DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into gcs-support

Browse source
This commit is contained in:
Stefan Sedich 2020-09-04 15:20:58 -07:00 committed by GitHub
commit 2b0abd896b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
32 changed files with 530 additions and 470 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -3,3 +3,4 @@ output
.DS_Store .DS_Store
.idea .idea
**/*.tgz **/*.tgz
**/charts/*/charts

2
charts/argo-cd/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "1.6.2" appVersion: "1.6.2"
description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd name: argo-cd
version: 2.6.0 version: 2.6.3
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
keywords: keywords:

681
charts/argo-cd/crds/crd-application.yaml
View file

File diff suppressed because it is too large Load diff

164
charts/argo-cd/crds/crd-project.yaml
View file

@ -20,34 +20,37 @@ spec:
scope: Namespaced scope: Namespaced
validation: validation:
openAPIV3Schema: openAPIV3Schema:
description: 'AppProject provides a logical grouping of applications, providing description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)'
controls for: * where the apps may deploy to (cluster whitelist) * what may
be deployed (repository whitelist, resource whitelist/blacklist) * who can
access these applications (roles, OIDC group claims bindings) * and what they
can do (RBAC policies) * automation access to these roles (JWT tokens)'
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string type: string
metadata: metadata:
type: object type: object
spec: spec:
description: AppProjectSpec is the specification of an AppProject description: AppProjectSpec is the specification of an AppProject
properties: properties:
clusterResourceWhitelist: clusterResourceBlacklist:
description: ClusterResourceWhitelist contains list of whitelisted cluster description: ClusterResourceBlacklist contains list of blacklisted cluster level resources
level resources
items: items:
description: GroupKind specifies a Group and a Kind, but does not description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types
force a version. This is useful for identifying concepts during properties:
lookup stages without having partially valid types group:
type: string
kind:
type: string
required:
- group
- kind
type: object
type: array
clusterResourceWhitelist:
description: ClusterResourceWhitelist contains list of whitelisted cluster level resources
items:
description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types
properties: properties:
group: group:
type: string type: string
@ -62,29 +65,25 @@ spec:
description: Description contains optional project description description: Description contains optional project description
type: string type: string
destinations: destinations:
description: Destinations contains list of destinations available for description: Destinations contains list of destinations available for deployment
deployment
items: items:
description: ApplicationDestination contains deployment destination description: ApplicationDestination contains deployment destination information
information
properties: properties:
name:
description: Name of the destination cluster which can be used instead of server (url) field
type: string
namespace: namespace:
description: Namespace overrides the environment namespace value description: Namespace overrides the environment namespace value in the ksonnet app.yaml
in the ksonnet app.yaml
type: string type: string
server: server:
description: Server overrides the environment server value in description: Server overrides the environment server value in the ksonnet app.yaml
the ksonnet app.yaml
type: string type: string
type: object type: object
type: array type: array
namespaceResourceBlacklist: namespaceResourceBlacklist:
description: NamespaceResourceBlacklist contains list of blacklisted description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources
namespace level resources
items: items:
description: GroupKind specifies a Group and a Kind, but does not description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
properties: properties:
group: group:
type: string type: string
@ -96,12 +95,9 @@ spec:
type: object type: object
type: array type: array
namespaceResourceWhitelist: namespaceResourceWhitelist:
description: NamespaceResourceWhitelist contains list of whitelisted description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources
namespace level resources
items: items:
description: GroupKind specifies a Group and a Kind, but does not description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
properties: properties:
group: group:
type: string type: string
@ -113,17 +109,25 @@ spec:
type: object type: object
type: array type: array
orphanedResources: orphanedResources:
description: OrphanedResources specifies if controller should monitor description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project
orphaned resources of apps in this project
properties: properties:
ignore:
items:
properties:
group:
type: string
kind:
type: string
name:
type: string
type: object
type: array
warn: warn:
description: Warn indicates if warning condition should be created description: Warn indicates if warning condition should be created for apps which have orphaned resources
for apps which have orphaned resources
type: boolean type: boolean
type: object type: object
roles: roles:
description: Roles are user defined RBAC roles associated with this description: Roles are user defined RBAC roles associated with this project
project
items: items:
description: ProjectRole represents a role that has access to a project description: ProjectRole represents a role that has access to a project
properties: properties:
@ -131,17 +135,14 @@ spec:
description: Description is a description of the role description: Description is a description of the role
type: string type: string
groups: groups:
description: Groups are a list of OIDC group claims bound to this description: Groups are a list of OIDC group claims bound to this role
role
items: items:
type: string type: string
type: array type: array
jwtTokens: jwtTokens:
description: JWTTokens are a list of generated JWT tokens bound description: JWTTokens are a list of generated JWT tokens bound to this role
to this role
items: items:
description: JWTToken holds the issuedAt and expiresAt values description: JWTToken holds the issuedAt and expiresAt values of a token
of a token
properties: properties:
exp: exp:
format: int64 format: int64
@ -159,8 +160,7 @@ spec:
description: Name is a name for this role description: Name is a name for this role
type: string type: string
policies: policies:
description: Policies Stores a list of casbin formated strings description: Policies Stores a list of casbin formated strings that define access policies for the role in the project
that define access policies for the role in the project
items: items:
type: string type: string
type: array type: array
@ -168,55 +168,83 @@ spec:
- name - name
type: object type: object
type: array type: array
signatureKeys:
description: List of PGP key IDs that commits to be synced to must be signed with
items:
description: SignatureKey is the specification of a key required to verify commit signatures with
properties:
keyID:
description: The ID of the key in hexadecimal notation
type: string
required:
- keyID
type: object
type: array
sourceRepos: sourceRepos:
description: SourceRepos contains list of repository URLs which can description: SourceRepos contains list of repository URLs which can be used for deployment
be used for deployment
items: items:
type: string type: string
type: array type: array
syncWindows: syncWindows:
description: SyncWindows controls when syncs can be run for apps in description: SyncWindows controls when syncs can be run for apps in this project
this project
items: items:
description: SyncWindow contains the kind, time, duration and attributes description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps
that are used to assign the syncWindows to apps
properties: properties:
applications: applications:
description: Applications contains a list of applications that description: Applications contains a list of applications that the window will apply to
the window will apply to
items: items:
type: string type: string
type: array type: array
clusters: clusters:
description: Clusters contains a list of clusters that the window description: Clusters contains a list of clusters that the window will apply to
will apply to
items: items:
type: string type: string
type: array type: array
duration: duration:
description: Duration is the amount of time the sync window will description: Duration is the amount of time the sync window will be open
be open
type: string type: string
kind: kind:
description: Kind defines if the window allows or blocks syncs description: Kind defines if the window allows or blocks syncs
type: string type: string
manualSync: manualSync:
description: ManualSync enables manual syncs when they would otherwise description: ManualSync enables manual syncs when they would otherwise be blocked
be blocked
type: boolean type: boolean
namespaces: namespaces:
description: Namespaces contains a list of namespaces that the description: Namespaces contains a list of namespaces that the window will apply to
window will apply to
items: items:
type: string type: string
type: array type: array
schedule: schedule:
description: Schedule is the time the window will begin, specified description: Schedule is the time the window will begin, specified in cron format
in cron format
type: string type: string
type: object type: object
type: array type: array
type: object type: object
status:
description: AppProjectStatus contains information about appproj
properties:
jwtTokensByRole:
additionalProperties:
properties:
items:
items:
description: JWTToken holds the issuedAt and expiresAt values of a token
properties:
exp:
format: int64
type: integer
iat:
format: int64
type: integer
id:
type: string
required:
- iat
type: object
type: array
type: object
type: object
type: object
required: required:
- metadata - metadata
- spec - spec
@ -225,4 +253,4 @@ spec:
versions: versions:
- name: v1alpha1 - name: v1alpha1
served: true served: true
storage: true storage: true

9
charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
View file

@ -2,6 +2,7 @@
{{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $serviceName := include "argo-cd.server.fullname" . -}}
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
{{- $paths := .Values.server.ingressGrpc.paths -}} {{- $paths := .Values.server.ingressGrpc.paths -}}
{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}}
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
apiVersion: networking.k8s.io/v1beta1 apiVersion: networking.k8s.io/v1beta1
{{ else }} {{ else }}
@ -33,6 +34,9 @@ spec:
- host: {{ $host }} - host: {{ $host }}
http: http:
paths: paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end -}}
{{- range $p := $paths }} {{- range $p := $paths }}
- path: {{ $p }} - path: {{ $p }}
backend: backend:
@ -43,6 +47,9 @@ spec:
{{- else }} {{- else }}
- http: - http:
paths: paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end -}}
{{- range $p := $paths }} {{- range $p := $paths }}
- path: {{ $p }} - path: {{ $p }}
backend: backend:
@ -54,4 +61,4 @@ spec:
tls: tls:
{{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}

9
charts/argo-cd/templates/argocd-server/ingress.yaml
View file

@ -2,6 +2,7 @@
{{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $serviceName := include "argo-cd.server.fullname" . -}}
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}}
{{- $paths := .Values.server.ingress.paths -}} {{- $paths := .Values.server.ingress.paths -}}
{{- $extraPaths := .Values.server.ingress.extraPaths -}}
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
apiVersion: networking.k8s.io/v1beta1 apiVersion: networking.k8s.io/v1beta1
{{ else }} {{ else }}
@ -33,6 +34,9 @@ spec:
- host: {{ $host }} - host: {{ $host }}
http: http:
paths: paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end }}
{{- range $p := $paths }} {{- range $p := $paths }}
- path: {{ $p }} - path: {{ $p }}
backend: backend:
@ -43,6 +47,9 @@ spec:
{{- else }} {{- else }}
- http: - http:
paths: paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end }}
{{- range $p := $paths }} {{- range $p := $paths }}
- path: {{ $p }} - path: {{ $p }}
backend: backend:
@ -54,4 +61,4 @@ spec:
tls: tls:
{{- toYaml .Values.server.ingress.tls | nindent 4 }} {{- toYaml .Values.server.ingress.tls | nindent 4 }}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}

4
charts/argo-cd/templates/argocd-server/projects.yaml
View file

@ -46,5 +46,9 @@ items:
roles: roles:
{{- toYaml .roles | nindent 8 }} {{- toYaml .roles | nindent 8 }}
{{- end }} {{- end }}
{{- if .syncWindows }}
syncWindows:
{{- toYaml .syncWindows | nindent 8 }}
{{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}

19
charts/argo-cd/values.yaml
View file

@ -454,6 +454,12 @@ server:
# - argocd.example.com # - argocd.example.com
paths: paths:
- / - /
extraPaths:
[]
# - path: /*
# backend:
# serviceName: ssl-redirect
# servicePort: use-annotation
tls: tls:
[] []
# - secretName: argocd-example-tls # - secretName: argocd-example-tls
@ -476,6 +482,12 @@ server:
# - argocd.example.com # - argocd.example.com
paths: paths:
- / - /
extraPaths:
[]
# - path: /*
# backend:
# serviceName: ssl-redirect
# servicePort: use-annotation
tls: tls:
[] []
# - secretName: argocd-example-tls # - secretName: argocd-example-tls
@ -604,6 +616,13 @@ server:
# kind: StatefulSet # kind: StatefulSet
# orphanedResources: {} # orphanedResources: {}
# roles: [] # roles: []
# syncWindows:
# - kind: allow
# schedule: '10 1 * * *'
# duration: 1h
# applications:
# - '*-prod'
# manualSync: true
## Enable Admin ClusterRole resources. ## Enable Admin ClusterRole resources.
## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster.

2
charts/argo-ci/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
description: A Helm chart for Argo-CI description: A Helm chart for Argo-CI
name: argo-ci name: argo-ci
version: 0.1.6 version: 0.1.7
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
appVersion: v1.0.0-alpha2 appVersion: v1.0.0-alpha2
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm

4
charts/argo-ci/templates/ci-deployment.yaml
View file

@ -33,3 +33,7 @@ spec:
ports: ports:
- containerPort: 8001 - containerPort: 8001
- containerPort: 8002 - containerPort: 8002
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}

3
charts/argo-ci/values.yaml
View file

@ -2,6 +2,9 @@ imageNamespace: argoproj
ciImage: argoci ciImage: argoci
imageTag: v1.0.0-alpha2 imageTag: v1.0.0-alpha2
imagePullPolicy: Always imagePullPolicy: Always
# Secrets with credentials to pull images from a private registry
imagePullSecrets: []
# - name: argo-pull-secret
workflowNamespace: default workflowNamespace: default
argo: argo:

2
charts/argo-events/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
description: A Helm chart to install Argo-Events in k8s Cluster description: A Helm chart to install Argo-Events in k8s Cluster
name: argo-events name: argo-events
version: 0.17.0 version: 0.17.1
keywords: keywords:
- argo-events - argo-events
- sensor-controller - sensor-controller

4
charts/argo-events/templates/eventbus-controller-deployment.yaml
View file

@ -37,3 +37,7 @@ spec:
value: {{ .Values.eventbusController.natsStreamingImage }} value: {{ .Values.eventbusController.natsStreamingImage }}
- name: NATS_METRICS_EXPORTER_IMAGE - name: NATS_METRICS_EXPORTER_IMAGE
value: {{ .Values.eventbusController.natsMetricsExporterImage }} value: {{ .Values.eventbusController.natsMetricsExporterImage }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}

3
charts/argo-events/templates/eventbus-crd.yaml
View file

@ -3,6 +3,9 @@ apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
name: eventbus.argoproj.io name: eventbus.argoproj.io
annotations:
helm.sh/hook: crd-install
helm.sh/hook-delete-policy: before-hook-creation
spec: spec:
group: argoproj.io group: argoproj.io
names: names:

4
charts/argo-events/templates/eventsource-controller-deployment.yaml
View file

@ -35,3 +35,7 @@ spec:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: EVENTSOURCE_IMAGE - name: EVENTSOURCE_IMAGE
value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag }}" value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag }}"
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}

3
charts/argo-events/templates/eventsource-crd.yaml
View file

@ -3,6 +3,9 @@ apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
name: eventsources.argoproj.io name: eventsources.argoproj.io
annotations:
helm.sh/hook: crd-install
helm.sh/hook-delete-policy: before-hook-creation
spec: spec:
group: argoproj.io group: argoproj.io
scope: Namespaced scope: Namespaced

4
charts/argo-events/templates/sensor-controller-deployment.yaml
View file

@ -35,3 +35,7 @@ spec:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: SENSOR_IMAGE - name: SENSOR_IMAGE
value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag }}" value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag }}"
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}

3
charts/argo-events/templates/sensor-crd.yaml
View file

@ -4,6 +4,9 @@ apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
name: sensors.argoproj.io name: sensors.argoproj.io
annotations:
helm.sh/hook: crd-install
helm.sh/hook-delete-policy: before-hook-creation
spec: spec:
group: argoproj.io group: argoproj.io
names: names:

4
charts/argo-events/values.yaml
View file

@ -4,6 +4,10 @@ registry: argoproj
# The image pull policy # The image pull policy
imagePullPolicy: Always imagePullPolicy: Always
# Secrets with credentials to pull images from a private registry
imagePullSecrets: []
# - name: argo-pull-secret
# If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation. # If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation.
installCRD: true installCRD: true

2
charts/argo-rollouts/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "0.8.3" appVersion: "0.8.3"
description: A Helm chart for Argo Rollouts description: A Helm chart for Argo Rollouts
name: argo-rollouts name: argo-rollouts
version: 0.3.4 version: 0.3.6
icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
maintainers: maintainers:

4
charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml
View file

@ -6,6 +6,10 @@ metadata:
app.kubernetes.io/component: server app.kubernetes.io/component: server
app.kubernetes.io/name: {{ .Release.Name }}-metrics app.kubernetes.io/name: {{ .Release.Name }}-metrics
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
annotations:
{{- range $key, $value := .Values.serviceAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec: spec:
ports: ports:
- name: metrics - name: metrics

10
charts/argo-rollouts/values.yaml
View file

@ -28,12 +28,18 @@ controller:
serviceAccount: serviceAccount:
name: argo-rollouts name: argo-rollouts
## Annotations to be added to the Redis server pods ## Annotations to be added to the Rollout pods
## ##
podAnnotations: {} podAnnotations: {}
## Labels to be added to the Redis server pods ## Annotations to be added to the Rollout service
##
serviceAnnotations: {}
## Labels to be added to the Rollout pods
## ##
podLabels: {} podLabels: {}
# Secrets with credentials to pull images from a private registry
imagePullSecrets: [] imagePullSecrets: []
# - name: argo-pull-secret

2
charts/argo/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v1
appVersion: v2.8.0 appVersion: v2.8.0
description: A Helm chart for Argo Workflows description: A Helm chart for Argo Workflows
name: argo name: argo
version: 0.9.9 version: 0.10.2
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
maintainers: maintainers:

8
charts/argo/templates/server-deployment.yaml
View file

@ -26,6 +26,10 @@ spec:
{{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }} {{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }}
spec: spec:
serviceAccountName: {{ .Values.server.serviceAccount | quote }} serviceAccountName: {{ .Values.server.serviceAccount | quote }}
{{- if .Values.server.podSecurityContext }}
securityContext:
{{- toYaml .Values.server.podSecurityContext | nindent 8 }}
{{- end }}
containers: containers:
- name: argo-server - name: argo-server
args: args:
@ -67,6 +71,10 @@ spec:
volumeMounts: volumeMounts:
{{- toYaml . | nindent 12}} {{- toYaml . | nindent 12}}
{{- end }} {{- end }}
{{- with .Values.images.pullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.volumes }} {{- with .Values.server.volumes }}
volumes: volumes:
{{- toYaml . | nindent 8}} {{- toYaml . | nindent 8}}

9
charts/argo/templates/workflow-controller-cluster-roles.yaml
View file

@ -73,6 +73,7 @@ rules:
- events - events
verbs: verbs:
- create - create
- patch
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
@ -80,6 +81,14 @@ rules:
verbs: verbs:
- get - get
- list - list
- apiGroups:
- "policy"
resources:
- poddisruptionbudgets
verbs:
- create
- get
- delete
{{- if .Values.controller.persistence }} {{- if .Values.controller.persistence }}
- apiGroups: - apiGroups:
- "" - ""

5
charts/argo/templates/workflow-controller-config-map.yaml
View file

@ -16,7 +16,7 @@ data:
{{- end }} {{- end }}
{{- end }} {{- end }}
containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }}
{{- if or .Values.executor.resources .Values.executor.env }} {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}}
executor: executor:
{{- with .Values.executor.resources }} {{- with .Values.executor.resources }}
resources: {{- toYaml . | nindent 8 }} resources: {{- toYaml . | nindent 8 }}
@ -24,6 +24,9 @@ data:
{{- with .Values.executor.env }} {{- with .Values.executor.env }}
env: {{- toYaml . | nindent 8 }} env: {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
{{- with .Values.executor.securityContext }}
securityContext: {{- toYaml . | nindent 8 }}
{{- end }}
{{- end }} {{- end }}
{{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }}
artifactRepository: artifactRepository:

8
charts/argo/templates/workflow-controller-deployment.yaml
View file

@ -26,6 +26,10 @@ spec:
{{ toYaml .Values.controller.podAnnotations | indent 8}}{{- end }} {{ toYaml .Values.controller.podAnnotations | indent 8}}{{- end }}
spec: spec:
serviceAccountName: {{ .Values.controller.serviceAccount | quote }} serviceAccountName: {{ .Values.controller.serviceAccount | quote }}
{{- if .Values.controller.podSecurityContext }}
securityContext:
{{- toYaml .Values.controller.podSecurityContext | nindent 8 }}
{{- end }}
containers: containers:
- name: controller - name: controller
image: "{{ .Values.images.namespace }}/{{ .Values.images.controller }}:{{ default .Values.images.tag .Values.controller.image.tag }}" image: "{{ .Values.images.namespace }}/{{ .Values.images.controller }}:{{ default .Values.images.tag .Values.controller.image.tag }}"
@ -63,6 +67,10 @@ spec:
ports: ports:
- containerPort: 8080 - containerPort: 8080
{{- end }} {{- end }}
{{- with .Values.images.pullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.nodeSelector }} {{- with .Values.controller.nodeSelector }}
nodeSelector: nodeSelector:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}

15
charts/argo/values.yaml
View file

@ -4,6 +4,9 @@ images:
server: argocli server: argocli
executor: argoexec executor: argoexec
pullPolicy: Always pullPolicy: Always
# Secrets with credentials to pull images from a private registry
pullSecrets: []
# - name: argo-pull-secret
tag: v2.7.6 tag: v2.7.6
crdVersion: v1alpha1 crdVersion: v1alpha1
@ -28,6 +31,8 @@ controller:
podAnnotations: {} podAnnotations: {}
# Optional labels to add to the controller pods # Optional labels to add to the controller pods
podLabels: {} podLabels: {}
# SecurityContext to set on the controller pods
podSecurityContext: {}
# podPortName: http # podPortName: http
metricsConfig: metricsConfig:
enabled: false enabled: false
@ -105,7 +110,8 @@ controller:
## Node selectors and tolerations for server scheduling to nodes with taints ## Node selectors and tolerations for server scheduling to nodes with taints
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
## ##
nodeSelector: {} nodeSelector:
kubernetes.io/os: linux
tolerations: [] tolerations: []
affinity: {} affinity: {}
@ -117,6 +123,8 @@ executor:
resources: {} resources: {}
# Adds environment variables for the executor. # Adds environment variables for the executor.
env: {} env: {}
# sets security context for the executor container
securityContext: {}
server: server:
enabled: true enabled: true
@ -131,6 +139,8 @@ server:
podAnnotations: {} podAnnotations: {}
# Optional labels to add to the UI pods # Optional labels to add to the UI pods
podLabels: {} podLabels: {}
# SecurityContext to set on the server pods
podSecurityContext: {}
name: server name: server
serviceType: ClusterIP serviceType: ClusterIP
servicePort: 2746 servicePort: 2746
@ -157,7 +167,8 @@ server:
## Node selectors and tolerations for server scheduling to nodes with taints ## Node selectors and tolerations for server scheduling to nodes with taints
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
## ##
nodeSelector: {} nodeSelector:
kubernetes.io/os: linux
tolerations: [] tolerations: []
affinity: {} affinity: {}

2
charts/argocd-notifications/Chart.yaml
View file

@ -3,7 +3,7 @@ appVersion: 0.7.0
description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD.
name: argocd-notifications name: argocd-notifications
type: application type: application
version: 1.0.10 version: 1.0.11
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
keywords: keywords:

3
charts/argocd-notifications/templates/bots/slack/deployment.yaml
View file

@ -30,6 +30,9 @@ spec:
command: command:
- /app/argocd-notifications - /app/argocd-notifications
- bot - bot
ports:
- containerPort: 8080
name: http
{{- with .Values.bots.slack.nodeSelector }} {{- with .Values.bots.slack.nodeSelector }}
nodeSelector: nodeSelector:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}

6
charts/argocd-notifications/templates/bots/slack/service.yaml
View file

@ -9,10 +9,10 @@ metadata:
{{- end }} {{- end }}
spec: spec:
ports: ports:
- name: server - name: http
port: 80 port: {{ .Values.bots.slack.service.port }}
protocol: TCP protocol: TCP
targetPort: 8080 targetPort: http
selector: selector:
{{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 4 }} {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 4 }}
type: {{ .Values.bots.slack.service.type }} type: {{ .Values.bots.slack.service.type }}

1
charts/argocd-notifications/values.yaml
View file

@ -211,6 +211,7 @@ bots:
service: service:
annotations: {} annotations: {}
port: 80
type: LoadBalancer type: LoadBalancer
serviceAccount: serviceAccount: