | How often (in seconds) to perform the [probe] |
-| commitServer.livenessProbe.timeoutSeconds | int | `5` | Number of seconds after which the [probe] times out |
-| commitServer.metrics.enabled | bool | `false` | Enables prometheus metrics server |
-| commitServer.metrics.service.annotations | object | `{}` | Metrics service annotations |
-| commitServer.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
-| commitServer.metrics.service.labels | object | `{}` | Metrics service labels |
-| commitServer.metrics.service.portName | string | `"metrics"` | Metrics service port name |
-| commitServer.metrics.service.servicePort | int | `8087` | Metrics service port |
-| commitServer.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
-| commitServer.name | string | `"commit-server"` | Commit server name |
-| commitServer.networkPolicy.create | bool | `false` (defaults to global.networkPolicy.create) | Default network policy rules used by commit server |
-| commitServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
-| commitServer.podAnnotations | object | `{}` | Annotations for the commit server pods |
-| commitServer.podLabels | object | `{}` | Labels for the commit server pods |
-| commitServer.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the commit server pods |
-| commitServer.readinessProbe.enabled | bool | `true` | Enable Kubernetes liveness probe for commit server |
-| commitServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
-| commitServer.readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before [probe] is initiated |
-| commitServer.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
-| commitServer.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
-| commitServer.resources | object | `{}` | Resource limits and requests for the commit server pods. |
-| commitServer.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the commit server |
-| commitServer.service.annotations | object | `{}` | commit server service annotations |
-| commitServer.service.labels | object | `{}` | commit server service labels |
-| commitServer.service.port | int | `8086` | commit server service port |
-| commitServer.service.portName | string | `"server"` | commit server service port name |
-| commitServer.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
-| commitServer.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
-| commitServer.serviceAccount.create | bool | `true` | Create commit server service account |
-| commitServer.serviceAccount.labels | object | `{}` | Labels applied to created service account |
-| commitServer.serviceAccount.name | string | `"argocd-commit-server"` | commit server service account name |
-| commitServer.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook |
-| commitServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
-| commitServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the commit server |
-
 ----------------------------------------------
 Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

@ -1803,8 +1651,3 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
 [Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace
 [Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice
 [Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer
-[Argo CD Manifest Hydrator]: https://argo-cd.readthedocs.io/en/stable/proposals/manifest-hydrator/
-[Manifest Hydrator]: https://github.com/argoproj/argo-cd/blob/master/docs/proposals/manifest-hydrator.md
-[CNCF Allowlist License Policy]: https://github.com/cncf/foundation/blob/main/allowed-third-party-license-policy.md#cncf-allowlist-license-policy
-[v2.14 to 3.0 upgrade instructions]: https://argo-cd.readthedocs.io/en/stable/operator-manual/upgrading/2.14-3.0/
-[Argo CD v3.0 Release Blog Post]: https://blog.argoproj.io/argo-cd-v3-0-release-candidate-a0b933f4e58f
--- a/charts/argo-cd/README.md.gotmpl
+++ b/charts/argo-cd/README.md.gotmpl
@ -190,7 +190,7 @@ server:
      alb.ingress.kubernetes.io/scheme: internal
      alb.ingress.kubernetes.io/target-type: ip
      alb.ingress.kubernetes.io/backend-protocol: HTTP
-      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]'
+      alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]'
      alb.ingress.kubernetes.io/ssl-redirect: '443'
    aws:
      serviceType: ClusterIP # <- Used with target-type: ip
@ -236,31 +236,6 @@ server:
        enabled: true
 ```

-## Setting the initial admin password via Argo CD Application CR
-
-> **Note:** When deploying the `argo-cd` chart via an Argo CD `Application` CR, define your bcrypt-hashed admin password under `helm.values`—not `helm.parameters`—because Argo CD performs variable substitution on `parameters`, which will mangle any `$…` in your hash.
-
-```yaml
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: argocd-testing
-spec:
-  destination:
-    namespace: testing
-    server: https://kubernetes.default.svc
-  project: default
-  source:
-    chart: argo-cd
-    repoURL: https://argoproj.github.io/argo-helm
-    targetRevision: 3.21.0
-    helm:
-      values: |
-        configs:
-          secret:
-            argocdServerAdminPassword: $2a$10$H1a30nMr9v2QE2nkyz0BoOD2J0I6FQFMtHS0csEg12RBWzfRuuoE6
-```
-

 ## Synchronizing Changes from Original Repository

@ -303,43 +278,6 @@ For full list of changes please check ArtifactHub [changelog].

 Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.

-### 8.0.0
-
-In this release we upgrade the Helm chart to deploy the next major version of Argo CD (v3.0.0).
-Please carefully read at least those resources:
- [v2.14 to 3.0 upgrade instructions]
- [Argo CD v3.0 Release Blog Post]
-
-### 7.9.0
-
-Chart versions from >= 7.7.2 and < 7.9.0 are using a Redis version which is no longer using an open source version of Redis.
-Thus we downgraded Redis to latest available 7.2 (from 7.4) to be in-line with upstream manifests and fully honor
-[CNCF Allowlist License Policy].
-
-
-**Users using redis-ha may encounter issues** which can be resolved by either deleting all redis-ha pods after the
-deployment/upgrade:
-
-```bash
-kubectl delete pods -l app=redis-ha
-```
-
-Or alternatively by temporary switching to a single redis installation, then back to HA.
-1. Evaluate current chart version in use
-   ```bash
-   $ helm ls
-   NAME  	NAMESPACE	REVISION	UPDATED                              	STATUS  	CHART         	APP VERSION
-   argocd	argocd   	3       	2025-04-29 00:07:43.099922 +0200 CEST	deployed	argo-cd-7.8.28	v2.14.11
-   ```
-2. Switch to single redis
-   ```bash
-   helm upgrade argocd argo/argo-cd --version <your current chart version> --reuse-values --set redis-ha.enabled=false
-   ```
-3. Upgrade to chart version 7.9 or newer and re-enable redis HA again
-   ```bash
-   helm upgrade argocd argo/argo-cd --version 7.9.0 --reuse-values --set redis-ha.enabled=true
-   ```
-
 ### 7.0.0

 We changed the type of `.Values.configs.clusterCredentials` from `list` to `object`.
@ -374,7 +312,7 @@ This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr
 Upstream steps in the [FAQ] are not enough, since we chose a different approach.
 (We use a Kubernetes Job with [Chart Hooks] to create the auth secret `argocd-redis`.)

-Steps to rotate the secret when using the helm chart (bold step is additional to upstream):
+Steps to roteate the secret when using the helm chart (bold step is additional to upstream):
 * Delete `argocd-redis` secret in the namespace where Argo CD is installed. 
  ```bash
  kubectl delete secret argocd-redis -n <argocd namespace>
@ -734,15 +672,13 @@ NAME: my-release
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 {{- range .Values }}
-  {{- if not (or  (hasPrefix "global" .Key) (hasPrefix "configs" .Key) (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) (hasPrefix "commitServer" .Key) ) }}
+  {{- if not (or  (hasPrefix "global" .Key) (hasPrefix "configs" .Key) (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) ) }}
 | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} |
  {{- end }}
 {{- end }}

 ## Global Configs

-NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm ConfigMap.
-
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 {{- range .Values }}
@ -877,20 +813,6 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
  {{- end }}
 {{- end }}

-## Commit server (Manifest Hydrator)
-
-The Argo CD Commit Server provides push access to git repositories for hydrated manifests.
-
-To read more about this component, please read [Argo CD Manifest Hydrator] and [Manifest Hydrator].
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-{{- range .Values }}
-  {{- if hasPrefix "commitServer" .Key }}
-| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} |
-  {{- end }}
-{{- end }}
-
 ----------------------------------------------
 Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

@ -923,8 +845,3 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
 [Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace
 [Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice
 [Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer
-[Argo CD Manifest Hydrator]: https://argo-cd.readthedocs.io/en/stable/proposals/manifest-hydrator/
-[Manifest Hydrator]: https://github.com/argoproj/argo-cd/blob/master/docs/proposals/manifest-hydrator.md
-[CNCF Allowlist License Policy]: https://github.com/cncf/foundation/blob/main/allowed-third-party-license-policy.md#cncf-allowlist-license-policy
-[v2.14 to 3.0 upgrade instructions]: https://argo-cd.readthedocs.io/en/stable/operator-manual/upgrading/2.14-3.0/
-[Argo CD v3.0 Release Blog Post]: https://blog.argoproj.io/argo-cd-v3-0-release-candidate-a0b933f4e58f
--- a/charts/argo-cd/ci/default-values.yaml
+++ b/charts/argo-cd/ci/default-values.yaml
@ -1,7 +1,3 @@
 # Test with default values
 crds:
  keep: false
-
-redis:
-  exporter:
-    enabled: true
--- a/charts/argo-cd/ci/ha-autoscaling-values.yaml
+++ b/charts/argo-cd/ci/ha-autoscaling-values.yaml
@ -4,8 +4,6 @@ crds:

 redis-ha:
  enabled: true
-  exporter:
-    enabled: true

 server:
  autoscaling:
--- a/charts/argo-cd/ci/with-commit-server-values.yaml
+++ b/charts/argo-cd/ci/with-commit-server-values.yaml
@ -1,3 +0,0 @@
-# Test Argo CD with optional component "commit-server"
-commitServer:
-  enabled: true
--- a/charts/argo-cd/templates/NOTES.txt
+++ b/charts/argo-cd/templates/NOTES.txt
@ -1,24 +1,9 @@
-{{- if .Values.notifications.logLevel }}
-DEPRECATED option notifications.logLevel - Use `configs.params."notificationscontroller.log.level"`
-{{- end }}
-{{- if .Values.notifications.logFormat }}
-DEPRECATED option notifications.logFormat - Use `configs.params."notificationscontroller.log.format"`
-{{- end }}
-{{- if .Values.dex.logLevel }}
-DEPRECATED option dex.logLevel - Use `configs.params."dexserver.log.level"`
-{{- end }}
-{{- if .Values.dex.logFormat }}
-DEPRECATED option dex.logFormat - Use `configs.params."dexserver.log.format"`
-{{- end }}
 In order to access the server UI you have the following options:

-{{ $rootpath := default "" (index .Values "configs" "params" "server.rootpath") -}}
 1. kubectl port-forward service/{{ include "argo-cd.fullname" . }}-server -n {{ include  "argo-cd.namespace" . }} 8080:443
-{{ if $rootpath }}
-    and then open the browser on http://localhost:8080/{{ $rootpath }} and accept the certificate
-{{ else }}
+
    and then open the browser on http://localhost:8080 and accept the certificate
-{{ end }}
+
 2. enable ingress in the values file `server.ingress.enabled` and either
      - Add the annotation for ssl passthrough: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-1-ssl-passthrough
      - Set the `configs.params."server.insecure"` in the values file and terminate SSL at your ingress: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-2-multiple-ingress-objects-and-hosts
--- a/charts/argo-cd/templates/_helpers.tpl
+++ b/charts/argo-cd/templates/_helpers.tpl
@ -177,24 +177,6 @@ Create the name of the notifications service account to use
 {{- end -}}
 {{- end -}}

