DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' of github.com:rupinSec/argo-helm

Browse source
This commit is contained in:
Rupin Solanki 2023-01-20 09:55:37 +05:30
commit 140c2b3692
12 changed files with 174 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
charts/argo-cd/Chart.yaml
View file

@ -3,7 +3,7 @@ appVersion: v2.5.7
kubeVersion: ">=1.22.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 5.17.5
version: 5.18.1
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources:
@ -23,4 +23,4 @@ dependencies:
condition: redis-ha.enabled
annotations:
artifacthub.io/changes: |
- "[Changed]: Update Argo CD extensions to v0.2.1"
- "[Added]: Extra secret labels with .Values.configs.secret.labels"

1
charts/argo-cd/README.md
View file

@ -442,6 +442,7 @@ NAME: my-release
| configs.secret.githubSecret | string | `""` | Shared secret for authenticating GitHub webhook events |
| configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events |
| configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events |
| configs.secret.labels | object | `{}` | Labels to be added to argocd-secret |
| configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. |
| configs.tlsCerts | object | See [values.yaml] | TLS certificate |
| configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations |

3
charts/argo-cd/templates/argocd-configs/argocd-secret.yaml
View file

@ -5,6 +5,9 @@ metadata:
name: argocd-secret
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }}
{{- with .Values.configs.secret.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.configs.secret.annotations }}
annotations:
{{- range $key, $value := . }}

2
charts/argo-cd/values.yaml
View file

@ -400,6 +400,8 @@ configs:
secret:
# -- Create the argocd-secret
createSecret: true
# -- Labels to be added to argocd-secret
labels: {}
# -- Annotations to be added to argocd-secret
annotations: {}

7
charts/argo-rollouts/Chart.yaml
View file

@ -1,8 +1,8 @@
apiVersion: v2
appVersion: v1.3.1
appVersion: v1.4.0
description: A Helm chart for Argo Rollouts
name: argo-rollouts
version: 2.21.3
version: 2.22.0
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
keywords:
@ -15,5 +15,4 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)"
- "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller.image.tag with a SHA digest"
- "[Changed]: Upgrade ArgoRollouts to v1.4.0"

22
charts/argo-rollouts/templates/controller/clusterrole.yaml
View file

@ -89,7 +89,7 @@ rules:
- create
- get
- update
# secret access to run analysis templates which reference secrets, allow init containers to manipulate secrets
# secret read access to run analysis templates which reference secrets
- apiGroups:
- ""
resources:
@ -99,9 +99,6 @@ rules:
- get
- list
- watch
- create
- patch
- update
# pod list/update needed for updating ephemeral data
- apiGroups:
- ""
@ -110,6 +107,7 @@ rules:
verbs:
- list
- update
- watch
# pods eviction needed for restart
- apiGroups:
- ""
@ -223,4 +221,20 @@ rules:
- list
- update
- patch
- apiGroups:
- traefik.containo.us
resources:
- traefikservices
verbs:
- watch
- get
- update
- apiGroups:
- apisix.apache.org
resources:
- apisixroutes
verbs:
- watch
- get
- update
{{- end }}

99
charts/argo-rollouts/templates/controller/role.yaml
View file

@ -56,7 +56,19 @@ rules:
- update
- patch
- delete
# deployments and podtemplates read access needed for workload reference support
- apiGroups:
- ""
- apps
resources:
- deployments
- podtemplates
verbs:
- get
- list
- watch
# services patch needed to update selector of canary/stable/active/preview services
# services create needed to create and delete services for experiments
- apiGroups:
- ""
resources:
@ -66,8 +78,18 @@ rules:
- list
- watch
- patch
# secret access to run analysis templates which reference secrets
# configmap access to read notification-engine configuration
- create
- delete
# leases create/get/update needed for leader election
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- get
- update
# secret read access to run analysis templates which reference secrets
- apiGroups:
- ""
resources:
@ -77,9 +99,6 @@ rules:
- get
- list
- watch
- create
- patch
- update
# pod list/update needed for updating ephemeral data
- apiGroups:
- ""
@ -88,6 +107,7 @@ rules:
verbs:
- list
- update
- watch
# pods eviction needed for restart
- apiGroups:
- ""
@ -129,15 +149,17 @@ rules:
- update
- patch
- delete
# virtualservice access needed for using the Istio provider
# virtualservice/destinationrule access needed for using the Istio provider
- apiGroups:
- networking.istio.io
resources:
- virtualservices
- destinationrules
verbs:
- watch
- get
- update
- patch
- list
# trafficsplit access needed for using the SMI provider
- apiGroups:
@ -150,4 +172,69 @@ rules:
- get
- update
- patch
# ambassador access needed for Ambassador provider
- apiGroups:
- getambassador.io
- x.getambassador.io
resources:
- mappings
- ambassadormappings
verbs:
- create
- watch
- get
- update
- list
- delete
# Endpoints and TargetGroupBindings needed for ALB target group verification
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
- apiGroups:
- elbv2.k8s.aws
resources:
- targetgroupbindings
verbs:
- list
- get
# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider
- apiGroups:
- appmesh.k8s.aws
resources:
- virtualservices
verbs:
- watch
- get
- list
# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider
- apiGroups:
- appmesh.k8s.aws
resources:
- virtualnodes
- virtualrouters
verbs:
- watch
- get
- list
- update
- patch
- apiGroups:
- traefik.containo.us
resources:
- traefikservices
verbs:
- watch
- get
- update
- apiGroups:
- apisix.apache.org
resources:
- apisixroutes
verbs:
- watch
- get
- update
{{- end }}

3
charts/argo-rollouts/templates/crds/analysis-run-crd.yaml
View file

@ -2742,6 +2742,9 @@ spec:
type: array
insecure:
type: boolean
jsonBody:
type: object
x-kubernetes-preserve-unknown-fields: true
jsonPath:
type: string
method:

3
charts/argo-rollouts/templates/crds/analysis-template-crd.yaml
View file

@ -2738,6 +2738,9 @@ spec:
type: array
insecure:
type: boolean
jsonBody:
type: object
x-kubernetes-preserve-unknown-fields: true
jsonPath:
type: string
method:

3
charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml
View file

@ -2738,6 +2738,9 @@ spec:
type: array
insecure:
type: boolean
jsonBody:
type: object
x-kubernetes-preserve-unknown-fields: true
jsonPath:
type: string
method:

39
charts/argo-rollouts/templates/crds/rollout-crd.yaml
View file

@ -89,6 +89,12 @@ spec:
revisionHistoryLimit:
format: int32
type: integer
rollbackWindow:
properties:
revisions:
format: int32
type: integer
type: object
selector:
properties:
matchExpressions:
@ -397,6 +403,9 @@ spec:
- type: integer
- type: string
x-kubernetes-int-or-string: true
minPodsPerReplicaSet:
format: int32
type: integer
pingPong:
properties:
pingService:
@ -713,6 +722,20 @@ spec:
required:
- mappings
type: object
apisix:
properties:
route:
properties:
name:
type: string
rules:
items:
type: string
type: array
required:
- name
type: object
type: object
appMesh:
properties:
virtualNodeGroup:
@ -770,6 +793,14 @@ spec:
items:
type: string
type: array
tcpRoutes:
items:
properties:
port:
format: int64
type: integer
type: object
type: array
tlsRoutes:
items:
properties:
@ -794,6 +825,14 @@ spec:
items:
type: string
type: array
tcpRoutes:
items:
properties:
port:
format: int64
type: integer
type: object
type: array
tlsRoutes:
items:
properties:

7
charts/argo-rollouts/templates/dashboard/clusterrole.yaml
View file

@ -44,17 +44,18 @@ rules:
- get
- list
- watch
# deployments and podtemplates read access needed for workload reference support
- apiGroups:
- ""
- apps
resources:
- deployments
- podtemplates
verbs:
- get
- list
- watch
{{- if not .Values.dashboard.readonly }}
- update
- patch
{{- end }}
- apiGroups:
- apps
resources: