diff --git a/CODEOWNERS b/CODEOWNERS index 28539881..a4ca6084 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,7 +1,7 @@ # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners # Argo CD -/charts/argo-cd @seanson +/charts/argo-cd @seanson @spencergilbert # Argo Events /charts/argo-events @jbehling diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3ca1d3c2..ba764f3c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -19,7 +19,7 @@ Clean-up: ``` helm delete argo-cd --purge -kubectl delete crd -l app.kubernetes.io/part-of=argo-cd +kubectl delete crd -l app.kubernetes.io/part-of=argocd ``` Minimally: @@ -32,7 +32,7 @@ kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 In a new terminal: ``` -argocd version +argocd version --server localhost:8080 --insecure # reset password to 'Password1!' kubectl -n argocd patch secret argocd-secret \ -p '{"stringData": { diff --git a/charts/argo-cd/.helmignore b/charts/argo-cd/.helmignore new file mode 100644 index 00000000..2df6bf53 --- /dev/null +++ b/charts/argo-cd/.helmignore @@ -0,0 +1,2 @@ +*.tgz +output diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 82ddd090..ce668df5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,10 +1,10 @@ apiVersion: v1 -appVersion: "1.2.4" +appVersion: "1.3.6" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.3 +version: 1.6.3 home: https://github.com/argoproj/argo-helm -icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: - argoproj - argocd diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b63ae9e0..614f2eb9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -2,8 +2,6 @@ Argo CD Chart ====== A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. -Current chart version is `1.0.2` - Source code can be found [here](https://argoproj.github.io/argo-cd/) ## Additional Information @@ -26,6 +24,11 @@ $ helm repo add argo https://argoproj.github.io/argo-helm $ helm install --name my-release argo/argo-cd ``` +### Helm v3 Compatability + +Requires chart version 1.5.1 or newer. + +Helm v3 has removed the `install-crds` hook so CRDs are now populated by files in the [crds](./crds) directory. Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistant webhooks. ## Chart Values @@ -33,14 +36,17 @@ $ helm install --name my-release argo/argo-cd |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.2.3"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.3.6"` | +| global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) |  | nameOverride | Provide a name in place of `argocd` | `"argocd"` | +| installCRDs | bool | `true` | Install CRDs if you are using Helm2. | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | | configs.secret.bitbucketSecret | BitBucket incoming webhook secret | `""` | | configs.secret.createSecret | Create the argocd-secret. | `true` | | configs.secret.githubSecret | GitHub incoming webhook secret | `""` | | configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` | | configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) | +| configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` | ## ArgoCD Controller @@ -51,7 +57,8 @@ $ helm install --name my-release argo/argo-cd | controller.args.statusProcessors | define the controller `--status-processors` | `"20"` | | controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | | controller.containerPort | Controller listening port. | `8082` | -| controller.extraArgs | Additional arguments for the controller. | `[]` | +| controller.extraArgs | Additional arguments for the controller. A list of key:value pairs | `[]` | +| controller.env | Environment variables for the controller. | `[]` | | controller.image.repository | Repository to use for the controller | `global.image.repository` | | controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` | | controller.image.tag | Tag to use for the controller | `global.image.tag` | @@ -83,7 +90,7 @@ $ helm install --name my-release argo/argo-cd | controller.service.port | Controller service port. | `8082` | | controller.serviceAccount.create | Create a service account for the controller | `true` | | controller.serviceAccount.name | Service account name. | `"argocd-application-controller"` | -| controller.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| controller.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | | controller.volumeMounts | Controller volume mounts | `[]` | | controller.volumes | Controller volumes | `[]` | @@ -93,7 +100,8 @@ $ helm install --name my-release argo/argo-cd |-----|------|---------|-------------| | repoServer.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | | repoServer.containerPort | Repo server port | `8081` | -| repoServer.extraArgs | Additional arguments for the repo server | `[]` | +| repoServer.extraArgs | Additional arguments for the repo server. A list of key:value pairs. | `[]` | +| repoServer.env | Environment variables for the repo server. | `[]` | | repoServer.image.repository | Repository to use for the repo server | `global.image.repository` | | repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` | | repoServer.image.tag | Tag to use for the repo server | `global.image.tag` | @@ -123,7 +131,7 @@ $ helm install --name my-release argo/argo-cd | repoServer.service.annotations | Repo server service annotations. | `{}` | | repoServer.service.labels | Repo server service labels. | `{}` | | repoServer.service.port | Repo server service port. | `8081` | -| repoServer.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| repoServer.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | | repoServer.volumeMounts | Repo server volume mounts | `[]` | | repoServer.volumes | Repo server volumes | `[]` | @@ -136,9 +144,10 @@ $ helm install --name my-release argo/argo-cd | server.certificate.domain | Certificate manager domain | `"argocd.example.com"` | | server.certificate.enabled | Enables a certificate manager certificate. | `false` | | server.certificate.issuer | Certificate manager issuer | `{}` | -| server.config | URL for Argo CD | `{}` | +| server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | -| server.extraArgs | Additional arguments for the server | `[]` | +| server.extraArgs | Additional arguments for the server. A list of key:value pairs. | `[]` | +| server.env | Environment variables for the server. | `[]` | | server.image.repository | Repository to use for the server | `global.image.repository` | | server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` | | server.image.tag | Tag to use for the repo server | `global.image.tag` | @@ -147,6 +156,8 @@ $ helm install --name my-release argo/argo-cd | server.ingress.hosts | List of ingress hosts | `[]` | | server.ingress.labels | Additional ingress labels. | `{}` | | server.ingress.tls | Ingress TLS configuration. | `[]` | +| server.route.enabled | Enable a OpenShift route for the server | `false` | +| server.route.hostname | Hostname of OpenShift route | `""` | | server.livenessProbe.failureThreshold | int | `3` | | server.livenessProbe.initialDelaySeconds | int | `10` | | server.livenessProbe.periodSeconds | int | `10` | @@ -164,7 +175,7 @@ $ helm install --name my-release argo/argo-cd | server.podAnnotations | Annotations for the repo server pods | `{}` | | server.podLabels | Labels for the repo server pods | `{}` | | server.priorityClassName | Priority class for the repo server | `""` | -| server.rbacConfig | Argo CD RBAC policy https://argoproj.github.io/argo-cd/operator-manual/rbac/ | `See [values.yaml](values.yaml)` | +| server.rbacConfig | [Argo CD RBAC policy](https://argoproj.github.io/argo-cd/operator-manual/rbac/) | `{}` | | server.readinessProbe.failureThreshold | int | `3` | | server.readinessProbe.initialDelaySeconds | int | `10` | | server.readinessProbe.periodSeconds | int | `10` | @@ -178,7 +189,7 @@ $ helm install --name my-release argo/argo-cd | server.service.type | Server service type | `"ClusterIP"` | | server.serviceAccount.create | Create server service account | `true` | | server.serviceAccount.name | Server service account name | `"argocd-server"` | -| server.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| server.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | | server.volumeMounts | Server volume mounts | `[]` | | server.volumes | Server volumes | `[]` | @@ -197,6 +208,7 @@ $ helm install --name my-release argo/argo-cd | dex.initImage.imagePullPolicy | Argo CD init image imagePullPolicy | `global.image.imagePullPolicy` | | dex.initImage.tag | Argo CD init image tag | `global.image.tag` | | dex.name | Dex name | `"dex-server"` | +| dex.env | Environment variables for the Dex server. | `[]` | | dex.nodeSelector | Dex node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` | | dex.priorityClassName | Priority class for dex | `""` | | dex.resources | Resource limits and requests for dex | `{}` | @@ -204,7 +216,7 @@ $ helm install --name my-release argo/argo-cd | dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` | | dex.servicePortGrpc | Server GRPC port | `5557` | | dex.servicePortHttp | Server HTTP port | `5556` | -| dex.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| dex.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | | dex.volumeMounts | Dex volume mounts | `"/shared"` | | dex.volumes | Dex volumes | `{}` | @@ -214,13 +226,14 @@ $ helm install --name my-release argo/argo-cd |-----|------|---------|-------------| | redis.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | | redis.containerPort | Redis container port | `6379` | -| redis.enabled | Enable redis | `false` | +| redis.enabled | Enable redis | `true` | | redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` | | redis.image.repository | Redis repository | `"redis"` | | redis.image.tag | Redis tag | `"5.0.3"` | | redis.name | Redis name | `"redis"` | +| redis.env | Environment variables for the Redis server. | `[]` | | redis.nodeSelector | Redis node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` | | redis.priorityClassName | Priority class for redis | `""` | | redis.resources | Resource limits and requests for redis | `{}` | | redis.servicePort | Redis service port | `6379` | -| redis.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| redis.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml new file mode 100644 index 00000000..20e2b20d --- /dev/null +++ b/charts/argo-cd/crds/crd-application.yaml @@ -0,0 +1,1914 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: applications.argoproj.io + app.kubernetes.io/part-of: argocd + name: applications.argoproj.io +spec: + group: argoproj.io + names: + kind: Application + plural: applications + shortNames: + - app + - apps + scope: Namespaced + validation: + openAPIV3Schema: + description: Application is a definition of Application resource. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + description: + "Annotations is an unstructured key value map stored with + a resource that may be set by external tools to store and retrieve + arbitrary metadata. They are not queryable and should be preserved + when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations" + type: object + clusterName: + description: + The name of the cluster which the object belongs to. This + is used to distinguish resources with same name and namespace in different + clusters. This field is not set anywhere right now and apiserver is + going to ignore it if set in create or update request. + type: string + deletionGracePeriodSeconds: + description: + Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set when + deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: + "DeletionTimestamp is RFC 3339 date and time at which this + resource will be deleted. This field is set by the server when a graceful + deletion is requested by the user, and is not directly settable by + a client. The resource is expected to be deleted (no longer visible + from resource lists, and not reachable by name) after the time in + this field, once the finalizers list is empty. As long as the finalizers + list contains items, deletion is blocked. Once the deletionTimestamp + is set, this value may not be unset or be set further into the future, + although it may be shortened or the resource may be deleted prior + to this time. For example, a user may request that a pod is deleted + in 30 seconds. The Kubelet will react by sending a graceful termination + signal to the containers in the pod. After that 30 seconds, the Kubelet + will send a hard termination signal (SIGKILL) to the container and + after cleanup, remove the pod from the API. In the presence of network + partitions, this object may still exist after this timestamp, until + an administrator or automated process can determine the resource is + fully terminated. If not set, graceful deletion of the object has + not been requested. \n Populated by the system when a graceful deletion + is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + finalizers: + description: + Must be empty before the object is deleted from the registry. + Each entry is an identifier for the responsible component that will + remove the entry from the list. If the deletionTimestamp of the object + is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: + "GenerateName is an optional prefix, used by the server, + to generate a unique name ONLY IF the Name field has not been provided. + If this field is used, the name returned to the client will be different + than the name passed. This value will also be combined with a unique + suffix. The provided value has the same validation rules as the Name + field, and may be truncated by the length of the suffix required to + make the value unique on the server. \n If this field is specified + and the generated name exists, the server will NOT return a 409 - + instead, it will either return 201 Created or 500 with Reason ServerTimeout + indicating a unique name could not be found in the time allotted, + and the client should retry (optionally after the time indicated in + the Retry-After header). \n Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + type: string + generation: + description: + A sequence number representing a specific generation of + the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: + "An initializer is a controller which enforces some system + invariant at object creation time. This field is a list of initializers + that have not yet acted on this object. If nil or empty, this object + has been completely initialized. Otherwise, the object is considered + uninitialized and is hidden (in list/watch and get calls) from clients + that haven't explicitly asked to observe uninitialized objects. \n + When an object is created, the system will populate this list with + the current set of initializers. Only privileged users may set or + modify this list. Once it is empty, it may not be modified further + by any user. \n DEPRECATED - initializers are an alpha field and will + be removed in v1.15." + properties: + pending: + description: + Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the initializers + struct will be set to nil and the object is considered as initialized + and visible to all clients. + items: + properties: + name: + description: + name of the process that is responsible for initializing + this object. + type: string + required: + - name + type: object + type: array + result: + description: + If result is set with the Failure field, the object + will be persisted to storage and then deleted, ensuring that other + clients can observe the deletion. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + type: string + code: + description: + Suggested HTTP return code for this status, 0 if + not set. + format: int32 + type: integer + details: + description: + Extended data associated with the reason. Each + reason may define its own extended details. This field is + optional and the data returned is not guaranteed to conform + to any schema except that defined by the reason type. + properties: + causes: + description: + The Causes array includes more details associated + with the StatusReason failure. Not all StatusReasons may + provide detailed causes. + items: + properties: + field: + description: + "The field of the resource that has caused + this error, as named by its JSON serialization. + May include dot and postfix notation for nested + attributes. Arrays are zero-indexed. Fields may + appear more than once in an array of causes due + to fields having multiple errors. Optional. \n Examples: + \ \"name\" - the field \"name\" on the current + resource \"items[0].name\" - the field \"name\" + on the first array entry in \"items\"" + type: string + message: + description: + A human-readable description of the cause + of the error. This field may be presented as-is + to a reader. + type: string + reason: + description: + A machine-readable description of the + cause of the error. If this value is empty there + is no information available. + type: string + type: object + type: array + group: + description: + The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: + "The kind attribute of the resource associated + with the status StatusReason. On some operations may differ + from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + type: string + name: + description: + The name attribute of the resource associated + with the status StatusReason (when there is a single name + which can be described). + type: string + retryAfterSeconds: + description: + If specified, the time in seconds before the + operation should be retried. Some errors may indicate + the client must take an alternate action - for those errors + this field may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: + "UID of the resource. (when there is a single + resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + kind: + description: + "Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + type: string + message: + description: + A human-readable description of the status of this + operation. + type: string + metadata: + description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + properties: + continue: + description: + continue may be set if the user set a limit + on the number of items returned, and indicates that the + server has more data available. The value is opaque and + may be used to issue another request to the endpoint that + served this list to retrieve the next set of available + objects. Continuing a consistent list may not be possible + if the server configuration has changed or more than a + few minutes have passed. The resourceVersion field returned + when using this continue value will be identical to the + value in the first response, unless you have received + this token from an error message. + type: string + resourceVersion: + description: + "String that identifies the server's internal + version of this object that can be used by clients to + determine when objects have changed. Value must be treated + as opaque by clients and passed unmodified back to the + server. Populated by the system. Read-only. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: + selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + type: object + reason: + description: + A machine-readable description of why this operation + is in the "Failure" status. If this value is empty there is + no information available. A Reason clarifies an HTTP status + code but does not override it. + type: string + status: + description: + 'Status of the operation. One of: "Success" or + "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + type: object + required: + - pending + type: object + labels: + additionalProperties: + type: string + description: + "Map of string keys and values that can be used to organize + and categorize (scope and select) objects. May match selectors of + replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels" + type: object + managedFields: + description: + "ManagedFields maps workflow-id and version to the set + of fields that are managed by that workflow. This is mostly for internal + housekeeping, and users typically shouldn't need to set or understand + this field. A workflow can be the user's name, a controller's name, + or the name of a specific apply path like \"ci-cd\". The set of fields + is always in the version that the workflow used when modifying the + object. \n This field is alpha and can be changed or removed without + notice." + items: + properties: + apiVersion: + description: + APIVersion defines the version of this resource that + this field set applies to. The format is "group/version" just + like the top-level APIVersion field. It is necessary to track + the version of a field set because it cannot be automatically + converted. + type: string + fields: + additionalProperties: true + description: Fields identifies a set of fields. + type: object + manager: + description: + Manager is an identifier of the workflow managing + these fields. + type: string + operation: + description: + Operation is the type of operation which lead to + this ManagedFieldsEntry being created. The only valid values + for this field are 'Apply' and 'Update'. + type: string + time: + description: + Time is timestamp of when these fields were set. + It should always be empty if Operation is 'Apply' + format: date-time + type: string + type: object + type: array + name: + description: + "Name must be unique within a namespace. Is required when + creating resources, although some resources may allow a client to + request the generation of an appropriate name automatically. Name + is primarily intended for creation idempotence and configuration definition. + Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names" + type: string + namespace: + description: + "Namespace defines the space within each name must be unique. + An empty namespace is equivalent to the \"default\" namespace, but + \"default\" is the canonical representation. Not all objects are required + to be scoped to a namespace - the value of this field for those objects + will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: + http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: + List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this list + will point to this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: + If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. To + set this field, a user needs "delete" permission of the owner, + otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + type: string + name: + description: "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" + type: string + uid: + description: "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + type: array + resourceVersion: + description: + "An opaque value that represents the internal version of + this object that can be used by clients to determine when objects + have changed. May be used for optimistic concurrency, change detection, + and the watch operation on a resource or set of resources. Clients + must treat these values as opaque and passed unmodified back to the + server. They may only be valid for a particular resource or set of + resources. \n Populated by the system. Read-only. Value must be treated + as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: + SelfLink is a URL representing this object. Populated by + the system. Read-only. + type: string + uid: + description: + "UID is the unique in time and space value for this object. + It is typically generated by the server on successful creation of + a resource and is not allowed to change on PUT operations. \n Populated + by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + operation: + properties: + sync: + properties: + dryRun: + description: + DryRun will perform a `kubectl apply --dry-run` without + actually performing the sync + type: boolean + manifests: + description: + Manifests is an optional field that overrides sync + source with a local directory for development + items: + type: string + type: array + prune: + description: + Prune deletes resources that are no longer tracked + in git + type: boolean + resources: + description: Resources describes which resources to sync + items: + properties: + group: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: + Revision is the revision in which to sync the application + to. If omitted, will use the revision specified in app spec. + type: string + source: + description: + Source overrides the source definition set in the application. + This is typically set in a Rollback operation and nil during a + Sync operation + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + jsonnet: + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + parameters: + description: Parameters are parameters to the helm template + items: + properties: + forceString: + description: + ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm parameter + type: string + type: object + type: array + releaseName: + description: + The Helm release name. If omitted it will use + the application name + type: string + valueFiles: + description: + ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: + Values is Helm values, typically defined as + a block + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: + Environment is a ksonnet application environment + name + type: string + parameters: + description: + Parameters are a list of ksonnet component + parameter override values + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional kustomize commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: + NamePrefix is a prefix appended to resources + for kustomize apps + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: + ConfigManagementPlugin holds config management + plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: + RepoURL is the repository URL of the application + manifests + type: string + targetRevision: + description: + TargetRevision defines the commit, tag, or branch + in which to sync the application to. If omitted, will sync + to HEAD + type: string + required: + - repoURL + type: object + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: + Apply wil perform a `kubectl apply` to perform + the sync. + properties: + force: + description: + Force indicates whether or not to supply the + --force flag to `kubectl apply`. The --force flag deletes + and re-create the resource, when PATCH encounters conflict + and has retried for 5 times. + type: boolean + type: object + hook: + description: + Hook will submit any referenced resources to perform + the sync. This is the default strategy + properties: + force: + description: + Force indicates whether or not to supply the + --force flag to `kubectl apply`. The --force flag deletes + and re-create the resource, when PATCH encounters conflict + and has retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + spec: + properties: + destination: + description: + Destination overrides the kubernetes server and namespace + defined in the environment ksonnet app.yaml + properties: + namespace: + description: + Namespace overrides the environment namespace value + in the ksonnet app.yaml + type: string + server: + description: + Server overrides the environment server value in the + ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: + IgnoreDifferences controls resources fields which should + be ignored during comparison + items: + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - jsonPointers + type: object + type: array + info: + description: + Infos contains a list of useful information (URLs, email + addresses, and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: + Project is a application project name. Empty name means + that application belongs to 'default' project. + type: string + source: + description: + Source is a reference to the location ksonnet application + definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + jsonnet: + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + parameters: + description: Parameters are parameters to the helm template + items: + properties: + forceString: + description: + ForceString determines whether to tell Helm + to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm parameter + type: string + type: object + type: array + releaseName: + description: + The Helm release name. If omitted it will use the + application name + type: string + valueFiles: + description: + ValuesFiles is a list of Helm value files to use + when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically defined as a block + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: + Environment is a ksonnet application environment + name + type: string + parameters: + description: + Parameters are a list of ksonnet component parameter + override values + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional kustomize commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: + NamePrefix is a prefix appended to resources for + kustomize apps + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: + ConfigManagementPlugin holds config management plugin + specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of the application manifests + type: string + targetRevision: + description: + TargetRevision defines the commit, tag, or branch in + which to sync the application to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will be performed + properties: + automated: + description: + Automated will keep an application synced to the target + revision + properties: + prune: + description: + "Prune will prune resources automatically as part + of automated sync (default: false)" + type: boolean + selfHeal: + description: "SelfHeal enables auto-syncing if (default: false)" + type: boolean + type: object + type: object + required: + - source + - destination + - project + type: object + status: + properties: + conditions: + items: + properties: + message: + description: + Message contains human-readable message indicating + details about condition + type: string + type: + description: Type is an application condition type + type: string + required: + - type + - message + type: object + type: array + health: + properties: + message: + type: string + status: + type: string + type: object + history: + items: + properties: + deployedAt: + format: date-time + type: string + id: + format: int64 + type: integer + revision: + type: string + source: + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + jsonnet: + properties: + extVars: + description: + ExtVars is a list of Jsonnet External + Variables + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + parameters: + description: Parameters are parameters to the helm template + items: + properties: + forceString: + description: + ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm parameter + type: string + type: object + type: array + releaseName: + description: + The Helm release name. If omitted it will + use the application name + type: string + valueFiles: + description: + ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: + Values is Helm values, typically defined + as a block + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: + Environment is a ksonnet application environment + name + type: string + parameters: + description: + Parameters are a list of ksonnet component + parameter override values + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional kustomize commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: + NamePrefix is a prefix appended to resources + for kustomize apps + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: + ConfigManagementPlugin holds config management + plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: + RepoURL is the repository URL of the application + manifests + type: string + targetRevision: + description: + TargetRevision defines the commit, tag, or branch + in which to sync the application to. If omitted, will sync + to HEAD + type: string + required: + - repoURL + type: object + required: + - revision + - deployedAt + - id + type: object + type: array + observedAt: + description: + ObservedAt indicates when the application state was updated + without querying latest git state + format: date-time + type: string + operationState: + properties: + finishedAt: + description: FinishedAt contains time of operation completion + format: date-time + type: string + message: + description: + Message hold any pertinent messages when attempting + to perform operation (typically errors). + type: string + operation: + description: Operation is the original requested operation + properties: + sync: + properties: + dryRun: + description: + DryRun will perform a `kubectl apply --dry-run` + without actually performing the sync + type: boolean + manifests: + description: + Manifests is an optional field that overrides + sync source with a local directory for development + items: + type: string + type: array + prune: + description: + Prune deletes resources that are no longer + tracked in git + type: boolean + resources: + description: Resources describes which resources to sync + items: + properties: + group: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: + Revision is the revision in which to sync the + application to. If omitted, will use the revision specified + in app spec. + type: string + source: + description: + Source overrides the source definition set + in the application. This is typically set in a Rollback + operation and nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: + Directory holds path/directory specific + options + properties: + jsonnet: + properties: + extVars: + description: + ExtVars is a list of Jsonnet External + Variables + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + tlas: + description: + TLAS is a list of Jsonnet Top-level + Arguments + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + parameters: + description: + Parameters are parameters to the helm + template + items: + properties: + forceString: + description: + ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: + Name is the name of the helm + parameter + type: string + value: + description: + Value is the value for the helm + parameter + type: string + type: object + type: array + releaseName: + description: + The Helm release name. If omitted it + will use the application name + type: string + valueFiles: + description: + ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: + Values is Helm values, typically defined + as a block + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: + Environment is a ksonnet application + environment name + type: string + parameters: + description: + Parameters are a list of ksonnet component + parameter override values + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: + CommonLabels adds additional kustomize + commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: + NamePrefix is a prefix appended to + resources for kustomize apps + type: string + type: object + path: + description: + Path is a directory path within the Git + repository + type: string + plugin: + description: + ConfigManagementPlugin holds config management + plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: + RepoURL is the repository URL of the application + manifests + type: string + targetRevision: + description: + TargetRevision defines the commit, tag, + or branch in which to sync the application to. If + omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: + Apply wil perform a `kubectl apply` to + perform the sync. + properties: + force: + description: + Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force + flag deletes and re-create the resource, when + PATCH encounters conflict and has retried for + 5 times. + type: boolean + type: object + hook: + description: + Hook will submit any referenced resources + to perform the sync. This is the default strategy + properties: + force: + description: + Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force + flag deletes and re-create the resource, when + PATCH encounters conflict and has retried for + 5 times. + type: boolean + type: object + type: object + type: object + type: object + phase: + description: Phase is the current phase of the operation + type: string + startedAt: + description: StartedAt contains time of operation start + format: date-time + type: string + syncResult: + description: SyncResult is the result of a Sync operation + properties: + resources: + description: + Resources holds the sync result of each individual + resource + items: + properties: + group: + type: string + hookPhase: + description: + "the state of any operation associated with + this resource OR hook note: can contain values for non-hook + resources" + type: string + hookType: + description: + the type of the hook, empty for non-hook + resources + type: string + kind: + type: string + message: + description: message for the last sync OR operation + type: string + name: + type: string + namespace: + type: string + status: + description: + the final result of the sync, this is be + empty if the resources is yet to be applied/pruned and + is always zero-value for hooks + type: string + syncPhase: + description: + indicates the particular phase of the sync + that this is for + type: string + version: + type: string + required: + - group + - version + - kind + - namespace + - name + type: object + type: array + revision: + description: Revision holds the revision of the sync + type: string + source: + description: + Source records the application source information + of the sync, used for comparing auto-sync + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + jsonnet: + properties: + extVars: + description: + ExtVars is a list of Jsonnet External + Variables + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + tlas: + description: + TLAS is a list of Jsonnet Top-level + Arguments + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + parameters: + description: Parameters are parameters to the helm template + items: + properties: + forceString: + description: + ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm parameter + type: string + type: object + type: array + releaseName: + description: + The Helm release name. If omitted it will + use the application name + type: string + valueFiles: + description: + ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: + Values is Helm values, typically defined + as a block + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: + Environment is a ksonnet application environment + name + type: string + parameters: + description: + Parameters are a list of ksonnet component + parameter override values + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: + CommonLabels adds additional kustomize + commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: + NamePrefix is a prefix appended to resources + for kustomize apps + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: + ConfigManagementPlugin holds config management + plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: + RepoURL is the repository URL of the application + manifests + type: string + targetRevision: + description: + TargetRevision defines the commit, tag, or + branch in which to sync the application to. If omitted, + will sync to HEAD + type: string + required: + - repoURL + type: object + required: + - revision + type: object + required: + - operation + - phase + - startedAt + type: object + reconciledAt: + description: + ReconciledAt indicates when the application state was reconciled + using the latest git version + format: date-time + type: string + resources: + items: + properties: + group: + type: string + health: + properties: + message: + type: string + status: + type: string + type: object + hook: + type: boolean + kind: + type: string + name: + type: string + namespace: + type: string + requiresPruning: + type: boolean + status: + type: string + version: + type: string + type: object + type: array + sourceType: + type: string + summary: + properties: + externalURLs: + description: + ExternalURLs holds all external URLs of application + child resources. + items: + type: string + type: array + images: + description: Images holds all images of application child resources. + items: + type: string + type: array + type: object + sync: + properties: + comparedTo: + properties: + destination: + properties: + namespace: + description: + Namespace overrides the environment namespace + value in the ksonnet app.yaml + type: string + server: + description: + Server overrides the environment server value + in the ksonnet app.yaml + type: string + type: object + source: + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + jsonnet: + properties: + extVars: + description: + ExtVars is a list of Jsonnet External + Variables + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + tlas: + description: + TLAS is a list of Jsonnet Top-level + Arguments + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + parameters: + description: Parameters are parameters to the helm template + items: + properties: + forceString: + description: + ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm parameter + type: string + type: object + type: array + releaseName: + description: + The Helm release name. If omitted it will + use the application name + type: string + valueFiles: + description: + ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: + Values is Helm values, typically defined + as a block + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: + Environment is a ksonnet application environment + name + type: string + parameters: + description: + Parameters are a list of ksonnet component + parameter override values + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: + CommonLabels adds additional kustomize + commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: + NamePrefix is a prefix appended to resources + for kustomize apps + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: + ConfigManagementPlugin holds config management + plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: + RepoURL is the repository URL of the application + manifests + type: string + targetRevision: + description: + TargetRevision defines the commit, tag, or + branch in which to sync the application to. If omitted, + will sync to HEAD + type: string + required: + - repoURL + type: object + required: + - source + - destination + type: object + revision: + type: string + status: + type: string + required: + - status + type: object + type: object + required: + - metadata + - spec + type: object + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml new file mode 100644 index 00000000..5149eeb0 --- /dev/null +++ b/charts/argo-cd/crds/crd-project.yaml @@ -0,0 +1,603 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: appprojects.argoproj.io + app.kubernetes.io/part-of: argocd + name: appprojects.argoproj.io +spec: + group: argoproj.io + names: + kind: AppProject + plural: appprojects + shortNames: + - appproj + - appprojs + scope: Namespaced + validation: + openAPIV3Schema: + description: + "AppProject provides a logical grouping of applications, providing + controls for: * where the apps may deploy to (cluster whitelist) * what may + be deployed (repository whitelist, resource whitelist/blacklist) * who can + access these applications (roles, OIDC group claims bindings) * and what they + can do (RBAC policies) * automation access to these roles (JWT tokens)" + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + description: + "Annotations is an unstructured key value map stored with + a resource that may be set by external tools to store and retrieve + arbitrary metadata. They are not queryable and should be preserved + when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations" + type: object + clusterName: + description: + The name of the cluster which the object belongs to. This + is used to distinguish resources with same name and namespace in different + clusters. This field is not set anywhere right now and apiserver is + going to ignore it if set in create or update request. + type: string + deletionGracePeriodSeconds: + description: + Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set when + deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: + "DeletionTimestamp is RFC 3339 date and time at which this + resource will be deleted. This field is set by the server when a graceful + deletion is requested by the user, and is not directly settable by + a client. The resource is expected to be deleted (no longer visible + from resource lists, and not reachable by name) after the time in + this field, once the finalizers list is empty. As long as the finalizers + list contains items, deletion is blocked. Once the deletionTimestamp + is set, this value may not be unset or be set further into the future, + although it may be shortened or the resource may be deleted prior + to this time. For example, a user may request that a pod is deleted + in 30 seconds. The Kubelet will react by sending a graceful termination + signal to the containers in the pod. After that 30 seconds, the Kubelet + will send a hard termination signal (SIGKILL) to the container and + after cleanup, remove the pod from the API. In the presence of network + partitions, this object may still exist after this timestamp, until + an administrator or automated process can determine the resource is + fully terminated. If not set, graceful deletion of the object has + not been requested. \n Populated by the system when a graceful deletion + is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + finalizers: + description: + Must be empty before the object is deleted from the registry. + Each entry is an identifier for the responsible component that will + remove the entry from the list. If the deletionTimestamp of the object + is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: + "GenerateName is an optional prefix, used by the server, + to generate a unique name ONLY IF the Name field has not been provided. + If this field is used, the name returned to the client will be different + than the name passed. This value will also be combined with a unique + suffix. The provided value has the same validation rules as the Name + field, and may be truncated by the length of the suffix required to + make the value unique on the server. \n If this field is specified + and the generated name exists, the server will NOT return a 409 - + instead, it will either return 201 Created or 500 with Reason ServerTimeout + indicating a unique name could not be found in the time allotted, + and the client should retry (optionally after the time indicated in + the Retry-After header). \n Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + type: string + generation: + description: + A sequence number representing a specific generation of + the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: + "An initializer is a controller which enforces some system + invariant at object creation time. This field is a list of initializers + that have not yet acted on this object. If nil or empty, this object + has been completely initialized. Otherwise, the object is considered + uninitialized and is hidden (in list/watch and get calls) from clients + that haven't explicitly asked to observe uninitialized objects. \n + When an object is created, the system will populate this list with + the current set of initializers. Only privileged users may set or + modify this list. Once it is empty, it may not be modified further + by any user. \n DEPRECATED - initializers are an alpha field and will + be removed in v1.15." + properties: + pending: + description: + Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the initializers + struct will be set to nil and the object is considered as initialized + and visible to all clients. + items: + properties: + name: + description: + name of the process that is responsible for initializing + this object. + type: string + required: + - name + type: object + type: array + result: + description: + If result is set with the Failure field, the object + will be persisted to storage and then deleted, ensuring that other + clients can observe the deletion. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + type: string + code: + description: + Suggested HTTP return code for this status, 0 if + not set. + format: int32 + type: integer + details: + description: + Extended data associated with the reason. Each + reason may define its own extended details. This field is + optional and the data returned is not guaranteed to conform + to any schema except that defined by the reason type. + properties: + causes: + description: + The Causes array includes more details associated + with the StatusReason failure. Not all StatusReasons may + provide detailed causes. + items: + properties: + field: + description: + "The field of the resource that has caused + this error, as named by its JSON serialization. + May include dot and postfix notation for nested + attributes. Arrays are zero-indexed. Fields may + appear more than once in an array of causes due + to fields having multiple errors. Optional. \n Examples: + \ \"name\" - the field \"name\" on the current + resource \"items[0].name\" - the field \"name\" + on the first array entry in \"items\"" + type: string + message: + description: + A human-readable description of the cause + of the error. This field may be presented as-is + to a reader. + type: string + reason: + description: + A machine-readable description of the + cause of the error. If this value is empty there + is no information available. + type: string + type: object + type: array + group: + description: + The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: + "The kind attribute of the resource associated + with the status StatusReason. On some operations may differ + from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + type: string + name: + description: + The name attribute of the resource associated + with the status StatusReason (when there is a single name + which can be described). + type: string + retryAfterSeconds: + description: + If specified, the time in seconds before the + operation should be retried. Some errors may indicate + the client must take an alternate action - for those errors + this field may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: + "UID of the resource. (when there is a single + resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + kind: + description: + "Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + type: string + message: + description: + A human-readable description of the status of this + operation. + type: string + metadata: + description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + properties: + continue: + description: + continue may be set if the user set a limit + on the number of items returned, and indicates that the + server has more data available. The value is opaque and + may be used to issue another request to the endpoint that + served this list to retrieve the next set of available + objects. Continuing a consistent list may not be possible + if the server configuration has changed or more than a + few minutes have passed. The resourceVersion field returned + when using this continue value will be identical to the + value in the first response, unless you have received + this token from an error message. + type: string + resourceVersion: + description: + "String that identifies the server's internal + version of this object that can be used by clients to + determine when objects have changed. Value must be treated + as opaque by clients and passed unmodified back to the + server. Populated by the system. Read-only. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: + selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + type: object + reason: + description: + A machine-readable description of why this operation + is in the "Failure" status. If this value is empty there is + no information available. A Reason clarifies an HTTP status + code but does not override it. + type: string + status: + description: + 'Status of the operation. One of: "Success" or + "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + type: object + required: + - pending + type: object + labels: + additionalProperties: + type: string + description: + "Map of string keys and values that can be used to organize + and categorize (scope and select) objects. May match selectors of + replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels" + type: object + managedFields: + description: + "ManagedFields maps workflow-id and version to the set + of fields that are managed by that workflow. This is mostly for internal + housekeeping, and users typically shouldn't need to set or understand + this field. A workflow can be the user's name, a controller's name, + or the name of a specific apply path like \"ci-cd\". The set of fields + is always in the version that the workflow used when modifying the + object. \n This field is alpha and can be changed or removed without + notice." + items: + properties: + apiVersion: + description: + APIVersion defines the version of this resource that + this field set applies to. The format is "group/version" just + like the top-level APIVersion field. It is necessary to track + the version of a field set because it cannot be automatically + converted. + type: string + fields: + additionalProperties: true + description: Fields identifies a set of fields. + type: object + manager: + description: + Manager is an identifier of the workflow managing + these fields. + type: string + operation: + description: + Operation is the type of operation which lead to + this ManagedFieldsEntry being created. The only valid values + for this field are 'Apply' and 'Update'. + type: string + time: + description: + Time is timestamp of when these fields were set. + It should always be empty if Operation is 'Apply' + format: date-time + type: string + type: object + type: array + name: + description: + "Name must be unique within a namespace. Is required when + creating resources, although some resources may allow a client to + request the generation of an appropriate name automatically. Name + is primarily intended for creation idempotence and configuration definition. + Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names" + type: string + namespace: + description: + "Namespace defines the space within each name must be unique. + An empty namespace is equivalent to the \"default\" namespace, but + \"default\" is the canonical representation. Not all objects are required + to be scoped to a namespace - the value of this field for those objects + will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: + http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: + List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this list + will point to this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: + If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. To + set this field, a user needs "delete" permission of the owner, + otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + type: string + name: + description: "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" + type: string + uid: + description: "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + type: array + resourceVersion: + description: + "An opaque value that represents the internal version of + this object that can be used by clients to determine when objects + have changed. May be used for optimistic concurrency, change detection, + and the watch operation on a resource or set of resources. Clients + must treat these values as opaque and passed unmodified back to the + server. They may only be valid for a particular resource or set of + resources. \n Populated by the system. Read-only. Value must be treated + as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: + SelfLink is a URL representing this object. Populated by + the system. Read-only. + type: string + uid: + description: + "UID is the unique in time and space value for this object. + It is typically generated by the server on successful creation of + a resource and is not allowed to change on PUT operations. \n Populated + by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + spec: + properties: + clusterResourceWhitelist: + description: + ClusterResourceWhitelist contains list of whitelisted cluster + level resources + items: + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + description: + description: Description contains optional project description + type: string + destinations: + description: + Destinations contains list of destinations available for + deployment + items: + properties: + namespace: + description: + Namespace overrides the environment namespace value + in the ksonnet app.yaml + type: string + server: + description: + Server overrides the environment server value in + the ksonnet app.yaml + type: string + type: object + type: array + namespaceResourceBlacklist: + description: + NamespaceResourceBlacklist contains list of blacklisted + namespace level resources + items: + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + orphanedResources: + description: + OrphanedResources specifies if controller should monitor + orphaned resources of apps in this project + properties: + warn: + description: + Warn indicates if warning condition should be created + for apps which have orphaned resources + type: boolean + type: object + roles: + description: + Roles are user defined RBAC roles associated with this + project + items: + properties: + description: + description: Description is a description of the role + type: string + groups: + description: + Groups are a list of OIDC group claims bound to this + role + items: + type: string + type: array + jwtTokens: + description: + JWTTokens are a list of generated JWT tokens bound + to this role + items: + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + required: + - iat + type: object + type: array + name: + description: Name is a name for this role + type: string + policies: + description: + Policies Stores a list of casbin formated strings + that define access policies for the role in the project + items: + type: string + type: array + required: + - name + type: object + type: array + sourceRepos: + description: + SourceRepos contains list of repository URLs which can + be used for deployment + items: + type: string + type: array + syncWindows: + description: + SyncWindows controls when syncs can be run for apps in + this project + items: + properties: + applications: + description: + Applications contains a list of applications that + the window will apply to + items: + type: string + type: array + clusters: + description: + Clusters contains a list of clusters that the window + will apply to + items: + type: string + type: array + duration: + description: + Duration is the amount of time the sync window will + be open + type: string + kind: + description: Kind defines if the window allows or blocks syncs + type: string + manualSync: + description: + ManualSync enables manual syncs when they would otherwise + be blocked + type: boolean + namespaces: + description: + Namespaces contains a list of namespaces that the + window will apply to + items: + type: string + type: array + schedule: + description: + Schedule is the time the window will begin, specified + in cron format + type: string + type: object + type: array + type: object + required: + - metadata + - spec + type: object + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 451727d6..4bec139b 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -1,6 +1,6 @@ In order to access the server UI you have the following options: -1. kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 +1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443 and then open the browser on http://localhost:8080 and accept the certificate @@ -12,4 +12,4 @@ In order to access the server UI you have the following options: After reaching the UI the first time you can login with username: admin and the password will be the name of the server pod. You can get the pod name by running: -kubectl get pods -n argocd -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2 \ No newline at end of file +kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2 diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 2c892a75..af7f7c9f 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -92,6 +92,17 @@ Create the name of the ArgoCD server service account to use {{- end -}} {{- end -}} +{{/* +Create the name of the repo-server service account to use +*/}} +{{- define "argo-cd.repoServerServiceAccountName" -}} +{{- if .Values.repoServer.serviceAccount.create -}} + {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.repoServer.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create chart name and version as used by the chart label. */}} diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml old mode 100644 new mode 100755 index a1ca4eb0..286fb981 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -1,3 +1,4 @@ + apiVersion: apps/v1 kind: Deployment metadata: @@ -9,6 +10,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} + app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }} spec: selector: matchLabels: @@ -31,10 +33,14 @@ spec: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} + app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }} {{- if .Values.controller.podLabels }} {{- toYaml .Values.controller.podLabels | nindent 8 }} {{- end }} spec: + {{- if .Values.global.securityContext }} + securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- end }} containers: - command: - argocd-application-controller @@ -60,6 +66,13 @@ spec: image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default .Values.global.image.tag .Values.controller.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} name: {{ .Values.controller.name }} + {{- if .Values.controller.containerSecurityContext }} + securityContext: {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }} + {{- end }} + {{- if .Values.controller.env }} + env: +{{- toYaml .Values.controller.env | nindent 8 }} + {{- end }} ports: - name: controller containerPort: {{ .Values.controller.containerPort }} @@ -103,4 +116,4 @@ spec: {{- if .Values.controller.volumes }} volumes: {{- toYaml .Values.controller.volumes | nindent 8 }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml new file mode 100644 index 00000000..8d104f40 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.rules.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ template "argo-cd.controller.fullname" . }} + {{- if .Values.controller.metrics.rules.namespace }} + namespace: {{ .Values.controller.metrics.rules.namespace }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.controller.name }} + {{- if .Values.controller.metrics.rules.selector }} +{{- toYaml .Values.controller.metrics.rules.selector | nindent 4 }} + {{- end }} + {{- if .Values.controller.metrics.rules.additionalLabels }} +{{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }} + {{- end }} +spec: + groups: + - name: argocd + rules: +{{- toYaml .Values.controller.metrics.rules.spec | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index c820e3bb..3fb538e3 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -13,7 +13,9 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} + {{- if .Values.controller.metrics.serviceMonitor.selector }} {{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }} + {{- end }} {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} {{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }} {{- end }} @@ -29,4 +31,5 @@ spec: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics app.kubernetes.io/component: {{ .Values.controller.name }} -{{- end }} \ No newline at end of file +{{- end }} + diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 47a6243b..f9036347 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -11,27 +11,34 @@ metadata: app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} type: Opaque -{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketSecret) }} +{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }} # Setting a blank data again will wipe admin password/key/cert data: {{- if .Values.configs.secret.githubSecret }} - github.webhook.secret: {{ .Values.configs.secret.githubSecret | b64enc }} + webhook.github.secret: {{ .Values.configs.secret.githubSecret | b64enc }} {{- end }} {{- if .Values.configs.secret.gitlabSecret }} - gitlab.webhook.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }} + webhook.gitlab.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }} {{- end }} - {{- if .Values.configs.secret.bitbucketSecret }} - bitbucket.webhook.uuid: {{ .Values.configs.secret.bitbucketSecret | b64enc }} + {{- if .Values.configs.secret.bitbucketServerSecret }} + webhook.bitbucketserver.secret: {{ .Values.configs.secret.bitbucketServerSecret | b64enc }} {{- end }} - - {{- if and .Values.configs.secret.argocdServerTlsConfig.key (.Values.configs.secret.argocdServerTlsConfig.cert) }} + {{- if .Values.configs.secret.bitbucketUUID }} + webhook.bitbucket.uuid: {{ .Values.configs.secret.bitbucketUUID | b64enc }} + {{- end }} + {{- if .Values.configs.secret.gogsSecret }} + webhook.gogs.secret: {{ .Values.configs.secret.gogsSecret | b64enc }} + {{- end }} + {{- if .Values.configs.secret.argocdServerTlsConfig }} tls.key: {{ .Values.configs.secret.argocdServerTlsConfig.key | b64enc }} - tls.cert: {{ .Values.configs.secret.argocdServerTlsConfig.cert | b64enc }} + tls.crt: {{ .Values.configs.secret.argocdServerTlsConfig.crt | b64enc }} {{- end }} - {{- if .Values.configs.secret.argocdServerAdminPassword }} admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }} + admin.passwordMtime: {{ date "2006-01-02T15:04:05Z" now | b64enc }} + {{- end }} + {{- range $key, $value := .Values.configs.secret.extra }} + {{ $key }}: {{ $value | b64enc }} {{- end }} - {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml old mode 100644 new mode 100755 index 9c54d0dd..25a88aba --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -9,6 +9,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.repoServer.name }} + app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }} spec: selector: matchLabels: @@ -31,10 +32,14 @@ spec: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.repoServer.name }} + app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }} {{- if .Values.controller.podLabels }} {{- toYaml .Values.controller.podLabels | nindent 8 }} {{- end }} spec: + {{- if .Values.global.securityContext }} + securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- end }} containers: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }} @@ -54,9 +59,16 @@ spec: - --{{ $key }} {{- end }} {{- end }} + {{- if .Values.repoServer.containerSecurityContext }} + securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} + {{- end }} + {{- if .Values.repoServer.env }} + env: +{{- toYaml .Values.repoServer.env | nindent 8 }} + {{- end }} volumeMounts: {{- if .Values.repoServer.volumeMounts }} -{{- toYaml .Values.repoServer.volumeMounts | nindent 10}} +{{- toYaml .Values.repoServer.volumeMounts | nindent 8}} {{- end }} {{- if .Values.configs.knownHosts }} - mountPath: /app/config/ssh @@ -105,9 +117,10 @@ spec: affinity: {{- toYaml .Values.repoServer.affinity | nindent 8 }} {{- end }} + serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }} volumes: {{- if .Values.repoServer.volumes }} -{{- toYaml .Values.repoServer.volumes | nindent 8}} +{{- toYaml .Values.repoServer.volumes | nindent 6}} {{- end }} {{- if .Values.configs.knownHosts }} - configMap: @@ -118,4 +131,8 @@ spec: - configMap: name: argocd-tls-certs-cm name: tls-certs - {{- end }} \ No newline at end of file + {{- end }} + {{- if .Values.repoServer.initContainers }} + initContainers: +{{- toYaml .Values.repoServer.initContainers | nindent 6 }} + {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml new file mode 100644 index 00000000..aed7700f --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml @@ -0,0 +1,18 @@ +{{- if .Values.configs.repositoryCredentials }} +apiVersion: v1 +kind: Secret +metadata: + name: argocd-repository-credentials + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.server.name }} +type: Opaque +data: +{{- range $key, $value := .Values.configs.repositoryCredentials }} + {{ $key }}: {{ $value | b64enc }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/role.yaml b/charts/argo-cd/templates/argocd-repo-server/role.yaml new file mode 100644 index 00000000..9c902ccc --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/role.yaml @@ -0,0 +1,17 @@ +{{- if .Values.repoServer.serviceAccount.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "argo-cd.repoServer.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.repoServer.name }} +rules: +{{- if .Values.repoServer.rbac }} +{{toYaml .Values.repoServer.rbac }} +{{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml new file mode 100644 index 00000000..692b11ee --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml @@ -0,0 +1,21 @@ +{{- if .Values.repoServer.serviceAccount.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-cd.repoServer.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.repoServer.name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "argo-cd.repoServer.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "argo-cd.repoServerServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml new file mode 100644 index 00000000..a0bae942 --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -0,0 +1,19 @@ +{{- if .Values.repoServer.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "argo-cd.repoServerServiceAccountName" . }} +{{- if .Values.repoServer.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.repoServer.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index bd064f17..c07769f9 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -13,7 +13,9 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.repoServer.name }} + {{- if .Values.repoServer.metrics.serviceMonitor.selector }} {{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }} + {{- end }} {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }} {{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }} {{- end }} @@ -30,4 +32,5 @@ spec: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics app.kubernetes.io/component: {{ .Values.repoServer.name }} -{{- end }} \ No newline at end of file +{{- end }} + diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 3c190c1d..246519f6 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -14,11 +14,11 @@ spec: commonName: {{ .Values.server.certificate.domain | quote }} dnsNames: - {{ .Values.server.certificate.domain | quote }} - {{- range .Values.ingress.additionalHosts }} + {{- range .Values.server.certificate.additionalHosts }} - {{ . | quote }} {{- end }} issuerRef: - kind: {{ .Values.certificate.issuer.kind | quote }} - name: {{ .Values.certificate.issuer.name | quote }} + kind: {{ .Values.server.certificate.issuer.kind | quote }} + name: {{ .Values.server.certificate.issuer.name | quote }} secretName: argocd-secret {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml old mode 100644 new mode 100755 index f2d10b84..7f85bbec --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -9,6 +9,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }} spec: selector: matchLabels: @@ -31,10 +32,14 @@ spec: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }} {{- if .Values.controller.podLabels }} {{- toYaml .Values.controller.podLabels | nindent 8 }} {{- end }} spec: + {{- if .Values.global.securityContext }} + securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- end }} containers: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default .Values.global.image.tag .Values.server.image.tag }} @@ -62,6 +67,13 @@ spec: - --{{ $key }} {{- end }} {{- end }} + {{- if .Values.server.containerSecurityContext }} + securityContext: {{- toYaml .Values.server.containerSecurityContext | nindent 10 }} + {{- end }} + {{- if .Values.server.env }} + env: +{{- toYaml .Values.server.env | nindent 8 }} + {{- end }} volumeMounts: {{- if .Values.server.volumeMounts }} {{- toYaml .Values.server.volumeMounts | nindent 10}} @@ -131,4 +143,4 @@ spec: - configMap: name: argocd-tls-certs-cm name: tls-certs - {{- end }} \ No newline at end of file + {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 68ffbe5d..c3a84ea4 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -1,6 +1,6 @@ {{- if .Values.server.ingress.enabled -}} {{- $serviceName := include "argo-cd.server.fullname" . -}} -{{- $servicePort := .Values.server.name -}} +{{- $servicePort := .Values.server.service.servicePortHttp -}} {{- $paths := .Values.server.ingress.paths -}} apiVersion: extensions/v1beta1 kind: Ingress diff --git a/charts/argo-cd/templates/argocd-server/route.yaml b/charts/argo-cd/templates/argocd-server/route.yaml new file mode 100644 index 00000000..f5952a13 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/route.yaml @@ -0,0 +1,29 @@ +{{- if .Values.server.route.enabled -}} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: {{ template "argo-cd.server.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.server.name }} +{{- with .Values.server.route.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + host: {{ .Values.server.route.hostname | quote }} + to: + kind: Service + name: {{ template "argo-cd.server.fullname" . }} + weight: 100 + port: + targetPort: https + tls: + termination: passthrough + insecureEdgeTerminationPolicy: None + wildcardPolicy: None +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 6d995ff7..7be1f2f4 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -13,7 +13,9 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.server.metrics.serviceMonitor.selector }} {{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }} + {{- end }} {{- if .Values.server.metrics.serviceMonitor.additionalLabels }} {{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }} {{- end }} @@ -30,4 +32,5 @@ spec: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics app.kubernetes.io/component: {{ .Values.server.name }} -{{- end }} \ No newline at end of file +{{- end }} + diff --git a/charts/argo-cd/templates/crds/application-crd.yaml b/charts/argo-cd/templates/crds/application-crd.yaml index 2f176e4f..faf763a8 100644 --- a/charts/argo-cd/templates/crds/application-crd.yaml +++ b/charts/argo-cd/templates/crds/application-crd.yaml @@ -1,3 +1,4 @@ +{{- if .Values.installCRDs }} apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -416,7 +417,7 @@ spec: type: object type: array revision: - description: Revision is the git revision in which to sync the application + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. type: string source: @@ -424,6 +425,9 @@ spec: This is typically set in a Rollback operation and nil during a Sync operation properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -492,6 +496,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined as + a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -536,8 +544,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -561,7 +568,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application + description: RepoURL is the repository URL of the application manifests type: string targetRevision: @@ -571,7 +578,6 @@ spec: type: string required: - repoURL - - path type: object syncStrategy: description: SyncStrategy describes how to perform the sync @@ -634,7 +640,6 @@ spec: namespace: type: string required: - - group - kind - jsonPointers type: object @@ -661,6 +666,9 @@ spec: description: Source is a reference to the location ksonnet application definition properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -729,6 +737,9 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -773,8 +784,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository containing - a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management plugin @@ -798,8 +808,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: description: TargetRevision defines the commit, tag, or branch in @@ -807,7 +816,6 @@ spec: type: string required: - repoURL - - path type: object syncPolicy: description: SyncPolicy controls when a sync will be performed @@ -867,6 +875,9 @@ spec: type: string source: properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -936,6 +947,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined + as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -980,8 +995,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -1005,7 +1019,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application + description: RepoURL is the repository URL of the application manifests type: string targetRevision: @@ -1015,7 +1029,6 @@ spec: type: string required: - repoURL - - path type: object required: - revision @@ -1024,6 +1037,8 @@ spec: type: object type: array observedAt: + description: ObservedAt indicates when the application state was updated + without querying latest git state format: date-time type: string operationState: @@ -1071,15 +1086,18 @@ spec: type: object type: array revision: - description: Revision is the git revision in which to sync - the application to. If omitted, will use the revision - specified in app spec. + description: Revision is the revision in which to sync the + application to. If omitted, will use the revision specified + in app spec. type: string source: description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options @@ -1155,6 +1173,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined + as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -1200,8 +1222,8 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git + repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -1225,8 +1247,8 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the - application manifests + description: RepoURL is the repository URL of the application + manifests type: string targetRevision: description: TargetRevision defines the commit, tag, @@ -1235,7 +1257,6 @@ spec: type: string required: - repoURL - - path type: object syncStrategy: description: SyncStrategy describes how to perform the sync @@ -1322,12 +1343,15 @@ spec: type: object type: array revision: - description: Revision holds the git commit SHA of the sync + description: Revision holds the revision of the sync type: string source: description: Source records the application source information of the sync, used for comparing auto-sync properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -1399,6 +1423,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined + as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -1444,8 +1472,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -1469,7 +1496,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application + description: RepoURL is the repository URL of the application manifests type: string targetRevision: @@ -1479,7 +1506,6 @@ spec: type: string required: - repoURL - - path type: object required: - revision @@ -1490,6 +1516,8 @@ spec: - startedAt type: object reconciledAt: + description: ReconciledAt indicates when the application state was reconciled + using the latest git version format: date-time type: string resources: @@ -1553,6 +1581,9 @@ spec: type: object source: properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -1624,6 +1655,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined + as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -1669,8 +1704,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -1694,7 +1728,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application + description: RepoURL is the repository URL of the application manifests type: string targetRevision: @@ -1704,7 +1738,6 @@ spec: type: string required: - repoURL - - path type: object required: - source @@ -1726,3 +1759,4 @@ spec: - name: v1alpha1 served: true storage: true +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/crds/appproject-crd.yaml b/charts/argo-cd/templates/crds/appproject-crd.yaml index 61a0077b..2d14a52a 100644 --- a/charts/argo-cd/templates/crds/appproject-crd.yaml +++ b/charts/argo-cd/templates/crds/appproject-crd.yaml @@ -1,3 +1,4 @@ +{{- if .Values.installCRDs }} apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -434,6 +435,15 @@ spec: - kind type: object type: array + orphanedResources: + description: OrphanedResources specifies if controller should monitor + orphaned resources of apps in this project + properties: + warn: + description: Warn indicates if warning condition should be created + for apps which have orphaned resources + type: boolean + type: object roles: description: Roles are user defined RBAC roles associated with this project @@ -477,11 +487,51 @@ spec: type: object type: array sourceRepos: - description: SourceRepos contains list of git repository URLs which - can be used for deployment + description: SourceRepos contains list of repository URLs which can + be used for deployment items: type: string type: array + syncWindows: + description: SyncWindows controls when syncs can be run for apps in + this project + items: + properties: + applications: + description: Applications contains a list of applications that + the window will apply to + items: + type: string + type: array + clusters: + description: Clusters contains a list of clusters that the window + will apply to + items: + type: string + type: array + duration: + description: Duration is the amount of time the sync window will + be open + type: string + kind: + description: Kind defines if the window allows or blocks syncs + type: string + manualSync: + description: ManualSync enables manual syncs when they would otherwise + be blocked + type: boolean + namespaces: + description: Namespaces contains a list of namespaces that the + window will apply to + items: + type: string + type: array + schedule: + description: Schedule is the time the window will begin, specified + in cron format + type: string + type: object + type: array type: object required: - metadata @@ -491,3 +541,4 @@ spec: - name: v1alpha1 served: true storage: true +{{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml old mode 100644 new mode 100755 index 17c587e3..21b2d26d --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -10,6 +10,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} + app.kubernetes.io/version: {{ .Values.dex.image.tag }} spec: selector: matchLabels: @@ -24,11 +25,17 @@ spec: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} + app.kubernetes.io/version: {{ .Values.dex.image.tag }} spec: initContainers: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.pullPolicy }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} + resources: +{{- toYaml .Values.dex.resources | nindent 10 }} + {{- if .Values.dex.containerSecurityContext }} + securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- end }} command: - cp - /usr/local/bin/argocd-util @@ -39,10 +46,17 @@ spec: containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} - imagePullPolicy: {{ .Values.dex.image.pullPolicy }} + imagePullPolicy: {{ .Values.dex.image.imagePullPolicy }} command: - /shared/argocd-util - rundex + {{- if .Values.dex.containerSecurityContext }} + securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- end }} + {{- if .Values.dex.env }} + env: +{{- toYaml .Values.dex.env | nindent 8 }} + {{- end }} ports: - name: http containerPort: {{ .Values.dex.containerPortHttp }} @@ -73,4 +87,4 @@ spec: volumes: {{- toYaml .Values.dex.volumes | nindent 8}} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml old mode 100644 new mode 100755 index df4983e1..9358166e --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -10,6 +10,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.redis.name }} + app.kubernetes.io/version: {{ .Values.redis.image.tag }} spec: selector: matchLabels: @@ -23,8 +24,12 @@ spec: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.redis.name }} + app.kubernetes.io/version: {{ .Values.redis.image.tag }} spec: automountServiceAccountToken: false + {{- if .Values.global.securityContext }} + securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- end }} containers: - name: {{ template "argo-cd.redis.fullname" . }} args: @@ -34,9 +39,17 @@ spec: - "no" image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}} + {{- if .Values.redis.containerSecurityContext }} + securityContext: {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }} + {{- end }} + {{- if .Values.redis.env }} + env: +{{- toYaml .Values.redis.env | nindent 8 }} + {{- end }} ports: - containerPort: {{ .Values.redis.containerPort }} {{- if .Values.redis.volumeMounts }} + volumeMounts: {{- toYaml .Values.redis.volumeMounts | nindent 10 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml old mode 100644 new mode 100755 index 7fecb9fe..0d4ae2de --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2,21 +2,29 @@ ## Ref: https://github.com/argoproj/argo-cd ## nameOverride: argocd +fullnameOverride: "" + +# Optional CRD installation for those without Helm hooks +installCRDs: true global: image: repository: argoproj/argocd - tag: v1.2.4 + tag: v1.3.6 imagePullPolicy: IfNotPresent + securityContext: {} + # runAsUser: 999 + # runAsGroup: 999 + # fsGroup: 999 ## Controller controller: name: application-controller - image: {} - # repository: argoproj/argocd - # tag: v1.2.1 - # imagePullPolicy: IfNotPresent + image: + repository: # argoproj/argocd + tag: # v1.3.6 + imagePullPolicy: # IfNotPresent ## Argo controller commandline flags args: @@ -27,7 +35,12 @@ controller: logLevel: info ## Additional command line arguments to pass to argocd-controller - extraArgs: [] + ## key: value + extraArgs: {} + + ## Environment variables to pass to argocd-controller + ## + env: [] ## Annotations to be added to controller pods ## @@ -37,6 +50,12 @@ controller: ## podLabels: {} + ## Labels to set container specific security contexts + containerSecurityContext: {} + # capabilities: + # drop: + # - all + ## Configures the controller port containerPort: 8082 @@ -72,7 +91,7 @@ controller: ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" @@ -102,6 +121,37 @@ controller: # prometheus: kube-prometheus # namespace: monitoring # additionalLabels: {} + rules: + enabled: false + spec: [] + # - alert: ArgoAppMissing + # expr: | + # absent(argocd_app_info) + # for: 15m + # labels: + # severity: critical + # annotations: + # summary: "[ArgoCD] No reported applications" + # description: > + # ArgoCD has not reported any applications data for the past 15 minutes which + # means that it must be down or not functioning properly. This needs to be + # resolved for this cloud to continue to maintain state. + # - alert: ArgoAppNotSynced + # expr: | + # argocd_app_sync_status{sync_status!="Synced"} == 1 + # for: 12h + # labels: + # severity: warning + # annotations: + # summary: "[{{`{{$labels.name}}`}}] Application not synchronized" + # description: > + # The application [{{`{{$labels.name}}`}} has not been synchronized for over + # 12 hours which means that the state of this cloud has drifted away from the + # state inside Git. + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} ## Enable Admin ClusterRole resources. ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster. @@ -117,7 +167,14 @@ dex: repository: quay.io/dexidp/dex tag: v2.14.0 imagePullPolicy: IfNotPresent - initImage: {} + initImage: + repository: + tag: + imagePullPolicy: + + ## Environment variables to pass to the Dex server + ## + env: [] serviceAccount: create: true @@ -143,11 +200,18 @@ dex: ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" + ## Labels to set container specific security contexts + containerSecurityContext: {} + # capabilities: + # drop: + # - all + + resources: {} # limits: # cpu: 50m @@ -158,7 +222,7 @@ dex: ## Redis redis: - enabled: false + enabled: true name: redis image: @@ -169,15 +233,26 @@ redis: containerPort: 6379 servicePort: 6379 + ## Environment variables to pass to the Redis server + ## + env: [] + ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" + ## Labels to set container specific security contexts + containerSecurityContext: {} + # capabilities: + # drop: + # - all + + resources: {} # limits: # cpu: 200m @@ -186,19 +261,26 @@ redis: # cpu: 100m # memory: 64Mi + volumeMounts: [] + volumes: [] + ## Server server: name: server - image: {} - # repository: argoproj/argocd - # tag: v1.2.1 - # imagePullPolicy: IfNotPresent + image: + repository: # argoproj/argocd + tag: # v1.3.6 + imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server - # extraArgs: [] - # - insecure - extraArgs: [] + ## key: value + extraArgs: {} + # insecure: true + + ## Environment variables to pass to argocd-server + ## + env: [] ## Argo server log level logLevel: info @@ -240,11 +322,17 @@ server: ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" + ## Labels to set container specific security contexts + containerSecurityContext: {} + # capabilities: + # drop: + # - all + resources: {} # limits: # cpu: 100m @@ -295,15 +383,25 @@ server: ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace ## - hosts: [] + hosts: + [] # - argocd.example.com paths: - - / - tls: [] + - / + tls: + [] # - secretName: argocd-example-tls # hosts: # - argocd.example.com + # Create a OpenShift Route with SSL passthrough for UI and CLI + # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain + # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: + # If 'hostname' is an empty string "" OpenShift will create a hostname for you. + route: + enabled: false + hostname: "" + ## ArgoCD config ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml config: @@ -311,10 +409,34 @@ server: url: https://argocd.example.com # Argo CD instance label key application.instanceLabelKey: argocd.argoproj.io/instance + # repositories: | + # - url: git@github.com:group/repo.git + # sshPrivateKeySecret: + # name: secret-name + # key: sshPrivateKey + # - type: helm + # url: https://kubernetes-charts.storage.googleapis.com + # name: stable + # - type: helm + # url: https://argoproj.github.io/argo-helm + # name: argo + # oidc.config: | + # name: AzureAD + # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 + # clientID: CLIENT_ID + # clientSecret: $oidc.azuread.clientSecret + # requestedIDTokenClaims: + # groups: + # essential: true + # requestedScopes: + # - openid + # - profile + # - email ## ArgoCD rbac config ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md - rbacConfig: {} + rbacConfig: + {} # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). # Policy rules are in the form: # p, subject, resource, action, object, effect @@ -330,7 +452,6 @@ server: # authorizing API requests (optional). If omitted or empty, users may be still be able to login, # but will see no apps, projects, etc... # policy.default: role:readonly - # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. # scopes: '[cognito:groups, email]' @@ -388,14 +509,18 @@ server: repoServer: name: repo-server - image: {} - # repository: argoproj/argocd - # tag: v1.2.1 - # imagePullPolicy: IfNotPresent + image: + repository: # argoproj/argocd + tag: # v1.3.6 + imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server + ## key: value + extraArgs: {} + + ## Environment variables to pass to argocd-repo-server ## - extraArgs: [] + env: [] ## Argo repoServer log level logLevel: info @@ -437,11 +562,17 @@ repoServer: ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" + ## Labels to set container specific security contexts + containerSecurityContext: {} + # capabilities: + # drop: + # - all + resources: {} # limits: # cpu: 50m @@ -470,6 +601,47 @@ repoServer: # namespace: monitoring # additionalLabels: {} + ## Repo server service account + ## If create is set to true, make sure to uncomment the name and update the rbac section below + serviceAccount: + create: false + # name: argocd-repo-server + ## Annotations applied to created service account + annotations: {} + + ## Repo server rbac rules + # rbac: + # - apiGroups: + # - argoproj.io + # resources: + # - applications + # verbs: + # - get + # - list + # - watch + + ## Use init containers to configure custom tooling + ## https://argoproj.github.io/argo-cd/operator-manual/custom_tools/ + ## When using the volumes & volumeMounts section bellow, please comment out those above. + # volumes: + # - name: custom-tools + # emptyDir: {} + # + # initContainers: + # - name: download-tools + # image: alpine:3.8 + # command: [sh, -c] + # args: + # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && + # mv linux-amd64/helm /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + # volumeMounts: + # - mountPath: /usr/local/bin/helm + # name: custom-tools + # subPath: helm + ## Argo Configs configs: knownHosts: @@ -482,7 +654,8 @@ configs: gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - tlsCerts: {} + tlsCerts: + {} # data: # argocd.example.com: | # -----BEGIN CERTIFICATE----- @@ -519,13 +692,53 @@ configs: # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK # XWyb96wrUlv+E8I= # -----END CERTIFICATE----- + # Creates a secret with optional repository credentials + repositoryCredentials: + {} + # sample-ssh-key: | + # -----BEGIN RSA PRIVATE KEY----- + # MIICXAIBAAKBgQCcmiVJXGUvL8zqWmRRETbCKgFadtjJ9WDQpSwiZzMiktpYBo0N + # z0cThzGQfWqvdiJYEy72MrKCaSYssV3eHP5zTffk4VBDktNfdl1kgkOpqnh7tQO4 + # nBONRLzcK6KEbKUsmiTbW8Jb4UFYDhyyyveby7y3vYePmaRQIrlEenVfKwIDAQAB + # AoGAbbg+WZjnt9jYzHWKhZX29LDzg8ty9oT6URT4yB3gIOAdJMFqQHuyg8cb/e0x + # O0AcrfK623oHwgEj4vpeFwnfaBdtM5GfH9zaj6pnXV7VZc3oBHrBnHUgFT3NEYUe + # tt6rtatIguBH61Aj/pyij9sOfF0xDj0s1nwFTbdHtZR/31kCQQDIwcVTqhKkDNW6 + # cvdz+Wt3v9x1wNg+VhZhyA/pKILz3+qtn3GogLrQqhpVi+Y7tdvEv9FvgKaCjUp8 + # 6Lfp6dDFAkEAx7HpQbXFdrtcveOi9kosKRDX1PT4zdhB08jAXGlV8jr0jkrZazVM + # hV5rVCuu35Vh6x1fiyGwwiVsqhgWE+KPLwJAWrDemasM/LsnmjDxhJy6ZcBwsWlK + # xu5Q8h9UwLmiXtVayNBsofh1bGpLtzWZ7oN7ImidDkgJ8JQvgDoJS0xrGQJBALPJ + # FkMFnrjtqGqBVkc8shNqyZY90v6oM2OzupO4dht2PpUZCDPAMZtlTWXjSjabbCPc + # NxexBk1UmkdtFftjHxsCQGjG+nhRYH92MsmrbvZyFzgxg9SIOu6xel7D3Dq9l5Le + # XG+bpHPF4SiCpAxthP5WNa17zuvk+CDsMZgZNuhYNMo= + # -----END RSA PRIVATE KEY----- secret: createSecret: true + + # Webhook Configs githubSecret: "" gitlabSecret: "" - bitbucketSecret: "" -# argocdServerTlsConfig: -# key: -# cert: -# argocdServerAdminPassword: - + bitbucketServerSecret: "" + bitbucketUUÌD: "" + gogsSecret: "" + + # Custom secrets. Useful for injecting SSO secrets into environment variables. + # Ref: https://argoproj.github.io/argo-cd/operator-manual/sso/ + # Note that all values must be non-empty. + extra: {} + # LDAP_PASSWORD: "mypassword" + + # Argo TLS Data. + argocdServerTlsConfig: + {} + # key: + # crt: | + # -----BEGIN CERTIFICATE----- + # + # -----END CERTIFICATE----- + # -----BEGIN CERTIFICATE----- + # + # -----END CERTIFICATE----- + + # Argo expects the password in the secret to be bcrypt hashed. You can create this hash with + # `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` + # argocdServerAdminPassword: diff --git a/charts/argo-ci/Chart.yaml b/charts/argo-ci/Chart.yaml index 3f3230f9..337de899 100644 --- a/charts/argo-ci/Chart.yaml +++ b/charts/argo-ci/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 description: A Helm chart for Argo-CI name: argo-ci -version: 0.1.5 -icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +version: 0.1.6 +icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png appVersion: v1.0.0-alpha2 home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a4c4fcff..996e5148 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.5.2 +version: 0.6.1 keywords: - argo-events - sensor-controller @@ -11,6 +11,6 @@ sources: maintainers: - name: VaibhavPage - name: magaldima -appVersion: 0.10 -icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +appVersion: 0.11 +icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 174a8114..74cf9e83 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -14,3 +14,10 @@ This is a **community maintained** chart. It installs the [argo-events](https:// ## Notes on CRD Installation Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart. + +You can install the CRDs manually like so: + +``` +kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.11/hack/k8s/manifests/sensor-crd.yaml +kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.11/hack/k8s/manifests/gateway-crd.yaml +``` diff --git a/charts/argo-events/ci/test-values.yaml b/charts/argo-events/ci/test-values.yaml new file mode 100644 index 00000000..cd5d3916 --- /dev/null +++ b/charts/argo-events/ci/test-values.yaml @@ -0,0 +1,6 @@ +serviceAccount: argo-events-sa-test +additionalSaNamespaces: + - nsone + - nstwo +instanceID: test-argo-events +singleNamespace: false diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index c7a47254..878b8520 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -11,9 +11,10 @@ subjects: name: {{ .Values.serviceAccount }} namespace: {{ .Release.Namespace }} {{- if .Values.additionalSaNamespaces }} + {{ $sa := .Values.serviceAccount }} {{- range $namespace := .Values.additionalSaNamespaces }} - kind: ServiceAccount - name: {{ .Values.serviceAccount }} + name: {{ $sa }} namespace: {{ $namespace }} {{- end }} {{- end }} @@ -51,6 +52,8 @@ rules: resources: - workflows - workflows/finalizers + - workflowtemplates + - workflowtemplates/finalizers - gateways - gateways/finalizers - sensors diff --git a/charts/argo-events/templates/argo-events-sa.yaml b/charts/argo-events/templates/argo-events-sa.yaml index 04a39f51..f13b8a1d 100644 --- a/charts/argo-events/templates/argo-events-sa.yaml +++ b/charts/argo-events/templates/argo-events-sa.yaml @@ -1,4 +1,4 @@ -# All argo-events services are bound to the "argo-events" service account. +# All argo-events services are bound to the "argo-events" service account. # In RBAC enabled setups, this SA is bound to specific roles. apiVersion: v1 kind: ServiceAccount @@ -6,12 +6,13 @@ metadata: name: {{ .Values.serviceAccount }} namespace: {{ .Release.Namespace }} {{- if .Values.additionalSaNamespaces }} +{{ $sa := .Values.serviceAccount }} {{- range $namespace := .Values.additionalSaNamespaces }} --- apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.serviceAccount }} + name: {{ $sa }} namespace: {{ $namespace }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index a0841052..1ee2fa5a 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -26,11 +26,11 @@ singleNamespace: true sensorController: name: sensor-controller image: sensor-controller - tag: v0.10 + tag: v0.11 replicaCount: 1 gatewayController: name: gateway-controller image: gateway-controller - tag: v0.10 + tag: v0.11 replicaCount: 1 diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index e3d2f2dc..694a9c9d 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v1 -appVersion: "v2.4.2" +appVersion: "v2.4.3" description: A Helm chart for Argo Workflows name: argo -version: 0.6.3 -icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +version: 0.6.5 +icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: - name: alexec diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index c4e77c2a..8ef57d6f 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -4,7 +4,7 @@ images: ui: argoui executor: argoexec pullPolicy: Always - tag: v2.4.2 + tag: v2.4.3 crdVersion: v1alpha1 installCRD: true