-{{/*
-Create argocd commit-server name and version as used by the chart label.
-*/}}
-{{- define "argo-cd.commitServer.fullname" -}}
-{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.commitServer.name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create the name of the commit-server service account to use
-*/}}
-{{- define "argo-cd.commitServer.serviceAccountName" -}}
-{{- if .Values.commitServer.serviceAccount.create -}}
-    {{ default (include "argo-cd.commitServer.fullname" .) .Values.commitServer.serviceAccount.name }}
-{{- else -}}
-    {{ default "default" .Values.commitServer.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
 {{/*
 Argo Configuration Preset Values (Influenced by Values configuration)
 */}}
@ -238,10 +220,7 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ
 {{- $_ := set $presets "server.dex.server" (include "argo-cd.dex.server" .) -}}
 {{- $_ := set $presets "server.dex.server.strict.tls" .Values.dex.certificateSecret.enabled -}}
 {{- end -}}
-{{- if .Values.commitServer.enabled -}}
-{{- $_ := set $presets "commit.server" (printf "%s:%s" (include "argo-cd.commitServer.fullname" .) (.Values.commitServer.service.port | toString)) -}}
-{{- end -}}
-{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" "notificationscontroller" "dexserver" "commitserver" -}}
+{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" -}}
 {{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}}
 {{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}}
 {{- end -}}
@ -278,44 +257,3 @@ ipFamilyPolicy: {{ . }}
 ipFamilies: {{ toYaml . | nindent 4 }}
 {{- end }}
 {{- end }}
-
-{{/*
-secretKeyRef of env variable REDIS_USERNAME
-*/}}
-{{- define "argo-cd.redisUsernameSecretRef" -}}
-    {{- if .Values.externalRedis.host -}}
-name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
-key: redis-username
-optional: {{ if .Values.externalRedis.username }}false{{ else }}true{{ end }}
-
-    {{- else -}}
-name: "argocd-redis"
-key: redis-username
-optional: true
-    {{- end -}}
-{{- end -}}
-
-{{/*
-secretKeyRef of env variable REDIS_PASSWORD
-*/}}
-{{- define "argo-cd.redisPasswordSecretRef" -}}
-    {{- if .Values.externalRedis.host -}}
-    {{- /* External Redis use case */ -}}
-    {{- /* Secret is required when specifying existingSecret or a password, otherwise it is optional */ -}}
-name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
-key: redis-password
-optional: {{ if or .Values.externalRedis.existingSecret .Values.externalRedis.password }}false{{ else }}true{{ end }}
-
-    {{- else if and .Values.redisSecretInit.enabled -}}
-    {{- /* Default case where Secret is generated by the Job with Helm pre-install hooks */ -}}
-name: "argocd-redis" # hard-coded in Job command and embedded Redis deployments (standalone and redis-ha)
-key: auth
-optional: false # Secret is not optional in this case !
-
-    {{- else -}}
-    {{- /* All other use cases (e.g. disabled pre-install Job) */ -}}
-name: "argocd-redis"
-key: auth
-optional: true
-    {{- end -}}
-{{- end -}}
--- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml
@ -12,9 +12,6 @@ metadata:
  namespace: {{ include  "argo-cd.namespace" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
-    {{- with (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.controller.deploymentLabels) }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
 spec:
  replicas: {{ .Values.controller.replicas }}
  revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit | default .Values.global.revisionHistoryLimit }}
@ -148,12 +145,6 @@ spec:
                name: argocd-cmd-params-cm
                key: controller.log.level
                optional: true
-          - name: ARGOCD_LOG_FORMAT_TIMESTAMP
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: log.format.timestamp
-                optional: true
          - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION
            valueFrom:
              configMapKeyRef:
@ -184,18 +175,6 @@ spec:
                name: argocd-cmd-params-cm
                key: controller.self.heal.backoff.cap.seconds
                optional: true
-          - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_COOLDOWN_SECONDS
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: controller.self.heal.backoff.cooldown.seconds
-                optional: true
-          - name: ARGOCD_APPLICATION_CONTROLLER_SYNC_TIMEOUT
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: controller.sync.timeout.seconds
-                optional: true
          - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT
            valueFrom:
              configMapKeyRef:
@ -241,11 +220,19 @@ spec:
          - name: REDIS_USERNAME
            valueFrom:
              secretKeyRef:
-                {{- include "argo-cd.redisUsernameSecretRef" . | nindent 16 }}
+                name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
+                key: redis-username
+                optional: true
          - name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
-                {{- include "argo-cd.redisPasswordSecretRef" . | nindent 16 }}
+                name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
+                {{- if .Values.externalRedis.host }}
+                key: redis-password
+                {{- else }}
+                key: auth
+                {{- end }}
+                optional: true
          - name: REDIS_SENTINEL_USERNAME
            valueFrom:
              secretKeyRef:
@ -324,30 +311,6 @@ spec:
                name: argocd-cmd-params-cm
                key: controller.ignore.normalizer.jq.timeout
                optional: true
-          - name: ARGOCD_HYDRATOR_ENABLED
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: hydrator.enabled
-                optional: true
-          - name: ARGOCD_CLUSTER_CACHE_BATCH_EVENTS_PROCESSING
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: controller.cluster.cache.batch.events.processing
-                optional: true
-          - name: ARGOCD_CLUSTER_CACHE_EVENTS_PROCESSING_INTERVAL
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: controller.cluster.cache.events.processing.interval
-                optional: true
-          - name: ARGOCD_APPLICATION_CONTROLLER_COMMIT_SERVER
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: commit.server
-                optional: true
        {{- with .Values.controller.envFrom }}
        envFrom:
          {{- toYaml . | nindent 10 }}
--- a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml
@ -1,4 +1,4 @@
-{{- if or .Values.controller.networkPolicy.create .Values.global.networkPolicy.create }}
+{{- if .Values.global.networkPolicy.create }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
--- a/charts/argo-cd/templates/argocd-application-controller/role.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml
@ -19,7 +19,6 @@ rules:
  - argoproj.io
  resources:
  - applications
-  - applicationsets
  - appprojects
  verbs:
  - create
--- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml
@ -144,12 +144,6 @@ spec:
                name: argocd-cmd-params-cm
                key: controller.log.level
                optional: true
-          - name: ARGOCD_LOG_FORMAT_TIMESTAMP
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: log.format.timestamp
-                optional: true
          - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION
            valueFrom:
              configMapKeyRef:
@ -180,18 +174,6 @@ spec:
                name: argocd-cmd-params-cm
                key: controller.self.heal.backoff.cap.seconds
                optional: true
-          - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_COOLDOWN_SECONDS
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: controller.self.heal.backoff.cooldown.seconds
-                optional: true
-          - name: ARGOCD_APPLICATION_CONTROLLER_SYNC_TIMEOUT
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: controller.sync.timeout.seconds
-                optional: true
          - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT
            valueFrom:
              configMapKeyRef:
@ -237,11 +219,19 @@ spec:
          - name: REDIS_USERNAME
            valueFrom:
              secretKeyRef:
-                {{- include "argo-cd.redisUsernameSecretRef" . | nindent 16 }}
+                name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
+                key: redis-username
+                optional: true
          - name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
-                {{- include "argo-cd.redisPasswordSecretRef" . | nindent 16 }}
+                name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
+                {{- if .Values.externalRedis.host }}
+                key: redis-password
+                {{- else }}
+                key: auth
+                {{- end }}
+                optional: true
          - name: REDIS_SENTINEL_USERNAME
            valueFrom:
              secretKeyRef:
@ -278,12 +268,6 @@ spec:
                name: argocd-cmd-params-cm
                key: otlp.headers
                optional: true
-          - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ATTRS
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: otlp.attrs
-                optional: true
          - name: ARGOCD_APPLICATION_NAMESPACES
            valueFrom:
              configMapKeyRef:
@ -326,32 +310,6 @@ spec:
                name: argocd-cmd-params-cm
                key: controller.ignore.normalizer.jq.timeout
                optional: true
-          - name: ARGOCD_HYDRATOR_ENABLED
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: hydrator.enabled
-                optional: true
-          - name: ARGOCD_CLUSTER_CACHE_BATCH_EVENTS_PROCESSING
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: controller.cluster.cache.batch.events.processing
-                optional: true
-          - name: ARGOCD_CLUSTER_CACHE_EVENTS_PROCESSING_INTERVAL
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: controller.cluster.cache.events.processing.interval
-                optional: true
-          - name: ARGOCD_APPLICATION_CONTROLLER_COMMIT_SERVER
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: commit.server
-                optional: true
-          - name: KUBECACHEDIR
-            value: /tmp/kubecache
        {{- with .Values.controller.envFrom }}
        envFrom:
          {{- toYaml . | nindent 10 }}
@ -386,8 +344,6 @@ spec:
          name: argocd-home
        - name: argocd-cmd-params-cm
          mountPath: /home/argocd/params
-        - name: argocd-application-controller-tmp
-          mountPath: /tmp
      {{- with .Values.controller.extraContainers }}
        {{- tpl (toYaml .) $ | nindent 6 }}
      {{- end }}
@ -429,8 +385,6 @@ spec:
        {{- else }}
        emptyDir: {}
        {{- end }}
-      - emptyDir: {}
-        name: argocd-application-controller-tmp
      - name: argocd-repo-server-tls
        secret:
          secretName: argocd-repo-server-tls
--- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml
@ -11,9 +11,6 @@ metadata:
  namespace: {{ include  "argo-cd.namespace" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
-    {{- with (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.applicationSet.deploymentLabels) }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
 spec:
  {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.applicationSet.deploymentStrategy) }}
  strategy:
@ -136,12 +133,6 @@ spec:
                  key: applicationsetcontroller.log.level
                  name: argocd-cmd-params-cm
                  optional: true
-            - name: ARGOCD_LOG_FORMAT_TIMESTAMP
-              valueFrom:
-                configMapKeyRef:
-                  name: argocd-cmd-params-cm
-                  key: log.format.timestamp
-                  optional: true
            - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN
              valueFrom:
                configMapKeyRef:
@ -160,12 +151,6 @@ spec:
                  key: applicationsetcontroller.enable.progressive.syncs
                  name: argocd-cmd-params-cm
                  optional: true
-            - name: ARGOCD_APPLICATIONSET_CONTROLLER_TOKENREF_STRICT_MODE
-              valueFrom:
-                configMapKeyRef:
-                  key: applicationsetcontroller.enable.tokenref.strict.mode
-                  name: argocd-cmd-params-cm
-                  optional: true
            - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING
              valueFrom:
                configMapKeyRef:
@ -226,12 +211,6 @@ spec:
                  name: argocd-cmd-params-cm
                  key: applicationsetcontroller.webhook.parallelism.limit
                  optional: true
-            - name: ARGOCD_APPLICATIONSET_CONTROLLER_REQUEUE_AFTER
-              valueFrom:
-                configMapKeyRef:
-                  key: applicationsetcontroller.requeue.after
-                  name: argocd-cmd-params-cm
-                  optional: true
          {{- with .Values.applicationSet.extraEnvFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
--- a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml
@ -1,4 +1,4 @@
-{{- if and (or .Values.applicationSet.networkPolicy.create .Values.global.networkPolicy.create) (or .Values.applicationSet.metrics.enabled .Values.applicationSet.ingress.enabled) }}
+{{- if and .Values.global.networkPolicy.create (or .Values.applicationSet.metrics.enabled .Values.applicationSet.ingress.enabled) }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
--- a/charts/argo-cd/templates/argocd-commit-server/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-commit-server/deployment.yaml
@ -1,241 +0,0 @@
-{{- if .Values.commitServer.enabled }}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.commitServer.deploymentAnnotations) }}
-  annotations:
-    {{- range $key, $value := . }}
-    {{ $key }}: {{ $value | quote }}
-    {{- end }}
-  {{- end }}
-  name: {{ template "argo-cd.commitServer.fullname" . }}
-  namespace: {{ include  "argo-cd.namespace" . }}
-  labels:
-    {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 4 }}
-    {{- with (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.commitServer.deploymentLabels) }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
-spec:
-  {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.commitServer.deploymentStrategy) }}
-  strategy:
-    {{- trim . | nindent 4 }}
-  {{- end }}
-  revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }}
-  selector:
-    matchLabels:
-      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 6 }}
-  template:
-    metadata:
-      annotations:
-        {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.commitServer.podAnnotations) }}
-        {{- range $key, $value := . }}
-        {{ $key }}: {{ $value | quote }}
-        {{- end }}
-        {{- end }}
-      labels:
-        {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 8 }}
-        {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.commitServer.podLabels) }}
-          {{- toYaml . | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- with .Values.commitServer.runtimeClassName | default .Values.global.runtimeClassName }}
-      runtimeClassName: {{ . }}
-      {{- end }}
-      {{- with .Values.commitServer.imagePullSecrets | default .Values.global.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.global.hostAliases }}
-      hostAliases:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.global.securityContext }}
-      securityContext:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.commitServer.priorityClassName | default .Values.global.priorityClassName }}
-      priorityClassName: {{ . }}
-      {{- end }}
-      {{- with .Values.commitServer.terminationGracePeriodSeconds }}
-      terminationGracePeriodSeconds: {{ . }}
-      {{- end }}
-      serviceAccountName: {{ include "argo-cd.commitServer.serviceAccountName" . }}
-      automountServiceAccountToken: {{ .Values.commitServer.automountServiceAccountToken }}
-      containers:
-      - name: {{ .Values.commitServer.name }}
-        image: {{ default .Values.global.image.repository .Values.commitServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.commitServer.image.tag }}
-        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.commitServer.image.imagePullPolicy }}
-        args:
-        - /usr/local/bin/argocd-commit-server
-        {{- with .Values.commitServer.extraArgs }}
-          {{- toYaml . | nindent 8 }}
-        {{- end }}
-        env:
-          {{- with (concat .Values.global.env .Values.commitServer.extraEnv) }}
-            {{- toYaml . | nindent 10 }}
-          {{- end }}
-          - name: ARGOCD_COMMIT_SERVER_LISTEN_ADDRESS
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: commitserver.listen.address
-                optional: true
-          - name: ARGOCD_COMMIT_SERVER_METRICS_LISTEN_ADDRESS
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: commitserver.metrics.listen.address
-                optional: true
-          - name: ARGOCD_COMMIT_SERVER_LOGFORMAT
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: commitserver.log.format
-                optional: true
-          - name: ARGOCD_COMMIT_SERVER_LOGLEVEL
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: commitserver.log.level
-                optional: true
-          - name: ARGOCD_LOG_FORMAT_TIMESTAMP
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: log.format.timestamp
-                optional: true
-        {{- with .Values.commitServer.envFrom }}
-        envFrom:
-          {{- toYaml . | nindent 10 }}
-        {{- end }}
-        ports:
-        - containerPort: 8086
-          name: server
-          protocol: TCP
-        - containerPort: 8087
-          name: metrics
-          protocol: TCP
-        {{- if .Values.commitServer.livenessProbe.enabled }}
-        livenessProbe:
-          httpGet:
-            path: /healthz?full=true
-            port: 8087
-          initialDelaySeconds: {{ .Values.commitServer.livenessProbe.initialDelaySeconds }}
-          periodSeconds: {{ .Values.commitServer.livenessProbe.periodSeconds }}
-          failureThreshold: {{ .Values.commitServer.livenessProbe.failureThreshold }}
-          timeoutSeconds: {{ .Values.commitServer.livenessProbe.timeoutSeconds }}
-        {{- end }}
-        {{- if .Values.commitServer.readinessProbe.enabled }}
-        readinessProbe:
-          httpGet:
-            path: /healthz
-            port: 8087
-          initialDelaySeconds: {{ .Values.commitServer.readinessProbe.initialDelaySeconds }}
-          periodSeconds: {{ .Values.commitServer.readinessProbe.periodSeconds }}
-          failureThreshold: {{ .Values.commitServer.readinessProbe.failureThreshold }}
-          timeoutSeconds: {{ .Values.commitServer.readinessProbe.timeoutSeconds }}
-        {{- end }}
-        resources:
-          {{- toYaml .Values.commitServer.resources | nindent 10 }}
-        {{- with .Values.commitServer.containerSecurityContext }}
-        securityContext:
-          {{- toYaml . | nindent 10 }}
-        {{- end }}
-        {{- with .Values.commitServer.lifecycle }}
-        lifecycle:
-          {{- toYaml . | nindent 10 }}
-        {{- end }}
-        volumeMounts:
-        {{- with .Values.commitServer.extraVolumeMounts }}
-          {{- toYaml . | nindent 8 }}
-        {{- end }}
-        - name: ssh-known-hosts
-          mountPath: /app/config/ssh
-        - name: tls-certs
-          mountPath: /app/config/tls
-        - name: gpg-keys
-          mountPath: /app/config/gpg/source
-        - name: gpg-keyring
-          mountPath: /app/config/gpg/keys
-        # We need a writeable temp directory for the askpass socket file.
-        - name: tmp
-          mountPath: /tmp
-      initContainers:
-      - command:
-        - /bin/cp
-        - -n
-        - /usr/local/bin/argocd
-        - /var/run/argocd/argocd-cmp-server
-        image: {{ default .Values.global.image.repository .Values.commitServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.commitServer.image.tag }}
-        name: copyutil
-        resources:
-          {{- toYaml .Values.commitServer.resources | nindent 10 }}
-        {{- with .Values.commitServer.containerSecurityContext }}
-        securityContext:
-          {{- toYaml . | nindent 10 }}
-        {{- end }}
-        volumeMounts:
-        - mountPath: /var/run/argocd
-          name: var-files
-      volumes:
-        {{- with .Values.commitServer.extraVolumes }}
-          {{- toYaml . | nindent 8 }}
-        {{- end }}
-        - name: ssh-known-hosts
-          configMap:
-            name: argocd-ssh-known-hosts-cm
-        - name: tls-certs
-          configMap:
-            name: argocd-tls-certs-cm
-        - name: gpg-keys
-          configMap:
-            name: argocd-gpg-keys-cm
-        - name: gpg-keyring
-          emptyDir: {}
-        - name: tmp
-          emptyDir: {}
-        - name: argocd-commit-server-tls
-          secret:
-            secretName: argocd-commit-server-tls
-            optional: true
-            items:
-            - key: tls.crt
-              path: tls.crt
-            - key: tls.key
-              path: tls.key
-            - key: ca.crt
-              path: ca.crt
-        - emptyDir: {}
-          name: var-files
-      {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.commitServer) }}
-      affinity:
-        {{- trim . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.commitServer.nodeSelector | default .Values.global.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.commitServer.tolerations | default .Values.global.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.commitServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
-      topologySpreadConstraints:
-        {{- range $constraint := . }}
-      - {{ toYaml $constraint | nindent 8 | trim }}
-        {{- if not $constraint.labelSelector }}
-        labelSelector:
-          matchLabels:
-            {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.commitServer.name) | nindent 12 }}
-        {{- end }}
-        {{- end }}
-      {{- end }}
-      {{- if .Values.commitServer.hostNetwork }}
-      hostNetwork: {{ .Values.commitServer.hostNetwork }}
-      {{- end }}
-      {{- with .Values.commitServer.dnsConfig }}
-      dnsConfig:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      dnsPolicy: {{ .Values.commitServer.dnsPolicy }}
-{{- end }}
--- a/charts/argo-cd/templates/argocd-commit-server/metrics.yaml
+++ b/charts/argo-cd/templates/argocd-commit-server/metrics.yaml
@ -1,35 +0,0 @@
-{{- if and .Values.commitServer.enabled .Values.commitServer.metrics.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "argo-cd.commitServer.fullname" . }}-metrics
-  namespace: {{ include  "argo-cd.namespace" . }}
-  labels:
-    {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" "metrics") | nindent 4 }}
-    {{- with .Values.commitServer.metrics.service.labels }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
-  {{- if or .Values.commitServer.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
-  annotations:
-    {{- if .Values.global.addPrometheusAnnotations }}
-    prometheus.io/port: {{ .Values.commitServer.metrics.service.servicePort | quote }}
-    prometheus.io/scrape: "true"
-    {{- end }}
-    {{- range $key, $value := .Values.commitServer.metrics.service.annotations }}
-    {{ $key }}: {{ $value | quote }}
-    {{- end }}
-  {{- end }}
-spec:
-  type: {{ .Values.commitServer.metrics.service.type }}
-  {{- if and .Values.commitServer.metrics.service.clusterIP (eq .Values.commitServer.metrics.service.type "ClusterIP") }}
-  clusterIP: {{ .Values.commitServer.metrics.service.clusterIP }}
-  {{- end }}
-  {{- include "argo-cd.dualStack" . | indent 2 }}
-  ports:
-  - name:  {{ .Values.commitServer.metrics.service.portName }}
-    protocol: TCP
-    port: {{ .Values.commitServer.metrics.service.servicePort }}
-    targetPort: 8087
-  selector:
-    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 4 }}
-{{- end }}
--- a/charts/argo-cd/templates/argocd-commit-server/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-commit-server/networkpolicy.yaml
@ -1,25 +0,0 @@
-{{- if and .Values.commitServer.enabled (or .Values.commitServer.networkPolicy.create .Values.global.networkPolicy.create)}}
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: {{ template "argo-cd.commitServer.fullname" . }}
-  namespace: {{ include  "argo-cd.namespace" . }}
-spec:
-  podSelector:
-    matchLabels:
-      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 6 }}
-  policyTypes:
-    - Ingress
-  ingress:
-    - from:
-        - podSelector:
-            matchLabels:
-              {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 14 }}
-      ports:
-        - protocol: TCP
-          port: 8086
-    - from:
-        - namespaceSelector: { }
-      ports:
-        - port: 8087
-{{- end }}
--- a/charts/argo-cd/templates/argocd-commit-server/service.yaml
+++ b/charts/argo-cd/templates/argocd-commit-server/service.yaml
@ -1,26 +0,0 @@
-{{- if .Values.commitServer.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "argo-cd.commitServer.fullname" . }}
-  namespace: {{ include  "argo-cd.namespace" . }}
-  labels:
-    {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 4 }}
-    {{- with .Values.commitServer.service.labels }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
-  {{- with .Values.commitServer.service.annotations }}
-  annotations:
-    {{- range $key, $value := . }}
-    {{ $key }}: {{ $value | quote }}
-    {{- end }}
-  {{- end }}
-spec:
-  ports:
-  - name: {{ .Values.commitServer.service.portName }}
-    protocol: TCP
-    port: {{ .Values.commitServer.service.port }}
-    targetPort: server
-  selector:
-    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 4 }}
-{{- end }}
--- a/charts/argo-cd/templates/argocd-commit-server/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-commit-server/serviceaccount.yaml
@ -1,19 +0,0 @@
-{{- if and .Values.commitServer.enabled .Values.commitServer.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: {{ .Values.commitServer.serviceAccount.automountServiceAccountToken }}
-metadata:
-  name: {{ include "argo-cd.commitServer.serviceAccountName" . }}
-  namespace: {{ include  "argo-cd.namespace" . }}
-  {{- with .Values.commitServer.serviceAccount.annotations }}
-  annotations:
-    {{- range $key, $value := . }}
-    {{ $key }}: {{ $value | quote }}
-    {{- end }}
-  {{- end }}
-  labels:
-    {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 4 }}
-    {{- with .Values.commitServer.serviceAccount.labels }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
-{{- end }}
--- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml
+++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml
@ -1,4 +1,3 @@
-{{- if .Values.configs.tls.create }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
@ -16,4 +15,3 @@ metadata:
 data:
  {{- toYaml . | nindent 2 }}
 {{- end }}
-{{- end }}
--- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml
+++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml
@ -22,7 +22,7 @@ stringData:
  {{- if $cluster_value.shard }}
  shard: {{ $cluster_value.shard | quote }}
  {{- end }}
-  name: {{ $cluster_key }}
+  name: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.name entry is required!" $cluster_key }}
  server: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.server entry is required!" $cluster_value.server }}
  {{- if $cluster_value.namespaces }}
  namespaces: {{ $cluster_value.namespaces }}
--- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml
@ -12,9 +12,6 @@ metadata:
  namespace: {{ include  "argo-cd.namespace" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
-    {{- with (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.notifications.deploymentLabels) }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
 spec:
  replicas: 1
  revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }}
@ -69,15 +66,11 @@ spec:
          args:
            - /usr/local/bin/argocd-notifications
            - --metrics-port={{ .Values.notifications.containerPorts.metrics }}
+            - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }}
+            - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }}
            - --namespace={{ include "argo-cd.namespace" . }}
            - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
            - --secret-name={{ .Values.notifications.secret.name }}
-            {{- with .Values.notifications.logLevel }}
-            - --loglevel={{ . }}
-            {{- end }}
-            {{- with .Values.notifications.logFormat }}
-            - --logformat={{ . }}
-            {{- end }}
            {{- range .Values.notifications.extraArgs }}
            - {{ . | squote }}
            {{- end }}
@ -97,12 +90,6 @@ spec:
                  key: notificationscontroller.log.format
                  name: argocd-cmd-params-cm
                  optional: true
-            - name: ARGOCD_LOG_FORMAT_TIMESTAMP
-              valueFrom:
-                configMapKeyRef:
-                  name: argocd-cmd-params-cm
-                  key: log.format.timestamp
-                  optional: true
            - name: ARGOCD_APPLICATION_NAMESPACES
              valueFrom:
                configMapKeyRef:
--- a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml
@ -1,4 +1,4 @@
-{{- if and .Values.notifications.enabled (or .Values.notifications.networkPolicy.create .Values.global.networkPolicy.create) .Values.notifications.metrics.enabled }}
+{{- if and .Values.notifications.enabled .Values.global.networkPolicy.create .Values.notifications.metrics.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
--- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml
@ -11,9 +11,6 @@ metadata:
  namespace: {{ include  "argo-cd.namespace" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
-    {{- with (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.repoServer.deploymentLabels) }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
 spec:
  {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.repoServer.deploymentStrategy) }}
  strategy:
@ -112,12 +109,6 @@ spec:
                name: argocd-cmd-params-cm
                key: reposerver.log.level
                optional: true
-          - name: ARGOCD_LOG_FORMAT_TIMESTAMP
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: log.format.timestamp
-                optional: true
          - name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT
            valueFrom:
              configMapKeyRef:
@ -187,11 +178,19 @@ spec:
          - name: REDIS_USERNAME
            valueFrom:
              secretKeyRef:
-                {{- include "argo-cd.redisUsernameSecretRef" . | nindent 16 }}
+                name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
+                key: redis-username
+                optional: true
          - name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
-                {{- include "argo-cd.redisPasswordSecretRef" . | nindent 16 }}
+                name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
+                {{- if .Values.externalRedis.host }}
+                key: redis-password
+                {{- else }}
+                key: auth
+                {{- end }}
+                optional: true
          - name: REDIS_SENTINEL_USERNAME
            valueFrom:
              secretKeyRef:
@ -228,12 +227,6 @@ spec:
                name: argocd-cmd-params-cm
                key: otlp.headers
                optional: true
-          - name: ARGOCD_REPO_SERVER_OTLP_ATTRS
-            valueFrom:
-                configMapKeyRef:
-                  name: argocd-cmd-params-cm
-                  key: otlp.attrs
-                  optional: true
          - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE
            valueFrom:
              configMapKeyRef:
@ -246,12 +239,6 @@ spec:
                name: argocd-cmd-params-cm
                key: reposerver.plugin.tar.exclusions
                optional: true
-          - name: ARGOCD_REPO_SERVER_PLUGIN_USE_MANIFEST_GENERATE_PATHS
-            valueFrom:
-              configMapKeyRef:
-                key: reposerver.plugin.use.manifest.generate.paths
-                name: argocd-cmd-params-cm
-                optional: true
          - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS
            valueFrom:
              configMapKeyRef:
--- a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml
@ -1,4 +1,4 @@
-{{- if or .Values.repoServer.networkPolicy.create .Values.global.networkPolicy.create }}
+{{- if .Values.global.networkPolicy.create }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
--- a/charts/argo-cd/templates/argocd-repo-server/service.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/service.yaml
@ -23,6 +23,3 @@ spec:
    targetPort: repo-server
  selector:
    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 4 }}
-  {{- if .Values.repoServer.service.trafficDistribution }}
-  trafficDistribution: {{ .Values.repoServer.service.trafficDistribution }}
-  {{- end }}
--- a/charts/argo-cd/templates/argocd-server/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-server/deployment.yaml
@ -11,9 +11,6 @@ metadata:
  namespace: {{ include  "argo-cd.namespace" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
-    {{- with (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.server.deploymentLabels) }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
 spec:
  {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.server.deploymentStrategy) }}
  strategy:
@ -249,11 +246,19 @@ spec:
          - name: REDIS_USERNAME
            valueFrom:
              secretKeyRef:
-                {{- include "argo-cd.redisUsernameSecretRef" . | nindent 16 }}
+                name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
+                key: redis-username
+                optional: true
          - name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
-                {{- include "argo-cd.redisPasswordSecretRef" . | nindent 16 }}
+                name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
+                {{- if .Values.externalRedis.host }}
+                key: redis-password
+                {{- else }}
+                key: auth
+                {{- end }}
+                optional: true
          - name: REDIS_SENTINEL_USERNAME
            valueFrom:
              secretKeyRef:
@ -308,12 +313,6 @@ spec:
                name: argocd-cmd-params-cm
                key: otlp.headers
                optional: true
-          - name: ARGOCD_SERVER_OTLP_ATTRS
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: otlp.attrs
-                optional: true
          - name: ARGOCD_APPLICATION_NAMESPACES
            valueFrom:
              configMapKeyRef:
@ -374,18 +373,6 @@ spec:
                name: argocd-cmd-params-cm
                key: applicationsetcontroller.enable.scm.providers
                optional: true
-          - name: ARGOCD_HYDRATOR_ENABLED
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: hydrator.enabled
-                optional: true
-          - name: ARGOCD_SYNC_WITH_REPLACE_ALLOWED
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: server.sync.replace.allowed
-                optional: true
        {{- with .Values.server.envFrom }}
        envFrom:
          {{- toYaml . | nindent 10 }}
--- a/charts/argo-cd/templates/argocd-server/ingress.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress.yaml
@ -9,20 +9,20 @@ metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
    {{- with .Values.server.ingress.labels }}
-      {{- tpl (toYaml .) $ | nindent 4 }}
+      {{- toYaml . | nindent 4 }}
    {{- end }}
  {{- with .Values.server.ingress.annotations }}
  annotations:
    {{- range $key, $value := . }}
-    {{ $key }}: {{ tpl (toString $value) $ | quote }}
+    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
 spec:
  {{- with .Values.server.ingress.ingressClassName }}
-  ingressClassName: {{ tpl . $ }}
+  ingressClassName: {{ . }}
  {{- end }}
  rules:
-    - host: {{ tpl (.Values.server.ingress.hostname) $ | default .Values.global.domain }}
+    - host: {{ .Values.server.ingress.hostname | default .Values.global.domain }}
      http:
        paths:
          {{- with .Values.server.ingress.extraPaths }}
@ -36,7 +36,7 @@ spec:
                port:
                  number: {{ $servicePort }}
    {{- range .Values.server.ingress.extraHosts }}
-    - host: {{ tpl .name $ | quote }}
+    - host: {{ .name | quote }}
      http:
        paths:
          - path: {{ default $.Values.server.ingress.path .path }}
@ -54,10 +54,10 @@ spec:
  tls:
    {{- if .Values.server.ingress.tls }}
    - hosts:
-      - {{ tpl (.Values.server.ingress.hostname) $ | default .Values.global.domain }}
+      - {{ .Values.server.ingress.hostname | default .Values.global.domain }}
      {{- range .Values.server.ingress.extraHosts }}
        {{- if .name }}
-      - {{ tpl .name $ }}
+      -  {{ .name }}
        {{- end }}
      {{- end }}
      secretName: argocd-server-tls
--- a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml
@ -1,4 +1,4 @@
-{{- if or .Values.server.networkPolicy.create .Values.global.networkPolicy.create }}
+{{- if .Values.global.networkPolicy.create }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
--- a/charts/argo-cd/templates/crds/crd-application.yaml
+++ b/charts/argo-cd/templates/crds/crd-application.yaml
@ -319,14 +319,6 @@ spec:
                            description: SkipCrds skips custom resource definition
                              installation step (Helm's --skip-crds)
                            type: boolean
-                          skipSchemaValidation:
-                            description: SkipSchemaValidation skips JSON schema validation
-                              (Helm's --skip-schema-validation)
-                            type: boolean
-                          skipTests:
-                            description: SkipTests skips test manifest installation
-                              step (Helm's --skip-tests).
-                            type: boolean
                          valueFiles:
                            description: ValuesFiles is a list of Helm value files
                              to use when generating a template
@ -390,11 +382,6 @@ spec:
                            description: ForceCommonLabels specifies whether to force
                              applying common labels to resources for Kustomize apps
                            type: boolean
-                          ignoreMissingComponents:
-                            description: IgnoreMissingComponents prevents kustomize
-                              from failing when components do not exist locally by
-                              not appending them to kustomization file
-                            type: boolean
                          images:
                            description: Images is a list of Kustomize image override
                              specifications
@ -408,10 +395,6 @@ spec:
                              KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                              uses the Kubernetes version of the target cluster.
                            type: string
-                          labelIncludeTemplates:
-                            description: LabelIncludeTemplates specifies whether to
-                              apply common labels to resource templates or not
-                            type: boolean
                          labelWithoutSelector:
                            description: LabelWithoutSelector specifies whether to
                              apply common labels to resource selectors or not
@ -483,10 +466,6 @@ spec:
                              to use for rendering manifests
                            type: string
                        type: object
-                      name:
-                        description: Name is used to refer to a source and is displayed
-                          in the UI. It is used in multi-source Applications.
-                        type: string
                      path:
                        description: Path is a directory path within the Git repository,
                          and is only valid for applications sourced from Git.
@ -706,14 +685,6 @@ spec:
                              description: SkipCrds skips custom resource definition
                                installation step (Helm's --skip-crds)
                              type: boolean
-                            skipSchemaValidation:
-                              description: SkipSchemaValidation skips JSON schema
-                                validation (Helm's --skip-schema-validation)
-                              type: boolean
-                            skipTests:
-                              description: SkipTests skips test manifest installation
-                                step (Helm's --skip-tests).
-                              type: boolean
                            valueFiles:
                              description: ValuesFiles is a list of Helm value files
                                to use when generating a template
@ -779,11 +750,6 @@ spec:
                                force applying common labels to resources for Kustomize
                                apps
                              type: boolean
-                            ignoreMissingComponents:
-                              description: IgnoreMissingComponents prevents kustomize
-                                from failing when components do not exist locally
-                                by not appending them to kustomization file
-                              type: boolean
                            images:
                              description: Images is a list of Kustomize image override
                                specifications
@ -797,10 +763,6 @@ spec:
                                KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                                uses the Kubernetes version of the target cluster.
                              type: string
-                            labelIncludeTemplates:
-                              description: LabelIncludeTemplates specifies whether
-                                to apply common labels to resource templates or not
-                              type: boolean
                            labelWithoutSelector:
                              description: LabelWithoutSelector specifies whether
                                to apply common labels to resource selectors or not
@ -872,10 +834,6 @@ spec:
                                to use for rendering manifests
                              type: string
                          type: object
-                        name:
-                          description: Name is used to refer to a source and is displayed
-                            in the UI. It is used in multi-source Applications.
-                          type: string
                        path:
                          description: Path is a directory path within the Git repository,
                            and is only valid for applications sourced from Git.
@ -1208,14 +1166,6 @@ spec:
                        description: SkipCrds skips custom resource definition installation
                          step (Helm's --skip-crds)
                        type: boolean
-                      skipSchemaValidation:
-                        description: SkipSchemaValidation skips JSON schema validation
-                          (Helm's --skip-schema-validation)
-                        type: boolean
-                      skipTests:
-                        description: SkipTests skips test manifest installation step
-                          (Helm's --skip-tests).
-                        type: boolean
                      valueFiles:
                        description: ValuesFiles is a list of Helm value files to
                          use when generating a template
@ -1278,11 +1228,6 @@ spec:
                        description: ForceCommonLabels specifies whether to force
                          applying common labels to resources for Kustomize apps
                        type: boolean
-                      ignoreMissingComponents:
-                        description: IgnoreMissingComponents prevents kustomize from
-                          failing when components do not exist locally by not appending
-                          them to kustomization file
-                        type: boolean
                      images:
                        description: Images is a list of Kustomize image override
                          specifications
@ -1296,10 +1241,6 @@ spec:
                          KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                          uses the Kubernetes version of the target cluster.
                        type: string
-                      labelIncludeTemplates:
-                        description: LabelIncludeTemplates specifies whether to apply
-                          common labels to resource templates or not
-                        type: boolean
                      labelWithoutSelector:
                        description: LabelWithoutSelector specifies whether to apply
                          common labels to resource selectors or not
@ -1371,10 +1312,6 @@ spec:
                          use for rendering manifests
                        type: string
                    type: object
-                  name:
-                    description: Name is used to refer to a source and is displayed
-                      in the UI. It is used in multi-source Applications.
-                    type: string
                  path:
                    description: Path is a directory path within the Git repository,
                      and is only valid for applications sourced from Git.
@ -1441,64 +1378,6 @@ spec:
                required:
                - repoURL
                type: object
-              sourceHydrator:
-                description: SourceHydrator provides a way to push hydrated manifests
-                  back to git before syncing them to the cluster.
-                properties:
-                  drySource:
-                    description: DrySource specifies where the dry "don't repeat yourself"
-                      manifest source lives.
-                    properties:
-                      path:
-                        description: Path is a directory path within the Git repository
-                          where the manifests are located
-                        type: string
-                      repoURL:
-                        description: RepoURL is the URL to the git repository that
-                          contains the application manifests
-                        type: string
-                      targetRevision:
-                        description: TargetRevision defines the revision of the source
-                          to hydrate
-                        type: string
-                    required:
-                    - path
-                    - repoURL
-                    - targetRevision
-                    type: object
-                  hydrateTo:
-                    description: |-
-                      HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then
-                      have to move manifests to the SyncSource, e.g. by pull request.
-                    properties:
-                      targetBranch:
-                        description: TargetBranch is the branch to which hydrated
-                          manifests should be committed
-                        type: string
-                    required:
-                    - targetBranch
-                    type: object
-                  syncSource:
-                    description: SyncSource specifies where to sync hydrated manifests
-                      from.
-                    properties:
-                      path:
-                        description: |-
-                          Path is a directory path within the git repository where hydrated manifests should be committed to and synced
-                          from. If hydrateTo is set, this is just the path from which hydrated manifests will be synced.
-                        type: string
-                      targetBranch:
-                        description: TargetBranch is the branch to which hydrated
-                          manifests should be committed
-                        type: string
-                    required:
-                    - path
-                    - targetBranch
-                    type: object
-                required:
-                - drySource
-                - syncSource
-                type: object
              sources:
                description: Sources is a reference to the location of the application's
                  manifests or chart
@ -1644,14 +1523,6 @@ spec:
                          description: SkipCrds skips custom resource definition installation
                            step (Helm's --skip-crds)
                          type: boolean
-                        skipSchemaValidation:
-                          description: SkipSchemaValidation skips JSON schema validation
-                            (Helm's --skip-schema-validation)
-                          type: boolean
-                        skipTests:
-                          description: SkipTests skips test manifest installation
-                            step (Helm's --skip-tests).
-                          type: boolean
                        valueFiles:
                          description: ValuesFiles is a list of Helm value files to
                            use when generating a template
@ -1715,11 +1586,6 @@ spec:
                          description: ForceCommonLabels specifies whether to force
                            applying common labels to resources for Kustomize apps
                          type: boolean
-                        ignoreMissingComponents:
-                          description: IgnoreMissingComponents prevents kustomize
-                            from failing when components do not exist locally by not
-                            appending them to kustomization file
-                          type: boolean
                        images:
                          description: Images is a list of Kustomize image override
                            specifications
@ -1733,10 +1599,6 @@ spec:
                            KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                            uses the Kubernetes version of the target cluster.
                          type: string
-                        labelIncludeTemplates:
-                          description: LabelIncludeTemplates specifies whether to
-                            apply common labels to resource templates or not
-                          type: boolean
                        labelWithoutSelector:
                          description: LabelWithoutSelector specifies whether to apply
                            common labels to resource selectors or not
@ -1808,10 +1670,6 @@ spec:
                            to use for rendering manifests
                          type: string
                      type: object
-                    name:
-                      description: Name is used to refer to a source and is displayed
-                        in the UI. It is used in multi-source Applications.
-                      type: string
                    path:
                      description: Path is a directory path within the Git repository,
                        and is only valid for applications sourced from Git.
@ -1893,10 +1751,6 @@ spec:
                        description: 'AllowEmpty allows apps have zero live resources
                          (default: false)'
                        type: boolean
-                      enabled:
-                        description: Enable allows apps to explicitly control automated
-                          sync
-                        type: boolean
                      prune:
                        description: 'Prune specifies whether to delete resources
                          from the cluster that are not found in the sources anymore
@ -1994,11 +1848,6 @@ spec:
                description: Health contains information about the application's current
                  health status
                properties:
-                  lastTransitionTime:
-                    description: LastTransitionTime is the time the HealthStatus was
-                      set or updated
-                    format: date-time
-                    type: string
                  message:
                    description: Message is a human-readable informational message
                      describing the health status
@ -2196,14 +2045,6 @@ spec:
                              description: SkipCrds skips custom resource definition
                                installation step (Helm's --skip-crds)
                              type: boolean
-                            skipSchemaValidation:
-                              description: SkipSchemaValidation skips JSON schema
-                                validation (Helm's --skip-schema-validation)
-                              type: boolean
-                            skipTests:
-                              description: SkipTests skips test manifest installation
-                                step (Helm's --skip-tests).
-                              type: boolean
                            valueFiles:
                              description: ValuesFiles is a list of Helm value files
                                to use when generating a template
@ -2269,11 +2110,6 @@ spec:
                                force applying common labels to resources for Kustomize
                                apps
                              type: boolean
-                            ignoreMissingComponents:
-                              description: IgnoreMissingComponents prevents kustomize
-                                from failing when components do not exist locally
-                                by not appending them to kustomization file
-                              type: boolean
                            images:
                              description: Images is a list of Kustomize image override
                                specifications
@ -2287,10 +2123,6 @@ spec:
                                KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                                uses the Kubernetes version of the target cluster.
                              type: string
-                            labelIncludeTemplates:
-                              description: LabelIncludeTemplates specifies whether
-                                to apply common labels to resource templates or not
-                              type: boolean
                            labelWithoutSelector:
                              description: LabelWithoutSelector specifies whether
                                to apply common labels to resource selectors or not
@ -2362,10 +2194,6 @@ spec:
                                to use for rendering manifests
                              type: string
                          type: object
-                        name:
-                          description: Name is used to refer to a source and is displayed
-                            in the UI. It is used in multi-source Applications.
-                          type: string
                        path:
                          description: Path is a directory path within the Git repository,
                            and is only valid for applications sourced from Git.
@ -2586,14 +2414,6 @@ spec:
                                description: SkipCrds skips custom resource definition
                                  installation step (Helm's --skip-crds)
                                type: boolean
-                              skipSchemaValidation:
-                                description: SkipSchemaValidation skips JSON schema
-                                  validation (Helm's --skip-schema-validation)
-                                type: boolean
-                              skipTests:
-                                description: SkipTests skips test manifest installation
-                                  step (Helm's --skip-tests).
-                                type: boolean
                              valueFiles:
                                description: ValuesFiles is a list of Helm value files
                                  to use when generating a template
@ -2660,11 +2480,6 @@ spec:
                                  force applying common labels to resources for Kustomize
                                  apps
                                type: boolean
-                              ignoreMissingComponents:
-                                description: IgnoreMissingComponents prevents kustomize
-                                  from failing when components do not exist locally
-                                  by not appending them to kustomization file
-                                type: boolean
                              images:
                                description: Images is a list of Kustomize image override
                                  specifications
@ -2678,11 +2493,6 @@ spec:
                                  KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                                  uses the Kubernetes version of the target cluster.
                                type: string
-                              labelIncludeTemplates:
-                                description: LabelIncludeTemplates specifies whether
-                                  to apply common labels to resource templates or
-                                  not
-                                type: boolean
                              labelWithoutSelector:
                                description: LabelWithoutSelector specifies whether
                                  to apply common labels to resource selectors or
@ -2755,10 +2565,6 @@ spec:
                                  to use for rendering manifests
                                type: string
                            type: object
-                          name:
-                            description: Name is used to refer to a source and is
-                              displayed in the UI. It is used in multi-source Applications.
-                            type: string
                          path:
                            description: Path is a directory path within the Git repository,
                              and is only valid for applications sourced from Git.
@ -3127,14 +2933,6 @@ spec:
                                    description: SkipCrds skips custom resource definition
                                      installation step (Helm's --skip-crds)
                                    type: boolean
-                                  skipSchemaValidation:
-                                    description: SkipSchemaValidation skips JSON schema
-                                      validation (Helm's --skip-schema-validation)
-                                    type: boolean
-                                  skipTests:
-                                    description: SkipTests skips test manifest installation
-                                      step (Helm's --skip-tests).
-                                    type: boolean
                                  valueFiles:
                                    description: ValuesFiles is a list of Helm value
                                      files to use when generating a template
@ -3202,12 +3000,6 @@ spec:
                                      to force applying common labels to resources
                                      for Kustomize apps
                                    type: boolean
-                                  ignoreMissingComponents:
-                                    description: IgnoreMissingComponents prevents
-                                      kustomize from failing when components do not
-                                      exist locally by not appending them to kustomization
-                                      file
-                                    type: boolean
                                  images:
                                    description: Images is a list of Kustomize image
                                      override specifications
@ -3221,11 +3013,6 @@ spec:
                                      KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                                      uses the Kubernetes version of the target cluster.
                                    type: string
-                                  labelIncludeTemplates:
-                                    description: LabelIncludeTemplates specifies whether
-                                      to apply common labels to resource templates
-                                      or not
-                                    type: boolean
                                  labelWithoutSelector:
                                    description: LabelWithoutSelector specifies whether
                                      to apply common labels to resource selectors
@ -3298,11 +3085,6 @@ spec:
                                      Kustomize to use for rendering manifests
                                    type: string
                                type: object
-                              name:
-                                description: Name is used to refer to a source and
-                                  is displayed in the UI. It is used in multi-source
-                                  Applications.
-                                type: string
                              path:
                                description: Path is a directory path within the Git
                                  repository, and is only valid for applications sourced
@ -3538,14 +3320,6 @@ spec:
                                      description: SkipCrds skips custom resource
                                        definition installation step (Helm's --skip-crds)
                                      type: boolean
-                                    skipSchemaValidation:
-                                      description: SkipSchemaValidation skips JSON
-                                        schema validation (Helm's --skip-schema-validation)
-                                      type: boolean
-                                    skipTests:
-                                      description: SkipTests skips test manifest installation
-                                        step (Helm's --skip-tests).
-                                      type: boolean
                                    valueFiles:
                                      description: ValuesFiles is a list of Helm value
                                        files to use when generating a template
@ -3615,12 +3389,6 @@ spec:
                                        to force applying common labels to resources
                                        for Kustomize apps
                                      type: boolean
-                                    ignoreMissingComponents:
-                                      description: IgnoreMissingComponents prevents
-                                        kustomize from failing when components do
-                                        not exist locally by not appending them to
-                                        kustomization file
-                                      type: boolean
                                    images:
                                      description: Images is a list of Kustomize image
                                        override specifications
@ -3634,11 +3402,6 @@ spec:
                                        KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                                        uses the Kubernetes version of the target cluster.
                                      type: string
-                                    labelIncludeTemplates:
-                                      description: LabelIncludeTemplates specifies
-                                        whether to apply common labels to resource
-                                        templates or not
-                                      type: boolean
                                    labelWithoutSelector:
                                      description: LabelWithoutSelector specifies
                                        whether to apply common labels to resource
@ -3712,11 +3475,6 @@ spec:
                                        of Kustomize to use for rendering manifests
                                      type: string
                                  type: object
-                                name:
-                                  description: Name is used to refer to a source and
-                                    is displayed in the UI. It is used in multi-source
-                                    Applications.
-                                  type: string
                                path:
                                  description: Path is a directory path within the
                                    Git repository, and is only valid for applications
@ -4066,14 +3824,6 @@ spec:
                                description: SkipCrds skips custom resource definition
                                  installation step (Helm's --skip-crds)
                                type: boolean
-                              skipSchemaValidation:
-                                description: SkipSchemaValidation skips JSON schema
-                                  validation (Helm's --skip-schema-validation)
-                                type: boolean
-                              skipTests:
-                                description: SkipTests skips test manifest installation
-                                  step (Helm's --skip-tests).
-                                type: boolean
                              valueFiles:
                                description: ValuesFiles is a list of Helm value files
                                  to use when generating a template
@ -4140,11 +3890,6 @@ spec:
                                  force applying common labels to resources for Kustomize
                                  apps
                                type: boolean
-                              ignoreMissingComponents:
-                                description: IgnoreMissingComponents prevents kustomize
-                                  from failing when components do not exist locally
-                                  by not appending them to kustomization file
-                                type: boolean
                              images:
                                description: Images is a list of Kustomize image override
                                  specifications
@ -4158,11 +3903,6 @@ spec:
                                  KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                                  uses the Kubernetes version of the target cluster.
                                type: string
-                              labelIncludeTemplates:
-                                description: LabelIncludeTemplates specifies whether
-                                  to apply common labels to resource templates or
-                                  not
-                                type: boolean
                              labelWithoutSelector:
                                description: LabelWithoutSelector specifies whether
                                  to apply common labels to resource selectors or
@ -4235,10 +3975,6 @@ spec:
                                  to use for rendering manifests
                                type: string
                            type: object
-                          name:
-                            description: Name is used to refer to a source and is
-                              displayed in the UI. It is used in multi-source Applications.
-                            type: string
                          path:
                            description: Path is a directory path within the Git repository,
                              and is only valid for applications sourced from Git.
@ -4469,14 +4205,6 @@ spec:
                                  description: SkipCrds skips custom resource definition
                                    installation step (Helm's --skip-crds)
                                  type: boolean
-                                skipSchemaValidation:
-                                  description: SkipSchemaValidation skips JSON schema
-                                    validation (Helm's --skip-schema-validation)
-                                  type: boolean
-                                skipTests:
-                                  description: SkipTests skips test manifest installation
-                                    step (Helm's --skip-tests).
-                                  type: boolean
                                valueFiles:
                                  description: ValuesFiles is a list of Helm value
                                    files to use when generating a template
@ -4544,11 +4272,6 @@ spec:
                                    to force applying common labels to resources for
                                    Kustomize apps
                                  type: boolean
-                                ignoreMissingComponents:
-                                  description: IgnoreMissingComponents prevents kustomize
-                                    from failing when components do not exist locally
-                                    by not appending them to kustomization file
-                                  type: boolean
                                images:
                                  description: Images is a list of Kustomize image
                                    override specifications
@ -4562,11 +4285,6 @@ spec:
                                    KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                                    uses the Kubernetes version of the target cluster.
                                  type: string
-                                labelIncludeTemplates:
-                                  description: LabelIncludeTemplates specifies whether
-                                    to apply common labels to resource templates or
-                                    not
-                                  type: boolean
                                labelWithoutSelector:
                                  description: LabelWithoutSelector specifies whether
                                    to apply common labels to resource selectors or
@ -4639,10 +4357,6 @@ spec:
                                    to use for rendering manifests
                                  type: string
                              type: object
-                            name:
-                              description: Name is used to refer to a source and is
-                                displayed in the UI. It is used in multi-source Applications.
-                              type: string
                            path:
                              description: Path is a directory path within the Git
                                repository, and is only valid for applications sourced
@ -4739,22 +4453,16 @@ spec:
                description: Resources is a list of Kubernetes resources managed by
                  this application
                items:
-                  description: ResourceStatus holds the current synchronization and
-                    health status of a Kubernetes resource.
+                  description: |-
+                    ResourceStatus holds the current sync and health status of a resource
+                    TODO: describe members of this type
                  properties:
                    group:
-                      description: Group represents the API group of the resource
-                        (e.g., "apps" for Deployments).
                      type: string
                    health:
-                      description: Health indicates the health status of the resource
-                        (e.g., Healthy, Degraded, Progressing).
+                      description: HealthStatus contains information about the currently
+                        observed health state of an application or resource
                      properties:
-                        lastTransitionTime:
-                          description: LastTransitionTime is the time the HealthStatus
-                            was set or updated
-                          format: date-time
-                          type: string
                        message:
                          description: Message is a human-readable informational message
                            describing the health status
@ -4765,216 +4473,26 @@ spec:
                          type: string
                      type: object
                    hook:
-                      description: Hook is true if the resource is used as a lifecycle
-                        hook in an Argo CD application.
                      type: boolean
                    kind:
-                      description: Kind specifies the type of the resource (e.g.,
-                        "Deployment", "Service").
                      type: string
                    name:
-                      description: Name is the unique name of the resource within
-                        the namespace.
                      type: string
                    namespace:
-                      description: Namespace defines the Kubernetes namespace where
-                        the resource is located.
                      type: string
-                    requiresDeletionConfirmation:
-                      description: RequiresDeletionConfirmation is true if the resource
-                        requires explicit user confirmation before deletion.
-                      type: boolean
                    requiresPruning:
-                      description: RequiresPruning is true if the resource needs to
-                        be pruned (deleted) as part of synchronization.
                      type: boolean
                    status:
-                      description: Status represents the synchronization state of
-                        the resource (e.g., Synced, OutOfSync).
+                      description: SyncStatusCode is a type which represents possible
+                        comparison results
                      type: string
                    syncWave:
-                      description: |-
-                        SyncWave determines the order in which resources are applied during a sync operation.
-                        Lower values are applied first.
                      format: int64
                      type: integer
                    version:
-                      description: Version indicates the API version of the resource
-                        (e.g., "v1", "v1beta1").
                      type: string
                  type: object
                type: array
-              sourceHydrator:
-                description: SourceHydrator stores information about the current state
-                  of source hydration
-                properties:
-                  currentOperation:
-                    description: CurrentOperation holds the status of the hydrate
-                      operation
-                    properties:
-                      drySHA:
-                        description: DrySHA holds the resolved revision (sha) of the
-                          dry source as of the most recent reconciliation
-                        type: string
-                      finishedAt:
-                        description: FinishedAt indicates when the hydrate operation
-                          finished
-                        format: date-time
-                        type: string
-                      hydratedSHA:
-                        description: HydratedSHA holds the resolved revision (sha)
-                          of the hydrated source as of the most recent reconciliation
-                        type: string
-                      message:
-                        description: Message contains a message describing the current
-                          status of the hydrate operation
-                        type: string
-                      phase:
-                        description: Phase indicates the status of the hydrate operation
-                        enum:
-                        - Hydrating
-                        - Failed
-                        - Hydrated
-                        type: string
-                      sourceHydrator:
-                        description: SourceHydrator holds the hydrator config used
-                          for the hydrate operation
-                        properties:
-                          drySource:
-                            description: DrySource specifies where the dry "don't
-                              repeat yourself" manifest source lives.
-                            properties:
-                              path:
-                                description: Path is a directory path within the Git
-                                  repository where the manifests are located
-                                type: string
-                              repoURL:
-                                description: RepoURL is the URL to the git repository
-                                  that contains the application manifests
-                                type: string
-                              targetRevision:
-                                description: TargetRevision defines the revision of
-                                  the source to hydrate
-                                type: string
-                            required:
-                            - path
-                            - repoURL
-                            - targetRevision
-                            type: object
-                          hydrateTo:
-                            description: |-
-                              HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then
-                              have to move manifests to the SyncSource, e.g. by pull request.
-                            properties:
-                              targetBranch:
-                                description: TargetBranch is the branch to which hydrated
-                                  manifests should be committed
-                                type: string
-                            required:
-                            - targetBranch
-                            type: object
-                          syncSource:
-                            description: SyncSource specifies where to sync hydrated
-                              manifests from.
-                            properties:
-                              path:
-                                description: |-
-                                  Path is a directory path within the git repository where hydrated manifests should be committed to and synced
-                                  from. If hydrateTo is set, this is just the path from which hydrated manifests will be synced.
-                                type: string
-                              targetBranch:
-                                description: TargetBranch is the branch to which hydrated
-                                  manifests should be committed
-                                type: string
-                            required:
-                            - path
-                            - targetBranch
-                            type: object
-                        required:
-                        - drySource
-                        - syncSource
-                        type: object
-                      startedAt:
-                        description: StartedAt indicates when the hydrate operation
-                          started
-                        format: date-time
-                        type: string
-                    required:
-                    - message
-                    - phase
-                    type: object
-                  lastSuccessfulOperation:
-                    description: LastSuccessfulOperation holds info about the most
-                      recent successful hydration
-                    properties:
-                      drySHA:
-                        description: DrySHA holds the resolved revision (sha) of the
-                          dry source as of the most recent reconciliation
-                        type: string
-                      hydratedSHA:
-                        description: HydratedSHA holds the resolved revision (sha)
-                          of the hydrated source as of the most recent reconciliation
-                        type: string
-                      sourceHydrator:
-                        description: SourceHydrator holds the hydrator config used
-                          for the hydrate operation
-                        properties:
-                          drySource:
-                            description: DrySource specifies where the dry "don't
-                              repeat yourself" manifest source lives.
-                            properties:
-                              path:
-                                description: Path is a directory path within the Git
-                                  repository where the manifests are located
-                                type: string
-                              repoURL:
-                                description: RepoURL is the URL to the git repository
-                                  that contains the application manifests
-                                type: string
-                              targetRevision:
-                                description: TargetRevision defines the revision of
-                                  the source to hydrate
-                                type: string
-                            required:
-                            - path
-                            - repoURL
-                            - targetRevision
-                            type: object
-                          hydrateTo:
-                            description: |-
-                              HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then
-                              have to move manifests to the SyncSource, e.g. by pull request.
-                            properties:
-                              targetBranch:
-                                description: TargetBranch is the branch to which hydrated
-                                  manifests should be committed
-                                type: string
-                            required:
-                            - targetBranch
-                            type: object
-                          syncSource:
-                            description: SyncSource specifies where to sync hydrated
-                              manifests from.
-                            properties:
-                              path:
-                                description: |-
-                                  Path is a directory path within the git repository where hydrated manifests should be committed to and synced
-                                  from. If hydrateTo is set, this is just the path from which hydrated manifests will be synced.
-                                type: string
-                              targetBranch:
-                                description: TargetBranch is the branch to which hydrated
-                                  manifests should be committed
-                                type: string
-                            required:
-                            - path
-                            - targetBranch
-                            type: object
-                        required:
-                        - drySource
-                        - syncSource
-                        type: object
-                    type: object
-                type: object
              sourceType:
                description: SourceType specifies the type of this application
                type: string
@ -5212,14 +4730,6 @@ spec:
                                description: SkipCrds skips custom resource definition
                                  installation step (Helm's --skip-crds)
                                type: boolean
-                              skipSchemaValidation:
-                                description: SkipSchemaValidation skips JSON schema
-                                  validation (Helm's --skip-schema-validation)
-                                type: boolean
-                              skipTests:
-                                description: SkipTests skips test manifest installation
-                                  step (Helm's --skip-tests).
-                                type: boolean
                              valueFiles:
                                description: ValuesFiles is a list of Helm value files
                                  to use when generating a template
@ -5286,11 +4796,6 @@ spec:
                                  force applying common labels to resources for Kustomize
                                  apps
                                type: boolean
-                              ignoreMissingComponents:
-                                description: IgnoreMissingComponents prevents kustomize
-                                  from failing when components do not exist locally
-                                  by not appending them to kustomization file
-                                type: boolean
                              images:
                                description: Images is a list of Kustomize image override
                                  specifications
@ -5304,11 +4809,6 @@ spec:
                                  KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                                  uses the Kubernetes version of the target cluster.
                                type: string
-                              labelIncludeTemplates:
-                                description: LabelIncludeTemplates specifies whether
-                                  to apply common labels to resource templates or
-                                  not
-                                type: boolean
                              labelWithoutSelector:
                                description: LabelWithoutSelector specifies whether
                                  to apply common labels to resource selectors or
@ -5381,10 +4881,6 @@ spec:
                                  to use for rendering manifests
                                type: string
                            type: object
-                          name:
-                            description: Name is used to refer to a source and is
-                              displayed in the UI. It is used in multi-source Applications.
-                            type: string
                          path:
                            description: Path is a directory path within the Git repository,
                              and is only valid for applications sourced from Git.
@ -5615,14 +5111,6 @@ spec:
                                  description: SkipCrds skips custom resource definition
                                    installation step (Helm's --skip-crds)
                                  type: boolean
-                                skipSchemaValidation:
-                                  description: SkipSchemaValidation skips JSON schema
-                                    validation (Helm's --skip-schema-validation)
-                                  type: boolean
-                                skipTests:
-                                  description: SkipTests skips test manifest installation
-                                    step (Helm's --skip-tests).
-                                  type: boolean
                                valueFiles:
                                  description: ValuesFiles is a list of Helm value
                                    files to use when generating a template
@ -5690,11 +5178,6 @@ spec:
                                    to force applying common labels to resources for
                                    Kustomize apps
                                  type: boolean
-                                ignoreMissingComponents:
-                                  description: IgnoreMissingComponents prevents kustomize
-                                    from failing when components do not exist locally
-                                    by not appending them to kustomization file
-                                  type: boolean
                                images:
                                  description: Images is a list of Kustomize image
                                    override specifications
@ -5708,11 +5191,6 @@ spec:
                                    KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD
                                    uses the Kubernetes version of the target cluster.
                                  type: string
-                                labelIncludeTemplates:
-                                  description: LabelIncludeTemplates specifies whether
-                                    to apply common labels to resource templates or
-                                    not
-                                  type: boolean
                                labelWithoutSelector:
                                  description: LabelWithoutSelector specifies whether
                                    to apply common labels to resource selectors or
@ -5785,10 +5263,6 @@ spec:
                                    to use for rendering manifests
                                  type: string
                              type: object
-                            name:
-                              description: Name is used to refer to a source and is
-                                displayed in the UI. It is used in multi-source Applications.
-                              type: string
                            path:
                              description: Path is a directory path within the Git
                                repository, and is only valid for applications sourced
--- a/charts/argo-cd/templates/crds/crd-applicationset.yaml
+++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml
--- a/charts/argo-cd/templates/crds/crd-project.yaml
+++ b/charts/argo-cd/templates/crds/crd-project.yaml
@ -289,10 +289,6 @@ spec:
                  description: SyncWindow contains the kind, time, duration and attributes
                    that are used to assign the syncWindows to apps
                  properties:
-                    andOperator:
-                      description: UseAndOperator use AND operator for matching applications,
-                        namespaces and clusters instead of the default OR operator
-                      type: boolean
                    applications:
                      description: Applications contains a list of applications that
                        the window will apply to
--- a/charts/argo-cd/templates/dex/deployment.yaml
+++ b/charts/argo-cd/templates/dex/deployment.yaml
@ -12,9 +12,6 @@ metadata:
  namespace: {{ include  "argo-cd.namespace" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }}
-    {{- with (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.dex.deploymentLabels) }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
 spec:
  {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.dex.deploymentStrategy) }}
  strategy:
@ -75,12 +72,8 @@ spec:
        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.image.imagePullPolicy }}
        command:
        - /shared/argocd-dex
-        {{- with .Values.dex.logLevel }}
-        - --loglevel={{ . }}
-        {{- end }}
-        {{- with .Values.dex.logFormat }}
-        - --logformat={{ . }}
-        {{- end }}
+        - --logformat={{ default .Values.global.logging.format .Values.dex.logFormat }}
+        - --loglevel={{ default .Values.global.logging.level .Values.dex.logLevel }}
        args:
        - rundex
        {{- with .Values.dex.extraArgs }}
@ -102,12 +95,6 @@ spec:
                key: dexserver.log.level
                name: argocd-cmd-params-cm
                optional: true
-          - name: ARGOCD_LOG_FORMAT_TIMESTAMP
-            valueFrom:
-              configMapKeyRef:
-                name: argocd-cmd-params-cm
-                key: log.format.timestamp
-                optional: true
          - name: ARGOCD_DEX_SERVER_DISABLE_TLS
            valueFrom:
              configMapKeyRef:
--- a/charts/argo-cd/templates/dex/networkpolicy.yaml
+++ b/charts/argo-cd/templates/dex/networkpolicy.yaml
@ -1,4 +1,4 @@
-{{- if and (or .Values.dex.networkPolicy.create .Values.global.networkPolicy.create) .Values.dex.enabled }}
+{{- if and .Values.global.networkPolicy.create .Values.dex.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
--- a/charts/argo-cd/templates/dex/servicemonitor.yaml
+++ b/charts/argo-cd/templates/dex/servicemonitor.yaml
@ -1,4 +1,4 @@
-{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.dex.enabled .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }}
+{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }}
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
--- a/charts/argo-cd/templates/redis/deployment.yaml
+++ b/charts/argo-cd/templates/redis/deployment.yaml
@ -13,9 +13,6 @@ metadata:
  namespace: {{ include  "argo-cd.namespace" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }}
-    {{- with (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.redis.deploymentLabels) }}
-      {{- toYaml . | nindent 4 }}
-    {{- end }}
 spec:
  replicas: 1
  revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }}
--- a/charts/argo-cd/templates/redis/networkpolicy.yaml
+++ b/charts/argo-cd/templates/redis/networkpolicy.yaml
@ -1,5 +1,5 @@
 {{- $redisHa := (index .Values "redis-ha") -}}
-{{- if and (or .Values.redis.networkPolicy.create .Values.global.networkPolicy.create) .Values.redis.enabled (not $redisHa.enabled) }}
+{{- if and .Values.global.networkPolicy.create .Values.redis.enabled (not $redisHa.enabled) }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@ -35,7 +35,7 @@ crds:
  keep: true
  # -- Annotations to be added to all CRDs
  annotations: {}
-  # -- Additional labels to be added to all CRDs
+  # -- Addtional labels to be added to all CRDs
  additionalLabels: {}

 ## Globally shared configuration
@ -79,9 +79,6 @@ global:
  # -- Annotations for the all deployed Deployments
  deploymentAnnotations: {}

-  # -- Labels for the all deployed Deployments
-  deploymentLabels: {}
-
  # -- Annotations for the all deployed pods
  podAnnotations: {}

@ -122,8 +119,7 @@ global:
  priorityClassName: ""

  # -- Default node selector for all components
-  nodeSelector:
-    kubernetes.io/os: linux
+  nodeSelector: {}

  # -- Default tolerations for all components
  tolerations: []
@ -167,7 +163,7 @@ global:

 ## Argo Configs
 configs:
-  # General Argo CD configuration. Any values you put under `.configs.cm` are passed to argocd-cm ConfigMap.
+  # General Argo CD configuration
  ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml
  cm:
    # -- Create the argocd-cm configmap for [declarative setup]
@ -179,10 +175,6 @@ configs:
    # -- The name of tracking label used by Argo CD for resource pruning
    application.instanceLabelKey: argocd.argoproj.io/instance

-    # -- Enable control of the service account used for the sync operation (alpha)
-    ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-sync-using-impersonation/
-    application.sync.impersonation.enabled: false
-
    # -- Enable logs RBAC enforcement
    ## Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement
    server.rbac.log.enforce.enable: false
@ -255,131 +247,6 @@ configs:
    #           name: some-cluster
    #           server: https://some-cluster

-    ## Default configuration for ignoreResourceUpdates.
-    ## The ignoreResourceUpdates list contains K8s resource's properties that are known to be frequently updated
-    ## by controllers and operators. These resources, when watched by argo, will cause many unnecessary updates.
-
-    # -- Ignoring status for all resources. An update will still be sent if the status update causes the health to change.
-    # @default -- See [values.yaml]
-    resource.customizations.ignoreResourceUpdates.all: |
-      jsonPointers:
-        - /status
-    # -- Some Application fields are generated and not related to the application updates itself
-    ## The Application itself is already watched by the controller lister, but this configuration is applied for apps of apps
-    # @default -- See [values.yaml]
-    resource.customizations.ignoreResourceUpdates.argoproj.io_Application: |
-      jqPathExpressions:
-        - '.metadata.annotations."notified.notifications.argoproj.io"'
-        - '.metadata.annotations."argocd.argoproj.io/refresh"'
-        - '.metadata.annotations."argocd.argoproj.io/hydrate"'
-        - '.operation'
-    # -- Ignore Argo Rollouts generated fields
-    # @default -- See [values.yaml]
-    resource.customizations.ignoreResourceUpdates.argoproj.io_Rollout: |
-      jqPathExpressions:
-        - '.metadata.annotations."notified.notifications.argoproj.io"'
-    # -- Legacy annotations used on HPA autoscaling/v1
-    # @default -- See [values.yaml]
-    resource.customizations.ignoreResourceUpdates.autoscaling_HorizontalPodAutoscaler: |
-      jqPathExpressions:
-        - '.metadata.annotations."autoscaling.alpha.kubernetes.io/behavior"'
-        - '.metadata.annotations."autoscaling.alpha.kubernetes.io/conditions"'
-        - '.metadata.annotations."autoscaling.alpha.kubernetes.io/metrics"'
-        - '.metadata.annotations."autoscaling.alpha.kubernetes.io/current-metrics"'
-    # -- Ignore the cluster-autoscaler status
-    # @default -- See [values.yaml]
-    resource.customizations.ignoreResourceUpdates.ConfigMap: |
-      jqPathExpressions:
-        # Ignore the cluster-autoscaler status
-        - '.metadata.annotations."cluster-autoscaler.kubernetes.io/last-updated"'
-        # Ignore the annotation of the legacy Leases election
-        - '.metadata.annotations."control-plane.alpha.kubernetes.io/leader"'
-    # -- Ignore the common scaling annotations
-    # @default -- See [values.yaml]
-    resource.customizations.ignoreResourceUpdates.apps_ReplicaSet: |
-      jqPathExpressions:
-        - '.metadata.annotations."deployment.kubernetes.io/desired-replicas"'
-        - '.metadata.annotations."deployment.kubernetes.io/max-replicas"'
-        - '.metadata.annotations."rollout.argoproj.io/desired-replicas"'
-    # -- Ignores update if EndpointSlice is not excluded globally
-    # @default -- See [values.yaml]
-    resource.customizations.ignoreResourceUpdates.discovery.k8s.io_EndpointSlice: |
-      jsonPointers:
-        - /metadata
-        - /endpoints
-        - /ports
-    # -- Ignores update if Endpoints is not excluded globally
-    # @default -- See [values.yaml]
-    resource.customizations.ignoreResourceUpdates.Endpoints: |
-      jsonPointers:
-        - /metadata
-        - /subsets
-
-    ## Default configuration for exclusions.
-    ## The exclusion list are K8s resources that we assume will never be declared in Git,
-    ## and are never child objects of managed resources that need to be presented in the resource tree.
-    ## This list contains high volume and  high churn metadata objects which we exclude for performance
-    ## reasons, reducing connections and load to the K8s API servers of managed clusters.
-
-    # -- Resource Exclusion/Inclusion
-    # @default -- See [values.yaml]
-    resource.exclusions: |
-      ### Network resources created by the Kubernetes control plane and excluded to reduce the number of watched events and UI clutter
-      - apiGroups:
-        - ''
-        - discovery.k8s.io
-        kinds:
-        - Endpoints
-        - EndpointSlice
-      ### Internal Kubernetes resources excluded reduce the number of watched events
-      - apiGroups:
-        - coordination.k8s.io
-        kinds:
-        - Lease
-      ### Internal Kubernetes Authz/Authn resources excluded reduce the number of watched events
-      - apiGroups:
-        - authentication.k8s.io
-        - authorization.k8s.io
-        kinds:
-        - SelfSubjectReview
-        - TokenReview
-        - LocalSubjectAccessReview
-        - SelfSubjectAccessReview
-        - SelfSubjectRulesReview
-        - SubjectAccessReview
-      ### Intermediate Certificate Request excluded reduce the number of watched events
-      - apiGroups:
-        - certificates.k8s.io
-        kinds:
-        - CertificateSigningRequest
-      - apiGroups:
-        - cert-manager.io
-        kinds:
-        - CertificateRequest
-      ### Cilium internal resources excluded reduce the number of watched events and UI Clutter
-      - apiGroups:
-        - cilium.io
-        kinds:
-        - CiliumIdentity
-        - CiliumEndpoint
-        - CiliumEndpointSlice
-      ### Kyverno intermediate and reporting resources excluded reduce the number of watched events and improve performance
-      - apiGroups:
-        - kyverno.io
-        - reports.kyverno.io
-        - wgpolicyk8s.io
-        kinds:
-        - PolicyReport
-        - ClusterPolicyReport
-        - EphemeralReport
-        - ClusterEphemeralReport
-        - AdmissionReport
-        - ClusterAdmissionReport
-        - BackgroundScanReport
-        - ClusterBackgroundScanReport
-        - UpdateRequest
-
-
  # Argo CD configuration parameters
  ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cmd-params-cm.yaml
  params:
@ -403,8 +270,6 @@ configs:
    controller.self.heal.timeout.seconds: 5
    # -- Repo server RPC call timeout seconds.
    controller.repo.server.timeout.seconds: 60
-    # -- Specifies the timeout after which a sync would be terminated. 0 means no timeout
-    controller.sync.timeout.seconds: 0

    ## Server properties
    # -- Run server without TLS
@ -422,8 +287,6 @@ configs:
    server.enable.gzip: true
    # -- Enable proxy extension feature. (proxy extension is in Alpha phase)
    server.enable.proxy.extension: false
-    # -- Enable the hydrator feature (hydrator is in Alpha phase)
-    hydrator.enabled: false
    # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "".
    server.x.frame.options: sameorigin

@ -549,9 +412,6 @@ configs:
      #   ...
      #   -----END CERTIFICATE-----

-    # -- Specifies if the argocd-tls-certs-cm configmap should be created by Helm.
-    create: true
-
  # ConfigMap for Config Management Plugins
  # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/
  cmp:
@ -861,9 +721,8 @@ controller:
  #    image: alpine:3
  #    command: [sh, -c]
  #    args:
-  #      - wget -qO /custom-tools/kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.2.7/kubelogin-linux-amd64.zip &&
-  #        mkdir /custom-tools/tmp && unzip -d /custom-tools/tmp /custom-tools/kubelogin.zip  &&
-  #        mv /custom-tools/tmp/bin/linux_amd64/kubelogin /custom-tools/ && rm -rf custom-tools/tmp && rm /custom-tools/kubelogin.zip
+  #      - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip &&
+  #        unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/
  #    volumeMounts:
  #      - mountPath: /custom-tools
  #        name: custom-tools
@ -892,9 +751,6 @@ controller:
  # -- Annotations for the application controller Deployment
  deploymentAnnotations: {}

-  # -- Labels for the application controller Deployment
-  deploymentLabels: {}
-
  # -- Annotations to be added to application controller pods
  podAnnotations: {}

@ -1090,12 +946,6 @@ controller:
    # -- List of custom rules for the application controller's ClusterRole resource
    rules: []

-  # Default application controller's network policy
-  networkPolicy:
-    # -- Default network policy rules used by application controller
-    # @default -- `false` (defaults to global.networkPolicy.create)
-    create: false
-
 ## Dex
 dex:
  # -- Enable dex
@ -1167,7 +1017,7 @@ dex:
    # -- Dex image repository
    repository: ghcr.io/dexidp/dex
    # -- Dex image tag
-    tag: v2.43.1
+    tag: v2.41.1
    # -- Dex imagePullPolicy
    # @default -- `""` (defaults to global.image.imagePullPolicy)
    imagePullPolicy: ""
@ -1249,9 +1099,6 @@ dex:
  # -- Annotations to be added to the Dex server Deployment
  deploymentAnnotations: {}

-  # -- Labels for the Dex server Deployment
-  deploymentLabels: {}
-
  # -- Annotations to be added to the Dex server pods
  podAnnotations: {}

@ -1395,19 +1242,12 @@ dex:
    #   maxSurge: 25%
    #   maxUnavailable: 25%

-  # Default Dex server's network policy
-  networkPolicy:
-    # -- Default network policy rules used by Dex server
-    # @default -- `false` (defaults to global.networkPolicy.create)
-    create: false
-
-  # DEPRECATED - Use configs.params to override
  # -- Dex log format. Either `text` or `json`
  # @default -- `""` (defaults to global.logging.format)
-  # logFormat: ""
+  logFormat: ""
  # -- Dex log level. One of: `debug`, `info`, `warn`, `error`
  # @default -- `""` (defaults to global.logging.level)
-  # logLevel: ""
+  logLevel: ""

 ## Redis
 redis:
@ -1439,10 +1279,9 @@ redis:
  ## Redis image
  image:
    # -- Redis repository
-    repository: ecr-public.aws.com/docker/library/redis
+    repository: public.ecr.aws/docker/library/redis
    # -- Redis tag
-    ## Do not upgrade to >= 7.4.0, otherwise you are no longer using an open source version of Redis
-    tag: 7.2.8-alpine
+    tag: 7.4.1-alpine
    # -- Redis image pull policy
    # @default -- `""` (defaults to global.image.imagePullPolicy)
    imagePullPolicy: ""
@ -1456,9 +1295,9 @@ redis:
    ## Prometheus redis-exporter image
    image:
      # -- Repository to use for the redis-exporter
-      repository: ghcr.io/oliver006/redis_exporter
+      repository: public.ecr.aws/bitnami/redis-exporter
      # -- Tag to use for the redis-exporter
-      tag: v1.74.0
+      tag: 1.58.0
      # -- Image pull policy for the redis-exporter
      # @default -- `""` (defaults to global.image.imagePullPolicy)
      imagePullPolicy: ""
@ -1579,9 +1418,6 @@ redis:
  # -- Annotations to be added to the Redis server Deployment
  deploymentAnnotations: {}

-  # -- Labels for the Redis server Deployment
-  deploymentLabels: {}
-
  # -- Annotations to be added to the Redis server pods
  podAnnotations: {}

@ -1721,12 +1557,6 @@ redis:
      # -- Prometheus ServiceMonitor annotations
      annotations: {}

-  # Default redis's network policy
-  networkPolicy:
-    # -- Default network policy rules used by redis
-    # @default -- `false` (defaults to global.networkPolicy.create)
-    create: false
-
 ## Redis-HA subchart replaces custom redis deployment when `redis-ha.enabled=true`
 # Ref: https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/values.yaml
 redis-ha:
@ -1735,18 +1565,17 @@ redis-ha:
  ## Redis image
  image:
    # -- Redis repository
-    repository: ecr-public.aws.com/docker/library/redis
+    repository: public.ecr.aws/docker/library/redis
    # -- Redis tag
-    ## Do not upgrade to >= 7.4.0, otherwise you are no longer using an open source version of Redis
-    tag: 7.2.8-alpine
+    tag: 7.4.1-alpine
  ## Prometheus redis-exporter sidecar
  exporter:
    # -- Enable Prometheus redis-exporter sidecar
    enabled: false
    # -- Repository to use for the redis-exporter
-    image: ghcr.io/oliver006/redis_exporter
+    image: public.ecr.aws/bitnami/redis-exporter
    # -- Tag to use for the redis-exporter
-    tag: v1.69.0
+    tag: 1.58.0
  persistentVolume:
    # -- Configures persistence on Redis nodes
    enabled: false
@ -1767,9 +1596,6 @@ redis-ha:
    # --  Custom labels for the haproxy pod. This is relevant for Argo CD CLI.
    labels:
      app.kubernetes.io/name: argocd-redis-ha-haproxy
-    image:
-      # -- HAProxy Image Repository
-      repository: ecr-public.aws.com/docker/library/haproxy
    metrics:
      # -- HAProxy enable prometheus metric scraping
      enabled: true
@ -1834,8 +1660,8 @@ externalRedis:
  password: ""
  # -- External Redis server port
  port: 6379
-  # -- The name of an existing secret with Redis (must contain key `redis-password`. And should contain `redis-username` if username is not `default`) and Sentinel credentials.
-  # When it's set, the `externalRedis.username` and `externalRedis.password` parameters are ignored
+  # -- The name of an existing secret with Redis (must contain key `redis-password`) and Sentinel credentials.
+  # When it's set, the `externalRedis.password` parameter is ignored
  existingSecret: ""
  # -- External Redis Secret annotations
  secretAnnotations: {}
@ -2095,9 +1921,8 @@ server:
  #    image: alpine:3
  #    command: [sh, -c]
  #    args:
-  #      - wget -qO /custom-tools/kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.2.7/kubelogin-linux-amd64.zip &&
-  #        mkdir /custom-tools/tmp && unzip -d /custom-tools/tmp /custom-tools/kubelogin.zip  &&
-  #        mv /custom-tools/tmp/bin/linux_amd64/kubelogin /custom-tools/ && rm -rf custom-tools/tmp && rm /custom-tools/kubelogin.zip
+  #      - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip &&
+  #        unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/
  #    volumeMounts:
  #      - mountPath: /custom-tools
  #        name: custom-tools
@ -2123,9 +1948,6 @@ server:
  # -- Annotations to be added to server Deployment
  deploymentAnnotations: {}

-  # -- Labels for the server Deployment
-  deploymentLabels: {}
-
  # -- Annotations to be added to server pods
  podAnnotations: {}

@ -2593,12 +2415,6 @@ server:
    # -- List of custom rules for the server's ClusterRole resource
    rules: []

-  # Default ArgoCD Server's network policy
-  networkPolicy:
-    # -- Default network policy rules used by ArgoCD Server
-    # @default -- `false` (defaults to global.networkPolicy.create)
-    create: false
-
 ## Repo Server
 repoServer:
  # -- Repo server name
@ -2780,9 +2596,6 @@ repoServer:
  # -- Annotations to be added to repo server Deployment
  deploymentAnnotations: {}

-  # -- Labels for the repo server Deployment
-  deploymentLabels: {}
-
  # -- Annotations to be added to repo server pods
  podAnnotations: {}

@ -2913,8 +2726,6 @@ repoServer:
    port: 8081
    # -- Repo server service port name
    portName: tcp-repo-server
-    # -- Traffic distribution preference for the repo server service. If the field is not set, the implementation will apply its default routing strategy.
-    trafficDistribution: ""

  ## Repo server metrics service configuration
  metrics:
@ -2998,12 +2809,6 @@ repoServer:
  #     - list
  #     - watch

-  # Default repo server's network policy
-  networkPolicy:
-    # -- Default network policy rules used by repo server
-    # @default -- `false` (defaults to global.networkPolicy.create)
-    create: false
-
 ## ApplicationSet controller
 applicationSet:
  # -- ApplicationSet controller name string
@ -3161,9 +2966,6 @@ applicationSet:
  # -- Annotations to be added to ApplicationSet controller Deployment
  deploymentAnnotations: {}

-  # -- Labels for the ApplicationSet controller Deployment
-  deploymentLabels: {}
-
  # -- Annotations for the ApplicationSet controller pods
  podAnnotations: {}

@ -3376,13 +3178,6 @@ applicationSet:
      #     - argocd-applicationset.example.com
  # -- Enable ApplicationSet in any namespace feature
  allowAnyNamespace: false
-
-  # Default ApplicationSet controller's network policy
-  networkPolicy:
-    # -- Default network policy rules used by ApplicationSet controller
-    # @default -- `false` (defaults to global.networkPolicy.create)
-    create: false
-
 ## Notifications controller
 notifications:
  # -- Enable notifications controller
@ -3431,13 +3226,12 @@ notifications:
  # @default -- `[]` (defaults to global.imagePullSecrets)
  imagePullSecrets: []

-  # DEPRECATED - Use configs.params to override
  # -- Notifications controller log format. Either `text` or `json`
  # @default -- `""` (defaults to global.logging.format)
-  # logFormat: ""
+  logFormat: ""
  # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error`
  # @default -- `""` (defaults to global.logging.level)
-  # logLevel: ""
+  logLevel: ""

  # -- Extra arguments to provide to the notifications controller
  extraArgs: []
@ -3553,9 +3347,6 @@ notifications:
  # -- Annotations to be applied to the notifications controller Deployment
  deploymentAnnotations: {}

-  # -- Labels for the notifications controller Deployment
-  deploymentLabels: {}
-
  # -- Annotations to be applied to the notifications controller Pods
  podAnnotations: {}

@ -3951,202 +3742,3 @@ notifications:
    # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/triggers/#default-triggers
    # defaultTriggers: |
    #   - on-sync-status-unknown
-
-  # Default notifications controller's network policy
-  networkPolicy:
-    # -- Default network policy rules used by notifications controller
-    # @default -- `false` (defaults to global.networkPolicy.create)
-    create: false
-
-commitServer:
-  # -- Enable commit server
-  enabled: false
-
-  # -- Commit server name
-  name: commit-server
-
-  # -- Runtime class name for the commit server
-  # @default -- `""` (defaults to global.runtimeClassName)
-  runtimeClassName: ""
-
-  ## commit server controller image
-  image:
-    # -- Repository to use for the commit server
-    # @default -- `""` (defaults to global.image.repository)
-    repository: ""
-    # -- Tag to use for the commit server
-    # @default -- `""` (defaults to global.image.tag)
-    tag: ""
-    # -- Image pull policy for the commit server
-    # @default -- `""` (defaults to global.image.imagePullPolicy)
-    imagePullPolicy: ""
-
-  # -- commit server command line flags
-  extraArgs: []
-
-  # -- Environment variables to pass to the commit server
-  extraEnv: []
-    # - name: "MY_VAR"
-    #   value: "value"
-
-  # -- envFrom to pass to the commit server
-  # @default -- `[]` (See [values.yaml])
-  extraEnvFrom: []
-    # - configMapRef:
-    #     name: config-map-name
-    # - secretRef:
-    #     name: secret-name
-
-  # -- List of extra mounts to add (normally used with extraVolumes)
-  extraVolumeMounts: []
-
-  # -- List of extra volumes to add
-  extraVolumes: []
-
-  metrics:
-    # -- Enables prometheus metrics server
-    enabled: false
-    service:
-      # -- Metrics service type
-      type: ClusterIP
-      # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
-      clusterIP: ""
-      # -- Metrics service annotations
-      annotations: {}
-      # -- Metrics service labels
-      labels: {}
-      # -- Metrics service port
-      servicePort: 8087
-      # -- Metrics service port name
-      portName: metrics
-
-  ## commit server service configuration
-  service:
-    # -- commit server service annotations
-    annotations: {}
-    # -- commit server service labels
-    labels: {}
-    # -- commit server service port
-    port: 8086
-    # -- commit server service port name
-    portName: server
-
-  # -- Automount API credentials for the Service Account into the pod.
-  automountServiceAccountToken: false
-
-  serviceAccount:
-    # -- Create commit server service account
-    create: true
-    # -- commit server service account name
-    name: argocd-commit-server
-    # -- Annotations applied to created service account
-    annotations: {}
-    # -- Labels applied to created service account
-    labels: {}
-    # -- Automount API credentials for the Service Account
-    automountServiceAccountToken: true
-
-  # -- Annotations to be added to commit server Deployment
-  deploymentAnnotations: {}
-
-  # -- Labels for the commit server Deployment
-  deploymentLabels: {}
-
-  # -- Annotations for the commit server pods
-  podAnnotations: {}
-
-  # -- Labels for the commit server pods
-  podLabels: {}
-
-  # -- Resource limits and requests for the commit server pods.
-  resources: {}
-    # limits:
-    #   cpu: 100m
-    #   memory: 128Mi
-    # requests:
-    #   cpu: 100m
-    #   memory: 128Mi
-
-  # -- [DNS configuration]
-  dnsConfig: {}
-  # -- Alternative DNS policy for commit server pods
-  dnsPolicy: "ClusterFirst"
-
-  # -- commit server container-level security context
-  # @default -- See [values.yaml]
-  containerSecurityContext:
-    runAsNonRoot: true
-    readOnlyRootFilesystem: true
-    allowPrivilegeEscalation: false
-    capabilities:
-      drop:
-      - ALL
-    seccompProfile:
-      type: RuntimeDefault
-
-  ## Probes for commit server (optional)
-  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
-  readinessProbe:
-    # -- Enable Kubernetes liveness probe for commit server
-    enabled: true
-    # -- Number of seconds after the container has started before [probe] is initiated
-    initialDelaySeconds: 5
-    # -- How often (in seconds) to perform the [probe]
-    periodSeconds: 10
-    # -- Number of seconds after which the [probe] times out
-    timeoutSeconds: 1
-    # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded
-    failureThreshold: 3
-
-  livenessProbe:
-    # -- Enable Kubernetes liveness probe for commit server
-    enabled: true
-    # -- Number of seconds after the container has started before [probe] is initiated
-    initialDelaySeconds: 30
-    # -- How often (in seconds) to perform the [probe]
-    periodSeconds: 30
-    # -- Number of seconds after which the [probe] times out
-    timeoutSeconds: 5
-    # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded
-    failureThreshold: 3
-
-  # -- terminationGracePeriodSeconds for container lifecycle hook
-  terminationGracePeriodSeconds: 30
-
-  # -- [Node selector]
-  # @default -- `{}` (defaults to global.nodeSelector)
-  nodeSelector: {}
-
-  # -- [Tolerations] for use with node taints
-  # @default -- `[]` (defaults to global.tolerations)
-  tolerations: []
-
-  # -- Assign custom [affinity] rules
-  # @default -- `{}` (defaults to global.affinity preset)
-  affinity: {}
-
-  # -- Assign custom [TopologySpreadConstraints] rules to the commit server
-  # @default -- `[]` (defaults to global.topologySpreadConstraints)
-  ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
-  ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
-  topologySpreadConstraints: []
-    # - maxSkew: 1
-    #   topologyKey: topology.kubernetes.io/zone
-    #   whenUnsatisfiable: DoNotSchedule
-
-  # -- Deployment strategy to be added to the commit server Deployment
-  deploymentStrategy: {}
-    # type: RollingUpdate
-    # rollingUpdate:
-    #   maxSurge: 25%
-    #   maxUnavailable: 25%
-
-  # -- Priority class for the commit server pods
-  # @default -- `""` (defaults to global.priorityClassName)
-  priorityClassName: ""
-
-  # Default commit server's network policy
-  networkPolicy:
-    # -- Default network policy rules used by commit server
-    # @default -- `false` (defaults to global.networkPolicy.create)
-    create: false
--- a/charts/argo-events/Chart.yaml
+++ b/charts/argo-events/Chart.yaml
@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: v1.9.7
+appVersion: v1.9.3
 description: A Helm chart for Argo Events, the event-driven workflow automation framework
 name: argo-events
-version: 2.4.16
+version: 2.4.10
 home: https://github.com/argoproj/argo-helm
 icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4
 keywords:
@ -18,5 +18,5 @@ annotations:
    fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
  artifacthub.io/changes: |
-    - kind: changed
-      description: Bump argo-events to v1.9.7
+    - kind: fixed
+      description: Correct outdated URL for doc
--- a/charts/argo-events/README.md
+++ b/charts/argo-events/README.md
@ -180,7 +180,6 @@ done
 | controller.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
 | controller.replicas | int | `1` | The number of events controller pods to run. |
 | controller.resources | object | `{}` | Resource limits and requests for the events controller pods |
-| controller.revisionHistoryLimit | int | `5` | The number of replicasets history to keep |
 | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
 | controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
 | controller.serviceAccount.create | bool | `true` | Create a service account for the events controller |
@ -223,7 +222,6 @@ done
 | webhook.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
 | webhook.replicas | int | `1` | The number of webhook pods to run. |
 | webhook.resources | object | `{}` | Resource limits and requests for the event controller pods |
-| webhook.revisionHistoryLimit | int | `5` | The number of replicasets history to keep |
 | webhook.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
 | webhook.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
 | webhook.serviceAccount.create | bool | `true` | Create a service account for the admission webhook |
--- a/charts/argo-events/templates/argo-events-controller/deployment.yaml
+++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml
@ -10,7 +10,7 @@ spec:
  selector:
    matchLabels:
      {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }}
-  revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }}
+  revisionHistoryLimit: 5
  replicas: {{ .Values.controller.replicas }}
  template:
    metadata:
@ -108,10 +108,6 @@ spec:
      {{- with .Values.controller.extraContainers }}
        {{- toYaml . | nindent 6 }}
      {{- end -}}
-      {{- with .Values.controller.initContainers }}
-      initContainers:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
      {{- with .Values.controller.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
--- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml
+++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml
@ -11,7 +11,7 @@ spec:
  selector:
    matchLabels:
      {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.webhook.name) | nindent 6 }}
-  revisionHistoryLimit: {{ .Values.webhook.revisionHistoryLimit }}
+  revisionHistoryLimit: 5
  replicas: {{ .Values.webhook.replicas }}
  template:
    metadata:
--- a/charts/argo-events/values.yaml
+++ b/charts/argo-events/values.yaml
@ -201,9 +201,6 @@ controller:
    # @default -- `""` (defaults to global.image.imagePullPolicy)
    imagePullPolicy: ""

-  # -- The number of replicasets history to keep
-  revisionHistoryLimit: 5
-
  # -- The number of events controller pods to run.
  replicas: 1

@ -366,9 +363,6 @@ webhook:
    # @default -- `""` (defaults to global.image.imagePullPolicy)
    imagePullPolicy: ""

-  # -- The number of replicasets history to keep
-  revisionHistoryLimit: 5
-
  # -- The number of webhook pods to run.
  replicas: 1

--- a/charts/argo-rollouts/Chart.yaml
+++ b/charts/argo-rollouts/Chart.yaml
@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: v1.8.3
+appVersion: v1.7.2
 description: A Helm chart for Argo Rollouts
 name: argo-rollouts
-version: 2.40.3
+version: 2.38.2
 home: https://github.com/argoproj/argo-helm
 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
 keywords:
@ -19,4 +19,6 @@ annotations:
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
  artifacthub.io/changes: |
    - kind: added
-      description: support dnsConfig for controller and dashboard pods
+      description: Add lifecycle settings for controller
+    - kind: added
+      description: Add terminationGracePeriodSeconds for controller
--- a/charts/argo-rollouts/README.md
+++ b/charts/argo-rollouts/README.md
@ -51,14 +51,12 @@ For full list of changes please check ArtifactHub [changelog].
 | fullnameOverride | string | `nil` | String to fully override "argo-rollouts.fullname" template |
 | global.deploymentAnnotations | object | `{}` | Annotations for all deployed Deployments |
 | global.deploymentLabels | object | `{}` | Labels for all deployed Deployments |
-| global.dnsConfig | object | `{}` | Specifies the deployment DNS configuration for controller and dashboard. |
 | global.revisionHistoryLimit | int | `10` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. |
 | imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Registry secret names as an array. |
 | installCRDs | bool | `true` | Install and upgrade CRDs |
 | keepCRDs | bool | `true` | Keep CRD's on helm uninstall |
 | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests |
 | nameOverride | string | `nil` | String to partially override "argo-rollouts.fullname" template |
-| namespaceOverride | string | `.Release.Namespace` | Override the namespace |
 | notifications.configmap.create | bool | `true` | Whether to create notifications configmap |
 | notifications.notifiers | object | `{}` | Configures notification services |
 | notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret |
@ -128,7 +126,6 @@ For full list of changes please check ArtifactHub [changelog].
 | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller |
 | controller.replicas | int | `2` | The number of controller pods to run |
 | controller.resources | object | `{}` | Resource limits and requests for the controller pods. |
-| controller.stepPlugins | list | `[]` | Configures 3rd party stepPlugins for controller |
 | controller.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook |
 | controller.tolerations | list | `[]` | [Tolerations] for use with node taints |
 | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller |
--- a/charts/argo-rollouts/ci/enable-dashboard-values.yaml
+++ b/charts/argo-rollouts/ci/enable-dashboard-values.yaml
@ -4,5 +4,3 @@ installCRDs: false

 dashboard:
  enabled: true
-  ingress:
-    enabled: true
--- a/charts/argo-rollouts/templates/_helpers.tpl
+++ b/charts/argo-rollouts/templates/_helpers.tpl
@ -417,10 +417,3 @@ Return the rules for controller's Role and ClusterRole
 {{- end }}
 {{- end }}
 {{- end -}}
-
-{{/*
-Expand the namespace of the release.
-*/}}
-{{- define "argo-rollouts.namespace" -}}
-{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}}
-{{- end }}
--- a/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml
+++ b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml
@ -13,5 +13,5 @@ roleRef:
 subjects:
 - kind: ServiceAccount
  name: {{ include "argo-rollouts.serviceAccountName" . }}
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
 {{- end }}
--- a/charts/argo-rollouts/templates/controller/configmap.yaml
+++ b/charts/argo-rollouts/templates/controller/configmap.yaml
@ -2,7 +2,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: argo-rollouts-config
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
    {{- include "argo-rollouts.labels" . | nindent 4 }}
@ -11,10 +11,6 @@ data:
  metricProviderPlugins: |-
    {{- toYaml . | nindent 4 }}
  {{- end }}
-  {{- with .Values.controller.stepPlugins }}
-  stepPlugins: |-
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
  {{- with .Values.controller.trafficRouterPlugins }}
  trafficRouterPlugins: |-
    {{- toYaml . | nindent 4 }}
--- a/charts/argo-rollouts/templates/controller/deployment.yaml
+++ b/charts/argo-rollouts/templates/controller/deployment.yaml
@ -8,7 +8,7 @@ metadata:
    {{- end }}
  {{- end }}
  name: {{ include "argo-rollouts.fullname" . }}
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
  {{- range $key, $value := (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.controller.deploymentLabels) }}
    {{ $key }}: {{ $value | quote }}
@ -26,13 +26,12 @@ spec:
  revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }}
  template:
    metadata:
+      {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.controller.podAnnotations) }}
      annotations:
-        {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.controller.podAnnotations) }}
        {{- range $key, $value := . }}
        {{ $key }}: {{ $value | quote }}
        {{- end }}
-        {{- end }}
-        checksum/cm: {{ include (print $.Template.BasePath "/controller/configmap.yaml") . | sha256sum }}
+      {{- end }}
      labels:
        {{- include "argo-rollouts.selectorLabels" . | nindent 8 }}
        app.kubernetes.io/component: {{ .Values.controller.component }}
@ -112,10 +111,6 @@ spec:
      tolerations:
        {{- toYaml .Values.controller.tolerations | nindent 8 }}
      {{- end }}
-      {{- with .Values.global.dnsConfig }}
-      dnsConfig:
-      {{- toYaml . | nindent 8 }}
-      {{- end }}
      {{- if .Values.controller.affinity }}
      affinity:
        {{- toYaml .Values.controller.affinity | nindent 8 }}
--- a/charts/argo-rollouts/templates/controller/metrics-service.yaml
+++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "argo-rollouts.fullname" . }}-metrics
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
    {{- include "argo-rollouts.labels" . | nindent 4 }}
--- a/charts/argo-rollouts/templates/controller/notifications-configmap.yaml
+++ b/charts/argo-rollouts/templates/controller/notifications-configmap.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: argo-rollouts-notification-configmap
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
    {{- include "argo-rollouts.labels" . | nindent 4 }}
--- a/charts/argo-rollouts/templates/controller/notifications-secret.yaml
+++ b/charts/argo-rollouts/templates/controller/notifications-secret.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: argo-rollouts-notification-secret
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  {{- with .Values.notifications.secret.annotations }}
  annotations:
    {{- range $key, $value := . }}
--- a/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml
+++ b/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml
@ -3,7 +3,7 @@ apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }}
 kind: PodDisruptionBudget
 metadata:
  name: {{ template "argo-rollouts.fullname" . }}
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-rollouts.labels" . | nindent 4 }}
  {{- with .Values.controller.pdb.labels }}
--- a/charts/argo-rollouts/templates/controller/role.yaml
+++ b/charts/argo-rollouts/templates/controller/role.yaml
@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  name: {{ include "argo-rollouts.fullname" . }}
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
    {{- include "argo-rollouts.labels" . | nindent 4 }}
--- a/charts/argo-rollouts/templates/controller/rolebinding.yaml
+++ b/charts/argo-rollouts/templates/controller/rolebinding.yaml
@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: {{ include "argo-rollouts.fullname" . }}
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
    {{- include "argo-rollouts.labels" . | nindent 4 }}
@ -14,5 +14,5 @@ roleRef:
 subjects:
 - kind: ServiceAccount
  name: {{ include "argo-rollouts.serviceAccountName" . }}
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
 {{- end }}
--- a/charts/argo-rollouts/templates/controller/serviceaccount.yaml
+++ b/charts/argo-rollouts/templates/controller/serviceaccount.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "argo-rollouts.serviceAccountName" . }}
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
    {{- include "argo-rollouts.labels" . | nindent 4 }}
--- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml
+++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml
@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: {{ include "argo-rollouts.fullname" . }}
-  namespace: {{ default (include "argo-rollouts.namespace" .) .Values.controller.metrics.serviceMonitor.namespace | quote }}
+  namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
    {{- include "argo-rollouts.labels" . | nindent 4 }}
--- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.14.0
+    controller-gen.kubebuilder.io/version: v0.13.0
    {{- if .Values.keepCRDs }}
    "helm.sh/resource-policy": keep
    {{- end }}
@ -108,11 +108,6 @@ spec:
                      - type: integer
                      - type: string
                      x-kubernetes-int-or-string: true
-                    consecutiveSuccessLimit:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      x-kubernetes-int-or-string: true
                    count:
                      anyOf:
                      - type: integer
@ -222,13 +217,6 @@ spec:
                              type: object
                            query:
                              type: string
-                            secretRef:
-                              properties:
-                                name:
-                                  type: string
-                                namespaced:
-                                  type: boolean
-                              type: object
                          type: object
                        graphite:
                          properties:
@ -3037,9 +3025,6 @@ spec:
                              type: string
                            query:
                              type: string
-                            timeout:
-                              format: int64
-                              type: integer
                          required:
                          - query
                          type: object
@ -3091,15 +3076,6 @@ spec:
                              type: boolean
                            query:
                              type: string
-                            rangeQuery:
-                              properties:
-                                end:
-                                  type: string
-                                start:
-                                  type: string
-                                step:
-                                  type: string
-                              type: object
                            timeout:
                              format: int64
                              type: integer
@ -3234,9 +3210,6 @@ spec:
                    consecutiveError:
                      format: int32
                      type: integer
-                    consecutiveSuccess:
-                      format: int32
-                      type: integer
                    count:
                      format: int32
                      type: integer
--- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.14.0
+    controller-gen.kubebuilder.io/version: v0.13.0
    {{- if .Values.keepCRDs }}
    "helm.sh/resource-policy": keep
    {{- end }}
@ -104,11 +104,6 @@ spec:
                      - type: integer
                      - type: string
                      x-kubernetes-int-or-string: true
-                    consecutiveSuccessLimit:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      x-kubernetes-int-or-string: true
                    count:
                      anyOf:
                      - type: integer
@ -218,13 +213,6 @@ spec:
                              type: object
                            query:
                              type: string
-                            secretRef:
-                              properties:
-                                name:
-                                  type: string
-                                namespaced:
-                                  type: boolean
-                              type: object
                          type: object
                        graphite:
                          properties:
@ -3033,9 +3021,6 @@ spec:
                              type: string
                            query:
                              type: string
-                            timeout:
-                              format: int64
-                              type: integer
                          required:
                          - query
                          type: object
@ -3087,15 +3072,6 @@ spec:
                              type: boolean
                            query:
                              type: string
-                            rangeQuery:
-                              properties:
-                                end:
-                                  type: string
-                                start:
-                                  type: string
-                                step:
-                                  type: string
-                              type: object
                            timeout:
                              format: int64
                              type: integer
--- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.14.0
+    controller-gen.kubebuilder.io/version: v0.13.0
    {{- if .Values.keepCRDs }}
    "helm.sh/resource-policy": keep
    {{- end }}
@ -104,11 +104,6 @@ spec:
                      - type: integer
                      - type: string
                      x-kubernetes-int-or-string: true
-                    consecutiveSuccessLimit:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      x-kubernetes-int-or-string: true
                    count:
                      anyOf:
                      - type: integer
@ -218,13 +213,6 @@ spec:
                              type: object
                            query:
                              type: string
-                            secretRef:
-                              properties:
-                                name:
-                                  type: string
-                                namespaced:
-                                  type: boolean
-                              type: object
                          type: object
                        graphite:
                          properties:
@ -3033,9 +3021,6 @@ spec:
                              type: string
                            query:
                              type: string
-                            timeout:
-                              format: int64
-                              type: integer
                          required:
                          - query
                          type: object
@ -3087,15 +3072,6 @@ spec:
                              type: boolean
                            query:
                              type: string
-                            rangeQuery:
-                              properties:
-                                end:
-                                  type: string
-                                start:
-                                  type: string
-                                step:
-                                  type: string
-                              type: object
                            timeout:
                              format: int64
                              type: integer
--- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.14.0
+    controller-gen.kubebuilder.io/version: v0.13.0
    {{- if .Values.keepCRDs }}
    "helm.sh/resource-policy": keep
    {{- end }}
--- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.14.0
+    controller-gen.kubebuilder.io/version: v0.13.0
    {{- if .Values.keepCRDs }}
    "helm.sh/resource-policy": keep
    {{- end }}
@ -672,16 +672,6 @@ spec:
                                  - type: string
                                  x-kubernetes-int-or-string: true
                              type: object
-                            plugin:
-                              properties:
-                                config:
-                                  type: object
-                                  x-kubernetes-preserve-unknown-fields: true
-                                name:
-                                  type: string
-                              required:
-                              - name
-                              type: object
                            setCanaryScale:
                              properties:
                                matchTrafficWeight:
@ -954,10 +944,6 @@ spec:
                                type: object
                              annotationPrefix:
                                type: string
-                              canaryIngressAnnotations:
-                                additionalProperties:
-                                  type: string
-                                type: object
                              stableIngress:
                                type: string
                              stableIngresses:
@ -3741,45 +3727,6 @@ spec:
                    type: object
                  stablePingPong:
                    type: string
-                  stepPluginStatuses:
-                    items:
-                      properties:
-                        backoff:
-                          type: string
-                        disabled:
-                          type: boolean
-                        executions:
-                          format: int32
-                          type: integer
-                        finishedAt:
-                          format: date-time
-                          type: string
-                        index:
-                          format: int32
-                          type: integer
-                        message:
-                          type: string
-                        name:
-                          type: string
-                        operation:
-                          type: string
-                        phase:
-                          type: string
-                        startedAt:
-                          format: date-time
-                          type: string
-                        status:
-                          type: object
-                          x-kubernetes-preserve-unknown-fields: true
-                        updatedAt:
-                          format: date-time
-                          type: string
-                      required:
-                      - index
-                      - name
-                      - operation
-                      type: object
-                    type: array
                  weights:
                    properties:
                      additional:
--- a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml
+++ b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml
@ -13,5 +13,5 @@ roleRef:
 subjects:
 - kind: ServiceAccount
  name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
 {{- end }}
--- a/charts/argo-rollouts/templates/dashboard/deployment.yaml
+++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml
@ -9,7 +9,7 @@ metadata:
    {{- end }}
  {{- end }}
  name: {{ include "argo-rollouts.fullname" . }}-dashboard
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
  {{- range $key, $value := (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.dashboard.deploymentLabels) }}
    {{ $key }}: {{ $value | quote }}
@ -81,10 +81,6 @@ spec:
      tolerations:
        {{- toYaml .Values.dashboard.tolerations | nindent 8 }}
      {{- end }}
-      {{- with .Values.global.dnsConfig }}
-      dnsConfig:
-      {{- toYaml . | nindent 8 }}
-      {{- end }}
      {{- if .Values.dashboard.affinity }}
      affinity:
        {{- toYaml .Values.dashboard.affinity | nindent 8 }}
--- a/charts/argo-rollouts/templates/dashboard/ingress.yaml
+++ b/charts/argo-rollouts/templates/dashboard/ingress.yaml
@ -14,7 +14,7 @@ metadata:
  {{- end }}
 {{- end }}
  name: {{ template "argo-rollouts.fullname" . }}-dashboard
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-rollouts.labels" . | nindent 4 }}
    {{- if .Values.dashboard.ingress.labels }}
@ -45,10 +45,10 @@ spec:
              service:
                name: {{ $serviceName }}
                port:
-                  {{- if kindIs "string" $servicePort }}
-                  name: {{ $servicePort }}
-                  {{- else }}
+                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
+                  {{- else }}
+                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ $serviceName }}
@ -72,10 +72,10 @@ spec:
              service:
                name: {{ $serviceName }}
                port:
-                  {{- if kindIs "string" $servicePort }}
-                  name: {{ $servicePort }}
-                  {{- else }}
+                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
+                  {{- else }}
+                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ $serviceName }}
--- a/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml
+++ b/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml
@ -3,7 +3,7 @@ apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }}
 kind: PodDisruptionBudget
 metadata:
  name: {{ template "argo-rollouts.fullname" . }}-dashboard
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-rollouts.labels" . | nindent 4 }}
  {{- with .Values.dashboard.pdb.labels }}
--- a/charts/argo-rollouts/templates/dashboard/service.yaml
+++ b/charts/argo-rollouts/templates/dashboard/service.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "argo-rollouts.fullname" . }}-dashboard
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/component: {{ .Values.dashboard.component }}
    {{- include "argo-rollouts.labels" . | nindent 4 }}
--- a/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml
+++ b/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard
-  namespace: {{ include "argo-rollouts.namespace" . | quote }}
+  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/component: {{ .Values.dashboard.component }}
    {{- include "argo-rollouts.labels" . | nindent 4 }}
--- a/charts/argo-rollouts/values.yaml
+++ b/charts/argo-rollouts/values.yaml
@ -15,10 +15,6 @@ nameOverride:
 # -- String to fully override "argo-rollouts.fullname" template
 fullnameOverride:

-# -- Override the namespace
-# @default -- `.Release.Namespace`
-namespaceOverride: ""
-
 ## Override APIVersions
 ## If you want to template helm charts but cannot access k8s API server
 ## you can set api versions here
@ -49,18 +45,6 @@ global:
  deploymentLabels: {}
  # -- Number of old deployment ReplicaSets to retain. The rest will be garbage collected.
  revisionHistoryLimit: 10
-  # -- Specifies the deployment DNS configuration for controller and dashboard.
-  dnsConfig: {}
-  # nameservers:
-  #   - 1.2.3.4
-  # searches:
-  #   - ns1.svc.cluster-domain.example
-  #   - my.dns.search.suffix
-  # options:
-  #   - name: ndots
-  #     value: "1"
-  #   - name: attempts
-  #     value: "3"

 controller:
  # -- Value of label `app.kubernetes.io/component`
@ -233,12 +217,6 @@ controller:
    # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration
    #   location: "file://./my-custom-plugin" # supports http(s):// urls and file://

-  # -- Configures 3rd party stepPlugins for controller
-  ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/canary/plugins/
-  stepPlugins: []
-    # - name: "argoproj-labs/step-exec" # name of the plugin, it must match the name required by the plugin so it can find it's configuration
-    #   location: "file://./my-custom-plugin" # supports http(s):// urls and file://
-
  # -- Configures 3rd party traffic router plugins for controller
  ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/traffic-management/plugins/
  trafficRouterPlugins: []
--- a/charts/argo-workflows/Chart.yaml
+++ b/charts/argo-workflows/Chart.yaml
@ -1,9 +1,9 @@
 apiVersion: v2
-appVersion: v3.7.0
+appVersion: v3.6.2
 name: argo-workflows
 description: A Helm chart for Argo Workflows
 type: application
-version: 0.45.21
+version: 0.45.3
 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png
 home: https://github.com/argoproj/argo-helm
 sources:
@ -16,5 +16,5 @@ annotations:
    fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
  artifacthub.io/changes: |
-    - kind: changed
-      description: Bump argo-workflows to v3.7.0
+    - kind: added
+      description: Support ephemeral credentials for s3 artifact repository
--- a/charts/argo-workflows/README.md
+++ b/charts/argo-workflows/README.md
@ -116,7 +116,7 @@ Fields to note:
 | crds.annotations | object | `{}` | Annotations to be added to all CRDs |
 | crds.install | bool | `true` | Install and upgrade CRDs |
 | crds.keep | bool | `true` | Keep CRDs on chart uninstall |
-| createAggregateRoles | bool | `true` | Create ClusterRoles that extend existing ClusterRoles to interact with Argo Workflows CRDs. |
+| createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds |
 | emissary.images | list | `[]` | The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. |
 | extraObjects | list | `[]` | Array of extra K8s manifests to deploy |
 | fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template |
@ -136,7 +136,6 @@ Fields to note:
 | workflow.rbac.agentPermissions | bool | `false` | Allows permissions for the Argo Agent. Only required if using http/plugin templates |
 | workflow.rbac.artifactGC | bool | `false` | Allows permissions for the Argo Artifact GC pod. Only required if using artifact gc |
 | workflow.rbac.create | bool | `true` | Adds Role and RoleBinding for the above specified service account to be able to run workflows. A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) |
-| workflow.rbac.rules | list | `[]` | Additional rules for the service account that runs the workflows. |
 | workflow.rbac.serviceAccounts | list | `[]` | Extra service accounts to be added to the RoleBinding |
 | workflow.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
 | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created |
@ -187,7 +186,6 @@ Fields to note:
 | controller.metricsConfig.port | int | `9090` | Port is the port where metrics are emitted |
 | controller.metricsConfig.portName | string | `"metrics"` | Container metrics port name |
 | controller.metricsConfig.relabelings | list | `[]` | ServiceMonitor relabel configs to apply to samples before scraping |
-| controller.metricsConfig.scheme | string | `"http"` | serviceMonitor scheme |
 | controller.metricsConfig.secure | bool | `false` | Flag that use a self-signed cert for TLS |
 | controller.metricsConfig.servicePort | int | `8080` | Service metrics port |
 | controller.metricsConfig.servicePortName | string | `"metrics"` | Service metrics port name |
@ -233,7 +231,6 @@ Fields to note:
 | controller.telemetryConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory |
 | controller.telemetryConfig.path | string | `"/telemetry"` | telemetry path |
 | controller.telemetryConfig.port | int | `8081` | telemetry container port |
-| controller.telemetryConfig.scheme | string | `"http"` | telemetry serviceMonitor scheme to use |
 | controller.telemetryConfig.secure | bool | `false` | Flag that use a self-signed cert for TLS |
 | controller.telemetryConfig.servicePort | int | `8081` | telemetry service port |
 | controller.telemetryConfig.servicePortName | string | `"telemetry"` | telemetry service port name |
@ -242,7 +239,6 @@ Fields to note:
 | controller.volumeMounts | list | `[]` | Additional volume mounts to the controller main container |
 | controller.volumes | list | `[]` | Additional volumes to the controller pod |
 | controller.workflowDefaults | object | `{}` | Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. Only valid for 2.7+ |
-| controller.workflowEvents.enabled | bool | `true` | Enable to emit events on workflow status changes. |
 | controller.workflowNamespaces | list | `["default"]` | Specify all namespaces where this workflow controller instance will manage workflows. This controls where the service account and RBAC resources will be created. Only valid when singleNamespace is false. |
 | controller.workflowRestrictions | object | `{}` | Restricts the Workflows that the controller will process. Only valid for 2.9+ |
 | controller.workflowTTLWorkers | string | `nil` | Number of workflow TTL workers |
@ -313,14 +309,6 @@ Fields to note:
 | server.ingress.paths | list | `["/"]` | List of ingress paths |
 | server.ingress.tls | list | `[]` | Ingress TLS configuration |
 | server.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for server container |
-| server.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for server |
-| server.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
-| server.livenessProbe.httpGet.path | string | `"/"` | Http path to use for the liveness probe |
-| server.livenessProbe.httpGet.port | int | `2746` | Http port to use for the liveness probe |
-| server.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
-| server.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
-| server.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
-| server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
 | server.loadBalancerClass | string | `""` | The class of the load balancer implementation |
 | server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` |
 | server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
@ -355,7 +343,7 @@ Fields to note:
 | server.sso.clientSecret.key | string | `"client-secret"` | Key of a secret to retrieve the app OIDC client secret |
 | server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret |
 | server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups |
-| server.sso.enabled | bool | `false` | Create SSO configuration. If you set `true` , please also set `.Values.server.authModes` as `sso`. |
+| server.sso.enabled | bool | `false` | Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. |
 | server.sso.filterGroupsRegex | list | `[]` | Filter the groups returned by the OIDC provider |
 | server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client |
 | server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider |
--- a/charts/argo-workflows/ci/enable-server-liveness-probe-values.yaml
+++ b/charts/argo-workflows/ci/enable-server-liveness-probe-values.yaml
@ -1,6 +0,0 @@
-crds:
-  keep: false
-
-server:
-  livenessProbe:
-    enabled: true
--- a/charts/argo-workflows/templates/_helpers.tpl
+++ b/charts/argo-workflows/templates/_helpers.tpl
@ -90,7 +90,7 @@ Selector labels
 {{- define "argo-workflows.selectorLabels" -}}
 {{- if .name -}}
 app.kubernetes.io/name: {{ include "argo-workflows.name" .context }}-{{ .name }}
-{{- end }}
+{{ end -}}
 app.kubernetes.io/instance: {{ .context.Release.Name }}
 {{- if .component }}
 app.kubernetes.io/component: {{ .component }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
@ -35,7 +35,6 @@ rules:
  - ""
  resources:
  - configmaps
-  - namespaces
  verbs:
  - get
  - watch
@ -168,16 +167,6 @@ rules:
  - update
  - patch
  - delete
-{{- if .Values.controller.rbac.accessAllSecrets }}
- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - get
-  - list
-  - watch
-{{- else }}
 - apiGroups:
  - ""
  resources:
@ -185,7 +174,7 @@ rules:
  verbs:
  - get
  resourceNames:
-  {{- /* for HTTP templates */}}
+  {{/* for HTTP templates */}}
  - argo-workflows-agent-ca-certificates
 {{- with .Values.controller.rbac.secretWhitelist }}
 - apiGroups:
@ -198,6 +187,15 @@ rules:
  - watch
  resourceNames: {{- toYaml . | nindent 4 }}
 {{- end }}
+{{- if and (not .Values.controller.rbac.secretWhitelist) (.Values.controller.rbac.accessAllSecrets) }}
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+  - watch
 {{- end }}

 {{- if and .Values.controller.clusterWorkflowTemplates.enabled (not .Values.singleNamespace) }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
@ -200,8 +200,6 @@ data:
    {{- end }}
    nodeEvents:
      enabled: {{ .Values.controller.nodeEvents.enabled }}
-    workflowEvents:
-      enabled: {{ .Values.controller.workflowEvents.enabled }}
    {{- with .Values.controller.kubeConfig }}
    kubeConfig: {{- toYaml . | nindent 6 }}
    {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
@ -2,7 +2,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 {{- if .Values.singleNamespace }}
 kind: RoleBinding
-{{- else }}
+{{ else }}
 kind: ClusterRoleBinding
 {{- end }}
 metadata:
@ -16,7 +16,7 @@ roleRef:
  apiGroup: rbac.authorization.k8s.io
  {{- if .Values.singleNamespace }}
  kind: Role
-  {{- else }}
+  {{ else }}
  kind: ClusterRole
  {{- end }}
  name: {{ template "argo-workflows.controller.fullname" . }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml
@ -106,8 +106,7 @@ spec:
            - name: {{ .Values.controller.metricsConfig.portName }}
              containerPort: {{ .Values.controller.metricsConfig.port }}
            - containerPort: 6060
-          livenessProbe:
-            {{- .Values.controller.livenessProbe | toYaml | nindent 12 }}
+          livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }}
        {{- with .Values.controller.extraContainers }}
          {{- toYaml . | nindent 8 }}
        {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
@ -9,7 +9,7 @@ metadata:
  {{- with .Values.controller.serviceAccount.labels  }}
    {{- toYaml . | nindent 4 }}
  {{- end }}
-  {{- with .Values.controller.serviceAccount.annotations }}
+  {{ with .Values.controller.serviceAccount.annotations }}
  annotations:
    {{- toYaml .| nindent 4 }}
  {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
@ -25,7 +25,6 @@ spec:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      honorLabels: {{ .Values.controller.metricsConfig.honorLabels }}
-      scheme: {{ .Values.controller.metricsConfig.scheme}}
  {{- end }}
  {{- if .Values.controller.telemetryConfig.enabled }}
    - port: telemetry
@ -40,7 +39,6 @@ spec:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      honorLabels: {{ .Values.controller.metricsConfig.honorLabels }}
-      scheme: {{ .Values.controller.telemetryConfig.scheme }}
  {{- end }}
  {{- with .Values.controller.metricsConfig.targetLabels }}
  targetLabels:
--- a/charts/argo-workflows/templates/controller/workflow-role.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-role.yaml
@ -18,9 +18,6 @@ rules:
    verbs:
      - create
      - patch
-  {{- with $.Values.workflow.rbac.rules }}
-    {{- toYaml . | nindent 2 }}
-  {{- end }}
  {{- end }}

 {{- end }}
--- a/charts/argo-workflows/templates/crds/argoproj.io_workfloweventbindings.yaml
+++ b/charts/argo-workflows/templates/crds/argoproj.io_workfloweventbindings.yaml
@ -667,25 +667,6 @@ spec:
                        type: array
                    type: object
                  metadata:
-                    properties:
-                      annotations:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      finalizers:
-                        items:
-                          type: string
-                        type: array
-                      generateName:
-                        type: string
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      name:
-                        type: string
-                      namespace:
-                        type: string
                    type: object
                  workflowTemplateRef:
                    properties:
--- a/charts/argo-workflows/templates/extra-manifests.yaml
+++ b/charts/argo-workflows/templates/extra-manifests.yaml
@ -1,8 +1,8 @@
-{{- range .Values.extraObjects }}
+{{ range .Values.extraObjects }}
 ---
-{{- if typeIs "string" . }}
+{{ if typeIs "string" . }}
    {{- tpl . $ }}
 {{- else }}
    {{- tpl (toYaml .) $ }}
 {{- end }}
-{{- end }}
+{{ end }}
--- a/charts/argo-workflows/templates/server/gke/backendconfig.yaml
+++ b/charts/argo-workflows/templates/server/gke/backendconfig.yaml
@ -1,4 +1,4 @@
-{{- if and .Values.server.enabled .Values.server.GKEbackendConfig.enabled }}
+{{- if .Values.server.GKEbackendConfig.enabled }}
 apiVersion: {{ include "argo-workflows.apiVersions.cloudgoogle" . }}
 kind: BackendConfig
 metadata:
--- a/charts/argo-workflows/templates/server/gke/frontendconfig.yaml
+++ b/charts/argo-workflows/templates/server/gke/frontendconfig.yaml
@ -1,4 +1,4 @@
-{{- if and .Values.server.enabled .Values.server.GKEfrontendConfig.enabled }}
+{{- if .Values.server.GKEfrontendConfig.enabled }}
 apiVersion: networking.gke.io/v1beta1
 kind: FrontendConfig
 metadata:
--- a/charts/argo-workflows/templates/server/gke/managedcertificate.yaml
+++ b/charts/argo-workflows/templates/server/gke/managedcertificate.yaml
@ -1,4 +1,4 @@
-{{- if and .Values.server.enabled .Values.server.GKEmanagedCertificate.enabled }}
+{{- if .Values.server.GKEmanagedCertificate.enabled }}
 apiVersion: networking.gke.io/v1
 kind: ManagedCertificate
 metadata:
--- a/charts/argo-workflows/templates/server/server-crb.yaml
+++ b/charts/argo-workflows/templates/server/server-crb.yaml
@ -2,7 +2,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 {{- if .Values.singleNamespace }}
 kind: RoleBinding
-{{- else }}
+{{ else }}
 kind: ClusterRoleBinding
 {{- end }}
 metadata:
@ -16,7 +16,7 @@ roleRef:
  apiGroup: rbac.authorization.k8s.io
  {{- if .Values.singleNamespace }}
  kind: Role
-  {{- else }}
+  {{ else }}
  kind: ClusterRole
  {{- end }}
  name: {{ template "argo-workflows.server.fullname" . }}
--- a/charts/argo-workflows/templates/server/server-deployment.yaml
+++ b/charts/argo-workflows/templates/server/server-deployment.yaml
@ -27,14 +27,9 @@ spec:
        {{- with .Values.server.podLabels }}
          {{- toYaml . | nindent 8 }}
        {{- end }}
-      {{- if or  .Values.server.podAnnotations .Values.controller.configMap.create }}
+      {{- with .Values.server.podAnnotations }}
      annotations:
-        {{- with .Values.server.podAnnotations }}
        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        {{- if .Values.controller.configMap.create }}
-        checksum/cm: {{ include (print $.Template.BasePath "/controller/workflow-controller-config-map.yaml") . | sha256sum }}
-        {{- end }}
      {{- end }}
    spec:
      serviceAccountName: {{ template "argo-workflows.serverServiceAccountName" . }}
@ -92,22 +87,6 @@ spec:
              {{- end }}
            initialDelaySeconds: 10
            periodSeconds: 20
-          {{- if .Values.server.livenessProbe.enabled }}
-          livenessProbe:
-            httpGet:
-              path: {{ .Values.server.livenessProbe.httpGet.path }}
-              port: {{ .Values.server.livenessProbe.httpGet.port }}
-              {{- if .Values.server.secure }}
-              scheme: HTTPS
-              {{- else }}
-              scheme: HTTP
-              {{- end }}
-            initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }}
-            timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }}
-            periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }}
-            successThreshold: {{ .Values.server.livenessProbe.successThreshold }}
-            failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }}
-          {{- end }}
          env:
            - name: IN_CLUSTER
              value: "true"
--- a/charts/argo-workflows/templates/server/server-ingress.yaml
+++ b/charts/argo-workflows/templates/server/server-ingress.yaml
@ -1,4 +1,4 @@
-{{- if and .Values.server.enabled .Values.server.ingress.enabled -}}
+{{- if .Values.server.ingress.enabled -}}
 {{- $serviceName := include "argo-workflows.server.fullname" . -}}
 {{- $servicePort := .Values.server.servicePort -}}
 {{- $paths := .Values.server.ingress.paths -}}
@ -45,10 +45,10 @@ spec:
              service:
                name: {{ $serviceName }}
                port:
-                  {{- if kindIs "string" $servicePort }}
-                  name: {{ $servicePort }}
-                  {{- else }}
+                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
+                  {{- else }}
+                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ $serviceName }}
@ -72,10 +72,10 @@ spec:
              service:
                name: {{ $serviceName }}
                port:
-                  {{- if kindIs "string" $servicePort }}
-                  name: {{ $servicePort }}
-                  {{- else }}
+                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
+                  {{- else }}
+                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ $serviceName }}
--- a/charts/argo-workflows/values.yaml
+++ b/charts/argo-workflows/values.yaml
@ -16,7 +16,7 @@ crds:
  # -- Annotations to be added to all CRDs
  annotations: {}

-# -- Create ClusterRoles that extend existing ClusterRoles to interact with Argo Workflows CRDs.
+# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds
 ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles
 createAggregateRoles: true

@ -77,8 +77,6 @@ workflow:
    serviceAccounts: []
      # - name: my-service-account
      #   namespace: my-namespace
-    # -- Additional rules for the service account that runs the workflows.
-    rules: []

 controller:
  image:
@ -149,8 +147,6 @@ controller:
    servicePort: 8080
    # -- Service metrics port name
    servicePortName: metrics
-    # -- serviceMonitor scheme
-    scheme: http
    # -- Flag to enable headless service
    headlessService: false
    # -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels.
@ -165,7 +161,6 @@ controller:
    # -- ServiceMonitor will add labels from the service to the Prometheus metric
    ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitorspec
    targetLabels: []
-
  # -- the controller container's securityContext
  securityContext:
    readOnlyRootFilesystem: true
@ -259,8 +254,6 @@ controller:
    servicePort: 8081
    # -- telemetry service port name
    servicePortName: telemetry
-    # -- telemetry serviceMonitor scheme to use
-    scheme: http
  serviceMonitor:
    # -- Enable a prometheus ServiceMonitor
    enabled: false
@ -268,7 +261,6 @@ controller:
    additionalLabels: {}
    # -- Prometheus ServiceMonitor namespace
    namespace: "" # "monitoring"
-
  serviceAccount:
    # -- Create a service account for the controller
    create: true
@ -410,12 +402,6 @@ controller:
    ## "Unable to create audit event: etcdserver: mvcc: database space exceeded"
    enabled: true

-  workflowEvents:
-    # -- Enable to emit events on workflow status changes.
-    ## This can take up a lot of space in k8s (typically etcd), resulting in errors when trying to create new events:
-    ## "Unable to create audit event: etcdserver: mvcc: database space exceeded"
-    enabled: true
-
  # -- Configure when workflow controller runs in a different k8s cluster with the workflow workloads,
  # or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret.
  # @default -- `{}` (See [values.yaml])
@ -725,7 +711,7 @@ server:

  # SSO configuration when SSO is specified as a server auth mode.
  sso:
-    # -- Create SSO configuration. If you set `true` , please also set `.Values.server.authModes` as `sso`.
+    # -- Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`.
    enabled: false
    # -- The root URL of the OIDC identity provider
    issuer: https://accounts.google.com
@ -784,27 +770,6 @@ server:
  # -- terminationGracePeriodSeconds for container lifecycle hook
  terminationGracePeriodSeconds: 30

-  ## livenessProbe for server
-  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
-  livenessProbe:
-    # -- Enable Kubernetes liveness probe for server
-    enabled: false
-    httpGet:
-      # -- Http port to use for the liveness probe
-      port: 2746
-      # -- Http path to use for the liveness probe
-      path: /
-    # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded
-    failureThreshold: 3
-    # -- Number of seconds after the container has started before [probe] is initiated
-    initialDelaySeconds: 10
-    # -- How often (in seconds) to perform the [probe]
-    periodSeconds: 10
-    # -- Number of seconds after which the [probe] times out
-    timeoutSeconds: 1
-    # -- Minimum consecutive successes for the [probe] to be considered successful after having failed
-    successThreshold: 1
-
 # -- Array of extra K8s manifests to deploy
 extraObjects: []
  # - apiVersion: secrets-store.csi.x-k8s.io/v1
@ -869,7 +834,7 @@ artifactRepository:
    # keyFormat: "{{ \"{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}\" }}"
    # # serviceAccountKeySecret is a secret selector.
    # # It references the k8s secret named 'my-gcs-credentials'.
-    # # This secret is expected to have the key 'serviceAccountKey',
+    # # This secret is expected to have have the key 'serviceAccountKey',
    # # containing the base64 encoded credentials
    # # to the bucket.
    # #
@ -886,7 +851,7 @@ artifactRepository:
    # blobNameFormat: path/in/container
    # # accountKeySecret is a secret selector.
    # # It references the k8s secret named 'my-azure-storage-credentials'.
-    # # This secret is expected to have the key 'account-access-key',
+    # # This secret is expected to have have the key 'account-access-key',
    # # containing the base64 encoded credentials to the storage account.
    # # If a managed identity has been assigned to the machines running the
    # # workflow (e.g., https://docs.microsoft.com/en-us/azure/aks/use-managed-identity)
@ -942,7 +907,7 @@ artifactRepositoryRef: {}
  #        bucket: $mybucket
  #        # accessKeySecret and secretKeySecret are secret selectors.
  #        # It references the k8s secret named 'bucket-workflow-artifect-credentials'.
-  #        # This secret is expected to have the keys 'accessKey'
+  #        # This secret is expected to have have the keys 'accessKey'
  #        # and 'secretKey', containing the base64 encoded credentials
  #        # to the bucket.
  #        accessKeySecret:
--- a/charts/argocd-image-updater/Chart.yaml
+++ b/charts/argocd-image-updater/Chart.yaml
@ -2,8 +2,8 @@ apiVersion: v2
 name: argocd-image-updater
 description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD
 type: application
-version: 0.12.3
-appVersion: v0.16.0
+version: 0.11.3
+appVersion: v0.15.1
 home: https://github.com/argoproj-labs/argocd-image-updater
 icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png
 keywords:
@ -18,5 +18,5 @@ annotations:
    fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
  artifacthub.io/changes: |
-    - kind: added
-      description: Support priorityClassName
+    - kind: changed
+      description: Update permissions for namespaced Role
--- a/charts/argocd-image-updater/README.md
+++ b/charts/argocd-image-updater/README.md
@ -70,15 +70,13 @@ The `config.registries` value can be used exactly as it looks in the documentati
 |-----|------|---------|-------------|
 | affinity | object | `{}` | Kubernetes affinity settings for the deployment |
 | authScripts.enabled | bool | `false` | Whether to mount the defined scripts that can be used to authenticate with a registry, the scripts will be mounted at `/scripts` |
-| authScripts.name | string | `"argocd-image-updater-authscripts"` | Name of the authentication scripts ConfigMap |
-| authScripts.scripts | object | `{}` | Map of key-value pairs where the key consists of the name of the script and the value the contents. |
+| authScripts.scripts | object | `{}` | Map of key-value pairs where the key consists of the name of the script and the value the contents |
 | config.applicationsAPIKind | string | `""` | API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`) |
 | config.argocd.grpcWeb | bool | `true` | Use the gRPC-web protocol to connect to the Argo CD API |
 | config.argocd.insecure | bool | `false` | If specified, the certificate of the Argo CD API server is not verified. |
 | config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the Argo CD API instead of TLS. |
 | config.argocd.serverAddress | string | `""` | Connect to the Argo CD API server at server address |
 | config.argocd.token | string | `""` | If specified, the secret with Argo CD API key will be created. |
-| config.argocd.tokenSecretName | string | `"argocd-image-updater-secret"` | Name of the Secret containing the token |
 | config.disableKubeEvents | bool | `false` | Disable kubernetes events |
 | config.gitCommitMail | string | `""` | E-Mail address to use for Git commits |
 | config.gitCommitSignOff | bool | `false` | Enables sign off on commits |
@ -87,15 +85,13 @@ The `config.registries` value can be used exactly as it looks in the documentati
 | config.gitCommitTemplate | string | `""` | Changing the Git commit message |
 | config.gitCommitUser | string | `""` | Username to use for Git commits |
 | config.logLevel | string | `"info"` | Argo CD Image Update log level |
-| config.name | string | `"argocd-image-updater-config"` | Name of the ConfigMap |
-| config.registries | list | `[]` | Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/). |
-| config.sshConfig.config | string | `""` | Argo CD Image Updater ssh client parameter configuration |
-| config.sshConfig.name | string | `"argocd-image-updater-ssh-config"` | Name of the sshConfig ConfigMap |
+| config.registries | list | `[]` | Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) |
+| config.sshConfig | object | `{}` | Argo CD Image Updater ssh client parameter configuration. |
 | createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. |
-| extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry. |
-| extraEnv | list | `[]` | Extra environment variables for argocd-image-updater. |
+| extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry |
+| extraEnv | list | `[]` | Extra environment variables for argocd-image-updater |
 | extraEnvFrom | list | `[]` | Extra envFrom to pass to argocd-image-updater |
-| extraObjects | list | `[]` | Extra K8s manifests to deploy for argocd-image-updater. |
+| extraObjects | list | `[]` | Extra K8s manifests to deploy for argocd-image-updater |
 | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override |
 | image.pullPolicy | string | `"Always"` | Default image pull policy |
 | image.repository | string | `"quay.io/argoprojlabs/argocd-image-updater"` | Default image repository |
@ -119,7 +115,6 @@ The `config.registries` value can be used exactly as it looks in the documentati
 | podAnnotations | object | `{}` | Pod Annotations for the deployment |
 | podLabels | object | `{}` | Pod Labels for the deployment |
 | podSecurityContext | object | `{}` | Pod security context settings for the deployment |
-| priorityClassName | string | `""` | Priority class for the deployment |
 | rbac.enabled | bool | `true` | Enable RBAC creation |
 | replicaCount | int | `1` | Replica count for the deployment. It is not advised to run more than one replica. |
 | resources | object | `{}` | Pod memory and cpu resource settings for the deployment |
@ -127,7 +122,7 @@ The `config.registries` value can be used exactly as it looks in the documentati
 | serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
 | serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
 | serviceAccount.labels | object | `{}` | Labels to add to the service account |
-| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
 | tolerations | list | `[]` | Kubernetes toleration settings for the deployment |
 | updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones |
 | volumeMounts | list | `[]` | Additional volumeMounts to the image updater main container |
--- a/Show More
+++ b/Show More