DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add kuberentes app version tag and add container security capabilities

Browse source
This commit is contained in:
Bart Segers 2020-01-07 10:59:45 +01:00
parent 2fa31188ed
commit 2fd1e6e820
6 changed files with 65 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
charts/argo-cd/templates/argocd-application-controller/deployment.yaml Normal file → Executable file
View file

@ -9,6 +9,7 @@ metadata:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.controller.name }}
app.kubernetes.io/version: {{ .Values.controller.image.tag }}
spec:
selector:
matchLabels:
@ -31,6 +32,7 @@ spec:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.controller.name }}
app.kubernetes.io/version: {{ .Values.controller.image.tag }}
{{- if .Values.controller.podLabels }}
{{- toYaml .Values.controller.podLabels | nindent 8 }}
{{- end }}
@ -63,6 +65,9 @@ spec:
image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default .Values.global.image.tag .Values.controller.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }}
name: {{ .Values.controller.name }}
{{- if .Values.controller.containerSecurityContext }}
securityContext: {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }}
{{- end }}
{{- if .Values.controller.env }}
env:
{{- toYaml .Values.controller.env | nindent 8 }}

5
charts/argo-cd/templates/argocd-repo-server/deployment.yaml Normal file → Executable file
View file

@ -9,6 +9,7 @@ metadata:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.repoServer.name }}
app.kubernetes.io/version: {{ .Values.repoServer.image.tag }}
spec:
selector:
matchLabels:
@ -31,6 +32,7 @@ spec:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.repoServer.name }}
app.kubernetes.io/version: {{ .Values.repoServer.image.tag }}
{{- if .Values.controller.podLabels }}
{{- toYaml .Values.controller.podLabels | nindent 8 }}
{{- end }}
@ -57,6 +59,9 @@ spec:
- --{{ $key }}
{{- end }}
{{- end }}
{{- if .Values.repoServer.containerSecurityContext }}
securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }}
{{- end }}
{{- if .Values.repoServer.env }}
env:
{{- toYaml .Values.repoServer.env | nindent 8 }}

5
charts/argo-cd/templates/argocd-server/deployment.yaml Normal file → Executable file
View file

@ -9,6 +9,7 @@ metadata:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.server.name }}
app.kubernetes.io/version: {{ .Values.server.image.tag }}
spec:
selector:
matchLabels:
@ -31,6 +32,7 @@ spec:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.server.name }}
app.kubernetes.io/version: {{ .Values.server.image.tag }}
{{- if .Values.controller.podLabels }}
{{- toYaml .Values.controller.podLabels | nindent 8 }}
{{- end }}
@ -65,6 +67,9 @@ spec:
- --{{ $key }}
{{- end }}
{{- end }}
{{- if .Values.server.containerSecurityContext }}
securityContext: {{- toYaml .Values.server.containerSecurityContext | nindent 10 }}
{{- end }}
{{- if .Values.server.env }}
env:
{{- toYaml .Values.server.env | nindent 8 }}

10
charts/argo-cd/templates/dex/deployment.yaml Normal file → Executable file
View file

@ -10,6 +10,7 @@ metadata:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.dex.name }}
app.kubernetes.io/version: {{ .Values.dex.image.tag }}
spec:
selector:
matchLabels:
@ -24,11 +25,17 @@ spec:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.dex.name }}
app.kubernetes.io/version: {{ .Values.dex.image.tag }}
spec:
initContainers:
- name: copyutil
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
resources:
{{- toYaml .Values.dex.resources | nindent 10 }}
{{- if .Values.dex.containerSecurityContext }}
securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
{{- end }}
command:
- cp
- /usr/local/bin/argocd-util
@ -43,6 +50,9 @@ spec:
command:
- /shared/argocd-util
- rundex
{{- if .Values.dex.containerSecurityContext }}
securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
{{- end }}
{{- if .Values.dex.env }}
env:
{{- toYaml .Values.dex.env | nindent 8 }}

5
charts/argo-cd/templates/redis/deployment.yaml Normal file → Executable file
View file

@ -10,6 +10,7 @@ metadata:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.redis.name }}
app.kubernetes.io/version: {{ .Values.redis.image.tag }}
spec:
selector:
matchLabels:
@ -23,6 +24,7 @@ spec:
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argocd
app.kubernetes.io/component: {{ .Values.redis.name }}
app.kubernetes.io/version: {{ .Values.redis.image.tag }}
spec:
automountServiceAccountToken: false
{{- if .Values.global.securityContext }}
@ -37,6 +39,9 @@ spec:
- "no"
image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}}
{{- if .Values.redis.containerSecurityContext }}
securityContext: {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }}
{{- end }}
{{- if .Values.redis.env }}
env:
{{- toYaml .Values.redis.env | nindent 8 }}

39
charts/argo-cd/values.yaml Normal file → Executable file
View file

@ -36,7 +36,7 @@ controller:
## Additional command line arguments to pass to argocd-controller
## key: value
extraArgs: []
extraArgs: {}
## Environment variables to pass to argocd-controller
##
@ -50,6 +50,12 @@ controller:
##
podLabels: {}
## Labels to set container specific security contexts
containerSecurityContext: {}
# capabilities:
# drop:
# - all
## Configures the controller port
containerPort: 8082
@ -199,6 +205,13 @@ dex:
priorityClassName: ""
## Labels to set container specific security contexts
containerSecurityContext: {}
# capabilities:
# drop:
# - all
resources: {}
# limits:
# cpu: 50m
@ -233,6 +246,13 @@ redis:
priorityClassName: ""
## Labels to set container specific security contexts
containerSecurityContext: {}
# capabilities:
# drop:
# - all
resources: {}
# limits:
# cpu: 200m
@ -255,9 +275,8 @@ server:
## Additional command line arguments to pass to argocd-server
## key: value
# extraArgs: []
extraArgs: {}
# insecure: true
extraArgs: []
## Environment variables to pass to argocd-server
##
@ -308,6 +327,12 @@ server:
priorityClassName: ""
## Labels to set container specific security contexts
containerSecurityContext: {}
# capabilities:
# drop:
# - all
resources: {}
# limits:
# cpu: 100m
@ -491,7 +516,7 @@ repoServer:
## Additional command line arguments to pass to argocd-repo-server
## key: value
extraArgs: []
extraArgs: {}
## Environment variables to pass to argocd-repo-server
##
@ -542,6 +567,12 @@ repoServer:
priorityClassName: ""
## Labels to set container specific security contexts
containerSecurityContext: {}
# capabilities:
# drop:
# - all
resources: {}
# limits:
# cpu: 50m