Argo CD 3.2 Delivers Safer GitOps with Progressive Sync and ApplicationSet Improvements
Argo CD 3.2, released as stable in November 2025 and now widely adopted, brings progressive sync deletion strategies, ApplicationSet status improvements, and source hydration guardrails that make large-scale GitOps deployments safer and more observable.
Argo CD 3.2 is the latest stable release of the widely used Kubernetes GitOps continuous delivery tool, and it includes a set of focused improvements aimed at operators running large multi-application environments. The release builds on the architectural changes introduced in version 3.0 — which brought native multi-tenancy through Projects 2.0 and integrated Argo Rollouts for progressive delivery — and refines the operational experience based on real-world feedback.
Progressive Sync Gets Configurable Deletion
One of the headline additions in 3.2 is support for configurable deletion strategies in Progressive Sync for ApplicationSets. Previously, when an ApplicationSet was deleted, the behavior for the applications it managed was fixed. Now operators can specify per-ApplicationSet deletion policies, giving platform teams the flexibility to decide whether managed applications should be pruned, orphaned, or handled according to a custom strategy when the parent ApplicationSet is removed. This matters significantly in large platforms where accidental or staged teardowns of application groups are a real operational concern.
ApplicationSet Status Visibility
Argo CD 3.2 improves how ApplicationSets track and surface status changes. The previous model made it difficult to understand what changed in an ApplicationSet\'s managed resource list and why. The new status reporting makes diffs more explicit and navigable from the UI.
To guard against etcd storage limits, the release also caps the status.resources field of an ApplicationSet to 5,000 elements by default, preventing large-scale ApplicationSets from causing apiserver instability through status object bloat — a problem that has caught out teams managing hundreds of applications per ApplicationSet.
Source Hydration Safety and UI Improvements
Source hydration, which allows Argo CD to render configuration from OCI registries and other external sources before sync, now enforces that applications specify a non-root repository path. This prevents accidental overwrites or deletions of important files at the repository root during hydration. The Applications page also gains sortable columns across name, sync status, health, namespace, and other fields, and hydration status is now visible directly on application tiles without opening the detail view.
Teams still running Argo CD 2.14 should note that it reached end of life on November 4, 2025, and should prioritize upgrading to 3.2 or later.
Related Articles
GitHub Expands Developer Platform with Actions Artifacts v5 and Copilot Extensions GA
GitHub has shipped Actions Artifacts v5 with immutable storage and artifact attestation for tamper-proof build outputs, alongside the general availability of Copilot Extensions that let third-party tools integrate directly into the Copilot chat experience. The platform also expanded GitHub Models with seven new providers.
Docker Engine 29.3 Ships with Native gRPC Support and BuildKit v0.28
Docker Engine 29.3.0 introduces native gRPC support on listening sockets, BuildKit v0.28.0, and a new bind-create-src option for flexible volume mounting. The release lowers the minimum API version to v1.40 for broader backward compatibility and fixes DNS configuration corruption during daemon reloads.
GitHub Adds Dependabot Pre-Commit Support and 28 New Secret Scanning Detectors
GitHub has shipped two major supply chain security features: Dependabot now parses .pre-commit-config.yaml files and opens PRs to update hook versions, while secret scanning gains 28 new detectors from 15 providers including Snowflake, Supabase, and Vercel. Push protection is now enabled by default for 39 secret types.