DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into add-support-for-extra-containers

Browse source
This commit is contained in:
Oliver Bähler 2021-08-10 23:43:59 +02:00 committed by GitHub
commit 07723ea179
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
25 changed files with 150 additions and 69 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CONTRIBUTING.md
View file

@ -55,7 +55,7 @@ annotations:
Minimally:
```
helm install charts/argo -n argo
helm install charts/argo-workflows -n argo
argo version
```

6
charts/argo-cd/Chart.lock
View file

@ -1,6 +1,6 @@
dependencies:
- name: redis-ha
repository: https://dandydeveloper.github.io/charts/
version: 4.12.14
digest: sha256:34275a4f4df92c570d07b0553da5d1fa200b6f057f7091746c853fd7399ee30a
generated: "2021-05-03T16:02:41.4356045-04:00"
version: 4.12.17
digest: sha256:ad1833436031e3578165d48646c90323040fa1bc00d9235fe7ba7c67b20094ec
generated: "2021-07-27T16:35:27.2509236-04:00"

8
charts/argo-cd/Chart.yaml
View file

@ -1,8 +1,8 @@
apiVersion: v2
appVersion: 2.0.4
appVersion: 2.0.5
description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 3.10.0
version: 3.11.3
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-cd/assets/logo.png
keywords:
@ -16,9 +16,9 @@ maintainers:
- name: seanson
dependencies:
- name: redis-ha
version: 4.12.14
version: 4.12.17
repository: https://dandydeveloper.github.io/charts/
condition: redis-ha.enabled
annotations:
artifacthub.io/changes: |
- "[Added]: Support AWS ALB Ingress with gRPC"
- "[Fix]: Set type of service for grpc as NodePort because this is the default of ALB ingress Controller"

8
charts/argo-cd/README.md
View file

@ -34,6 +34,11 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop
## Upgrading
### 3.10.2
ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default
It can be re-enabled by setting `server.staticAssets.enabled` to true
### 3.8.1
This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization:
@ -132,7 +137,7 @@ NAME: my-release
|-----|------|---------|
| global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` |
| global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` |
| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.4"` |
| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` |
| global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) |
| global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` |
| global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` |
@ -287,6 +292,7 @@ NAME: my-release
| server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) |
| server.containerPort | Server container port. | `8080` |
| server.extraArgs | Additional arguments for the server. A list of flags. | `[]` |
| server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` |
| server.env | Environment variables for the server. | `[]` |
| server.envFrom | `envFrom` to pass to the server. | `[]` (See [values.yaml](values.yaml)) |
| server.image.repository | Repository to use for the server | `global.image.repository` |

2
charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml
View file

@ -20,5 +20,5 @@ spec:
selector:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }}
sessionAffinity: None
type: ClusterIP
type: NodePort
{{- end -}}

2
charts/argo-cd/templates/argocd-server/deployment.yaml
View file

@ -42,8 +42,10 @@ spec:
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
command:
- argocd-server
{{ if .Values.server.staticAssets.enabled }}
- --staticassets
- /shared/app
{{ end }}
- --repo-server
- {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
{{- if .Values.dex.enabled }}

3
charts/argo-cd/templates/argocd-server/service.yaml
View file

@ -47,3 +47,6 @@ spec:
{{- with .Values.server.service.externalTrafficPolicy }}
externalTrafficPolicy: {{ . }}
{{- end }}
{{- with .Values.server.service.sessionAffinity }}
sessionAffinity: {{ . }}
{{- end }}

13
charts/argo-cd/values.yaml
View file

@ -8,7 +8,7 @@ kubeVersionOverride: ""
global:
image:
repository: quay.io/argoproj/argocd
tag: v2.0.4
tag: v2.0.5
imagePullPolicy: IfNotPresent
securityContext: {}
# runAsUser: 999
@ -229,7 +229,7 @@ dex:
image:
repository: ghcr.io/dexidp/dex
tag: v2.27.0
tag: v2.28.1
imagePullPolicy: IfNotPresent
initImage:
repository:
@ -313,7 +313,7 @@ redis:
image:
repository: redis
tag: 6.2.2-alpine
tag: 6.2.4-alpine
imagePullPolicy: IfNotPresent
## Additional command line arguments to pass to redis-server
@ -406,7 +406,7 @@ redis-ha:
metrics:
enabled: true
image:
tag: 6.2.2-alpine
tag: 6.2.4-alpine
## Server
server:
@ -431,6 +431,10 @@ server:
extraArgs: []
# - --insecure
# This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app
staticAssets:
enabled: true
## Environment variables to pass to argocd-server
##
env: []
@ -537,6 +541,7 @@ server:
loadBalancerSourceRanges: []
externalIPs: []
externalTrafficPolicy: ""
sessionAffinity: ""
## Server metrics service configuration
metrics:

7
charts/argo-events/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v2
description: A Helm chart to install Argo-Events in k8s Cluster
name: argo-events
version: 1.6.4
version: 1.7.0
keywords:
- argo-events
- sensor-controller
@ -13,8 +13,9 @@ maintainers:
- name: VaibhavPage
- name: whynowy
appVersion: 1.3.1
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
icon: https://argoproj.github.io/argo-events/assets/logo.png
home: https://github.com/argoproj/argo-helm
annotations:
artifacthub.io/changes: |
- "[Added]: Initialize Changelog"
- "[Added]: Ability to specify additional/custom environment variables"
- "[Fixed]: Charts icon url"

3
charts/argo-events/templates/eventbus-controller-deployment.yaml
View file

@ -36,6 +36,9 @@ spec:
- --namespaced
{{- end }}
env:
{{- with .Values.eventbusController.extraEnv }}
{{- toYaml . | nindent 12 }}
{{- end }}
- name: NAMESPACE
valueFrom:
fieldRef:

3
charts/argo-events/templates/eventsource-controller-deployment.yaml
View file

@ -36,6 +36,9 @@ spec:
- --namespaced
{{- end }}
env:
{{- with .Values.eventsourceController.extraEnv }}
{{- toYaml . | nindent 12 }}
{{- end }}
- name: NAMESPACE
valueFrom:
fieldRef:

3
charts/argo-events/templates/sensor-controller-deployment.yaml
View file

@ -36,6 +36,9 @@ spec:
- --namespaced
{{- end }}
env:
{{- with .Values.sensorController.extraEnv }}
{{- toYaml . | nindent 12 }}
{{- end }}
- name: NAMESPACE
valueFrom:
fieldRef:

9
charts/argo-events/values.yaml
View file

@ -47,6 +47,9 @@ sensorController:
image: argoproj/sensor-controller
tag: v1.3.1
replicaCount: 1
extraEnv: []
# - name: DEBUG_LOG
# value: "true"
sensorImage: argoproj/sensor
podAnnotations: {}
nodeSelector: {}
@ -61,6 +64,9 @@ eventsourceController:
image: argoproj/eventsource-controller
tag: v1.3.1
replicaCount: 1
extraEnv: []
# - name: DEBUG_LOG
# value: "true"
eventsourceImage: argoproj/eventsource
podAnnotations: {}
nodeSelector: {}
@ -75,6 +81,9 @@ eventbusController:
image: argoproj/eventbus-controller
tag: v1.3.1
replicaCount: 1
extraEnv: []
# - name: DEBUG_LOG
# value: "true"
podAnnotations: {}
nodeSelector: {}
podLabels: {}

7
charts/argo-rollouts/Chart.yaml
View file

@ -2,8 +2,8 @@ apiVersion: v2
appVersion: "v1.0.2"
description: A Helm chart for Argo Rollouts
name: argo-rollouts
version: 1.0.3
icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
version: 1.0.4
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
home: https://github.com/argoproj/argo-helm
maintainers:
- name: alexmt
@ -11,4 +11,5 @@ maintainers:
- name: jessesuen
annotations:
artifacthub.io/changes: |
- "[Added]: Initialize Changelog"
- "[Fixed]: Add missing liveness and readiness probes"
- "[Changed]: Fix icon url"

4
charts/argo-rollouts/templates/argo-rollouts-deployment.yaml
View file

@ -39,6 +39,10 @@ spec:
ports:
- containerPort: 8090
name: metrics
livenessProbe:
{{- toYaml .Values.controller.livenessProbe | nindent 10 }}
readinessProbe:
{{- toYaml .Values.controller.readinessProbe | nindent 10 }}
securityContext:
{{- toYaml .Values.containerSecurityContext | nindent 10 }}
resources:

20
charts/argo-rollouts/values.yaml
View file

@ -31,6 +31,26 @@ controller:
additionalLabels: {}
additionalAnnotations: {}
## Readiness and liveness probes for rollouts controller
livenessProbe:
httpGet:
path: /metrics
port: 8090
initialDelaySeconds: 30
periodSeconds: 20
failureThreshold: 3
successThreshold: 1
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /metrics
port: 8090
initialDelaySeconds: 15
periodSeconds: 5
failureThreshold: 3
successThreshold: 1
timeoutSeconds: 4
serviceAccount:
# Specifies whether a service account should be created
create: true

2
charts/argo-workflows/README.md
View file

@ -10,7 +10,7 @@ This chart uses an install hook to configure the CRD definition. Installation of
A few options are:
- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute
- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec
- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
## Usage Notes

2
charts/argo-workflows/crds/argoproj.io_workflows.yaml
View file

@ -36,9 +36,11 @@ spec:
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
x-kubernetes-map-type: atomic
status:
type: object
x-kubernetes-preserve-unknown-fields: true
x-kubernetes-map-type: atomic
required:
- metadata
- spec

10
charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
View file

@ -121,8 +121,18 @@ rules:
resources:
- leases
resourceNames:
{{- if .Values.controller.instanceID.enabled }}
{{- if .Values.controller.instanceID.useReleaseName }}
- workflow-controller-{{ .Release.Name }}
- workflow-controller-lease-{{ .Release.Name }}
{{- else }}
- workflow-controller-{{ .Values.controller.instanceID.explicitID }}
- workflow-controller-lease-{{ .Values.controller.instanceID.explicitID }}
{{- end }}
{{- else }}
- workflow-controller
- workflow-controller-lease
{{- end }}
verbs:
- get
- watch

6
charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
View file

@ -7,11 +7,11 @@ metadata:
data:
config: |
{{- if .Values.controller.instanceID.enabled }}
{{- if .Values.controller.instanceID.useReleaseName }}
{{- if .Values.controller.instanceID.useReleaseName }}
instanceID: {{ .Release.Name }}
{{- else }}
{{- else }}
instanceID: {{ .Values.controller.instanceID.explicitID }}
{{- end }}
{{- end }}
{{- end }}
containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }}
{{- if .Values.controller.parallelism }}

19
charts/argo-workflows/templates/controller/workflow-rb.yaml
View file

@ -1,19 +1,20 @@
{{- if .Values.workflow.rbac.create -}}
{{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ template "argo-workflows.fullname" . }}-workflow
{{- with .Values.workflow.namespace }}
namespace: {{ . }}
{{- end }}
name: {{ template "argo-workflows.fullname" $ }}-workflow
namespace: {{ $namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ template "argo-workflows.fullname" . }}-workflow
name: {{ template "argo-workflows.fullname" $ }}-workflow
subjects:
- kind: ServiceAccount
name: {{ .Values.workflow.serviceAccount.name }}
{{- with .Values.workflow.namespace }}
namespace: {{ . }}
- kind: ServiceAccount
name: {{ $.Values.workflow.serviceAccount.name }}
{{- with $namespace }}
namespace: {{ . }}
{{- end }}
{{- end }}
{{- end }}

40
charts/argo-workflows/templates/controller/workflow-role.yaml
View file

@ -1,25 +1,29 @@
{{- if .Values.workflow.rbac.create -}}
{{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ template "argo-workflows.fullname" . }}-workflow
{{- with .Values.workflow.namespace }}
name: {{ template "argo-workflows.fullname" $ }}-workflow
{{- with $namespace }}
namespace: {{ . }}
{{- end }}
{{- end }}
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- watch
- patch
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- watch
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- watch
- patch
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- watch
{{- end }}
{{- end }}

13
charts/argo-workflows/templates/controller/workflow-sa.yaml
View file

@ -1,13 +1,16 @@
{{- if .Values.workflow.serviceAccount.create -}}
{{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.workflow.serviceAccount.name }}
{{- with .Values.workflow.namespace }}
name: {{ $.Values.workflow.serviceAccount.name }}
{{- with $namespace }}
namespace: {{ . }}
{{- end }}
{{- with .Values.workflow.serviceAccount.annotations }}
{{- end }}
{{- with $.Values.workflow.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}

5
charts/argo-workflows/templates/server/server-ingress.yaml
View file

@ -3,6 +3,7 @@
{{- $servicePort := .Values.server.servicePort -}}
{{- $paths := .Values.server.ingress.paths -}}
{{- $extraPaths := .Values.server.ingress.extraPaths -}}
{{- $pathType := .Values.server.ingress.pathType -}}
apiVersion: {{ include "argo-workflows.ingress.apiVersion" . }}
kind: Ingress
metadata:
@ -36,7 +37,7 @@ spec:
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
pathType: Prefix
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
@ -63,7 +64,7 @@ spec:
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
pathType: Prefix
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}

20
charts/argo-workflows/values.yaml
View file

@ -5,11 +5,6 @@ images:
pullSecrets: []
# - name: argo-pull-secret
init:
# By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is
# being deployed to. In RBAC clusters, that will almost certainly fail. See the NOTES: section of the readme for more info.
serviceAccount: ""
createAggregateRoles: true
## String to partially override "argo-workflows.fullname" template
@ -29,13 +24,15 @@ kubeVersionOverride: ""
singleNamespace: false
workflow:
namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created.
namespace: # Deprecated, for backwards compatibility: specify a single namespace to run workflows in
serviceAccount:
create: false # Specifies whether a service account should be created
annotations: {}
name: "argo-workflow" # Service account which is used to run workflows
rbac:
create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows
# Adds Role and RoleBinding for the above specified service account to be able to run workflows
# A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below)
create: true
controller:
image:
@ -109,6 +106,8 @@ controller:
# Annotations applied to created service account
annotations: {}
name: workflow-controller
# Specify all namespaces to run worksflows need to be able to run in. This controls where the service
# account and RBAC resources will be created. If unspecified, will run in the default namespace.
workflowNamespaces:
- default
containerRuntimeExecutor: docker
@ -281,9 +280,10 @@ server:
##
hosts:
[]
# - argocd.example.com
# - argoworkflows.example.com
paths:
- /
pathType: Prefix
extraPaths:
[]
# - path: /*
@ -300,9 +300,9 @@ server:
# name: use-annotation
tls:
[]
# - secretName: argocd-example-tls
# - secretName: argoworkflows-example-tls
# hosts:
# - argocd.example.com
# - argoworkflows.example.com
https: false
clusterWorkflowTemplates: