diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ccf0c214..36b8a956 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -674,9 +674,9 @@ NAME: my-release | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | -| createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources # Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles | -| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. # Used when you manage applications in the same cluster where Argo CD runs | -| extraObjects | list | `[]` | Array of extra K8s manifests to deploy # Note: Supports use of custom Helm templates | +| createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources | +| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. | +| extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | nameOverride | string | `"argocd"` | Provide a name in place of `argocd` | @@ -695,7 +695,7 @@ NAME: my-release | global.certificateAnnotations | object | `{}` | Annotations for the all deployed Certificates | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | -| global.domain | string | `"argocd.example.com"` | Default domain used by all components # Used for ingresses, certificates, SSO, notifications, etc. | +| global.domain | string | `"argocd.example.com"` | Default domain used by all components | | global.dualStack.ipFamilies | list | `[]` | IP families that should be supported and the order in which they should be applied to ClusterIP as well. Can be IPv4 and/or IPv6. | | global.dualStack.ipFamilyPolicy | string | `""` | IP family policy to configure dual-stack see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) | | global.env | list | `[]` | Environment variables to pass to all deployed Deployments | @@ -716,18 +716,18 @@ NAME: my-release | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | | global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | | global.tolerations | list | `[]` | Default tolerations for all components | -| global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ # If labelSelector is left out, it will default to the labelSelector of the component | +| global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components | ## Argo CD Configs | Key | Type | Default | Description | |-----|------|---------|-------------| -| configs.clusterCredentials | object | `{}` (See [values.yaml]) | Provide one or multiple [external cluster credentials] # Ref: # - https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters # - https://argo-cd.readthedocs.io/en/stable/operator-manual/security/#external-cluster-credentials # - https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-scoped-repositories-and-clusters | -| configs.cm."admin.enabled" | bool | `true` | Enable local admin user # Ref: https://argo-cd.readthedocs.io/en/latest/faq/#how-to-disable-admin-user | +| configs.clusterCredentials | object | `{}` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | +| configs.cm."admin.enabled" | bool | `true` | Enable local admin user | | configs.cm."application.instanceLabelKey" | string | `"argocd.argoproj.io/instance"` | The name of tracking label used by Argo CD for resource pruning | -| configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI # Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/rbac/#exec-resource | -| configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement # Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement | -| configs.cm."statusbadge.enabled" | bool | `false` | Enable Status Badge # Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/status-badge/ | +| configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | +| configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | +| configs.cm."statusbadge.enabled" | bool | `false` | Enable Status Badge | | configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | @@ -735,14 +735,14 @@ NAME: my-release | configs.cmp.annotations | object | `{}` | Annotations to be added to argocd-cmp-cm configmap | | configs.cmp.create | bool | `false` | Create the argocd-cmp-cm configmap | | configs.cmp.plugins | object | `{}` | Plugin yaml files to be added to argocd-cmp-cm | -| configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos # Creates a secret for each key/value specified below to create repository credentials | +| configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | -| configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring # Note: Public keys should be exported with `gpg --export --armor ` | -| configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] # List of additional namespaces where applications may be created in and reconciled from. # The namespace where Argo CD is installed to will always be allowed. # Set comma-separated list. (e.g. app-team-one, app-team-two) | +| configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | +| configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] | | configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | | configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | -| configs.params."controller.ignore.normalizer.jq.timeout" | string | `"1s"` | JQ Path expression timeout # By default, the evaluation of a JQPathExpression is limited to one second. # If you encounter a "JQ patch execution timed out" error message due to a complex JQPathExpression # that requires more time to evaluate, you can extend the timeout period. | +| configs.params."controller.ignore.normalizer.jq.timeout" | string | `"1s"` | JQ Path expression timeout | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | @@ -752,7 +752,7 @@ NAME: my-release | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.disable.auth" | bool | `false` | Disable Argo CD RBAC for user authentication | | configs.params."server.enable.gzip" | bool | `true` | Enable GZIP compression | -| configs.params."server.insecure" | bool | `false` | Run server without TLS # NOTE: This value should be set when you generate params by other means as it changes ports used by ingress template. | +| configs.params."server.insecure" | bool | `false` | Run server without TLS | | configs.params."server.rootpath" | string | `""` | Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | | configs.params."server.x.frame.options" | string | `"sameorigin"` | Set X-Frame-Options header in HTTP responses to value. To disable, set to "". | @@ -764,17 +764,17 @@ NAME: my-release | configs.rbac.annotations | object | `{}` | Annotations to be added to argocd-rbac-cm configmap | | configs.rbac.create | bool | `true` | Create the argocd-rbac-cm configmap with ([Argo CD RBAC policy]) definitions. If false, it is expected the configmap will be created by something else. Argo CD will not work if there is no configmap created with the name above. | | configs.rbac.scopes | string | `"[groups]"` | OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). The scope value can be a string, or a list of strings. | -| configs.repositories | object | `{}` | Repositories list to be used by applications # Creates a secret for each key/value specified below to create repositories # Note: the last example in the list would use a repository credential template, configured under "configs.credentialTemplates". | +| configs.repositories | object | `{}` | Repositories list to be used by applications | | configs.repositoriesAnnotations | object | `{}` | Annotations to be added to `configs.repositories` Secret | | configs.secret.annotations | object | `{}` | Annotations to be added to argocd-secret | -| configs.secret.argocdServerAdminPassword | string | `""` | Bcrypt hashed admin password # Argo expects the password in the secret to be bcrypt hashed. You can create this hash with # `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` | +| configs.secret.argocdServerAdminPassword | string | `""` | Bcrypt hashed admin password | | configs.secret.argocdServerAdminPasswordMtime | string | `""` (defaults to current time) | Admin password modification time. Eg. `"2006-01-02T15:04:05Z"` | | configs.secret.azureDevops.password | string | `""` | Shared secret password for authenticating Azure DevOps webhook events | | configs.secret.azureDevops.username | string | `""` | Shared secret username for authenticating Azure DevOps webhook events | | configs.secret.bitbucketServerSecret | string | `""` | Shared secret for authenticating BitbucketServer webhook events | | configs.secret.bitbucketUUID | string | `""` | UUID for authenticating Bitbucket webhook events | | configs.secret.createSecret | bool | `true` | Create the argocd-secret | -| configs.secret.extra | object | `{}` | add additional secrets to be added to argocd-secret # Custom secrets. Useful for injecting SSO secrets into environment variables. # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/#sensitive-data-and-sso-client-secrets # Note that all values must be non-empty. | +| configs.secret.extra | object | `{}` | add additional secrets to be added to argocd-secret | | configs.secret.githubSecret | string | `""` | Shared secret for authenticating GitHub webhook events | | configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events | | configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events | @@ -782,7 +782,7 @@ NAME: my-release | configs.ssh.annotations | object | `{}` | Annotations to be added to argocd-ssh-known-hosts-cm configmap | | configs.ssh.extraHosts | string | `""` | Additional known hosts for private repositories | | configs.ssh.knownHosts | string | See [values.yaml] | Known hosts to be added to the known host list by default. | -| configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ | +| configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | | configs.tls.annotations | object | `{}` | Annotations to be added to argocd-tls-certs-cm configmap | | configs.tls.certificates | object | `{}` (See [values.yaml]) | TLS certificates for Git repositories | @@ -799,19 +799,19 @@ NAME: my-release | controller.deploymentAnnotations | object | `{}` | Annotations for the application controller Deployment | | controller.dnsConfig | object | `{}` | [DNS configuration] | | controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods | -| controller.dynamicClusterDistribution | bool | `false` | Enable dynamic cluster distribution (alpha) Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution # This is done using a deployment instead of a statefulSet # When replicas are added or removed, the sharding algorithm is re-run to ensure that the # clusters are distributed according to the algorithm. If the algorithm is well-balanced, # like round-robin, then the shards will be well-balanced. | +| controller.dynamicClusterDistribution | bool | `false` | Enable dynamic cluster distribution (alpha) Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution | | controller.emptyDir.sizeLimit | string | `""` (defaults not set if not specified i.e. no size limit) | EmptyDir size limit for application controller | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | -| controller.extraContainers | list | `[]` | Additional containers to be added to the application controller pod # Note: Supports use of custom Helm templates | +| controller.extraContainers | list | `[]` | Additional containers to be added to the application controller pod | | controller.heartbeatTime | int | `10` | Application controller heartbeat time Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution/#working-of-dynamic-distribution | | controller.hostNetwork | bool | `false` | Host Network for application controller pods | | controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller | | controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller | | controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | | controller.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| controller.initContainers | list | `[]` | Init containers to add to the application controller pod # If your target Kubernetes cluster(s) require a custom credential (exec) plugin # you could use this (and the same in the server pod) to provide such executable # Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins # Note: Supports use of custom Helm templates | +| controller.initContainers | list | `[]` | Init containers to add to the application controller pod | | controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | | controller.metrics.applicationLabels.labels | list | `[]` | Additional labels | | controller.metrics.enabled | bool | `false` | Deploy metrics service | @@ -843,7 +843,7 @@ NAME: my-release | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | | controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller | | controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb | -| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over `controller.pdb.minAvailable` | +| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.podLabels | object | `{}` | Labels to be added to application controller pods | @@ -853,7 +853,7 @@ NAME: my-release | controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | controller.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | controller.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| controller.replicas | int | `1` | The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. # With dynamic cluster distribution turned on, sharding of the clusters will gracefully # rebalance if the number of replica's changes or one becomes unhealthy. (alpha) | +| controller.replicas | int | `1` | The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. | | controller.resources | object | `{}` | Resource limits and requests for the application controller pods | | controller.revisionHistoryLimit | int | `5` | Maximum number of controller revisions that will be maintained in StatefulSet history | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | @@ -864,7 +864,7 @@ NAME: my-release | controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | | controller.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | -| controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ # If labelSelector is left out, it will default to the labelSelector configuration of the deployment | +| controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | | controller.volumes | list | `[]` | Additional volumes to the application controller pod | @@ -901,7 +901,7 @@ NAME: my-release | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.existingVolumes | object | `{}` | Volumes to be used in replacement of emptydir on default volumes | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | -| repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod # Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ # Note: Supports use of custom Helm templates | +| repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod | | repoServer.hostNetwork | bool | `false` | Host Network for Repo server pods | | repoServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the repo server | | repoServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the repo server | @@ -937,7 +937,7 @@ NAME: my-release | repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb | | repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server | | repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb | -| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over `repoServer.pdb.minAvailable` | +| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | | repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | @@ -961,7 +961,7 @@ NAME: my-release | repoServer.serviceAccount.name | string | `""` | Repo server service account name | | repoServer.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | -| repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ # If labelSelector is left out, it will default to the labelSelector configuration of the deployment | +| repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | | repoServer.useEphemeralHelmWorkingDir | bool | `true` | Toggle the usage of a ephemeral Helm working directory | | repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container | | repoServer.volumes | list | `[]` | Additional volumes to the repo server pod | @@ -982,7 +982,7 @@ NAME: my-release | server.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | server.certificate.annotations | object | `{}` | Annotations to be applied to the Server Certificate | | server.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) | -| server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. # Ref: https://cert-manager.io/docs/usage/certificate/#renewal | +| server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | @@ -991,9 +991,9 @@ NAME: my-release | server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | -| server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. # Ref: https://cert-manager.io/docs/usage/certificate/#renewal | +| server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources | -| server.certificate.usages | list | `[]` | Usages for the certificate ## Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage | +| server.certificate.usages | list | `[]` | Usages for the certificate | | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret | | server.certificateSecret.crt | string | `""` | Certificate data | | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | @@ -1013,50 +1013,50 @@ NAME: my-release | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | | server.extensions.enabled | bool | `false` | Enable support for Argo CD extensions | -| server.extensions.extensionList | list | `[]` (See [values.yaml]) | Extensions for Argo CD # Ref: https://github.com/argoproj-labs/argocd-extension-metrics#install-ui-extension | +| server.extensions.extensionList | list | `[]` (See [values.yaml]) | Extensions for Argo CD | | server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"quay.io/argoprojlabs/argocd-extension-installer"` | Repository to use for extension installer image | | server.extensions.image.tag | string | `"v0.0.5"` | Tag to use for extension installer image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | -| server.extraContainers | list | `[]` | Additional containers to be added to the server pod # Note: Supports use of custom Helm templates | +| server.extraContainers | list | `[]` | Additional containers to be added to the server pod | | server.hostNetwork | bool | `false` | Host Network for Server pods | | server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server | | server.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Argo CD server | | server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server | | server.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| server.ingress.annotations | object | `{}` | Additional ingress annotations # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-1-ssl-passthrough | -| server.ingress.aws.backendProtocolVersion | string | `"GRPC"` | Backend protocol version for the AWS ALB gRPC service # This tells AWS to send traffic from the ALB using gRPC. # For more information: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html#health-check-settings | -| server.ingress.aws.serviceType | string | `"NodePort"` | Service type for the AWS ALB gRPC service # Can be of type NodePort or ClusterIP depending on which mode you are running. # Instance mode needs type NodePort, IP mode needs type ClusterIP # Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic | -| server.ingress.controller | string | `"generic"` | Specific implementation for ingress controller. One of `generic`, `aws` or `gke` # Additional configuration might be required in related configuration sections | +| server.ingress.annotations | object | `{}` | Additional ingress annotations | +| server.ingress.aws.backendProtocolVersion | string | `"GRPC"` | Backend protocol version for the AWS ALB gRPC service | +| server.ingress.aws.serviceType | string | `"NodePort"` | Service type for the AWS ALB gRPC service | +| server.ingress.controller | string | `"generic"` | Specific implementation for ingress controller. One of `generic`, `aws` or `gke` | | server.ingress.enabled | bool | `false` | Enable an ingress resource for the Argo CD server | | server.ingress.extraHosts | list | `[]` (See [values.yaml]) | The list of additional hostnames to be covered by ingress record | -| server.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths # Note: Supports use of custom Helm templates | -| server.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules # Note: Supports use of custom Helm templates | +| server.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths | +| server.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | | server.ingress.extraTls | list | `[]` (See [values.yaml]) | Additional TLS configuration | -| server.ingress.gke.backendConfig | object | `{}` (See [values.yaml]) | Google [BackendConfig] resource, for use with the GKE Ingress Controller # Ref: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters | -| server.ingress.gke.frontendConfig | object | `{}` (See [values.yaml]) | Google [FrontendConfig] resource, for use with the GKE Ingress Controller # Ref: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters | -| server.ingress.gke.managedCertificate.create | bool | `true` | Create ManagedCertificate resource and annotations for Google Load balancer # Ref: https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs | +| server.ingress.gke.backendConfig | object | `{}` (See [values.yaml]) | Google [BackendConfig] resource, for use with the GKE Ingress Controller | +| server.ingress.gke.frontendConfig | object | `{}` (See [values.yaml]) | Google [FrontendConfig] resource, for use with the GKE Ingress Controller | +| server.ingress.gke.managedCertificate.create | bool | `true` | Create ManagedCertificate resource and annotations for Google Load balancer | | server.ingress.gke.managedCertificate.extraDomains | list | `[]` | Additional domains for ManagedCertificate resource | | server.ingress.hostname | string | `""` (defaults to global.domain) | Argo CD server hostname | | server.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | | server.ingress.labels | object | `{}` | Additional ingress labels | | server.ingress.path | string | `"/"` | The path to Argo CD server | | server.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | -| server.ingress.tls | bool | `false` | Enable TLS configuration for the hostname defined at `server.ingress.hostname` # TLS certificate will be retrieved from a TLS secret `argocd-server-tls` # You can create this secret via `certificate` or `certificateSecret` option | +| server.ingress.tls | bool | `false` | Enable TLS configuration for the hostname defined at `server.ingress.hostname` | | server.ingressGrpc.annotations | object | `{}` | Additional ingress annotations for dedicated [gRPC-ingress] | | server.ingressGrpc.enabled | bool | `false` | Enable an ingress resource for the Argo CD server for dedicated [gRPC-ingress] | | server.ingressGrpc.extraHosts | list | `[]` (See [values.yaml]) | The list of additional hostnames to be covered by ingress record | -| server.ingressGrpc.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths for dedicated [gRPC-ingress] # Note: Supports use of custom Helm templates | -| server.ingressGrpc.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules # Note: Supports use of custom Helm templates | +| server.ingressGrpc.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths for dedicated [gRPC-ingress] | +| server.ingressGrpc.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | | server.ingressGrpc.extraTls | list | `[]` (See [values.yaml]) | Additional TLS configuration for dedicated [gRPC-ingress] | | server.ingressGrpc.hostname | string | `""` (defaults to grpc.`server.ingress.hostname`) | Argo CD server hostname for dedicated [gRPC-ingress] | | server.ingressGrpc.ingressClassName | string | `""` | Defines which ingress controller will implement the resource [gRPC-ingress] | | server.ingressGrpc.labels | object | `{}` | Additional ingress labels for dedicated [gRPC-ingress] | | server.ingressGrpc.path | string | `"/"` | Argo CD server ingress path for dedicated [gRPC-ingress] | | server.ingressGrpc.pathType | string | `"Prefix"` | Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` | -| server.ingressGrpc.tls | bool | `false` | Enable TLS configuration for the hostname defined at `server.ingressGrpc.hostname` # TLS certificate will be retrieved from a TLS secret with name: `argocd-server-grpc-tls` | -| server.initContainers | list | `[]` | Init containers to add to the server pod # If your target Kubernetes cluster(s) require a custom credential (exec) plugin # you could use this (and the same in the application controller pod) to provide such executable # Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins | +| server.ingressGrpc.tls | bool | `false` | Enable TLS configuration for the hostname defined at `server.ingressGrpc.hostname` | +| server.initContainers | list | `[]` | Init containers to add to the server pod | | server.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for your argo-cd-server container | | server.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | server.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -1086,7 +1086,7 @@ NAME: my-release | server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb | | server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server | | server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb | -| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over `server.pdb.minAvailable` | +| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | @@ -1105,19 +1105,19 @@ NAME: my-release | server.route.termination_type | string | `"passthrough"` | Termination type of Openshift Route | | server.service.annotations | object | `{}` | Server service annotations | | server.service.externalIPs | list | `[]` | Server service external IPs | -| server.service.externalTrafficPolicy | string | `"Cluster"` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip | +| server.service.externalTrafficPolicy | string | `"Cluster"` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints | | server.service.labels | object | `{}` | Server service labels | | server.service.loadBalancerClass | string | `""` | The class of the load balancer implementation | | server.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | -| server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service | +| server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | | server.service.nodePortHttp | int | `30080` | Server service http port for NodePort service type (only if `server.service.type` is set to "NodePort") | | server.service.nodePortHttps | int | `30443` | Server service https port for NodePort service type (only if `server.service.type` is set to "NodePort") | | server.service.servicePortHttp | int | `80` | Server service http port | | server.service.servicePortHttpName | string | `"http"` | Server service http port name, can be used to route traffic via istio | | server.service.servicePortHttps | int | `443` | Server service https port | -| server.service.servicePortHttpsAppProtocol | string | `""` | Server service https port appProtocol # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol | +| server.service.servicePortHttpsAppProtocol | string | `""` | Server service https port appProtocol | | server.service.servicePortHttpsName | string | `"https"` | Server service https port name, can be used to route traffic via istio | -| server.service.sessionAffinity | string | `"None"` | Used to maintain session affinity. Supports `ClientIP` and `None` # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies | +| server.service.sessionAffinity | string | `"None"` | Used to maintain session affinity. Supports `ClientIP` and `None` | | server.service.type | string | `"ClusterIP"` | Server service type | | server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | server.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | @@ -1126,7 +1126,7 @@ NAME: my-release | server.serviceAccount.name | string | `"argocd-server"` | Server service account name | | server.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | -| server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ # If labelSelector is left out, it will default to the labelSelector configuration of the deployment | +| server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | | server.volumes | list | `[]` | Additional volumes to the server pod | @@ -1155,12 +1155,12 @@ NAME: my-release | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | | dex.extraArgs | list | `[]` | Additional command line arguments to pass to the Dex server | -| dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod # Note: Supports use of custom Helm templates | +| dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | | dex.image.tag | string | `"v2.41.1"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| dex.initContainers | list | `[]` | Init containers to add to the dex pod # Note: Supports use of custom Helm templates | +| dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | | dex.initImage.resources | object | `{}` (defaults to dex.resources) | Argo CD init image resources | @@ -1195,7 +1195,7 @@ NAME: my-release | dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb | | dex.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Dex server | | dex.pdb.labels | object | `{}` | Labels to be added to Dex server pdb | -| dex.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). # Has higher precedence over `dex.pdb.minAvailable` | +| dex.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | | dex.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods | | dex.podLabels | object | `{}` | Labels to be added to the Dex server pods | @@ -1221,7 +1221,7 @@ NAME: my-release | dex.servicePortMetrics | int | `5558` | Service port for metrics access | | dex.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | -| dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ # If labelSelector is left out, it will default to the labelSelector configuration of the deployment | +| dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex | | dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container | | dex.volumes | list | `[]` | Additional volumes to the dex pod | @@ -1262,12 +1262,12 @@ NAME: my-release | redis.exporter.readinessProbe.timeoutSeconds | int | `15` | Number of seconds after which the [probe] times out | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | -| redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod # Note: Supports use of custom Helm templates | +| redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis.image.tag | string | `"7.2.4-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| redis.initContainers | list | `[]` | Init containers to add to the redis pod # Note: Supports use of custom Helm templates | +| redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis server | | redis.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | redis.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | @@ -1296,7 +1296,7 @@ NAME: my-release | redis.pdb.annotations | object | `{}` | Annotations to be added to Redis pdb | | redis.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Redis | | redis.pdb.labels | object | `{}` | Labels to be added to Redis pdb | -| redis.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). # Has higher precedence over `redis.pdb.minAvailable` | +| redis.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | | redis.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods | | redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | @@ -1318,7 +1318,7 @@ NAME: my-release | redis.servicePort | int | `6379` | Redis service port | | redis.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | -| redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ # If labelSelector is left out, it will default to the labelSelector configuration of the deployment | +| redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis | | redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | | redis.volumes | list | `[]` | Additional volumes to the redis pod | @@ -1355,7 +1355,7 @@ The main options are listed here: | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | | redis-ha.tolerations | list | `[]` | [Tolerations] for use with node taints for Redis pods. | -| redis-ha.topologySpreadConstraints | object | `{"enabled":false,"maxSkew":"","topologyKey":"","whenUnsatisfiable":""}` | Assign custom [TopologySpreadConstraints] rules to the Redis pods. # https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ | +| redis-ha.topologySpreadConstraints | object | `{"enabled":false,"maxSkew":"","topologyKey":"","whenUnsatisfiable":""}` | Assign custom [TopologySpreadConstraints] rules to the Redis pods. | | redis-ha.topologySpreadConstraints.enabled | bool | `false` | Enable Redis HA topology spread constraints | | redis-ha.topologySpreadConstraints.maxSkew | string | `""` (defaults to `1`) | Max skew of pods tolerated | | redis-ha.topologySpreadConstraints.topologyKey | string | `""` (defaults to `topology.kubernetes.io/zone`) | Topology key for spread | @@ -1416,7 +1416,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | | applicationSet.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) | -| applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. # Ref: https://cert-manager.io/docs/usage/certificate/#renewal | +| applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | applicationSet.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | applicationSet.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | @@ -1425,7 +1425,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | applicationSet.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | | applicationSet.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | -| applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. # Ref: https://cert-manager.io/docs/usage/certificate/#renewal | +| applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | @@ -1436,7 +1436,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.emptyDir.sizeLimit | string | `""` (defaults not set if not specified i.e. no size limit) | EmptyDir size limit for applicationSet controller | | applicationSet.extraArgs | list | `[]` | ApplicationSet controller command line flags | -| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod # Note: Supports use of custom Helm templates | +| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | | applicationSet.extraEnv | list | `[]` | Environment variables to pass to the ApplicationSet controller | | applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the ApplicationSet controller | | applicationSet.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | @@ -1449,15 +1449,15 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | applicationSet.ingress.enabled | bool | `false` | Enable an ingress resource for ApplicationSet webhook | | applicationSet.ingress.extraHosts | list | `[]` (See [values.yaml]) | The list of additional hostnames to be covered by ingress record | | applicationSet.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths | -| applicationSet.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules # Note: Supports use of custom Helm templates | +| applicationSet.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | | applicationSet.ingress.extraTls | list | `[]` (See [values.yaml]) | Additional ingress TLS configuration | | applicationSet.ingress.hostname | string | `""` (defaults to global.domain) | Argo CD ApplicationSet hostname | | applicationSet.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | | applicationSet.ingress.labels | object | `{}` | Additional ingress labels | | applicationSet.ingress.path | string | `"/api/webhook"` | List of ingress paths | | applicationSet.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | -| applicationSet.ingress.tls | bool | `false` | Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` # TLS certificate will be retrieved from a TLS secret with name:`argocd-applicationset-controller-tls` | -| applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod # Note: Supports use of custom Helm templates | +| applicationSet.ingress.tls | bool | `false` | Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` | +| applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod | | applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | applicationSet.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -1487,7 +1487,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | -| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over `applicationSet.pdb.minAvailable` | +| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | | applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | @@ -1512,7 +1512,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | | applicationSet.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | -| applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ # If labelSelector is left out, it will default to the labelSelector configuration of the deployment | +| applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | ## Notifications @@ -1525,14 +1525,14 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | -| notifications.context | object | `{}` | Define user-defined context # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/templates/#defining-user-defined-context | +| notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.deploymentStrategy | object | `{"type":"Recreate"}` | Deployment strategy to be added to the notifications controller Deployment | | notifications.dnsConfig | object | `{}` | [DNS configuration] | | notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | -| notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod # Note: Supports use of custom Helm templates | +| notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod | | notifications.extraEnv | list | `[]` | Additional container environment variables | | notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller | | notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | @@ -1541,7 +1541,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod # Note: Supports use of custom Helm templates | +| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod | | notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` | | notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | @@ -1561,19 +1561,19 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | notifications.name | string | `"notifications-controller"` | Notifications controller name string | | notifications.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | -| notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/services/overview/ | +| notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook | | notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb | | notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller | | notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb | -| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over `notifications.pdb.minAvailable` | +| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | | notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods | | notifications.resources | object | `{}` | Resource limits and requests for the notifications controller | | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | -| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret # If true, will create a secret with the name below. Otherwise, will assume existence of a secret with that name. | -| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret # Can be used for templates, notification services etc. Some examples given below. # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/services/overview/ | +| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | +| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | | notifications.secret.labels | object | `{}` | key:value pairs of labels to be added to the secret | | notifications.secret.name | string | `"argocd-notifications-secret"` | notifications controller Secret name | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | @@ -1581,12 +1581,12 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | | notifications.serviceAccount.labels | object | `{}` | Labels applied to created service account | | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | -| notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/subscriptions/ | -| notifications.templates | object | `{}` | The notification template is used to generate the notification content # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/templates/ | +| notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | +| notifications.templates | object | `{}` | The notification template is used to generate the notification content | | notifications.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | -| notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ # If labelSelector is left out, it will default to the labelSelector configuration of the deployment | -| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/triggers/ | +| notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | +| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)