diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 646d7e56..497aa297 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.10.1 -digest: sha256:e1e0526ad009ecc065df937b48c4e0e5877e5194242c7888b1dc4467775f2663 -generated: "2021-04-01T08:36:01.324672-07:00" + version: 4.10.4 +digest: sha256:e36321520ffd6f91962b0bcfeae947a86983d6b6d273eb616f08425e2b8ab9c2 +generated: "2021-04-14T13:41:16.151666-07:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 127cdb16..8019e90d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.0.1 +version: 3.1.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -16,6 +16,6 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.10.1 + version: 4.10.4 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 22806038..d94003d7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -80,6 +80,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | installCRDs | Install CRDs if you are using Helm2. | `true` | +| configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | | configs.secret.annotations | Annotations for argocd-secret | `{}` | diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml new file mode 100644 index 00000000..a4190768 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -0,0 +1,23 @@ +{{- range .Values.configs.clusterCredentials }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} + labels: + {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} + argocd.argoproj.io/secret-type: cluster + {{- with .annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +type: Opaque +stringData: + name: {{ required "A valid .Values.configs.clusterCredentials[].name entry is required!" .name }} + server: {{ required "A valid .Values.configs.clusterCredentials[].server entry is required!" .server }} + {{- with .namespaces }} + namespaces: {{ . }} + {{- end }} + config: | + {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toPrettyJson | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a7e84181..1b7c2682 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -872,6 +872,29 @@ repoServer: ## Argo Configs configs: + ## External Cluster Credentials + ## reference: + ## - https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters + ## - https://argoproj.github.io/argo-cd/operator-manual/security/#external-cluster-credentials + clusterCredentials: [] + # - name: mycluster + # server: https://mycluster.com + # annotations: {} + # config: + # bearerToken: "" + # tlsClientConfig: + # insecure: false + # caData: "" + # - name: mycluster2 + # server: https://mycluster2.com + # annotations: {} + # namespaces: namespace1,namespace2 + # config: + # bearerToken: "" + # tlsClientConfig: + # insecure: false + # caData: "" + knownHostsAnnotations: {} knownHosts: data: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index fcea120d..a7a9854e 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.2.4 +version: 1.3.1 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml index d6de39d2..56721159 100644 --- a/charts/argo-events/templates/argo-events-roles.yaml +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -49,10 +49,13 @@ rules: - workflowtemplates/finalizers - sensors - sensors/finalizers + - sensors/status - eventsources - eventsources/finalizers + - eventsources/status - eventbus - eventbus/finalizers + - eventbus/status - apiGroups: - "" resources: diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index dd734a88..900daf41 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} release: {{ .Release.Name }} + {{- with .Values.eventbusController.podAnnotations }} + annotations: {{- toYaml . | nindent 8 }} + {{- end }} spec: serviceAccountName: {{ .Values.serviceAccount }} containers: diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 95e7e83a..9fcd1eaf 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} release: {{ .Release.Name }} + {{- with .Values.eventsourceController.podAnnotations }} + annotations: {{- toYaml . | nindent 8 }} + {{- end }} spec: serviceAccountName: {{ .Values.serviceAccount }} containers: diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 214ee2bb..371fe82f 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ .Release.Name }}-{{ .Values.sensorController.name }} release: {{ .Release.Name }} + {{- with .Values.sensorController.podAnnotations }} + annotations: {{- toYaml . | nindent 8 }} + {{- end }} spec: serviceAccountName: {{ .Values.serviceAccount }} containers: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 05a8d634..ec251fe6 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -48,6 +48,7 @@ sensorController: tag: v1.2.3 replicaCount: 1 sensorImage: sensor + podAnnotations: {} nodeSelector: {} tolerations: {} affinity: {} @@ -58,6 +59,7 @@ eventsourceController: tag: v1.2.3 replicaCount: 1 eventsourceImage: eventsource + podAnnotations: {} nodeSelector: {} tolerations: {} affinity: {} @@ -67,6 +69,7 @@ eventbusController: image: eventbus-controller tag: v1.2.3 replicaCount: 1 + podAnnotations: {} nodeSelector: {} tolerations: {} affinity: {} diff --git a/charts/argo-applicationset/.helmignore b/charts/argocd-applicationset/.helmignore similarity index 100% rename from charts/argo-applicationset/.helmignore rename to charts/argocd-applicationset/.helmignore diff --git a/charts/argo-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml similarity index 87% rename from charts/argo-applicationset/Chart.yaml rename to charts/argocd-applicationset/Chart.yaml index 6973c1c1..ebb5ee1c 100644 --- a/charts/argo-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.0 -appVersion: "v0.1.0-prerelease" +version: 0.1.3 +appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-applicationset/README.md b/charts/argocd-applicationset/README.md similarity index 81% rename from charts/argo-applicationset/README.md rename to charts/argocd-applicationset/README.md index 5cc51a1a..b200d9cf 100644 --- a/charts/argo-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -18,7 +18,7 @@ To install the chart with the release name `my-release`: $ helm repo add argo https://argoproj.github.io/argo-helm "argo" has been added to your repositories -$ helm install --name my-release argo/argo-applicationset +$ helm install --name my-release argo/argocd-applicationset NAME: my-release ... ``` @@ -27,6 +27,17 @@ NAME: my-release Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks. +### Testing + +Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing). + +```console +kind create cluster +kubectl create namespace argocd +kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml +ct install --namespace argocd +``` + ## Values | Key | Type | Default | Description | @@ -46,7 +57,11 @@ Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | | installCRDs | bool | `true` | Install Custom Resource Definition | -| nameOverride | string | `""` | Provide a name in place of `argo-applicationset` | +| mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume | +| mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume | +| mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | +| mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` | +| nameOverride | string | `""` | Provide a name in place of `argocd-applicationset` | | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | | podAnnotations | object | `{}` | Annotations for the controller pods | | podSecurityContext | object | `{}` | Pod Security Context | diff --git a/charts/argocd-applicationset/ci/default-values.yaml b/charts/argocd-applicationset/ci/default-values.yaml new file mode 100644 index 00000000..eb1b7aae --- /dev/null +++ b/charts/argocd-applicationset/ci/default-values.yaml @@ -0,0 +1,77 @@ +# Default values for argo-applicationset. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +installCRDs: false # this needs to be false with ct + +image: + # The image repository + repository: quay.io/argocdapplicationset/argocd-applicationset + # Image pull policy + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +args: + metricsAddr: :8080 + probeBindAddr: :8081 + enableLeaderElection: false + namespace: argocd + argocdRepoServer: argocd-repo-server:8081 + policy: sync + debug: false + dryRun: false + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +rbac: + pspEnabled: true + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +mountSSHKnownHostsVolume: true +mountTLSCertsVolume: true +mountGPGKeysVolume: false +mountGPGKeyringVolume: true diff --git a/charts/argocd-applicationset/ci/leader-election-values.yaml b/charts/argocd-applicationset/ci/leader-election-values.yaml new file mode 100644 index 00000000..e7201ac1 --- /dev/null +++ b/charts/argocd-applicationset/ci/leader-election-values.yaml @@ -0,0 +1,6 @@ +args: + enableLeaderElection: true + +replicaCount: 3 + +installCRDs: false diff --git a/charts/argo-applicationset/crds/crd-applicationset.yaml b/charts/argocd-applicationset/crds/crd-applicationset.yaml similarity index 100% rename from charts/argo-applicationset/crds/crd-applicationset.yaml rename to charts/argocd-applicationset/crds/crd-applicationset.yaml diff --git a/charts/argo-applicationset/templates/_helpers.tpl b/charts/argocd-applicationset/templates/_helpers.tpl similarity index 100% rename from charts/argo-applicationset/templates/_helpers.tpl rename to charts/argocd-applicationset/templates/_helpers.tpl diff --git a/charts/argo-applicationset/templates/crds.yaml b/charts/argocd-applicationset/templates/crds.yaml similarity index 100% rename from charts/argo-applicationset/templates/crds.yaml rename to charts/argocd-applicationset/templates/crds.yaml diff --git a/charts/argo-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml similarity index 66% rename from charts/argo-applicationset/templates/deployment.yaml rename to charts/argocd-applicationset/templates/deployment.yaml index 10ebe70f..d2cd345c 100644 --- a/charts/argo-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -49,6 +49,43 @@ spec: protocol: TCP resources: {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + {{- if .Values.mountSSHKnownHostsVolume }} + - mountPath: /app/config/ssh + name: ssh-known-hosts + {{- end }} + {{- if .Values.mountTLSCertsVolume }} + - mountPath: /app/config/tls + name: tls-certs + {{- end }} + {{- if .Values.mountGPGKeysVolume }} + - mountPath: /app/config/gpg/source + name: gpg-keys + {{- end }} + {{- if .Values.mountGPGKeyringVolume }} + - mountPath: /app/config/gpg/keys + name: gpg-keyring + {{- end }} + volumes: + {{- if .Values.mountSSHKnownHostsVolume }} + - configMap: + name: argocd-ssh-known-hosts-cm + name: ssh-known-hosts + {{- end }} + {{- if .Values.mountTLSCertsVolume }} + - configMap: + name: argocd-tls-certs-cm + name: tls-certs + {{- end }} + {{- if .Values.mountGPGKeysVolume }} + - configMap: + name: argocd-gpg-keys-cm + name: gpg-keys + {{- end }} + {{- if .Values.mountGPGKeyringVolume }} + - emptyDir: {} + name: gpg-keyring + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-applicationset/templates/psp.yaml b/charts/argocd-applicationset/templates/psp.yaml similarity index 100% rename from charts/argo-applicationset/templates/psp.yaml rename to charts/argocd-applicationset/templates/psp.yaml diff --git a/charts/argo-applicationset/templates/rbac.yaml b/charts/argocd-applicationset/templates/rbac.yaml similarity index 64% rename from charts/argo-applicationset/templates/rbac.yaml rename to charts/argocd-applicationset/templates/rbac.yaml index 8610a2f3..1181e3d2 100644 --- a/charts/argo-applicationset/templates/rbac.yaml +++ b/charts/argocd-applicationset/templates/rbac.yaml @@ -6,73 +6,81 @@ metadata: {{- include "argo-applicationset.labels" . | nindent 4 }} rules: - apiGroups: - - argoproj.io + - argoproj.io resources: - - applications - - applicationsets - - applicationsets/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - argoproj.io - resources: - - applicationsets/status - verbs: - - get - - patch - - update - - apiGroups: - - '' - resources: - - events - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - '' - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - '' - resources: - - configmaps + - applications + - appprojects + - applicationsets + - applicationsets/finalizers verbs: + - create + - delete - get - list - - watch - - create - - update - patch - - delete + - update + - watch - apiGroups: - - '' + - argoproj.io resources: - - configmaps/status + - applicationsets/status verbs: - get - - update - patch + - update - apiGroups: - - '' + - "" resources: - events verbs: - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + - extensions + resources: + - deployments + verbs: + - get + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/charts/argo-applicationset/templates/serviceaccount.yaml b/charts/argocd-applicationset/templates/serviceaccount.yaml similarity index 100% rename from charts/argo-applicationset/templates/serviceaccount.yaml rename to charts/argocd-applicationset/templates/serviceaccount.yaml diff --git a/charts/argo-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml similarity index 93% rename from charts/argo-applicationset/values.yaml rename to charts/argocd-applicationset/values.yaml index 9a69f216..f7be897d 100644 --- a/charts/argo-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -70,3 +70,8 @@ nodeSelector: {} tolerations: [] affinity: {} + +mountSSHKnownHostsVolume: true +mountTLSCertsVolume: true +mountGPGKeysVolume: false +mountGPGKeyringVolume: true diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index b3853226..2d1ada91 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.0.2 +appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.0.15 +version: 1.1.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index ae3fda8f..35cce8df 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -7,7 +7,7 @@ fullnameOverride: "" image: repository: argoprojlabs/argocd-notifications - tag: v1.0.2 + tag: v1.1.1 pullPolicy: IfNotPresent imagePullSecrets: [] @@ -337,7 +337,7 @@ bots: image: repository: argoprojlabs/argocd-notifications - tag: v1.0.1 + tag: v1.1.1 pullPolicy: IfNotPresent imagePullSecrets: []