Argo CD | v3.3.3

Argo CD v3.3.3 released on 09-03-2026


Argo CD v3.3.3 is out now. It delivers straightforward non‑HA and HA install flows and a set of stability fixes and signed release artefacts that make secure cluster onboarding and verification easier for operators.

See the GitHub release for the install manifests and commands, the operator documentation for signature and provenance verification, the full changelog comparing v3.3.2…v3.3.3, and the release blog post for a deeper breakdown.

What’s in this release

  • Quick start install: non‑HA and HA flows using kubectl apply against the published manifests (manifests/install.yaml and ha/install.yaml) on the v3.3.3 release path for fast cluster onboarding.
  • Signed release assets and provenance: all container images are signed with cosign and provenance metadata is produced for container images and CLI binaries meeting SLSA Level 3; operator docs explain how to verify signatures and provenance.
  • Notable bug fixes and cherry‑picks: fixes include correct CNPG suspend/resume annotation handling, comma‑separated hook annotations for PreDelete/PostDelete hooks, health reporting using note.drySha when present, standard resource icon fixes in the UI, improved kubeversion consistency with Helm 3, and multi‑level cross‑namespace hierarchy traversal corrections.

Upgrade notes

  • If you are upgrading between minor versions, read the upgrading documentation before you proceed to make sure you follow the recommended steps.
  • This is a patch release focused on stability and correctness; if you need to roll back, use your normal cluster rollback procedures and consult the full changelog for the specific commits included in v3.3.3.

Feedback welcome — let the team know how the install flows and fixes behave in your environment.

Related posts

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...

restic | v0.19.1

restic v0 19 1: safer FUSE mounts and mountpoint checks, robust backup source and exclude handling, clearer CLI JSON output, Windows SFTP deletion fixes