From fc783d79d5303bee96cd982437e87a374a479271 Mon Sep 17 00:00:00 2001 From: Alex Collins Date: Thu, 31 Oct 2019 11:05:21 -0700 Subject: [PATCH 01/18] Enables Circle CI job that uses the `cl` lint tool on changed charts (#143) --- .circleci/chart-testing.yaml | 2 ++ .circleci/config.yml | 35 ++++++++++++++++++++++++++++++++ .github/pull_request_template.md | 2 +- .gitignore | 2 +- CONTRIBUTING.md | 2 +- 5 files changed, 40 insertions(+), 3 deletions(-) create mode 100644 .circleci/chart-testing.yaml create mode 100644 .circleci/config.yml diff --git a/.circleci/chart-testing.yaml b/.circleci/chart-testing.yaml new file mode 100644 index 00000000..f9b5e85a --- /dev/null +++ b/.circleci/chart-testing.yaml @@ -0,0 +1,2 @@ +chart-repos: + - argo=https://argoproj.github.io/argo-helm diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000..a1b183d9 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,35 @@ +version: 2.1 +jobs: + lint: + docker: + - image: gcr.io/kubernetes-charts-ci/test-image:v3.0.1 + steps: + - checkout + - run: ct lint --config .circleci/chart-testing.yaml + # Technically this only needs to be run on master, but it's good to have it run on every PR + # so that it is regularly tested. + publish: + docker: + # We just need an image with `helm` on it. Handily we know of one already. + - image: gcr.io/kubernetes-charts-ci/test-image:v3.0.1 + steps: + # install the additional keys needed to push to Github. Alex Collins owns these keys. + - add_ssh_keys + - run: git config --global user.email "nobody@circleci.com" + - run: git config --global user.name "Circle CI Build" + - checkout + - run: helm init --client-only + # Only actually publish charts on master. + - run: | + if [ "$CIRCLE_BRANCH" = "master" ]; then + echo 'export GIT_PUSH=true' >> $BASH_ENV + fi + - run: sh ./scripts/publish.sh +workflows: + version: 2 + workflow: + jobs: + - lint + - publish: + requires: + - lint \ No newline at end of file diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index c0058839..08e3b47a 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -3,4 +3,4 @@ Checklist: * [ ] I have update the chart version in `Chart.yaml` following Semantic Versioning. * [ ] Any new values are backwards compatible and/or have sensible default. * [ ] I have followed the testing instructions in the [contributing guide](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md). -* [ ] I have signed the CLA. +* [ ] I have signed the CLA and the build is green. diff --git a/.gitignore b/.gitignore index 8a77cce9..ad3d67a1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ output .vscode .DS_Store -/*.tgz \ No newline at end of file +*.tgz diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e6370aeb..528deb77 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -51,7 +51,7 @@ argocd app sync guestbook ## Publishing Changes -To push changes use following script: +Changes are automatically publish whenever a commit is merged to master. The CI job (see `.circleci/config.yaml`) runs this: ``` GIT_PUSH=true ./scripts/publish.sh From ed127ea795a064a89cbe5e7c03524cd8ac2db23e Mon Sep 17 00:00:00 2001 From: Alex Collins Date: Thu, 31 Oct 2019 11:28:02 -0700 Subject: [PATCH 02/18] Fix bugs in CI set-up. (#144) --- .circleci/config.yml | 7 +++++-- .github/pull_request_template.md | 3 +++ scripts/publish.sh | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index a1b183d9..60db788d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -21,10 +21,13 @@ jobs: - run: helm init --client-only # Only actually publish charts on master. - run: | + set -x if [ "$CIRCLE_BRANCH" = "master" ]; then - echo 'export GIT_PUSH=true' >> $BASH_ENV + export GIT_PUSH=true + else + export GIT_PUSH=false fi - - run: sh ./scripts/publish.sh + sh ./scripts/publish.sh workflows: version: 2 workflow: diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 08e3b47a..3f860547 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -4,3 +4,6 @@ Checklist: * [ ] Any new values are backwards compatible and/or have sensible default. * [ ] I have followed the testing instructions in the [contributing guide](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md). * [ ] I have signed the CLA and the build is green. +* [ ] I will test my changes again once merged to master and published. + +Changes are automatically published when merged to `master`. They are not published on branches. \ No newline at end of file diff --git a/scripts/publish.sh b/scripts/publish.sh index 8b943495..40c5e66c 100755 --- a/scripts/publish.sh +++ b/scripts/publish.sh @@ -2,7 +2,7 @@ set -eux SRCROOT="$(cd "$(dirname "$0")/.." && pwd)" -GIT_PUSH=${GIT_PUSH:-true} +GIT_PUSH=${GIT_PUSH:-false} rm -rf $SRCROOT/output && git clone -b gh-pages git@github.com:argoproj/argo-helm.git $SRCROOT/output From 30889df4767f9f15c41eb228090307b43acf046c Mon Sep 17 00:00:00 2001 From: Jaret Date: Mon, 4 Nov 2019 16:17:25 -0800 Subject: [PATCH 03/18] init v1.0.0 (#129) --- CONTRIBUTING.md | 4 +- charts/argo-cd/.helmignore | 21 - charts/argo-cd/Chart.yaml | 14 +- charts/argo-cd/README.md | 273 +++++-- charts/argo-cd/requirements.yaml | 0 charts/argo-cd/templates/NOTES.txt | 10 +- charts/argo-cd/templates/_helpers.tpl | 70 +- ...ocd-application-controller-deployment.yaml | 51 -- ...pplication-controller-metrics-service.yaml | 19 - ...argocd-application-controller-service.yaml | 17 - .../clusterrole.yaml} | 8 +- .../clusterrolebinding.yaml | 21 + .../deployment.yaml | 106 +++ .../metrics-service.yaml | 31 + .../role.yaml} | 9 +- .../rolebinding.yaml} | 11 +- .../service.yaml | 25 + .../serviceaccount.yaml} | 6 +- .../servicemonitor.yaml | 32 + charts/argo-cd/templates/argocd-cm.yaml | 48 -- .../argocd-cm.yaml} | 10 +- .../argocd-configs/argocd-rbac-cm.yaml | 13 + .../argocd-configs/argocd-secret.yaml | 27 + .../argocd-ssh-known-hosts-cm.yaml | 12 + .../argocd-configs/argocd-tls-certs-cm.yaml | 14 + .../argocd-dex-server-deployment.yaml | 54 -- .../templates/argocd-dex-server-service.yaml | 23 - charts/argo-cd/templates/argocd-rbac-cm.yaml | 21 - .../templates/argocd-redis-deployment.yaml | 38 - .../argocd-repo-server-deployment.yaml | 69 -- .../templates/argocd-repo-server-service.yaml | 17 - .../argocd-repo-server/deployment.yaml | 121 ++++ .../argocd-repo-server/metrics-service.yaml | 31 + .../templates/argocd-repo-server/service.yaml | 26 + .../argocd-repo-server/servicemonitor.yaml | 33 + charts/argo-cd/templates/argocd-secret.yaml | 26 - .../argocd-server-clusterrolebinding.yaml | 21 - .../templates/argocd-server-deployment.yaml | 77 -- .../templates/argocd-server-ingress.yaml | 33 - .../templates/argocd-server-metrics.yaml | 19 - .../templates/argocd-server-service.yaml | 28 - .../templates/argocd-server/applications.yaml | 42 ++ .../certificate.yaml} | 12 +- .../clusterrole.yaml} | 10 +- .../clusterrolebinding.yaml} | 14 +- .../templates/argocd-server/deployment.yaml | 134 ++++ .../templates/argocd-server/ingress.yaml | 53 ++ .../argocd-server/metrics-service.yaml | 31 + .../templates/argocd-server/projects.yaml | 46 ++ .../role.yaml} | 8 +- .../rolebinding.yaml} | 11 +- .../templates/argocd-server/service.yaml | 31 + .../serviceaccount.yaml} | 6 +- .../argocd-server/servicemonitor.yaml | 33 + .../templates/argocd-ssh-known-hosts-cm.yaml | 19 - .../templates/argocd-tls-certs-cm.yaml | 11 - charts/argo-cd/templates/dex/deployment.yaml | 76 ++ .../role.yaml} | 10 +- .../rolebinding.yaml} | 14 +- charts/argo-cd/templates/dex/service.yaml | 26 + .../argo-cd/templates/dex/serviceaccount.yaml | 13 + .../argo-cd/templates/redis/deployment.yaml | 61 ++ .../service.yaml} | 10 +- charts/argo-cd/values.yaml | 682 +++++++++++++----- 64 files changed, 1909 insertions(+), 933 deletions(-) delete mode 100644 charts/argo-cd/.helmignore create mode 100644 charts/argo-cd/requirements.yaml delete mode 100644 charts/argo-cd/templates/argocd-application-controller-deployment.yaml delete mode 100644 charts/argo-cd/templates/argocd-application-controller-metrics-service.yaml delete mode 100644 charts/argo-cd/templates/argocd-application-controller-service.yaml rename charts/argo-cd/templates/{argocd-application-controller-clusterrole.yaml => argocd-application-controller/clusterrole.yaml} (61%) create mode 100644 charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml create mode 100644 charts/argo-cd/templates/argocd-application-controller/deployment.yaml create mode 100644 charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml rename charts/argo-cd/templates/{argocd-application-controller-role.yaml => argocd-application-controller/role.yaml} (74%) rename charts/argo-cd/templates/{argocd-dex-server-rolebinding.yaml => argocd-application-controller/rolebinding.yaml} (52%) create mode 100644 charts/argo-cd/templates/argocd-application-controller/service.yaml rename charts/argo-cd/templates/{argocd-application-controller-sa.yaml => argocd-application-controller/serviceaccount.yaml} (56%) create mode 100644 charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml delete mode 100644 charts/argo-cd/templates/argocd-cm.yaml rename charts/argo-cd/templates/{argocd-dex-server-sa.yaml => argocd-configs/argocd-cm.yaml} (55%) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-secret.yaml create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml delete mode 100644 charts/argo-cd/templates/argocd-dex-server-deployment.yaml delete mode 100644 charts/argo-cd/templates/argocd-dex-server-service.yaml delete mode 100644 charts/argo-cd/templates/argocd-rbac-cm.yaml delete mode 100644 charts/argo-cd/templates/argocd-redis-deployment.yaml delete mode 100644 charts/argo-cd/templates/argocd-repo-server-deployment.yaml delete mode 100644 charts/argo-cd/templates/argocd-repo-server-service.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/deployment.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/service.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml delete mode 100644 charts/argo-cd/templates/argocd-secret.yaml delete mode 100644 charts/argo-cd/templates/argocd-server-clusterrolebinding.yaml delete mode 100644 charts/argo-cd/templates/argocd-server-deployment.yaml delete mode 100644 charts/argo-cd/templates/argocd-server-ingress.yaml delete mode 100644 charts/argo-cd/templates/argocd-server-metrics.yaml delete mode 100644 charts/argo-cd/templates/argocd-server-service.yaml create mode 100644 charts/argo-cd/templates/argocd-server/applications.yaml rename charts/argo-cd/templates/{argocd-server-certificate.yaml => argocd-server/certificate.yaml} (61%) rename charts/argo-cd/templates/{argocd-server-clusterrole.yaml => argocd-server/clusterrole.yaml} (73%) rename charts/argo-cd/templates/{argocd-application-controller-clusterrolebinding.yaml => argocd-server/clusterrolebinding.yaml} (54%) create mode 100644 charts/argo-cd/templates/argocd-server/deployment.yaml create mode 100644 charts/argo-cd/templates/argocd-server/ingress.yaml create mode 100644 charts/argo-cd/templates/argocd-server/metrics-service.yaml create mode 100644 charts/argo-cd/templates/argocd-server/projects.yaml rename charts/argo-cd/templates/{argocd-server-role.yaml => argocd-server/role.yaml} (76%) rename charts/argo-cd/templates/{argocd-application-controller-rolebinding.yaml => argocd-server/rolebinding.yaml} (53%) create mode 100644 charts/argo-cd/templates/argocd-server/service.yaml rename charts/argo-cd/templates/{argocd-server-sa.yaml => argocd-server/serviceaccount.yaml} (57%) create mode 100644 charts/argo-cd/templates/argocd-server/servicemonitor.yaml delete mode 100644 charts/argo-cd/templates/argocd-ssh-known-hosts-cm.yaml delete mode 100644 charts/argo-cd/templates/argocd-tls-certs-cm.yaml create mode 100644 charts/argo-cd/templates/dex/deployment.yaml rename charts/argo-cd/templates/{argocd-dex-server-role.yaml => dex/role.yaml} (62%) rename charts/argo-cd/templates/{argocd-server-rolebinding.yaml => dex/rolebinding.yaml} (51%) create mode 100644 charts/argo-cd/templates/dex/service.yaml create mode 100644 charts/argo-cd/templates/dex/serviceaccount.yaml create mode 100644 charts/argo-cd/templates/redis/deployment.yaml rename charts/argo-cd/templates/{argocd-redis-service.yaml => redis/service.yaml} (54%) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 528deb77..3bdd1cd3 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -26,7 +26,7 @@ Minimally: ``` helm install charts/argo-cd --namespace argocd -n argo-cd -kubectl port-forward svc/argocd-server -n argocd 8080:443 +kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 ``` In a new terminal: @@ -40,6 +40,8 @@ kubectl -n argocd patch secret argocd-secret \ "admin.passwordMtime": "'$(date +%FT%T%Z)'" }}' argocd login localhost:8080 --username admin --password 'Password1!' + +# WARNING: server certificate had error: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y ``` Create and sync app: diff --git a/charts/argo-cd/.helmignore b/charts/argo-cd/.helmignore deleted file mode 100644 index f0c13194..00000000 --- a/charts/argo-cd/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cf7caac9..414cdea8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,6 +1,16 @@ apiVersion: v1 appVersion: "1.2.4" -description: A Helm chart for Argo-CD +description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 0.7.2 +version: 1.0.0 +home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +keywords: + - argoproj + - argocd + - gitops +maintainers: + - name: alexec + - name: alexmt + - name: jessesuen + - name: seanson diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2a1d7a02..4c21d029 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1,5 +1,12 @@ -# Argo CD Chart +Argo CD Chart +====== +A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. +Current chart version is `1.0.0` + +Source code can be found [here](https://argoproj.github.io/argo-cd/) + +## Additional Information This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes. The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases). @@ -19,73 +26,201 @@ $ helm repo add argo https://argoproj.github.io/argo-helm $ helm install --name my-release argo/argo-cd ``` + ## Chart Values -| Key | Type | Default | Description | -| -------------------------------------- | ------ | ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| applicationController.containerPort | int | `8082` | Container port for application controller server and metrics | -| applicationController.image.pullPolicy | string | `"Always"` | Docker image pull policy | -| applicationController.image.repository | string | `"argoproj/argocd"` | Docker image repo | -| applicationController.image.tag | string | `"v1.2.4"` | Docker image tag | -| applicationController.servicePort | int | `8082` | Service port for applicaiton controller server | -| applicationController.volumeMounts | list | `[]` | Additional volume mounts | -| applicationController.volumes | list | `[]` | Additional volumes | -| certificate.enabled | bool | `false` | Enable certificate (requires cert-manager) | -| clusterAdminAccess.enabled | bool | `true` | Standard Argo CD installation with cluster-admin access. Set this true if you plan to use Argo CD to deploy applications in the same cluster that Argo CD runs in (i.e. kubernetes.svc.default). Will still be able to deploy to external clusters with inputted credentials. | -| config.configManagementPlugins | string | `nil` | List of custom config management plugins, see [values.yaml](./values.yaml) for format | -| config.createSecret | bool | `true` | Creates the argocd-secret secret, set to false to manage externally | -| config.dexConfig | string | `nil` | Configuration for external auth and URL, see [values.yaml](./values.yaml) for format | -| config.helmRepositories | string | `nil` | Configuration for external Helm charts, see [values.yaml](./values.yaml) for format | -| config.oidcConfig | string | `nil` | Configuration for OpenID connect, see [values.yaml](./values.yaml) for format | -| config.repositories | string | `nil` | Configuration for remote Git repositories for Applications, see [values.yaml](./values.yaml) for format | -| config.resourceCustomizations | string | `nil` | resourceCustomizations can be used to create custom health checks for resources [https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/health.md#way-1-define-a-custom-health-check-in-argocd-cm-configmap] | -| config.url | string | `nil` | External URL for ArgoCD | -| config.instanceLabelKey | string | `nil` | Custom instance label key | -| config.webhook.bitbucketSecret | string | `nil` | BitBucket incoming webhook secret | -| config.webhook.githubSecret | string | `nil` | GitHub incoming webhook secret | -| config.webhook.gitlabSecret | string | `nil` | GitLab incoming webhook secret | -| dexServer.containerPortGrpc | int | `5557` | Container port for Dex Server GRPC | -| dexServer.containerPortHttp | int | `5556` | Container port for Dex Server HTTP | -| dexServer.image.pullPolicy | string | `"Always"` | Docker image pull policy | -| dexServer.image.repository | string | `"quay.io/dexidp/dex"` | Docker image repo | -| dexServer.image.tag | string | `"v2.12.0"` | Docker image tag | -| dexServer.initImage.pullPolicy | string | `"Always"` | Docker image pull policy | -| dexServer.initImage.repository | string | `"argoproj/argocd"` | Docker image repo | -| dexServer.initImage.tag | string | `"v1.2.0"` | Docker image tag | -| dexServer.servicePortGrpc | int | `5557` | Service port for Dex Server GRPC | -| dexServer.servicePortHttp | int | `5556` | Service port for Dex Server GRPC | -| dexServer.volumeMounts | list | `[]` | Additional volume mounts | -| dexServer.volumes | list | `[]` | Additional volumes | -| ingress.additionalHosts | list | `[]` | Ingress additional hosts | -| ingress.annotations | object | `{}` | Annotations for ingress object, set `nginx.ingress.kubernetes.io/force-ssl-redirect: "true"` and `nginx.ingress.kubernetes.io/ssl-passthrough: "true"` if serving GRPC and HTTPS on the same ingress | -| ingress.enabled | bool | `false` | Enable ingress | -| ingress.tls | object | `{}` | Ingress TLS configuration | -| rbac.policyCsv | string | `nil` | RBAC policy in CSV, see [values.yaml](./values.yaml) for format | -| rbac.policyDefault | string | `nil` | The default role Argo CD will fall back to, when authorizing API requests, ie: `role:readonly` | -| rbac.scopes | string | `nil` | Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). ie: `[groups]` | -| redis.containerPort | int | `6379` | Container port for Redis | -| redis.image.pullPolicy | string | `"Always"` | Docker image pull policy | -| redis.image.repository | string | `"redis"` | Docker image repo | -| redis.image.tag | string | `"5.0.3"` | Docker image tag | -| redis.servicePort | int | `6379` | Service port for Redis | -| repoServer.containerPort | int | `8081` | Container port for repo server | -| repoServer.image.pullPolicy | string | `"Always"` | Docker image pull policy | -| repoServer.image.repository | string | `"argoproj/argocd"` | Docker image repo | -| repoServer.image.tag | string | `"v1.2.0"` | Docker image tag | -| repoServer.servicePort | int | `8081` | Service port for repo server | -| repoServer.volumeMounts | list | `[]` | Additional volume mounts | -| repoServer.volumes | list | `[]` | Additional volumes | -| repoServer.initContainers | list | `[]` | Initialisation containers, see [values.yaml](./values.yaml) for syntax for Helm v2.12.3 | -| repoServer.imagePullSecrets | list | `[]` | List of image pull secrets, see [values.yaml](./values.yaml) for syntax for a secret called "docker-auth-secret" | -| server.annotations | object | `{}` | Annotations for the server deployment | -| server.containerPort | int | `8080` | Container port for server | -| server.extraArgs | list | `[]` | Add additional arguments | -| server.image.pullPolicy | string | `"Always"` | Docker image pull policy | -| server.image.repository | string | `"argoproj/argocd"` | Docker image repo | -| server.image.tag | string | `"v1.2.0"` | Docker image tag | -| server.metricsPort | int | `8083` | Container port for server metrics | -| server.serviceAnnotations | object | `{}` | Annotations for server service | -| server.servicePortHttp | int | `80` | HTTP Container port for server | -| server.servicePortHttps | int | `443` | HTTPS Container port for server | -| server.volumeMounts | list | `[]` | Additional volume mounts, see [values.yaml](./values.yaml) for syntax for SSH known hosts | -| server.volumes | list | `[]` | Additional volumes, see [values.yaml](./values.yaml) for syntax for SSH known hosts | +| Parameter | Description | Default | +|-----|------|---------| +| global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | +| global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.2.3"` | +| nameOverride | Provide a name in place of `argocd` | `"argocd"` | +| configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | +| configs.secret.bitbucketSecret | BitBucket incoming webhook secret | `""` | +| configs.secret.createSecret | Create the argocd-secret. | `true` | +| configs.secret.githubSecret | GitHub incoming webhook secret | `""` | +| configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` | +| configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) | + +## ArgoCD Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| controller.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | +| controller.args.operationProcessors | define the controller `--operation-processors` | `"10"` | +| controller.args.statusProcessors | define the controller `--status-processors` | `"20"` | +| controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | +| controller.containerPort | Controller listening port. | `8082` | +| controller.extraArgs | Additional arguments for the controller. | `[]` | +| controller.image.repository | Repository to use for the controller | `global.image.repository` | +| controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` | +| controller.image.tag | Tag to use for the controller | `global.image.tag` | +| controller.livenessProbe.failureThreshold | int | `3` | +| controller.livenessProbe.initialDelaySeconds | int | `10` | +| controller.livenessProbe.periodSeconds | int | `10` | +| controller.livenessProbe.successThreshold | int | `1` | +| controller.livenessProbe.timeoutSeconds | int | `1` | +| controller.logLevel | Controller log level | `"info"` | +| controller.metrics.enabled | Deploy metrics service | `false` | +| controller.metrics.service.annotations | Metrics service annotations | `{}` | +| controller.metrics.service.labels | Metrics service labels | `{}` | +| controller.metrics.service.servicePort | Metrics service port | `8082` | +| controller.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | +| controller.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| controller.name | Controller name string. | `"application-controller"` | +| controller.nodeSelector | controller node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` | +| controller.podAnnotations | Annotations for the controller pods | `{}` | +| controller.podLabels | Labels for the controller pods | `{}` | +| controller.priorityClassName | Priority class for the controller pods | `""` | +| controller.readinessProbe.failureThreshold | int | `3` | +| controller.readinessProbe.initialDelaySeconds | int | `10` | +| controller.readinessProbe.periodSeconds | int | `10` | +| controller.readinessProbe.successThreshold | int | `1` | +| controller.readinessProbe.timeoutSeconds | int | `1` | +| controller.resources | Resource limits and requests for the controller pods. | `{}` | +| controller.service.annotations | Controller service annotations. | `{}` | +| controller.service.labels | Controller service labels. | `{}` | +| controller.service.port | Controller service port. | `8082` | +| controller.serviceAccount.create | Create a service account for the controller | `true` | +| controller.serviceAccount.name | Service account name. | `"argocd-application-controller"` | +| controller.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| controller.volumeMounts | Controller volume mounts | `[]` | +| controller.volumes | Controller volumes | `[]` | + +## Argo Repo Server + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| repoServer.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | +| repoServer.containerPort | Repo server port | `8081` | +| repoServer.extraArgs | Additional arguments for the repo server | `[]` | +| repoServer.image.repository | Repository to use for the repo server | `global.image.repository` | +| repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` | +| repoServer.image.tag | Tag to use for the repo server | `global.image.tag` | +| repoServer.livenessProbe.failureThreshold | int | `3` | +| repoServer.livenessProbe.initialDelaySeconds | int | `10` | +| repoServer.livenessProbe.periodSeconds | int | `10` | +| repoServer.livenessProbe.successThreshold | int | `1` | +| repoServer.livenessProbe.timeoutSeconds | int | `1` | +| repoServer.logLevel | Log level | `"info"` | +| repoServer.metrics.enabled | Deploy metrics service | `false` | +| repoServer.metrics.service.annotations | Metrics service annotations | `{}` | +| repoServer.metrics.service.labels | Metrics service labels | `{}` | +| repoServer.metrics.service.servicePort | Metrics service port | `8082` | +| repoServer.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | +| repoServer.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| repoServer.name | Repo server name | `"repo-server"` | +| repoServer.nodeSelector | controller node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` | +| repoServer.podAnnotations | Annotations for the repo server pods | `{}` | +| repoServer.podLabels | Labels for the repo server pods | `{}` | +| repoServer.priorityClassName | Priority class for the repo server | `""` | +| repoServer.readinessProbe.failureThreshold | int | `3` | +| repoServer.readinessProbe.initialDelaySeconds | int | `10` | +| repoServer.readinessProbe.periodSeconds | int | `10` | +| repoServer.readinessProbe.successThreshold | int | `1` | +| repoServer.readinessProbe.timeoutSeconds | int | `1` | +| repoServer.resources | Resource limits and requests for the repo server pods. | `{}` | +| repoServer.service.annotations | Repo server service annotations. | `{}` | +| repoServer.service.labels | Repo server service labels. | `{}` | +| repoServer.service.port | Repo server service port. | `8081` | +| repoServer.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| repoServer.volumeMounts | Repo server volume mounts | `[]` | +| repoServer.volumes | Repo server volumes | `[]` | + +## Argo Server + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| server.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | +| server.certificate.additionalHosts | Certificate manager additional hosts | `[]` | +| server.certificate.domain | Certificate manager domain | `"argocd.example.com"` | +| server.certificate.enabled | Enables a certificate manager certificate. | `false` | +| server.certificate.issuer | Certificate manager issuer | `{}` | +| server.config | URL for Argo CD | `{}` | +| server.containerPort | Server container port. | `8080` | +| server.extraArgs | Additional arguments for the server | `[]` | +| server.image.repository | Repository to use for the server | `global.image.repository` | +| server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` | +| server.image.tag | Tag to use for the repo server | `global.image.tag` | +| server.ingress.annotations | Additional ingress annotations | `{}` | +| server.ingress.enabled | Enable an ingress resource for the server | `false` | +| server.ingress.hosts | List of ingress hosts | `[]` | +| server.ingress.labels | Additional ingress labels. | `{}` | +| server.ingress.tls | Ingress TLS configuration. | `[]` | +| server.livenessProbe.failureThreshold | int | `3` | +| server.livenessProbe.initialDelaySeconds | int | `10` | +| server.livenessProbe.periodSeconds | int | `10` | +| server.livenessProbe.successThreshold | int | `1` | +| server.livenessProbe.timeoutSeconds | int | `1` | +| server.logLevel | Log level | `"info"` | +| server.metrics.enabled | Deploy metrics service | `false` | +| server.metrics.service.annotations | Metrics service annotations | `{}` | +| server.metrics.service.labels | Metrics service labels | `{}` | +| server.metrics.service.servicePort | Metrics service port | `8082` | +| server.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | +| server.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| server.name | Argo CD server name | `"server"` | +| server.nodeSelector | controller node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` | +| server.podAnnotations | Annotations for the repo server pods | `{}` | +| server.podLabels | Labels for the repo server pods | `{}` | +| server.priorityClassName | Priority class for the repo server | `""` | +| server.rbacConfig | Argo CD RBAC policy https://argoproj.github.io/argo-cd/operator-manual/rbac/ | `See [values.yaml](values.yaml)` | +| server.readinessProbe.failureThreshold | int | `3` | +| server.readinessProbe.initialDelaySeconds | int | `10` | +| server.readinessProbe.periodSeconds | int | `10` | +| server.readinessProbe.successThreshold | int | `1` | +| server.readinessProbe.timeoutSeconds | int | `1` | +| server.resources | Resource limits and requests for the server | `{}` | +| server.service.annotations | Server service annotations | `{}` | +| server.service.labels | Server service labels | `{}` | +| server.service.servicePortHttp | Server service http port | `80` | +| server.service.servicePortHttps | Server service https port | `443` | +| server.service.type | Server service type | `"ClusterIP"` | +| server.serviceAccount.create | Create server service account | `true` | +| server.serviceAccount.name | Server service account name | `"argocd-server"` | +| server.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| server.volumeMounts | Server volume mounts | `[]` | +| server.volumes | Server volumes | `[]` | + +## Dex + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| dex.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | +| dex.containerPortGrpc | GRPC container port | `5557` | +| dex.containerPortHttp | HTTP container port | `5556` | +| dex.enabled | Enable dex | `true` | +| dex.image.imagePullPolicy | Dex imagePullPolicy | `"IfNotPresent"` | +| dex.image.repository | Dex image repository | `"quay.io/dexidp/dex"` | +| dex.image.tag | Dex image tag | `"v2.14.0"` | +| dex.initImage.repository | Argo CD init image repository. | `global.image.repository` | +| dex.initImage.imagePullPolicy | Argo CD init image imagePullPolicy | `global.image.imagePullPolicy` | +| dex.initImage.tag | Argo CD init image tag | `global.image.tag` | +| dex.name | Dex name | `"dex-server"` | +| dex.nodeSelector | Dex node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` | +| dex.priorityClassName | Priority class for dex | `""` | +| dex.resources | Resource limits and requests for dex | `{}` | +| dex.serviceAccount.create | Create dex service account | `true` | +| dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` | +| dex.servicePortGrpc | Server GRPC port | `5557` | +| dex.servicePortHttp | Server HTTP port | `5556` | +| dex.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| dex.volumeMounts | Dex volume mounts | `"/shared"` | +| dex.volumes | Dex volumes | `{}` | + +## Redis + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| redis.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | +| redis.containerPort | Redis container port | `6379` | +| redis.enabled | Enable redis | `false` | +| redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` | +| redis.image.repository | Redis repository | `"redis"` | +| redis.image.tag | Redis tag | `"5.0.3"` | +| redis.name | Redis name | `"redis"` | +| redis.nodeSelector | Redis node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` | +| redis.priorityClassName | Priority class for redis | `""` | +| redis.resources | Resource limits and requests for redis | `{}` | +| redis.servicePort | Redis service port | `6379` | +| redis.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | diff --git a/charts/argo-cd/requirements.yaml b/charts/argo-cd/requirements.yaml new file mode 100644 index 00000000..e69de29b diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 36ade656..451727d6 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -1,13 +1,15 @@ In order to access the server UI you have the following options: -1. kubectl port-forward svc/argocd-server -n argocd 8080:443 +1. kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 and then open the browser on http://localhost:8080 and accept the certificate -2. enable ingress and check the first option ssl passthrough: - https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough +2. enable ingress in the values file `service.ingress.enabled` and either + - Add the annotation for ssl passthrough: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough + - Add the `insecure: ""` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts + After reaching the UI the first time you can login with username: admin and the password will be the name of the server pod. You can get the pod name by running: -kubectl get pods -n argocd -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2 +kubectl get pods -n argocd -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2 \ No newline at end of file diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index bd65c45c..2c892a75 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -24,9 +24,77 @@ If release name contains chart name it will be used as a full name. {{- end -}} {{- end -}} +{{/* +Create controller name and version as used by the chart label. +*/}} +{{- define "argo-cd.controller.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create dex name and version as used by the chart label. +*/}} +{{- define "argo-cd.dex.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.dex.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create redis name and version as used by the chart label. +*/}} +{{- define "argo-cd.redis.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.redis.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create argocd server name and version as used by the chart label. +*/}} +{{- define "argo-cd.server.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create argocd repo-server name and version as used by the chart label. +*/}} +{{- define "argo-cd.repoServer.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the controller service account to use +*/}} +{{- define "argo-cd.controllerServiceAccountName" -}} +{{- if .Values.controller.serviceAccount.create -}} + {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.controller.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the dex service account to use +*/}} +{{- define "argo-cd.dexServiceAccountName" -}} +{{- if .Values.dex.serviceAccount.create -}} + {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.dex.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the ArgoCD server service account to use +*/}} +{{- define "argo-cd.serverServiceAccountName" -}} +{{- if .Values.server.serviceAccount.create -}} + {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.server.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create chart name and version as used by the chart label. */}} {{- define "argo-cd.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller-deployment.yaml b/charts/argo-cd/templates/argocd-application-controller-deployment.yaml deleted file mode 100644 index 73da5728..00000000 --- a/charts/argo-cd/templates/argocd-application-controller-deployment.yaml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-application-controller - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: application-controller -spec: - selector: - matchLabels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: application-controller - spec: - containers: - - command: - - argocd-application-controller - - --status-processors - - "20" - - --operation-processors - - "10" - image: {{ .Values.applicationController.image.repository }}:{{ .Values.applicationController.image.tag }} - imagePullPolicy: {{ .Values.applicationController.image.pullPolicy }} - name: argocd-application-controller - ports: - - containerPort: {{ .Values.applicationController.containerPort }} - readinessProbe: - tcpSocket: - port: {{ .Values.applicationController.containerPort }} - initialDelaySeconds: 5 - periodSeconds: 10 - volumeMounts: - {{- if .Values.applicationController.volumeMounts }} - {{ toYaml .Values.applicationController.volumeMounts | nindent 8 | trim }} - {{- end }} - serviceAccountName: argocd-application-controller - volumes: - {{- if .Values.applicationController.volumes }} - {{ toYaml .Values.applicationController.volumes | nindent 6 | trim }} - {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller-metrics-service.yaml b/charts/argo-cd/templates/argocd-application-controller-metrics-service.yaml deleted file mode 100644 index 853c467e..00000000 --- a/charts/argo-cd/templates/argocd-application-controller-metrics-service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: application-controller - name: argocd-metrics -spec: - ports: - - name: metrics - protocol: TCP - port: {{ .Values.applicationController.servicePort }} - targetPort: {{ .Values.applicationController.containerPort }} - selector: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller diff --git a/charts/argo-cd/templates/argocd-application-controller-service.yaml b/charts/argo-cd/templates/argocd-application-controller-service.yaml deleted file mode 100644 index 76b8b701..00000000 --- a/charts/argo-cd/templates/argocd-application-controller-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: argocd-application-controller - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: application-controller -spec: - ports: - - port: {{ .Values.applicationController.servicePort }} - targetPort: {{ .Values.applicationController.containerPort }} - selector: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller diff --git a/charts/argo-cd/templates/argocd-application-controller-clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml similarity index 61% rename from charts/argo-cd/templates/argocd-application-controller-clusterrole.yaml rename to charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml index 83a31835..32416869 100644 --- a/charts/argo-cd/templates/argocd-application-controller-clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml @@ -1,15 +1,15 @@ -{{- if .Values.clusterAdminAccess.enabled }} +{{- if .Values.controller.clusterAdminAccess.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: argocd-application-controller + name: {{ template "argo-cd.controller.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: application-controller + app.kubernetes.io/component: {{ .Values.controller.name }} rules: - apiGroups: - '*' diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml new file mode 100644 index 00000000..79905319 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -0,0 +1,21 @@ +{{- if .Values.controller.clusterAdminAccess.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "argo-cd.controller.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.controller.name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "argo-cd.controller.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "argo-cd.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml new file mode 100644 index 00000000..0cf0b2b2 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -0,0 +1,106 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-cd.controller.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.controller.name }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + app.kubernetes.io/instance: {{ .Release.Name }} + revisionHistoryLimit: 5 + replicas: 1 + template: + metadata: + {{- if .Values.controller.podAnnotations }} + annotations: + {{- range $key, $value := .Values.controller.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.controller.name }} + {{- if .Values.controller.podLabels }} +{{- toYaml .Values.controller.podLabels | nindent 8 }} + {{- end }} + spec: + containers: + - command: + - argocd-application-controller + - --status-processors + - {{ .Values.controller.args.statusProcessors | quote }} + - --operation-processors + - {{ .Values.controller.args.operationProcessors | quote }} + - --repo-server + - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --loglevel + - {{ .Values.controller.logLevel }} + {{- if .Values.redis.enabled }} + - --redis + - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} + {{- end }} + {{- range $key, $value := .Values.controller.extraArgs }} + {{- if $value }} + - --{{ $key }}={{ $value }} + {{- else }} + - --{{ $key }} + {{- end }} + {{- end }} + image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default .Values.global.image.tag .Values.controller.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} + name: {{ .Values.controller.name }} + ports: + - name: controller + containerPort: {{ .Values.controller.containerPort }} + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: {{ .Values.controller.containerPort }} + initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.controller.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }} + readinessProbe: + tcpSocket: + port: {{ .Values.controller.containerPort }} + initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} +{{- if .Values.controller.volumeMounts }} + volumeMounts: +{{- toYaml .Values.controller.volumeMounts | nindent 10}} +{{- end }} + resources: +{{- toYaml .Values.controller.resources | nindent 10 }} + {{- if .Values.controller.nodeSelector }} + nodeSelector: +{{- toYaml .Values.controller.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.controller.tolerations }} + tolerations: +{{- toYaml .Values.controller.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.controller.affinity }} + affinity: +{{- toYaml .Values.controller.affinity | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }} +{{- if .Values.controller.volumes }} + volumes: +{{- toYaml .Values.controller.volumes | nindent 8 }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml new file mode 100644 index 00000000..092eb4c1 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml @@ -0,0 +1,31 @@ +{{- if .Values.controller.metrics.enabled}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.controller.metrics.service.annotations }} + annotations: + {{- range $key, $value := .Values.controller.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.controller.name }} +{{- if .Values.controller.metrics.service.labels }} +{{- toYaml .Values.controller.metrics.service.labels | nindent 4 }} +{{- end }} + name: {{ template "argo-cd.controller.fullname" . }}-metrics +spec: + ports: + - name: metrics + protocol: TCP + port: {{ .Values.controller.metrics.service.servicePort }} + targetPort: controller + selector: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller-role.yaml b/charts/argo-cd/templates/argocd-application-controller/role.yaml similarity index 74% rename from charts/argo-cd/templates/argocd-application-controller-role.yaml rename to charts/argo-cd/templates/argocd-application-controller/role.yaml index e6418a4f..24ed4b07 100644 --- a/charts/argo-cd/templates/argocd-application-controller-role.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml @@ -1,14 +1,14 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: argocd-application-controller + name: {{ template "argo-cd.controller.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: application-controller + app.kubernetes.io/component: {{ .Values.controller.name }} rules: - apiGroups: - "" @@ -38,5 +38,4 @@ rules: - events verbs: - create - - list - + - list \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-dex-server-rolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml similarity index 52% rename from charts/argo-cd/templates/argocd-dex-server-rolebinding.yaml rename to charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml index 1db56ffe..fe99c47e 100644 --- a/charts/argo-cd/templates/argocd-dex-server-rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml @@ -1,18 +1,19 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: argocd-dex-server + name: {{ template "argo-cd.controller.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: dex-server + app.kubernetes.io/component: {{ .Values.controller.name }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: argocd-dex-server + name: {{ template "argo-cd.controller.fullname" . }} subjects: - kind: ServiceAccount - name: argocd-dex-server \ No newline at end of file + name: {{ template "argo-cd.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller/service.yaml b/charts/argo-cd/templates/argocd-application-controller/service.yaml new file mode 100644 index 00000000..82e304d9 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/service.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.controller.service.annotations }} + annotations: + {{- range $key, $value := .Values.controller.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ template "argo-cd.controller.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.controller.name }} +spec: + ports: + - name: {{ .Values.controller.name }} + port: {{ .Values.controller.service.port }} + targetPort: {{ .Values.controller.containerPort }} + selector: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller-sa.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml similarity index 56% rename from charts/argo-cd/templates/argocd-application-controller-sa.yaml rename to charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index bd1890b7..2d03fb2b 100644 --- a/charts/argo-cd/templates/argocd-application-controller-sa.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -1,11 +1,11 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: argocd-application-controller + name: {{ template "argo-cd.controllerServiceAccountName" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: application-controller + app.kubernetes.io/component: {{ .Values.controller.name }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml new file mode 100644 index 00000000..0a797afb --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -0,0 +1,32 @@ +{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.controller.fullname" . }} + {{- if .Values.controller.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.controller.name }} +{{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }} + {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} +{{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + interval: 30s + path: /metrics + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics + app.kubernetes.io/component: {{ .Values.controller.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-cm.yaml b/charts/argo-cd/templates/argocd-cm.yaml deleted file mode 100644 index e89ab72e..00000000 --- a/charts/argo-cd/templates/argocd-cm.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cm - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }} - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: argocd -data: -{{- if .Values.config.enableAnonymousAccess }} - users.anonymous.enabled: "{{ .Values.config.enableAnonymousAccess }}" -{{- end }} -{{- if .Values.config.helmRepositories }} - helm.repositories: | -{{ toYaml .Values.config.helmRepositories | indent 4 }} -{{- end }} -{{- if .Values.config.repositories }} - repositories: | -{{ toYaml .Values.config.repositories | indent 4 }} -{{- end }} -{{- if .Values.config.dexConfig }} - dex.config: | -{{ toYaml .Values.config.dexConfig | indent 4 }} -{{- end }} -{{- if .Values.config.url }} - url: {{ .Values.config.url }} -{{- end }} -{{- if .Values.config.instanceLabelKey }} - application.instanceLabelKey: {{ .Values.config.instanceLabelKey }} -{{- end }} -{{- if .Values.config.oidcConfig }} - oidc.config: | -{{ toYaml .Values.config.oidcConfig | indent 4 }} -{{- end }} -{{- if .Values.config.resourceCustomizations }} - resource.customizations: | -{{ toYaml .Values.config.resourceCustomizations | indent 4 }} -{{- end }} -{{- if .Values.config.resourceExclusions }} - resource.exclusions: | -{{ toYaml .Values.config.resourceExclusions | indent 4 }} -{{- end }} -{{- if .Values.config.configManagementPlugins }} - configManagementPlugins: | -{{ toYaml .Values.config.configManagementPlugins | indent 4 }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-dex-server-sa.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml similarity index 55% rename from charts/argo-cd/templates/argocd-dex-server-sa.yaml rename to charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 9fa6a3bd..ee1f90af 100644 --- a/charts/argo-cd/templates/argocd-dex-server-sa.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -1,11 +1,13 @@ apiVersion: v1 -kind: ServiceAccount +kind: ConfigMap metadata: - name: argocd-dex-server + name: argocd-cm labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-cm helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: dex-server \ No newline at end of file + app.kubernetes.io/component: {{ .Values.server.name }} +data: +{{- toYaml .Values.server.config | nindent 4 }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml new file mode 100644 index 00000000..44b1db4b --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-rbac-cm + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-rbac-cm + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} +data: +{{- toYaml .Values.server.rbacConfig | nindent 4 }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml new file mode 100644 index 00000000..3bb94c5f --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -0,0 +1,27 @@ +{{- if .Values.configs.secret.createSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: argocd-secret + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} +type: Opaque +{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketSecret) }} +# Setting a blank data again will wipe admin password/key/cert +data: + {{- if .Values.configs.secret.githubSecret }} + github.webhook.secret: {{ .Values.configs.secret.githubSecret | b64enc }} + {{- end }} + {{- if .Values.configs.secret.gitlabSecret }} + gitlab.webhook.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }} + {{- end }} + {{- if .Values.configs.secret.bitbucketSecret }} + bitbucket.webhook.uuid: {{ .Values.configs.secret.bitbucketSecret | b64enc }} + {{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml new file mode 100644 index 00000000..30d6502c --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +{{- toYaml .Values.configs.knownHosts | nindent 0 }} +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-ssh-known-hosts-cm + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} + name: argocd-ssh-known-hosts-cm \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml new file mode 100644 index 00000000..01922612 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +{{- if .Values.configs.tlsCerts }} +{{- toYaml .Values.configs.tlsCerts | nindent 0 }} +{{- end }} +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-tls-certs-cm + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} + name: argocd-tls-certs-cm \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-dex-server-deployment.yaml b/charts/argo-cd/templates/argocd-dex-server-deployment.yaml deleted file mode 100644 index 0b04870a..00000000 --- a/charts/argo-cd/templates/argocd-dex-server-deployment.yaml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-dex-server - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: dex-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: dex-server - spec: - serviceAccountName: argocd-dex-server - initContainers: - - name: copyutil - image: {{ .Values.dexServer.initImage.repository }}:{{ .Values.dexServer.initImage.tag }} - imagePullPolicy: {{ .Values.dexServer.initImage.pullPolicy }} - command: [cp, /usr/local/bin/argocd-util, /shared] - volumeMounts: - - mountPath: /shared - name: static-files - containers: - - name: dex - image: {{ .Values.dexServer.image.repository }}:{{ .Values.dexServer.image.tag }} - imagePullPolicy: {{ .Values.dexServer.image.pullPolicy }} - command: [/shared/argocd-util, rundex] - ports: - - containerPort: {{ .Values.dexServer.containerPortHttp }} - - containerPort: {{ .Values.dexServer.containerPortGrpc }} - volumeMounts: - - mountPath: /shared - name: static-files - {{- if .Values.dexServer.volumeMounts }} - {{ toYaml .Values.dexServer.volumeMounts | nindent 8 | trim }} - {{- end }} - volumes: - - emptyDir: {} - name: static-files - {{- if .Values.dexServer.volumes }} - {{ toYaml .Values.dexServer.volumes | nindent 6 | trim }} - {{- end }} diff --git a/charts/argo-cd/templates/argocd-dex-server-service.yaml b/charts/argo-cd/templates/argocd-dex-server-service.yaml deleted file mode 100644 index 87402f40..00000000 --- a/charts/argo-cd/templates/argocd-dex-server-service.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: argocd-dex-server - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: dex-server -spec: - ports: - - name: http - protocol: TCP - port: {{ .Values.dexServer.servicePortHttp }} - targetPort: {{ .Values.dexServer.containerPortHttp }} - - name: grpc - protocol: TCP - port: {{ .Values.dexServer.servicePortGrpc }} - targetPort: {{ .Values.dexServer.containerPortGrpc }} - selector: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-rbac-cm.yaml deleted file mode 100644 index 84e791da..00000000 --- a/charts/argo-cd/templates/argocd-rbac-cm.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-rbac-cm - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }} - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: argocd -data: -{{- if .Values.rbac.policyDefault }} - policy.default: {{ .Values.rbac.policyDefault }} -{{- end }} -{{- if .Values.rbac.policyCsv }} - policy.csv: -{{- toYaml .Values.rbac.policyCsv | indent 4 }} -{{- end }} -{{- if .Values.rbac.scopes }} - scopes: {{ .Values.rbac.scopes }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-redis-deployment.yaml b/charts/argo-cd/templates/argocd-redis-deployment.yaml deleted file mode 100644 index 383520fe..00000000 --- a/charts/argo-cd/templates/argocd-redis-deployment.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-redis - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: redis -spec: - selector: - matchLabels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: redis - spec: - automountServiceAccountToken: false - containers: - - name: redis - args: - - --save - - "" - - --appendonly - - "no" - image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} - imagePullPolicy: {{ .Values.redis.image.pullPolicy}} - ports: - - containerPort: {{ .Values.redis.containerPort }} - diff --git a/charts/argo-cd/templates/argocd-repo-server-deployment.yaml b/charts/argo-cd/templates/argocd-repo-server-deployment.yaml deleted file mode 100644 index 51c28d62..00000000 --- a/charts/argo-cd/templates/argocd-repo-server-deployment.yaml +++ /dev/null @@ -1,69 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-repo-server - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: repo-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: repo-server - spec: - automountServiceAccountToken: false - containers: - - name: argocd-repo-server - image: {{ .Values.repoServer.image.repository }}:{{ .Values.repoServer.image.tag }} - imagePullPolicy: {{ .Values.repoServer.image.pullPolicy}} - command: [argocd-repo-server] - ports: - - containerPort: {{ .Values.repoServer.containerPort }} - livenessProbe: - initialDelaySeconds: 5 - periodSeconds: 10 - tcpSocket: - port: {{ .Values.repoServer.containerPort }} - readinessProbe: - tcpSocket: - port: {{ .Values.repoServer.containerPort }} - initialDelaySeconds: 5 - periodSeconds: 10 - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - {{- if .Values.repoServer.volumeMounts }} - {{ toYaml .Values.repoServer.volumeMounts | nindent 8 | trim }} - {{- end }} - volumes: - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - {{- if .Values.repoServer.volumes }} - {{ toYaml .Values.repoServer.volumes | nindent 6 | trim }} - {{- end }} - {{- if .Values.repoServer.initContainers }} - initContainers: - {{ toYaml .Values.repoServer.initContainers | nindent 6 | trim }} - {{- end }} - {{- if .Values.repoServer.imagePullSecrets }} - imagePullSecrets: - {{ toYaml .Values.repoServer.imagePullSecrets | nindent 6 | trim }} - {{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server-service.yaml b/charts/argo-cd/templates/argocd-repo-server-service.yaml deleted file mode 100644 index 68b80200..00000000 --- a/charts/argo-cd/templates/argocd-repo-server-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: argocd-repo-server - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: repo-server -spec: - ports: - - port: {{ .Values.repoServer.servicePort }} - targetPort: {{ .Values.repoServer.servicePort }} - selector: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml new file mode 100644 index 00000000..af4689a1 --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -0,0 +1,121 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-cd.repoServer.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.repoServer.name }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + app.kubernetes.io/instance: {{ .Release.Name }} + revisionHistoryLimit: 5 + replicas: 1 + template: + metadata: + {{- if .Values.repoServer.podAnnotations }} + annotations: + {{- range $key, $value := .Values.repoServer.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.repoServer.name }} + {{- if .Values.controller.podLabels }} +{{- toYaml .Values.controller.podLabels | nindent 8 }} + {{- end }} + spec: + containers: + - name: {{ .Values.repoServer.name }} + image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} + command: + - argocd-repo-server + {{- if .Values.redis.enabled }} + - --redis + - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} + {{- end }} + - --loglevel + - {{ .Values.repoServer.logLevel }} + {{- range $key, $value := .Values.repoServer.extraArgs }} + {{- if $value }} + - --{{ $key }}={{ $value }} + {{- else }} + - --{{ $key }} + {{- end }} + {{- end }} + volumeMounts: + {{- if .Values.repoServer.volumeMounts }} +{{- toYaml .Values.repoServer.volumeMounts | nindent 10}} + {{- end }} + {{- if .Values.configs.knownHosts }} + - mountPath: /app/config/ssh + name: ssh-known-hosts + {{- end }} + {{- if .Values.configs.tlsCerts }} + - mountPath: /app/config/tls + name: tls-certs + {{- end }} + ports: + - name: repo-server + containerPort: {{ .Values.repoServer.containerPort }} + protocol: TCP + {{ if .Values.repoServer.metrics.enabled }} + - name: metrics + containerPort: 8084 + protocol: TCP + {{- end }} + livenessProbe: + tcpSocket: + port: {{ .Values.repoServer.containerPort }} + initialDelaySeconds: {{ .Values.repoServer.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.repoServer.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.repoServer.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.repoServer.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.repoServer.livenessProbe.failureThreshold }} + readinessProbe: + tcpSocket: + port: {{ .Values.repoServer.containerPort }} + initialDelaySeconds: {{ .Values.repoServer.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.repoServer.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.repoServer.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.repoServer.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }} + resources: +{{- toYaml .Values.repoServer.resources | nindent 10 }} + {{- if .Values.repoServer.nodeSelector }} + nodeSelector: +{{- toYaml .Values.repoServer.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.repoServer.tolerations }} + tolerations: +{{- toYaml .Values.repoServer.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.repoServer.affinity }} + affinity: +{{- toYaml .Values.repoServer.affinity | nindent 8 }} + {{- end }} + volumes: + {{- if .Values.repoServer.volumes }} +{{- toYaml .Values.repoServer.volumes | nindent 8}} + {{- end }} + {{- if .Values.configs.knownHosts }} + - configMap: + name: argocd-ssh-known-hosts-cm + name: ssh-known-hosts + {{- end }} + {{- if .Values.configs.tlsCerts }} + - configMap: + name: argocd-tls-certs-cm + name: tls-certs + {{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml new file mode 100644 index 00000000..eee0008f --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml @@ -0,0 +1,31 @@ +{{- if .Values.repoServer.metrics.enabled}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.repoServer.metrics.service.annotations }} + annotations: + {{- range $key, $value := .Values.repoServer.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.repoServer.name }} +{{- if .Values.repoServer.metrics.service.labels }} +{{- toYaml .Values.repoServer.metrics.service.labels | nindent 4 }} +{{- end }} + name: {{ template "argo-cd.repoServer.fullname" . }}-metrics +spec: + ports: + - name: metrics + protocol: TCP + port: {{ .Values.repoServer.metrics.service.servicePort }} + targetPort: metrics + selector: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/service.yaml b/charts/argo-cd/templates/argocd-repo-server/service.yaml new file mode 100644 index 00000000..0b5db2d9 --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/service.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.repoServer.service.annotations }} + annotations: + {{- range $key, $value := .Values.repoServer.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.repoServer.name }} + name: {{ template "argo-cd.repoServer.fullname" . }} +spec: + ports: + - name: repo-server + protocol: TCP + port: {{ .Values.repoServer.service.port }} + targetPort: repo-server + selector: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml new file mode 100644 index 00000000..910d6b60 --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -0,0 +1,33 @@ +{{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.repoServer.fullname" . }} + {{- if .Values.repoServer.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.repoServer.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.repoServer.name }} +{{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }} + {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }} +{{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + interval: 30s + path: /metrics + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics + app.kubernetes.io/component: {{ .Values.repoServer.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-secret.yaml b/charts/argo-cd/templates/argocd-secret.yaml deleted file mode 100644 index 19ad78de..00000000 --- a/charts/argo-cd/templates/argocd-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if .Values.config.createSecret }} -apiVersion: v1 -kind: Secret -metadata: - name: argocd-secret - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }} - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} -type: Opaque -{{- if or .Values.config.webhook.githubSecret (or .Values.config.webhook.gitlabSecret .Values.config.webhook.bitbucketSecret) }} -# Setting a blank data again will wipe admin password/key/cert -data: -{{- if .Values.config.webhook.githubSecret }} - github.webhook.secret: {{ .Values.config.webhook.githubSecret }} -{{- end }} -{{- if .Values.config.webhook.gitlabSecret }} - gitlab.webhook.secret: {{ .Values.config.webhook.gitlabSecret }} -{{- end }} -{{- if .Values.config.webhook.bitbucketSecret }} - bitbucket.webhook.uuid: {{ .Values.config.webhook.bitbucketSecret }} -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-server-clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server-clusterrolebinding.yaml deleted file mode 100644 index 34a92829..00000000 --- a/charts/argo-cd/templates/argocd-server-clusterrolebinding.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.clusterAdminAccess.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argocd-server - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-server -subjects: - - kind: ServiceAccount - name: argocd-server - namespace: {{ .Release.Namespace }} -{{- end -}} diff --git a/charts/argo-cd/templates/argocd-server-deployment.yaml b/charts/argo-cd/templates/argocd-server-deployment.yaml deleted file mode 100644 index 1a94ecba..00000000 --- a/charts/argo-cd/templates/argocd-server-deployment.yaml +++ /dev/null @@ -1,77 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-server - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: server -spec: - selector: - matchLabels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: server - annotations: - {{- range $key, $value := .Values.server.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - spec: - serviceAccountName: argocd-server - containers: - - name: argocd-server - image: {{ .Values.server.image.repository }}:{{ .Values.server.image.tag }} - imagePullPolicy: {{ .Values.server.image.pullPolicy }} - command: - - argocd-server - - --staticassets - - /shared/app - {{- range .Values.server.extraArgs }} - - {{. | quote }} - {{- end }} - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - {{- if .Values.server.volumeMounts }} - {{ toYaml .Values.server.volumeMounts | nindent 8 | trim }} - {{- end }} - ports: - - containerPort: {{ .Values.server.containerPort }} - - containerPort: {{ .Values.server.metricsPort }} - livenessProbe: - httpGet: - path: /healthz - port: {{ .Values.server.containerPort }} - initialDelaySeconds: 3 - periodSeconds: 30 - readinessProbe: - httpGet: - path: /healthz - port: {{ .Values.server.containerPort }} - initialDelaySeconds: 3 - periodSeconds: 30 - volumes: - - emptyDir: {} - name: static-files - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - {{- if .Values.server.volumes }} - {{ toYaml .Values.server.volumes | nindent 6 | trim }} - {{- end }} - diff --git a/charts/argo-cd/templates/argocd-server-ingress.yaml b/charts/argo-cd/templates/argocd-server-ingress.yaml deleted file mode 100644 index 1649ea85..00000000 --- a/charts/argo-cd/templates/argocd-server-ingress.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $host := regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.config.url "${1}" }} -{{- $path := default "/" (regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.config.url "${2}") }} -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: argocd-server - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }} - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} -{{- with .Values.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: - rules: - {{- range prepend .Values.ingress.additionalHosts $host }} - - host: {{ . | quote }} - http: - paths: - - path: {{ $path | quote }} - backend: - serviceName: argocd-server - servicePort: https - {{- end }} - {{- if .Values.ingress.tls }} - tls: -{{ toYaml .Values.ingress.tls | indent 4 }} - {{- end -}} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-server-metrics.yaml b/charts/argo-cd/templates/argocd-server-metrics.yaml deleted file mode 100644 index c1956906..00000000 --- a/charts/argo-cd/templates/argocd-server-metrics.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: server - name: argocd-server-metrics -spec: - ports: - - name: metrics - protocol: TCP - port: {{ .Values.server.servicePortHttp }} - targetPort: {{ .Values.server.metricsPort }} - selector: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server diff --git a/charts/argo-cd/templates/argocd-server-service.yaml b/charts/argo-cd/templates/argocd-server-service.yaml deleted file mode 100644 index be127fa2..00000000 --- a/charts/argo-cd/templates/argocd-server-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: argocd-server - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: server - {{- if .Values.server.serviceAnnotations }} - annotations: -{{ toYaml .Values.server.serviceAnnotations | indent 4}}{{- end }} -spec: - type: {{ .Values.server.serviceType }} - ports: - - name: http - protocol: TCP - port: {{ .Values.server.servicePortHttp }} - targetPort: {{ .Values.server.containerPort }} - - name: https - protocol: TCP - port: {{ .Values.server.servicePortHttps }} - targetPort: {{ .Values.server.containerPort }} - selector: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server - diff --git a/charts/argo-cd/templates/argocd-server/applications.yaml b/charts/argo-cd/templates/argocd-server/applications.yaml new file mode 100644 index 00000000..1b9d424a --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/applications.yaml @@ -0,0 +1,42 @@ +{{- if .Values.server.additionalApplications }} +apiVersion: v1 +kind: List +items: +{{- range .Values.server.additionalApplications }} + - apiVersion: argoproj.io/v1alpha1 + kind: Application + metadata: + {{- if .additionalAnnotations }} + annotations: + {{- range $key, $value := .additionalAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- if .additionalLabels }} + labels: +{{- toYaml .additionalLabels | nindent 8 }} + {{- end }} + name: {{ .name }} + {{- if .namespace }} + namespace: {{ .namespace }} + {{- end }} + {{- if .finalizers }} + finalizers: +{{- toYaml .finalizers | nindent 8 }} + {{- end }} + spec: + project: {{ tpl .project $ }} + source: +{{- toYaml .source | nindent 8 }} + destination: +{{- toYaml .destination | nindent 8 }} + {{- if .syncPolicy }} + syncPolicy: +{{- toYaml .syncPolicy | nindent 8 }} + {{- end }} + {{- if .ignoreDifferences }} + ignoreDifferences: +{{- toYaml .ignoreDifferences | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server-certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml similarity index 61% rename from charts/argo-cd/templates/argocd-server-certificate.yaml rename to charts/argo-cd/templates/argocd-server/certificate.yaml index e72c7db3..ffc98066 100644 --- a/charts/argo-cd/templates/argocd-server-certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,19 +1,19 @@ -{{- if .Values.certificate.enabled -}} -{{- $commonName := regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.config.url "${1}" }} +{{- if .Values.server.certificate.enabled -}} apiVersion: certmanager.k8s.io/v1alpha1 kind: Certificate metadata: - name: argocd-server + name: {{ template "argo-cd.server.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} spec: - commonName: {{ $commonName | quote }} + commonName: {{ .Values.server.certificate.domain | quote }} dnsNames: - - {{ $commonName | quote }} + - {{ .Values.server.certificate.domain | quote }} {{- range .Values.ingress.additionalHosts }} - {{ . | quote }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server-clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml similarity index 73% rename from charts/argo-cd/templates/argocd-server-clusterrole.yaml rename to charts/argo-cd/templates/argocd-server/clusterrole.yaml index 703e953e..d89a76f0 100644 --- a/charts/argo-cd/templates/argocd-server-clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -1,15 +1,14 @@ -{{- if .Values.clusterAdminAccess.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: argocd-server + name: {{ template "argo-cd.server.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.server.name }} rules: - apiGroups: - '*' @@ -31,5 +30,4 @@ rules: - pods - pods/log verbs: - - get -{{- end }} + - get \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller-clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml similarity index 54% rename from charts/argo-cd/templates/argocd-application-controller-clusterrolebinding.yaml rename to charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 114b6572..12797de8 100644 --- a/charts/argo-cd/templates/argocd-application-controller-clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -1,21 +1,19 @@ -{{- if .Values.clusterAdminAccess.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: argocd-application-controller + name: {{ template "argo-cd.server.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: application-controller + app.kubernetes.io/component: {{ .Values.server.name }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: argocd-application-controller + name: {{ template "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: argocd-application-controller - namespace: {{ .Release.Namespace }} -{{- end -}} \ No newline at end of file + name: {{ template "argo-cd.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml new file mode 100644 index 00000000..fb8fa416 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -0,0 +1,134 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-cd.server.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} + app.kubernetes.io/instance: {{ .Release.Name }} + revisionHistoryLimit: 5 + replicas: 1 + template: + metadata: + {{- if .Values.server.podAnnotations }} + annotations: + {{- range $key, $value := .Values.server.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.controller.podLabels }} +{{- toYaml .Values.controller.podLabels | nindent 8 }} + {{- end }} + spec: + containers: + - name: {{ .Values.server.name }} + image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default .Values.global.image.tag .Values.server.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} + command: + - argocd-server + - --staticassets + - /shared/app + - --repo-server + - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + {{- if .Values.dex.enabled }} + - --dex-server + - http://{{ template "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }} + {{- end }} + - --loglevel + - {{ .Values.server.logLevel }} + {{- if .Values.redis.enabled }} + - --redis + - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} + {{- end }} + {{- range $key, $value := .Values.server.extraArgs }} + {{- if $value }} + - --{{ $key }}={{ $value }} + {{- else }} + - --{{ $key }} + {{- end }} + {{- end }} + volumeMounts: + {{- if .Values.server.volumeMounts }} +{{- toYaml .Values.server.volumeMounts | nindent 10}} + {{- end }} + {{- if .Values.configs.knownHosts }} + - mountPath: /app/config/ssh + name: ssh-known-hosts + {{- end }} + {{- if .Values.configs.tlsCerts }} + - mountPath: /app/config/tls + name: tls-certs + {{- end }} + ports: + - name: {{ .Values.server.name }} + containerPort: {{ .Values.server.containerPort }} + protocol: TCP + {{ if .Values.server.metrics.enabled }} + - name: metrics + containerPort: 8083 + protocol: TCP + {{- end }} + livenessProbe: + httpGet: + path: /healthz + port: {{ .Values.server.containerPort }} + initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.server.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }} + readinessProbe: + httpGet: + path: /healthz + port: {{ .Values.server.containerPort }} + initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.server.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }} + resources: +{{- toYaml .Values.server.resources | nindent 10 }} + {{- if .Values.server.nodeSelector }} + nodeSelector: +{{- toYaml .Values.server.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.server.tolerations }} + tolerations: +{{- toYaml .Values.server.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.server.affinity }} + affinity: +{{- toYaml .Values.server.affinity | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }} + volumes: + {{- if .Values.server.volumes }} +{{- toYaml .Values.server.volumes | nindent 8}} + {{- end }} + - emptyDir: {} + name: static-files + {{- if .Values.configs.knownHosts }} + - configMap: + name: argocd-ssh-known-hosts-cm + name: ssh-known-hosts + {{- end }} + {{- if .Values.configs.tlsCerts }} + - configMap: + name: argocd-tls-certs-cm + name: tls-certs + {{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml new file mode 100644 index 00000000..792af88a --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -0,0 +1,53 @@ +{{- if .Values.server.ingress.enabled -}} +{{- $serviceName := include "argo-cd.server.fullname" . -}} +{{- $servicePort := .Values.server.name -}} +{{- $paths := .Values.server.ingress.paths -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: +{{- if .Values.server.ingress.annotations }} + annotations: + {{- range $key, $value := .Values.server.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ template "argo-cd.server.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} +{{- if .Values.server.ingress.labels }} +{{- toYaml .Values.server.ingress.labels | nindent 4 }} +{{- end }} +spec: + rules: + {{- if .Values.server.ingress.hosts }} + {{- range $host := .Values.server.ingress.hosts }} + - host: {{ $host }} + http: + paths: + {{- range $p := $paths }} + - path: {{ $p }} + backend: + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end -}} + {{- end -}} + {{- else }} + - http: + paths: + {{- range $p := $paths }} + - path: {{ $p }} + backend: + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end -}} + {{- end -}} + {{- if .Values.server.ingress.tls }} + tls: +{{- toYaml .Values.server.ingress.tls | nindent 4 }} + {{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/metrics-service.yaml b/charts/argo-cd/templates/argocd-server/metrics-service.yaml new file mode 100644 index 00000000..fd470257 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/metrics-service.yaml @@ -0,0 +1,31 @@ +{{- if .Values.server.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + {{- if .Values.server.metrics.service.annotations }} + annotations: + {{- range $key, $value := .Values.server.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} +{{- if .Values.server.metrics.service.labels }} +{{- toYaml .Values.server.metrics.service.labels | nindent 4 }} +{{- end }} + name: {{ template "argo-cd.server.fullname" . }}-metrics +spec: + ports: + - name: metrics + protocol: TCP + port: {{ .Values.server.metrics.service.servicePort }} + targetPort: metrics + selector: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/projects.yaml b/charts/argo-cd/templates/argocd-server/projects.yaml new file mode 100644 index 00000000..4f70d58d --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/projects.yaml @@ -0,0 +1,46 @@ +{{- if .Values.server.additionalProjects }} +apiVersion: v1 +kind: List +items: +{{- range .Values.server.additionalProjects }} + - apiVersion: argoproj.io/v1alpha1 + kind: AppProject + metadata: + {{- if .additionalProjects }} + annotations: + {{- range $key, $value := .additionalProjects }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- if .additionalLabels }} + labels: +{{- toYaml .additionalLabels | nindent 8 }} + {{- end }} + name: {{ .name }} + {{- if .namespace }} + namespace: {{ .namespace }} + {{- end }} + spec: + description: {{ .description }} + sourceRepos: +{{- toYaml .sourceRepos | nindent 8 }} + destinations: +{{- toYaml .destinations | nindent 8 }} + {{- if .clusterResourceWhitelist }} + clusterResourceWhitelist: +{{- toYaml .clusterResourceWhitelist | nindent 8 }} + {{- end }} + {{- if .namespaceResourceBlacklist }} + namespaceResourceBlacklist: +{{- toYaml .namespaceResourceBlacklist | nindent 8 }} + {{- end }} + {{- if .orphanedResources }} + orphanedResources: +{{- toYaml .orphanedResources | nindent 8 }} + {{- end }} + {{- if .roles }} + roles: +{{- toYaml .roles | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server-role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml similarity index 76% rename from charts/argo-cd/templates/argocd-server-role.yaml rename to charts/argo-cd/templates/argocd-server/role.yaml index 832ca5c4..e966f52b 100644 --- a/charts/argo-cd/templates/argocd-server-role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -1,14 +1,14 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: argocd-server + name: {{ template "argo-cd.server.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.server.name }} rules: - apiGroups: - "" @@ -42,4 +42,4 @@ rules: - events verbs: - create - - list + - list \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller-rolebinding.yaml b/charts/argo-cd/templates/argocd-server/rolebinding.yaml similarity index 53% rename from charts/argo-cd/templates/argocd-application-controller-rolebinding.yaml rename to charts/argo-cd/templates/argocd-server/rolebinding.yaml index 530475ec..524e30bf 100644 --- a/charts/argo-cd/templates/argocd-application-controller-rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/rolebinding.yaml @@ -1,18 +1,19 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: argocd-application-controller + name: {{ template "argo-cd.server.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: application-controller + app.kubernetes.io/component: {{ .Values.server.name }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: argocd-application-controller + name: {{ template "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: argocd-application-controller + name: {{ template "argo-cd.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml new file mode 100644 index 00000000..40acff4a --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -0,0 +1,31 @@ +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.server.service.annotations }} + annotations: + {{- range $key, $value := .Values.server.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ template "argo-cd.server.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} +spec: + type: {{ .Values.server.service.type }} + ports: + - name: http + protocol: TCP + port: {{ .Values.server.service.servicePortHttp }} + targetPort: {{ .Values.server.name }} + - name: https + protocol: TCP + port: {{ .Values.server.service.servicePortHttps }} + targetPort: {{ .Values.server.name }} + selector: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server-sa.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml similarity index 57% rename from charts/argo-cd/templates/argocd-server-sa.yaml rename to charts/argo-cd/templates/argocd-server/serviceaccount.yaml index d764c65f..18285a05 100644 --- a/charts/argo-cd/templates/argocd-server-sa.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -1,11 +1,11 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: argocd-server + name: {{ template "argo-cd.serverServiceAccountName" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.server.name }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml new file mode 100644 index 00000000..338b69ed --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -0,0 +1,33 @@ +{{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.server.fullname" . }} + {{- if .Values.server.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.server.name }} +{{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }} + {{- if .Values.server.metrics.serviceMonitor.additionalLabels }} +{{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + interval: 30s + path: /metrics + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics + app.kubernetes.io/component: {{ .Values.server.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-ssh-known-hosts-cm.yaml deleted file mode 100644 index 84aeb7d5..00000000 --- a/charts/argo-cd/templates/argocd-ssh-known-hosts-cm.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -data: - ssh_known_hosts: | - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== - github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= - gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf - gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 - ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }} - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: argocd - name: argocd-ssh-known-hosts-cm diff --git a/charts/argo-cd/templates/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-tls-certs-cm.yaml deleted file mode 100644 index 602879af..00000000 --- a/charts/argo-cd/templates/argocd-tls-certs-cm.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -data: null -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }} - helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: argocd - name: argocd-tls-certs-cm diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml new file mode 100644 index 00000000..92576db1 --- /dev/null +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -0,0 +1,76 @@ +{{- if .Values.dex.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-cd.dex.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.dex.name }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.dex.name }} + spec: + initContainers: + - name: copyutil + image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.pullPolicy }} + command: + - cp + - /usr/local/bin/argocd-util + - /shared + volumeMounts: + - mountPath: /shared + name: static-files + containers: + - name: {{ .Values.dex.name }} + image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} + imagePullPolicy: {{ .Values.dex.image.pullPolicy }} + command: + - /shared/argocd-util + - rundex + ports: + - name: http + containerPort: {{ .Values.dex.containerPortHttp }} + protocol: TCP + - name: grpc + containerPort: {{ .Values.dex.containerPortGrpc }} + protocol: TCP +{{- if .Values.dex.volumeMounts }} + volumeMounts: +{{- toYaml .Values.dex.volumeMounts | nindent 10 }} +{{- end }} + resources: +{{- toYaml .Values.dex.resources | nindent 10 }} + {{- if .Values.dex.nodeSelector }} + nodeSelector: +{{- toYaml .Values.dex.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.dex.tolerations }} + tolerations: +{{- toYaml .Values.dex.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.dex.affinity }} + affinity: +{{- toYaml .Values.dex.affinity | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} +{{- if .Values.dex.volumes }} + volumes: +{{- toYaml .Values.dex.volumes | nindent 8}} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-dex-server-role.yaml b/charts/argo-cd/templates/dex/role.yaml similarity index 62% rename from charts/argo-cd/templates/argocd-dex-server-role.yaml rename to charts/argo-cd/templates/dex/role.yaml index 16076248..ee2bf02f 100644 --- a/charts/argo-cd/templates/argocd-dex-server-role.yaml +++ b/charts/argo-cd/templates/dex/role.yaml @@ -1,14 +1,15 @@ +{{- if .Values.dex.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: argocd-dex-server + name: {{ template "argo-cd.dex.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: dex-server + app.kubernetes.io/component: {{ .Values.dex.name }} rules: - apiGroups: - "" @@ -18,4 +19,5 @@ rules: verbs: - get - list - - watch \ No newline at end of file + - watch +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server-rolebinding.yaml b/charts/argo-cd/templates/dex/rolebinding.yaml similarity index 51% rename from charts/argo-cd/templates/argocd-server-rolebinding.yaml rename to charts/argo-cd/templates/dex/rolebinding.yaml index 4c53b979..508ec0dd 100644 --- a/charts/argo-cd/templates/argocd-server-rolebinding.yaml +++ b/charts/argo-cd/templates/dex/rolebinding.yaml @@ -1,19 +1,21 @@ +{{- if .Values.dex.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: argocd-server + name: {{ template "argo-cd.dex.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: server - + app.kubernetes.io/component: {{ .Values.dex.name }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: argocd-server + name: {{ template "argo-cd.dex.fullname" . }} subjects: - kind: ServiceAccount - name: argocd-server + name: {{ template "argo-cd.dexServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml new file mode 100644 index 00000000..2e1899c4 --- /dev/null +++ b/charts/argo-cd/templates/dex/service.yaml @@ -0,0 +1,26 @@ +{{- if .Values.dex.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "argo-cd.dex.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.dex.name }} +spec: + ports: + - name: http + protocol: TCP + port: {{ .Values.dex.servicePortHttp }} + targetPort: http + - name: grpc + protocol: TCP + port: {{ .Values.dex.servicePortGrpc }} + targetPort: grpc + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/dex/serviceaccount.yaml b/charts/argo-cd/templates/dex/serviceaccount.yaml new file mode 100644 index 00000000..bdd9f1b0 --- /dev/null +++ b/charts/argo-cd/templates/dex/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.dex.enabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "argo-cd.dexServiceAccountName" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.dex.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml new file mode 100644 index 00000000..67e0acfc --- /dev/null +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -0,0 +1,61 @@ +{{- if .Values.redis.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-cd.redis.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.redis.name }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: {{ .Values.redis.name }} + spec: + automountServiceAccountToken: false + containers: + - name: {{ template "argo-cd.redis.fullname" . }} + args: + - --save + - "" + - --appendonly + - "no" + image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} + imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}} + ports: + - containerPort: {{ .Values.redis.containerPort }} +{{- if .Values.redis.volumeMounts }} + volumeMounts: +{{- toYaml .Values.redis.volumeMounts | nindent 10 }} +{{- end }} + resources: +{{- toYaml .Values.redis.resources | nindent 10 }} + {{- if .Values.redis.nodeSelector }} + nodeSelector: +{{- toYaml .Values.redis.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.redis.tolerations }} + tolerations: +{{- toYaml .Values.redis.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.redis.affinity }} + affinity: +{{- toYaml .Values.redis.affinity | nindent 8 }} + {{- end }} +{{- if .Values.redis.volumes }} + volumes: +{{- toYaml .Values.redis.volumes | nindent 8}} +{{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-redis-service.yaml b/charts/argo-cd/templates/redis/service.yaml similarity index 54% rename from charts/argo-cd/templates/argocd-redis-service.yaml rename to charts/argo-cd/templates/redis/service.yaml index 01883d75..4eeaef15 100644 --- a/charts/argo-cd/templates/argocd-redis-service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -1,17 +1,19 @@ +{{- if .Values.redis.enabled }} apiVersion: v1 kind: Service metadata: - name: argocd-redis + name: {{ template "argo-cd.redis.fullname" . }} labels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} - app.kubernetes.io/component: redis + app.kubernetes.io/component: {{ .Values.redis.name }} spec: ports: - port: {{ .Values.redis.servicePort }} targetPort: {{ .Values.redis.servicePort }} selector: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8b64ab8d..546aa849 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1,198 +1,526 @@ -applicationController: - containerPort: 8082 - servicePort: 8082 - image: - repository: argoproj/argocd - tag: v1.2.4 - pullPolicy: Always - volumeMounts: [] - volumes: [] +## ArgoCD configuration +## Ref: https://github.com/argoproj/argo-cd +## +nameOverride: argocd -server: - containerPort: 8080 - metricsPort: 8083 - servicePortHttp: 80 - servicePortHttps: 443 - serviceAnnotations: {} +global: image: repository: argoproj/argocd tag: v1.2.4 - pullPolicy: Always - serviceType: ClusterIP + imagePullPolicy: IfNotPresent + +## Controller +controller: + name: application-controller + + image: {} + # repository: argoproj/argocd + # tag: v1.2.1 + # imagePullPolicy: IfNotPresent + + ## Argo controller commandline flags + args: + statusProcessors: "20" + operationProcessors: "10" + + ## Argo controller log level + logLevel: info + + ## Additional command line arguments to pass to argocd-controller extraArgs: [] - volumeMounts: [] - # - name: ssh-known-hosts - # mountPath: /app/config/ssh - volumes: [] - # - name: ssh-known-hosts - # configMap: - # name: argocd-ssh-known-hosts-cm - annotations: {} -repoServer: - containerPort: 8081 - servicePort: 8081 - image: - repository: argoproj/argocd - tag: v1.2.4 - pullPolicy: Always - volumeMounts: [] - volumes: [] - # - name: custom-tools - # emptyDir: {} - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://storage.googleapis.com/kubernetes-helm/helm-v2.12.3-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - imagePullSecrets: [] - # - name: docker-auth-secret + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the controller port + containerPort: 8082 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the controller main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Controller service configuration + service: + annotations: {} + labels: {} + port: 8082 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: {} + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + + serviceAccount: + create: true + name: argocd-application-controller + + ## Server metrics controller configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8082 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Enable Admin ClusterRole resources. + ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster. + clusterAdminAccess: + enabled: true + +## Dex +dex: + enabled: true + name: dex-server -dexServer: - containerPortHttp: 5556 - containerPortGrpc: 5557 - servicePortHttp: 5556 - servicePortGrpc: 5557 image: repository: quay.io/dexidp/dex - tag: v2.19.0 - pullPolicy: Always - initImage: - repository: argoproj/argocd - tag: v1.2.4 - pullPolicy: Always - volumeMounts: [] - volumes: [] + tag: v2.14.0 + imagePullPolicy: IfNotPresent + initImage: {} -# terminate tls at ArgoCD level -ingress: - enabled: false - annotations: - {} - # kubernetes.io/ingress.class: nginx - # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - # nginx.ingress.kubernetes.io/ssl-passthrough: "true" - path: / - additionalHosts: [] - tls: - # Secrets must be manually created in the namespace. - # - secretName: chart-example-tls - # hosts: - # - chart-example.local + serviceAccount: + create: true + name: argocd-dex-server -certificate: - enabled: false - issuer: - kind: # ClusterIssuer - name: # letsencrypt + ## Additional volumeMounts to the controller main container. + volumeMounts: + - name: static-files + mountPath: /shared -clusterAdminAccess: - enabled: true + ## Additional volumes to the controller pod. + volumes: + - name: static-files + emptyDir: {} -config: - createSecret: true - enableAnonymousAccess: false - resourceExclusions: - # - apiGroups: - # - "*" - # kinds: - # - "*" - # clusters: - # - https://192.168.0.20 - helmRepositories: - # - name: privateRepo - # url: http://chartmuseum.privatecloud.com - # usernameSecret: - # name: private-chartmuseum - # key: username - # passwordSecret: - # name: private-chartmuseum - # key: password - # - name: incubator - # url: https://kubernetes-charts-incubator.storage.googleapis.com/ - repositories: - # - url: git@gitlab.com:usersprivategroup/users-gitops-config.git - # sshPrivateKeySecret: - # key: privateKey - # name: argocd-dev-key - # - url: git@gitlab.com:accountingprivategroup/accounting-gitops-config.git - # sshPrivateKeySecret: - # key: privateKey - # name: argocd-dev-key - dexConfig: - # # Argo CD's externally facing base URL. Required for configuring SSO - # # url: https://argo-cd-demo.argoproj.io - # - # # A dex connector configuration. See documentation on how to configure SSO: - # # https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/sso.md#2-configure-argo-cd-for-sso - # connectors: - # # GitHub example - # - type: github - # id: github - # name: GitHub - # config: - # clientID: aabbccddeeff00112233 - # clientSecret: $dex.github.clientSecret - # orgs: - # - name: your-github-org - # teams: - url: # https://argocd.example.com/ - oidcConfig: - # name: Okta - # issuer: https://dev-123456.oktapreview.com - # clientID: aaaabbbbccccddddeee - # clientSecret: $oidc.okta.clientSecret - # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook - # events. To enable webhooks, configure one or more of the following keys with the shared git - # provider webhook secret. The payload URL configured in the git provider should use the - # /api/webhook endpoint of your Argo CD instance (e.g. https://argocd.example.com/api/webhook) - webhook: - githubSecret: - gitlabSecret: - bitbucketSecret: - resourceCustomizations: - # certmanager.k8s.io/Certificate: - # health.lua: | - # hs = {} - # ... - # return hs - configManagementPlugins: - # - name: pluginName - # init: # Optional command to initialize application source directory - # command: ["sample command"] - # args: ["sample args"] - # generate: # Command to generate manifests YAML - # command: ["sample command"] - # args: ["sample args"] + ## Dex deployment container ports + containerPortHttp: 5556 + servicePortHttp: 5556 + containerPortGrpc: 5557 + servicePortGrpc: 5557 -rbac: - # # An RBAC policy .csv file containing additional policy and role definitions. - # # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md on how to write RBAC policies. - # policy.csv: | - # # Give all members of "my-org:team-alpha" the ability to sync apps in "my-project" - # p, my-org:team-alpha, applications, sync, my-project/*, allow - # # Make all members of "my-org:team-beta" admins - # g, my-org:team-beta, role:admin - policyCsv: #| - # p, role:org-admin, applications, *, */*, allow - # p, role:org-admin, clusters, get, *, allow - # p, role:org-admin, repositories, get, *, allow - # p, role:org-admin, repositories, create, *, allow - # p, role:org-admin, repositories, update, *, allow - # p, role:org-admin, repositories, delete, *, allow - # g, your-github-org:your-team, role:org-admin - policyDefault: #role:readonly - scopes: #[groups] + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: {} + affinity: {} + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + +## Redis redis: + enabled: false + name: redis + image: repository: redis tag: 5.0.3 - pullPolicy: Always + imagePullPolicy: IfNotPresent + containerPort: 6379 servicePort: 6379 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: {} + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + +## Server +server: + name: server + + image: {} + # repository: argoproj/argocd + # tag: v1.2.1 + # imagePullPolicy: IfNotPresent + + ## Additional command line arguments to pass to argocd-server + # extraArgs: [] + # - insecure + extraArgs: [] + + ## Argo server log level + logLevel: info + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the server port + containerPort: 8080 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the server main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: {} + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + + ## Certificate configuration + certificate: + enabled: false + domain: argocd.example.com + issuer: {} + additionalHosts: [] + + ## Server service configuration + service: + annotations: {} + labels: {} + type: ClusterIP + servicePortHttp: 80 + servicePortHttps: 443 + + ## Server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8083 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + serviceAccount: + create: true + name: argocd-server + + ingress: + enabled: false + annotations: {} + labels: {} + + ## Argo Ingress. + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + ## + hosts: [] + # - argocd.example.com + paths: + - / + tls: [] + # - secretName: argocd-example-tls + # hosts: + # - argocd.example.com + + ## ArgoCD config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml + config: + # Argo CD's externally facing base URL (optional). Required when configuring SSO + url: https://argocd.example.com + # Argo CD instance label key + application.instanceLabelKey: argocd.argoproj.io/instance + + ## ArgoCD rbac config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + rbacConfig: + # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). + # Policy rules are in the form: + # p, subject, resource, action, object, effect + # Role definitions and bindings are in the form: + # g, subject, inherited-subject + # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + policy.csv: | + # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project' + p, my-org:team-alpha, applications, sync, my-project/*, allow + # Grant all members of 'my-org:team-beta' admins + g, my-org:team-beta, role:admin + # policy.default is the name of the default role which Argo CD will falls back to, when + # authorizing API requests (optional). If omitted or empty, users may be still be able to login, + # but will see no apps, projects, etc... + policy.default: role:readonly + + # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). + # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. + scopes: '[cognito:groups, email]' + + ## Not well tested and not well supported on release v1.0.0. + ## Applications + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalApplications: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # project: guestbook + # source: + # repoURL: https://github.com/argoproj/argocd-example-apps.git + # targetRevision: HEAD + # path: guestbook + # directory: + # recurse: true + # destination: + # server: https://kubernetes.default.svc + # namespace: guestbook + # syncPolicy: + # automated: + # prune: false + # selfHeal: false + + ## Projects + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalProjects: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # description: Example Project + # sourceRepos: + # - '*' + # destinations: + # - namespace: guestbook + # server: https://kubernetes.default.svc + # clusterResourceWhitelist: [] + # namespaceResourceBlacklist: + # - group: '' + # kind: ResourceQuota + # - group: '' + # kind: LimitRange + # - group: '' + # kind: NetworkPolicy + # orphanedResources: {} + # roles: [] + # orphanedResources: {} + # roles: [] + +## Repo Server +repoServer: + name: repo-server + + image: {} + # repository: argoproj/argocd + # tag: v1.2.1 + # imagePullPolicy: IfNotPresent + + ## Additional command line arguments to pass to argocd-repo-server + ## + extraArgs: [] + + ## Argo repoServer log level + logLevel: info + + ## Annotations to be added to repo server pods + ## + podAnnotations: {} + + ## Labels to be added to repo server pods + ## + podLabels: {} + + ## Configures the repo server port + containerPort: 8081 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the repo server main container. + volumeMounts: [] + + ## Additional volumes to the repo server pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: {} + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + + ## Repo server service configuration + service: + annotations: {} + labels: {} + port: 8081 + + ## Repo server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8084 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + +## Argo Configs +configs: + knownHosts: + data: + ssh_known_hosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + tlsCerts: {} + # data: + # argocd.example.com: | + # -----BEGIN CERTIFICATE----- + # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL + # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE + # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 + # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda + # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT + # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES + # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi + # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 + # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc + # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u + # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G + # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ + # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E + # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko + # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J + # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u + # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO + # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 + # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 + # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ + # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn + # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx + # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 + # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT + # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr + # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO + # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so + # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr + # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 + # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W + # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK + # XWyb96wrUlv+E8I= + # -----END CERTIFICATE----- + secret: + createSecret: true + githubSecret: "" + gitlabSecret: "" + bitbucketSecret: "" From 5f330368902325a52aeb7eb11a9821f6d59e5f6e Mon Sep 17 00:00:00 2001 From: Sean Johnson Date: Wed, 6 Nov 2019 08:08:17 +1100 Subject: [PATCH 04/18] Fix up chart linting, add docs and lint script (#146) This updates the Helm linting system with the following changes: - Import lintconf.yaml with small change to comment distance in order to match existing values.yaml standards - Update Chart.yaml and values.yaml in each chart to pass linting standards - Maintainers added to each chart from OWNERS + CODEOWNERS, the linter requires GitHub usernames so argo-events maintainer names were converted - README updated with documentation around chart standards and testing - A local shell script added for running lint tests locally --- .circleci/config.yml | 2 +- .circleci/lintconf.yaml | 42 +++++++++++++++++++++++++++++++++++ CONTRIBUTING.md | 27 ++++++++++++++++++++++ charts/argo-cd/Chart.yaml | 2 +- charts/argo-ci/Chart.yaml | 10 +++++++-- charts/argo-ci/values.yaml | 1 - charts/argo-events/Chart.yaml | 15 +++++++------ charts/argo/Chart.yaml | 8 ++++++- scripts/lint.sh | 18 +++++++++++++++ 9 files changed, 112 insertions(+), 13 deletions(-) create mode 100644 .circleci/lintconf.yaml create mode 100755 scripts/lint.sh diff --git a/.circleci/config.yml b/.circleci/config.yml index 60db788d..072c6736 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -5,7 +5,7 @@ jobs: - image: gcr.io/kubernetes-charts-ci/test-image:v3.0.1 steps: - checkout - - run: ct lint --config .circleci/chart-testing.yaml + - run: ct lint --config .circleci/chart-testing.yaml --lint-conf .circleci/lintconf.yaml # Technically this only needs to be run on master, but it's good to have it run on every PR # so that it is regularly tested. publish: diff --git a/.circleci/lintconf.yaml b/.circleci/lintconf.yaml new file mode 100644 index 00000000..dbefbcc6 --- /dev/null +++ b/.circleci/lintconf.yaml @@ -0,0 +1,42 @@ +--- +rules: + braces: + min-spaces-inside: 0 + max-spaces-inside: 0 + min-spaces-inside-empty: -1 + max-spaces-inside-empty: -1 + brackets: + min-spaces-inside: 0 + max-spaces-inside: 0 + min-spaces-inside-empty: -1 + max-spaces-inside-empty: -1 + colons: + max-spaces-before: 0 + max-spaces-after: 1 + commas: + max-spaces-before: 0 + min-spaces-after: 1 + max-spaces-after: 1 + comments: + require-starting-space: true + min-spaces-from-content: 1 + document-end: disable + document-start: disable # No --- to start a file + empty-lines: + max: 2 + max-start: 0 + max-end: 0 + hyphens: + max-spaces-after: 1 + indentation: + spaces: consistent + indent-sequences: whatever # - list indentation will handle both indentation and without + check-multi-line-strings: false + key-duplicates: enable + line-length: disable # Lines can be any length + new-line-at-end-of-file: enable + new-lines: + type: unix + trailing-spaces: enable + truthy: + level: warning diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3bdd1cd3..3ca1d3c2 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -51,6 +51,33 @@ argocd app create guestbook --dest-namespace default --dest-server https://kuber argocd app sync guestbook ``` +## New Application Versions + +When raising application versions ensure you make the following changes: + +- `values.yaml`: Bump all instances of the container image version +- `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version` + +Please ensure chart version changes adhere to semantic versioning standards: + +- Patch: App version patch updates, backwards compatible optional chart features +- Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes +- Major: Large chart rewrites, major non-backwards compatible or destructive changes + +## Testing Charts + +As part of the Continous Intergration system we run Helm's [Chart Testing](https://github.com/helm/chart-testing) tool. + +The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames. + +Linting configuration can be found in [lintconf.yaml](.circleci/lintconf.yaml) + +The linting can be invoked manually with the following command: + +``` +./scripts/lint.sh +``` + ## Publishing Changes Changes are automatically publish whenever a commit is merged to master. The CI job (see `.circleci/config.yaml`) runs this: diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 414cdea8..55b3868b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.2.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.0 +version: 1.0.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-ci/Chart.yaml b/charts/argo-ci/Chart.yaml index 4539525b..3f3230f9 100644 --- a/charts/argo-ci/Chart.yaml +++ b/charts/argo-ci/Chart.yaml @@ -1,5 +1,11 @@ apiVersion: v1 description: A Helm chart for Argo-CI name: argo-ci -version: 0.1.4 -icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png \ No newline at end of file +version: 0.1.5 +icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +appVersion: v1.0.0-alpha2 +home: https://github.com/argoproj/argo-helm +maintainers: + - name: alexec + - name: alexmt + - name: jessesuen diff --git a/charts/argo-ci/values.yaml b/charts/argo-ci/values.yaml index 092b182e..cccff91b 100644 --- a/charts/argo-ci/values.yaml +++ b/charts/argo-ci/values.yaml @@ -9,4 +9,3 @@ argo: installMinio: true minioBucketName: argo-artifacts useReleaseAsInstanceID: true - \ No newline at end of file diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 4d7f9aa4..a4c4fcff 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,15 +1,16 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.5.1 +version: 0.5.2 keywords: -- argo-events -- sensor-controller -- gateway-controller + - argo-events + - sensor-controller + - gateway-controller sources: -- https://github.com/argoproj/argo-events + - https://github.com/argoproj/argo-events maintainers: -- name: Vaibhav Page -- name: Matt Magaldi + - name: VaibhavPage + - name: magaldima appVersion: 0.10 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +home: https://github.com/argoproj/argo-helm diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index e8bc5a0c..e3d2f2dc 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,5 +2,11 @@ apiVersion: v1 appVersion: "v2.4.2" description: A Helm chart for Argo Workflows name: argo -version: 0.6.2 +version: 0.6.3 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +home: https://github.com/argoproj/argo-helm +maintainers: + - name: alexec + - name: alexmt + - name: jessesuen + - name: benjaminws diff --git a/scripts/lint.sh b/scripts/lint.sh new file mode 100755 index 00000000..e0c7a222 --- /dev/null +++ b/scripts/lint.sh @@ -0,0 +1,18 @@ +#!/bin/bash +set -eux + +SRCROOT="$(cd "$(dirname "$0")/.." && pwd)" + +for dir in $(find $SRCROOT/charts -mindepth 1 -maxdepth 1 -type d); +do + name=$(basename $dir) + echo "Running Helm linting for $name" + docker run \ + -v "$SRCROOT:/workdir" \ + gcr.io/kubernetes-charts-ci/test-image:v3.0.1 \ + ct \ + lint \ + --config .circleci/chart-testing.yaml \ + --lint-conf .circleci/lintconf.yaml \ + --charts "/workdir/charts/${name}" +done From 33c4adfbb6fd677935beb5ea8a0b965a2c1f50e2 Mon Sep 17 00:00:00 2001 From: TomHellier <4739623+TomHellier@users.noreply.github.com> Date: Tue, 5 Nov 2019 22:47:56 +0000 Subject: [PATCH 05/18] Issue #147, k8s label part-of expected to be argocd (#151) The argocd application expects that the label 'app.kubernetes.io/part-of' is set to 'argocd' otherwise the configmap or secret is rejected, and the argocd-dex-server, argocd-server, and argocd-application-controller fail to start. --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 2 +- .../templates/argocd-application-controller/clusterrole.yaml | 2 +- .../argocd-application-controller/clusterrolebinding.yaml | 2 +- .../templates/argocd-application-controller/deployment.yaml | 4 ++-- .../argocd-application-controller/metrics-service.yaml | 2 +- .../argo-cd/templates/argocd-application-controller/role.yaml | 2 +- .../templates/argocd-application-controller/rolebinding.yaml | 2 +- .../templates/argocd-application-controller/service.yaml | 2 +- .../argocd-application-controller/serviceaccount.yaml | 2 +- .../argocd-application-controller/servicemonitor.yaml | 2 +- charts/argo-cd/templates/argocd-configs/argocd-cm.yaml | 2 +- charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml | 2 +- charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 2 +- .../templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml | 2 +- .../argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 4 ++-- .../argo-cd/templates/argocd-repo-server/metrics-service.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/service.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/argocd-server/certificate.yaml | 2 +- charts/argo-cd/templates/argocd-server/clusterrole.yaml | 2 +- .../argo-cd/templates/argocd-server/clusterrolebinding.yaml | 2 +- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- charts/argo-cd/templates/argocd-server/metrics-service.yaml | 2 +- charts/argo-cd/templates/argocd-server/role.yaml | 2 +- charts/argo-cd/templates/argocd-server/rolebinding.yaml | 2 +- charts/argo-cd/templates/argocd-server/service.yaml | 2 +- charts/argo-cd/templates/argocd-server/serviceaccount.yaml | 2 +- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/crds/application-crd.yaml | 2 +- charts/argo-cd/templates/crds/appproject-crd.yaml | 2 +- charts/argo-cd/templates/dex/deployment.yaml | 4 ++-- charts/argo-cd/templates/dex/role.yaml | 2 +- charts/argo-cd/templates/dex/rolebinding.yaml | 2 +- charts/argo-cd/templates/dex/service.yaml | 2 +- charts/argo-cd/templates/dex/serviceaccount.yaml | 2 +- charts/argo-cd/templates/redis/deployment.yaml | 4 ++-- charts/argo-cd/templates/redis/service.yaml | 2 +- 40 files changed, 45 insertions(+), 45 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 55b3868b..790adfcf 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.2.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.1 +version: 1.0.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4c21d029..b63ae9e0 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -2,7 +2,7 @@ Argo CD Chart ====== A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. -Current chart version is `1.0.0` +Current chart version is `1.0.2` Source code can be found [here](https://argoproj.github.io/argo-cd/) diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml index 32416869..733f4571 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} rules: - apiGroups: diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml index 79905319..26580a2d 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 0cf0b2b2..a1ca4eb0 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} spec: selector: @@ -29,7 +29,7 @@ spec: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} {{- if .Values.controller.podLabels }} {{- toYaml .Values.controller.podLabels | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml index 092eb4c1..aa1c6f87 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml @@ -13,7 +13,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} {{- if .Values.controller.metrics.service.labels }} {{- toYaml .Values.controller.metrics.service.labels | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-application-controller/role.yaml b/charts/argo-cd/templates/argocd-application-controller/role.yaml index 24ed4b07..4b0ec4fc 100644 --- a/charts/argo-cd/templates/argocd-application-controller/role.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} rules: - apiGroups: diff --git a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml index fe99c47e..a90ca9f6 100644 --- a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/charts/argo-cd/templates/argocd-application-controller/service.yaml b/charts/argo-cd/templates/argocd-application-controller/service.yaml index 82e304d9..bda37168 100644 --- a/charts/argo-cd/templates/argocd-application-controller/service.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/service.yaml @@ -13,7 +13,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} spec: ports: diff --git a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index 2d03fb2b..b397d43c 100644 --- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -7,5 +7,5 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 0a797afb..c820e3bb 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -11,7 +11,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} {{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }} {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index ee1f90af..8f83fd6b 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} data: {{- toYaml .Values.server.config | nindent 4 }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index 44b1db4b..34d1db45 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} data: {{- toYaml .Values.server.rbacConfig | nindent 4 }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 3bb94c5f..6d4c3901 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} type: Opaque {{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketSecret) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 30d6502c..cf424661 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -7,6 +7,6 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} name: argocd-ssh-known-hosts-cm \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 01922612..e36fab55 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -9,6 +9,6 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} name: argocd-tls-certs-cm \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index af4689a1..9c54d0dd 100644 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.repoServer.name }} spec: selector: @@ -29,7 +29,7 @@ spec: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.repoServer.name }} {{- if .Values.controller.podLabels }} {{- toYaml .Values.controller.podLabels | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml index eee0008f..99b8eb9e 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml @@ -13,7 +13,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.repoServer.name }} {{- if .Values.repoServer.metrics.service.labels }} {{- toYaml .Values.repoServer.metrics.service.labels | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/service.yaml b/charts/argo-cd/templates/argocd-repo-server/service.yaml index 0b5db2d9..9ce1f144 100644 --- a/charts/argo-cd/templates/argocd-repo-server/service.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/service.yaml @@ -12,7 +12,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.repoServer.name }} name: {{ template "argo-cd.repoServer.fullname" . }} spec: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 910d6b60..bd064f17 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -11,7 +11,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.repoServer.name }} {{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }} {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index ffc98066..3c190c1d 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} spec: commonName: {{ .Values.server.certificate.domain | quote }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index d89a76f0..d14fcca6 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} rules: - apiGroups: diff --git a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 12797de8..2cf4765e 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index fb8fa416..f2d10b84 100644 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} spec: selector: @@ -29,7 +29,7 @@ spec: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} {{- if .Values.controller.podLabels }} {{- toYaml .Values.controller.podLabels | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 792af88a..68ffbe5d 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -17,7 +17,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} {{- if .Values.server.ingress.labels }} {{- toYaml .Values.server.ingress.labels | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-server/metrics-service.yaml b/charts/argo-cd/templates/argocd-server/metrics-service.yaml index fd470257..44b8b1e1 100644 --- a/charts/argo-cd/templates/argocd-server/metrics-service.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics-service.yaml @@ -13,7 +13,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} {{- if .Values.server.metrics.service.labels }} {{- toYaml .Values.server.metrics.service.labels | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index e966f52b..4b7fe6d8 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} rules: - apiGroups: diff --git a/charts/argo-cd/templates/argocd-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-server/rolebinding.yaml index 524e30bf..37bf10b6 100644 --- a/charts/argo-cd/templates/argocd-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/rolebinding.yaml @@ -7,7 +7,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 40acff4a..031d0b62 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -13,7 +13,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} spec: type: {{ .Values.server.service.type }} diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index 18285a05..08f11d01 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -7,5 +7,5 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 338b69ed..6d995ff7 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -11,7 +11,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} {{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }} {{- if .Values.server.metrics.serviceMonitor.additionalLabels }} diff --git a/charts/argo-cd/templates/crds/application-crd.yaml b/charts/argo-cd/templates/crds/application-crd.yaml index 0dfa7a70..2f176e4f 100644 --- a/charts/argo-cd/templates/crds/application-crd.yaml +++ b/charts/argo-cd/templates/crds/application-crd.yaml @@ -4,7 +4,7 @@ metadata: labels: app.kubernetes.io/name: {{ include "argo-cd.name" . }} helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd name: applications.argoproj.io annotations: "helm.sh/hook": crd-install diff --git a/charts/argo-cd/templates/crds/appproject-crd.yaml b/charts/argo-cd/templates/crds/appproject-crd.yaml index b7ecccf0..61a0077b 100644 --- a/charts/argo-cd/templates/crds/appproject-crd.yaml +++ b/charts/argo-cd/templates/crds/appproject-crd.yaml @@ -4,7 +4,7 @@ metadata: labels: app.kubernetes.io/name: {{ include "argo-cd.name" . }} helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd name: appprojects.argoproj.io annotations: "helm.sh/hook": crd-install diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 92576db1..17c587e3 100644 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} spec: selector: @@ -22,7 +22,7 @@ spec: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} spec: initContainers: diff --git a/charts/argo-cd/templates/dex/role.yaml b/charts/argo-cd/templates/dex/role.yaml index ee2bf02f..e2eca1cb 100644 --- a/charts/argo-cd/templates/dex/role.yaml +++ b/charts/argo-cd/templates/dex/role.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} rules: - apiGroups: diff --git a/charts/argo-cd/templates/dex/rolebinding.yaml b/charts/argo-cd/templates/dex/rolebinding.yaml index 508ec0dd..54311e73 100644 --- a/charts/argo-cd/templates/dex/rolebinding.yaml +++ b/charts/argo-cd/templates/dex/rolebinding.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index 2e1899c4..cb5ec3f6 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} spec: ports: diff --git a/charts/argo-cd/templates/dex/serviceaccount.yaml b/charts/argo-cd/templates/dex/serviceaccount.yaml index bdd9f1b0..4df9ca5a 100644 --- a/charts/argo-cd/templates/dex/serviceaccount.yaml +++ b/charts/argo-cd/templates/dex/serviceaccount.yaml @@ -8,6 +8,6 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} {{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 67e0acfc..df4983e1 100644 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.redis.name }} spec: selector: @@ -21,7 +21,7 @@ spec: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.redis.name }} spec: automountServiceAccountToken: false diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index 4eeaef15..a30d5986 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: {{ include "argo-cd.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.redis.name }} spec: ports: From 2ffd0d8ebfaa9ec0ea2d79d745ecef1cdf1c4bd4 Mon Sep 17 00:00:00 2001 From: Jaret Date: Tue, 5 Nov 2019 15:38:22 -0800 Subject: [PATCH 06/18] remove default values from the argocd rbac configmap (#152) * remove default values from the argocd rbac configmap * Bump patch version --- charts/argo-cd/Chart.yaml | 2 +- .../templates/argocd-configs/argocd-rbac-cm.yaml | 4 +++- charts/argo-cd/values.yaml | 16 ++++++++-------- 3 files changed, 12 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 790adfcf..82ddd090 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.2.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.2 +version: 1.0.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index 34d1db45..a4b8e92f 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -9,5 +9,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} +{{- if .Values.server.rbacConfig }} data: -{{- toYaml .Values.server.rbacConfig | nindent 4 }} \ No newline at end of file +{{- toYaml .Values.server.rbacConfig | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 546aa849..9cd31ba3 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -314,26 +314,26 @@ server: ## ArgoCD rbac config ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md - rbacConfig: + rbacConfig: {} # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). # Policy rules are in the form: # p, subject, resource, action, object, effect # Role definitions and bindings are in the form: # g, subject, inherited-subject # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. - policy.csv: | - # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project' - p, my-org:team-alpha, applications, sync, my-project/*, allow - # Grant all members of 'my-org:team-beta' admins - g, my-org:team-beta, role:admin + # policy.csv: | + # # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project' + # p, my-org:team-alpha, applications, sync, my-project/*, allow + # # Grant all members of 'my-org:team-beta' admins + # g, my-org:team-beta, role:admin # policy.default is the name of the default role which Argo CD will falls back to, when # authorizing API requests (optional). If omitted or empty, users may be still be able to login, # but will see no apps, projects, etc... - policy.default: role:readonly + # policy.default: role:readonly # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. - scopes: '[cognito:groups, email]' + # scopes: '[cognito:groups, email]' ## Not well tested and not well supported on release v1.0.0. ## Applications From 7dff7e23ae589793e02a7de5e0dbf6abd456bd91 Mon Sep 17 00:00:00 2001 From: disposab1e <48065501+disposab1e@users.noreply.github.com> Date: Thu, 7 Nov 2019 09:20:31 +0100 Subject: [PATCH 07/18] OpenShift Route (#153) * OpenShift Route * Bump Chart Version to 1.0.4 --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 4 ++- .../templates/argocd-server/route.yaml | 30 +++++++++++++++++++ charts/argo-cd/values.yaml | 8 +++++ 4 files changed, 42 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-server/route.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 82ddd090..d357ee59 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.2.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.3 +version: 1.0.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b63ae9e0..62562b5e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -2,7 +2,7 @@ Argo CD Chart ====== A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. -Current chart version is `1.0.2` +Current chart version is `1.0.4` Source code can be found [here](https://argoproj.github.io/argo-cd/) @@ -147,6 +147,8 @@ $ helm install --name my-release argo/argo-cd | server.ingress.hosts | List of ingress hosts | `[]` | | server.ingress.labels | Additional ingress labels. | `{}` | | server.ingress.tls | Ingress TLS configuration. | `[]` | +| server.route.enabled | Enable a OpenShift route for the server | `false` | +| server.route.hostname | Hostname of OpenShift route | `""` | | server.livenessProbe.failureThreshold | int | `3` | | server.livenessProbe.initialDelaySeconds | int | `10` | | server.livenessProbe.periodSeconds | int | `10` | diff --git a/charts/argo-cd/templates/argocd-server/route.yaml b/charts/argo-cd/templates/argocd-server/route.yaml new file mode 100644 index 00000000..6473fd16 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/route.yaml @@ -0,0 +1,30 @@ +{{- if .Values.server.route.enabled -}} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: {{ template "argo-cd.server.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.server.name }} +{{- with .Values.server.route.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + host: {{ .Values.server.route.hostname | quote }} + subdomain: '' + to: + kind: Service + name: {{ template "argo-cd.server.fullname" . }} + weight: 100 + port: + targetPort: https + tls: + termination: passthrough + insecureEdgeTerminationPolicy: None + wildcardPolicy: None +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9cd31ba3..6f962a10 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -304,6 +304,14 @@ server: # hosts: # - argocd.example.com + # Create a OpenShift Route with SSL passthrough for UI and CLI + # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain + # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: + # If 'hostname' is an empty string "" OpenShift will create a hostname for you. + route: + enabled: false + hostname: "" + ## ArgoCD config ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml config: From fd5a3e3896f0aa0f881b379c39202eb5b065421b Mon Sep 17 00:00:00 2001 From: Jaret Date: Thu, 7 Nov 2019 02:04:00 -0800 Subject: [PATCH 08/18] Dex imagepull (#156) * Fix incorrect naming in dex * Bump patch version * Bump chart version --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/dex/deployment.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d357ee59..1ff3b187 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.2.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.4 +version: 1.0.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 17c587e3..e0d243a1 100644 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -39,7 +39,7 @@ spec: containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} - imagePullPolicy: {{ .Values.dex.image.pullPolicy }} + imagePullPolicy: {{ .Values.dex.image.imagePullPolicy }} command: - /shared/argocd-util - rundex From 361ea8d13dd3d8f80dad39c7b865aeede229a6d7 Mon Sep 17 00:00:00 2001 From: Alan Tang Date: Thu, 7 Nov 2019 10:06:22 +0000 Subject: [PATCH 09/18] K8S tolerations should contain list instead of object (#155) Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 10 +++++----- charts/argo-cd/values.yaml | 10 +++++----- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1ff3b187..b8031b13 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.2.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.5 +version: 1.0.6 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 62562b5e..caee1092 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -83,7 +83,7 @@ $ helm install --name my-release argo/argo-cd | controller.service.port | Controller service port. | `8082` | | controller.serviceAccount.create | Create a service account for the controller | `true` | | controller.serviceAccount.name | Service account name. | `"argocd-application-controller"` | -| controller.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| controller.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | | controller.volumeMounts | Controller volume mounts | `[]` | | controller.volumes | Controller volumes | `[]` | @@ -123,7 +123,7 @@ $ helm install --name my-release argo/argo-cd | repoServer.service.annotations | Repo server service annotations. | `{}` | | repoServer.service.labels | Repo server service labels. | `{}` | | repoServer.service.port | Repo server service port. | `8081` | -| repoServer.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| repoServer.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | | repoServer.volumeMounts | Repo server volume mounts | `[]` | | repoServer.volumes | Repo server volumes | `[]` | @@ -180,7 +180,7 @@ $ helm install --name my-release argo/argo-cd | server.service.type | Server service type | `"ClusterIP"` | | server.serviceAccount.create | Create server service account | `true` | | server.serviceAccount.name | Server service account name | `"argocd-server"` | -| server.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| server.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | | server.volumeMounts | Server volume mounts | `[]` | | server.volumes | Server volumes | `[]` | @@ -206,7 +206,7 @@ $ helm install --name my-release argo/argo-cd | dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` | | dex.servicePortGrpc | Server GRPC port | `5557` | | dex.servicePortHttp | Server HTTP port | `5556` | -| dex.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| dex.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | | dex.volumeMounts | Dex volume mounts | `"/shared"` | | dex.volumes | Dex volumes | `{}` | @@ -225,4 +225,4 @@ $ helm install --name my-release argo/argo-cd | redis.priorityClassName | Priority class for redis | `""` | | redis.resources | Resource limits and requests for redis | `{}` | | redis.servicePort | Redis service port | `6379` | -| redis.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` | +| redis.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6f962a10..5fbf7fe3 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -72,7 +72,7 @@ controller: ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" @@ -143,7 +143,7 @@ dex: ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" @@ -173,7 +173,7 @@ redis: ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" @@ -240,7 +240,7 @@ server: ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" @@ -445,7 +445,7 @@ repoServer: ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## nodeSelector: {} - tolerations: {} + tolerations: [] affinity: {} priorityClassName: "" From 6321442a012e7e903061222bc1fe0be28b635a7c Mon Sep 17 00:00:00 2001 From: Christine Banek Date: Tue, 12 Nov 2019 03:17:40 -0700 Subject: [PATCH 10/18] Better Helm NOTES.txt templating (#161) * Better Helm chart NOTES.txt templating Add some extra templating to NOTES.txt, which are displayed to the user after a successful helm install command. These are really helpful notes, but if you didn't specify a release name of argocd or put it in a separate namespace, these commands weren't exactly working with a copy paste. Now they should take into account the release name and release namespace helm was given. * Small CONTRIBUTING.md command line change Instead of just doing `argocd version`, be a little more explicit by passing in the server name and insecure flag. This will make sure that you're doing the version of the instance you're port-forwarding above, as opposed to some other argocd. --- CONTRIBUTING.md | 2 +- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/NOTES.txt | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3ca1d3c2..c7913b3a 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -32,7 +32,7 @@ kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 In a new terminal: ``` -argocd version +argocd version --server localhost:8080 --insecure # reset password to 'Password1!' kubectl -n argocd patch secret argocd-secret \ -p '{"stringData": { diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b8031b13..e7e48429 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.2.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.6 +version: 1.0.7 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 451727d6..4bec139b 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -1,6 +1,6 @@ In order to access the server UI you have the following options: -1. kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 +1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443 and then open the browser on http://localhost:8080 and accept the certificate @@ -12,4 +12,4 @@ In order to access the server UI you have the following options: After reaching the UI the first time you can login with username: admin and the password will be the name of the server pod. You can get the pod name by running: -kubectl get pods -n argocd -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2 \ No newline at end of file +kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2 From ca5d1d7078ef35a0a6f8fa836a0537b94875357f Mon Sep 17 00:00:00 2001 From: Jaret Date: Wed, 13 Nov 2019 19:01:01 -0800 Subject: [PATCH 11/18] Minor fixes 11 11 (#164) * Fixes documentation for arguments (#159) * enable redis by default (#148) * patch version bump --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 8 ++++---- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- charts/argo-cd/values.yaml | 8 +++++--- 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e7e48429..c2013af2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.2.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.7 +version: 1.0.8 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index caee1092..28f5f678 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -51,7 +51,7 @@ $ helm install --name my-release argo/argo-cd | controller.args.statusProcessors | define the controller `--status-processors` | `"20"` | | controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | | controller.containerPort | Controller listening port. | `8082` | -| controller.extraArgs | Additional arguments for the controller. | `[]` | +| controller.extraArgs | Additional arguments for the controller. A list of key:value pairs | `[]` | | controller.image.repository | Repository to use for the controller | `global.image.repository` | | controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` | | controller.image.tag | Tag to use for the controller | `global.image.tag` | @@ -93,7 +93,7 @@ $ helm install --name my-release argo/argo-cd |-----|------|---------|-------------| | repoServer.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | | repoServer.containerPort | Repo server port | `8081` | -| repoServer.extraArgs | Additional arguments for the repo server | `[]` | +| repoServer.extraArgs | Additional arguments for the repo server. A list of key:value pairs. | `[]` | | repoServer.image.repository | Repository to use for the repo server | `global.image.repository` | | repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` | | repoServer.image.tag | Tag to use for the repo server | `global.image.tag` | @@ -138,7 +138,7 @@ $ helm install --name my-release argo/argo-cd | server.certificate.issuer | Certificate manager issuer | `{}` | | server.config | URL for Argo CD | `{}` | | server.containerPort | Server container port. | `8080` | -| server.extraArgs | Additional arguments for the server | `[]` | +| server.extraArgs | Additional arguments for the server. A list of key:value pairs. | `[]` | | server.image.repository | Repository to use for the server | `global.image.repository` | | server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` | | server.image.tag | Tag to use for the repo server | `global.image.tag` | @@ -216,7 +216,7 @@ $ helm install --name my-release argo/argo-cd |-----|------|---------|-------------| | redis.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | | redis.containerPort | Redis container port | `6379` | -| redis.enabled | Enable redis | `false` | +| redis.enabled | Enable redis | `true` | | redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` | | redis.image.repository | Redis repository | `"redis"` | | redis.image.tag | Redis tag | `"5.0.3"` | diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 68ffbe5d..c3a84ea4 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -1,6 +1,6 @@ {{- if .Values.server.ingress.enabled -}} {{- $serviceName := include "argo-cd.server.fullname" . -}} -{{- $servicePort := .Values.server.name -}} +{{- $servicePort := .Values.server.service.servicePortHttp -}} {{- $paths := .Values.server.ingress.paths -}} apiVersion: extensions/v1beta1 kind: Ingress diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5fbf7fe3..53a66acb 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -27,6 +27,7 @@ controller: logLevel: info ## Additional command line arguments to pass to argocd-controller + ## - key: value extraArgs: [] ## Annotations to be added to controller pods @@ -158,7 +159,7 @@ dex: ## Redis redis: - enabled: false + enabled: true name: redis image: @@ -196,8 +197,9 @@ server: # imagePullPolicy: IfNotPresent ## Additional command line arguments to pass to argocd-server + ## - key: value # extraArgs: [] - # - insecure + # - insecure: true extraArgs: [] ## Argo server log level @@ -402,7 +404,7 @@ repoServer: # imagePullPolicy: IfNotPresent ## Additional command line arguments to pass to argocd-repo-server - ## + ## - key: value extraArgs: [] ## Argo repoServer log level From 6457037391527e7041d18718541a32f0c1cdba8a Mon Sep 17 00:00:00 2001 From: Andrew Suderman Date: Thu, 14 Nov 2019 15:20:55 -0700 Subject: [PATCH 12/18] [argo-events] v0.11 update (#162) * Updating for events 0.11 * Adding note to the README about how to install CRDs from github * Fixing handling of serviceAccount variable inside of loops --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/README.md | 7 +++++++ charts/argo-events/ci/test-values.yaml | 6 ++++++ .../argo-events/templates/argo-events-cluster-roles.yaml | 5 ++++- charts/argo-events/templates/argo-events-sa.yaml | 7 ++++--- charts/argo-events/values.yaml | 4 ++-- 6 files changed, 25 insertions(+), 8 deletions(-) create mode 100644 charts/argo-events/ci/test-values.yaml diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a4c4fcff..f20c8007 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.5.2 +version: 0.6.0 keywords: - argo-events - sensor-controller @@ -11,6 +11,6 @@ sources: maintainers: - name: VaibhavPage - name: magaldima -appVersion: 0.10 +appVersion: 0.11 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 174a8114..74cf9e83 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -14,3 +14,10 @@ This is a **community maintained** chart. It installs the [argo-events](https:// ## Notes on CRD Installation Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart. + +You can install the CRDs manually like so: + +``` +kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.11/hack/k8s/manifests/sensor-crd.yaml +kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.11/hack/k8s/manifests/gateway-crd.yaml +``` diff --git a/charts/argo-events/ci/test-values.yaml b/charts/argo-events/ci/test-values.yaml new file mode 100644 index 00000000..cd5d3916 --- /dev/null +++ b/charts/argo-events/ci/test-values.yaml @@ -0,0 +1,6 @@ +serviceAccount: argo-events-sa-test +additionalSaNamespaces: + - nsone + - nstwo +instanceID: test-argo-events +singleNamespace: false diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index c7a47254..878b8520 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -11,9 +11,10 @@ subjects: name: {{ .Values.serviceAccount }} namespace: {{ .Release.Namespace }} {{- if .Values.additionalSaNamespaces }} + {{ $sa := .Values.serviceAccount }} {{- range $namespace := .Values.additionalSaNamespaces }} - kind: ServiceAccount - name: {{ .Values.serviceAccount }} + name: {{ $sa }} namespace: {{ $namespace }} {{- end }} {{- end }} @@ -51,6 +52,8 @@ rules: resources: - workflows - workflows/finalizers + - workflowtemplates + - workflowtemplates/finalizers - gateways - gateways/finalizers - sensors diff --git a/charts/argo-events/templates/argo-events-sa.yaml b/charts/argo-events/templates/argo-events-sa.yaml index 04a39f51..f13b8a1d 100644 --- a/charts/argo-events/templates/argo-events-sa.yaml +++ b/charts/argo-events/templates/argo-events-sa.yaml @@ -1,4 +1,4 @@ -# All argo-events services are bound to the "argo-events" service account. +# All argo-events services are bound to the "argo-events" service account. # In RBAC enabled setups, this SA is bound to specific roles. apiVersion: v1 kind: ServiceAccount @@ -6,12 +6,13 @@ metadata: name: {{ .Values.serviceAccount }} namespace: {{ .Release.Namespace }} {{- if .Values.additionalSaNamespaces }} +{{ $sa := .Values.serviceAccount }} {{- range $namespace := .Values.additionalSaNamespaces }} --- apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.serviceAccount }} + name: {{ $sa }} namespace: {{ $namespace }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index a0841052..1ee2fa5a 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -26,11 +26,11 @@ singleNamespace: true sensorController: name: sensor-controller image: sensor-controller - tag: v0.10 + tag: v0.11 replicaCount: 1 gatewayController: name: gateway-controller image: gateway-controller - tag: v0.10 + tag: v0.11 replicaCount: 1 From 9b3d5d35a7db6c2f382ad95e3b3a4307ec57ebda Mon Sep 17 00:00:00 2001 From: Christine Banek Date: Sun, 17 Nov 2019 16:31:37 -0700 Subject: [PATCH 13/18] Fix delete crd command (#166) The part-of is incorrect compared to the argo-cd helm chart, which installs this crd as a part of argocd (without the dash). --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c7913b3a..ba764f3c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -19,7 +19,7 @@ Clean-up: ``` helm delete argo-cd --purge -kubectl delete crd -l app.kubernetes.io/part-of=argo-cd +kubectl delete crd -l app.kubernetes.io/part-of=argocd ``` Minimally: From 8c3430b89e63455196a43c85397e880e6ed9b668 Mon Sep 17 00:00:00 2001 From: Antoine Date: Wed, 20 Nov 2019 00:27:12 +0100 Subject: [PATCH 14/18] Repo server rbac (#160) * Added Role and service account to repo-server * Fixed comment in repo-server SA name helper * Bumped chart version * Added repoServer service account annotations --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/_helpers.tpl | 11 ++++++++++ .../argocd-repo-server/deployment.yaml | 1 + .../templates/argocd-repo-server/role.yaml | 17 +++++++++++++++ .../argocd-repo-server/rolebinding.yaml | 21 +++++++++++++++++++ .../argocd-repo-server/serviceaccount.yaml | 19 +++++++++++++++++ charts/argo-cd/values.yaml | 19 +++++++++++++++++ 7 files changed, 89 insertions(+), 1 deletion(-) create mode 100644 charts/argo-cd/templates/argocd-repo-server/role.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c2013af2..3804c69c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.2.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.8 +version: 1.0.9 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 2c892a75..af7f7c9f 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -92,6 +92,17 @@ Create the name of the ArgoCD server service account to use {{- end -}} {{- end -}} +{{/* +Create the name of the repo-server service account to use +*/}} +{{- define "argo-cd.repoServerServiceAccountName" -}} +{{- if .Values.repoServer.serviceAccount.create -}} + {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.repoServer.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create chart name and version as used by the chart label. */}} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 9c54d0dd..ea9ccfab 100644 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -105,6 +105,7 @@ spec: affinity: {{- toYaml .Values.repoServer.affinity | nindent 8 }} {{- end }} + serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }} volumes: {{- if .Values.repoServer.volumes }} {{- toYaml .Values.repoServer.volumes | nindent 8}} diff --git a/charts/argo-cd/templates/argocd-repo-server/role.yaml b/charts/argo-cd/templates/argocd-repo-server/role.yaml new file mode 100644 index 00000000..9c902ccc --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/role.yaml @@ -0,0 +1,17 @@ +{{- if .Values.repoServer.serviceAccount.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "argo-cd.repoServer.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.repoServer.name }} +rules: +{{- if .Values.repoServer.rbac }} +{{toYaml .Values.repoServer.rbac }} +{{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml new file mode 100644 index 00000000..692b11ee --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml @@ -0,0 +1,21 @@ +{{- if .Values.repoServer.serviceAccount.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-cd.repoServer.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.repoServer.name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "argo-cd.repoServer.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "argo-cd.repoServerServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml new file mode 100644 index 00000000..a0bae942 --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -0,0 +1,19 @@ +{{- if .Values.repoServer.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "argo-cd.repoServerServiceAccountName" . }} +{{- if .Values.repoServer.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.repoServer.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 53a66acb..0cbfbb15 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -480,6 +480,25 @@ repoServer: # namespace: monitoring # additionalLabels: {} + ## Repo server service account + ## If create is set to true, make sure to uncomment the name and update the rbac section below + serviceAccount: + create: false + # name: argocd-repo-server + ## Annotations applied to created service account + annotations: {} + + ## Repo server rbac rules + # rbac: + # - apiGroups: + # - argoproj.io + # resources: + # - applications + # verbs: + # - get + # - list + # - watch + ## Argo Configs configs: knownHosts: From 1e2038adcae7b926d7029c53139ac2ed253c09c1 Mon Sep 17 00:00:00 2001 From: Sean Johnson Date: Thu, 21 Nov 2019 15:40:15 +1100 Subject: [PATCH 15/18] [charts/argo-cd] Update to 1.3, some chart cleanup (#165) * [charts/argo-cd] Update to 1.3, some chart cleanup * Bumps the version of ArgoCD to 1.3 and the chart version to 1.2 due to a CRD change. Restored conditional CRDs to correct #27. Additionally, some value defaults were added so Helm strict linting could pass. * This adds some examples to the values.yaml on how to use the new Helm repo chart types. Add helmignore to help with development. --- charts/argo-cd/.helmignore | 2 + charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 2 - .../templates/crds/application-crd.yaml | 98 +++++++++++++------ .../templates/crds/appproject-crd.yaml | 55 ++++++++++- charts/argo-cd/templates/dex/deployment.yaml | 4 +- charts/argo-cd/values.yaml | 76 ++++++++++---- 7 files changed, 181 insertions(+), 60 deletions(-) create mode 100644 charts/argo-cd/.helmignore diff --git a/charts/argo-cd/.helmignore b/charts/argo-cd/.helmignore new file mode 100644 index 00000000..2df6bf53 --- /dev/null +++ b/charts/argo-cd/.helmignore @@ -0,0 +1,2 @@ +*.tgz +output diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3804c69c..a9b28699 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "1.2.4" +appVersion: "1.3.0" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.0.9 +version: 1.2.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 28f5f678..4cb50706 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -2,8 +2,6 @@ Argo CD Chart ====== A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. -Current chart version is `1.0.4` - Source code can be found [here](https://argoproj.github.io/argo-cd/) ## Additional Information diff --git a/charts/argo-cd/templates/crds/application-crd.yaml b/charts/argo-cd/templates/crds/application-crd.yaml index 2f176e4f..faf763a8 100644 --- a/charts/argo-cd/templates/crds/application-crd.yaml +++ b/charts/argo-cd/templates/crds/application-crd.yaml @@ -1,3 +1,4 @@ +{{- if .Values.installCRDs }} apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -416,7 +417,7 @@ spec: type: object type: array revision: - description: Revision is the git revision in which to sync the application + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. type: string source: @@ -424,6 +425,9 @@ spec: This is typically set in a Rollback operation and nil during a Sync operation properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -492,6 +496,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined as + a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -536,8 +544,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -561,7 +568,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application + description: RepoURL is the repository URL of the application manifests type: string targetRevision: @@ -571,7 +578,6 @@ spec: type: string required: - repoURL - - path type: object syncStrategy: description: SyncStrategy describes how to perform the sync @@ -634,7 +640,6 @@ spec: namespace: type: string required: - - group - kind - jsonPointers type: object @@ -661,6 +666,9 @@ spec: description: Source is a reference to the location ksonnet application definition properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -729,6 +737,9 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -773,8 +784,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository containing - a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management plugin @@ -798,8 +808,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: description: TargetRevision defines the commit, tag, or branch in @@ -807,7 +816,6 @@ spec: type: string required: - repoURL - - path type: object syncPolicy: description: SyncPolicy controls when a sync will be performed @@ -867,6 +875,9 @@ spec: type: string source: properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -936,6 +947,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined + as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -980,8 +995,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -1005,7 +1019,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application + description: RepoURL is the repository URL of the application manifests type: string targetRevision: @@ -1015,7 +1029,6 @@ spec: type: string required: - repoURL - - path type: object required: - revision @@ -1024,6 +1037,8 @@ spec: type: object type: array observedAt: + description: ObservedAt indicates when the application state was updated + without querying latest git state format: date-time type: string operationState: @@ -1071,15 +1086,18 @@ spec: type: object type: array revision: - description: Revision is the git revision in which to sync - the application to. If omitted, will use the revision - specified in app spec. + description: Revision is the revision in which to sync the + application to. If omitted, will use the revision specified + in app spec. type: string source: description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options @@ -1155,6 +1173,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined + as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -1200,8 +1222,8 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git + repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -1225,8 +1247,8 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the - application manifests + description: RepoURL is the repository URL of the application + manifests type: string targetRevision: description: TargetRevision defines the commit, tag, @@ -1235,7 +1257,6 @@ spec: type: string required: - repoURL - - path type: object syncStrategy: description: SyncStrategy describes how to perform the sync @@ -1322,12 +1343,15 @@ spec: type: object type: array revision: - description: Revision holds the git commit SHA of the sync + description: Revision holds the revision of the sync type: string source: description: Source records the application source information of the sync, used for comparing auto-sync properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -1399,6 +1423,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined + as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -1444,8 +1472,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -1469,7 +1496,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application + description: RepoURL is the repository URL of the application manifests type: string targetRevision: @@ -1479,7 +1506,6 @@ spec: type: string required: - repoURL - - path type: object required: - revision @@ -1490,6 +1516,8 @@ spec: - startedAt type: object reconciledAt: + description: ReconciledAt indicates when the application state was reconciled + using the latest git version format: date-time type: string resources: @@ -1553,6 +1581,9 @@ spec: type: object source: properties: + chart: + description: Chart is a Helm chart name + type: string directory: description: Directory holds path/directory specific options properties: @@ -1624,6 +1655,10 @@ spec: items: type: string type: array + values: + description: Values is Helm values, typically defined + as a block + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -1669,8 +1704,7 @@ spec: type: string type: object path: - description: Path is a directory path within the repository - containing a + description: Path is a directory path within the Git repository type: string plugin: description: ConfigManagementPlugin holds config management @@ -1694,7 +1728,7 @@ spec: type: string type: object repoURL: - description: RepoURL is the git repository URL of the application + description: RepoURL is the repository URL of the application manifests type: string targetRevision: @@ -1704,7 +1738,6 @@ spec: type: string required: - repoURL - - path type: object required: - source @@ -1726,3 +1759,4 @@ spec: - name: v1alpha1 served: true storage: true +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/crds/appproject-crd.yaml b/charts/argo-cd/templates/crds/appproject-crd.yaml index 61a0077b..2d14a52a 100644 --- a/charts/argo-cd/templates/crds/appproject-crd.yaml +++ b/charts/argo-cd/templates/crds/appproject-crd.yaml @@ -1,3 +1,4 @@ +{{- if .Values.installCRDs }} apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -434,6 +435,15 @@ spec: - kind type: object type: array + orphanedResources: + description: OrphanedResources specifies if controller should monitor + orphaned resources of apps in this project + properties: + warn: + description: Warn indicates if warning condition should be created + for apps which have orphaned resources + type: boolean + type: object roles: description: Roles are user defined RBAC roles associated with this project @@ -477,11 +487,51 @@ spec: type: object type: array sourceRepos: - description: SourceRepos contains list of git repository URLs which - can be used for deployment + description: SourceRepos contains list of repository URLs which can + be used for deployment items: type: string type: array + syncWindows: + description: SyncWindows controls when syncs can be run for apps in + this project + items: + properties: + applications: + description: Applications contains a list of applications that + the window will apply to + items: + type: string + type: array + clusters: + description: Clusters contains a list of clusters that the window + will apply to + items: + type: string + type: array + duration: + description: Duration is the amount of time the sync window will + be open + type: string + kind: + description: Kind defines if the window allows or blocks syncs + type: string + manualSync: + description: ManualSync enables manual syncs when they would otherwise + be blocked + type: boolean + namespaces: + description: Namespaces contains a list of namespaces that the + window will apply to + items: + type: string + type: array + schedule: + description: Schedule is the time the window will begin, specified + in cron format + type: string + type: object + type: array type: object required: - metadata @@ -491,3 +541,4 @@ spec: - name: v1alpha1 served: true storage: true +{{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index e0d243a1..6cddafcb 100644 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -28,7 +28,7 @@ spec: initContainers: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.pullPolicy }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} command: - cp - /usr/local/bin/argocd-util @@ -73,4 +73,4 @@ spec: volumes: {{- toYaml .Values.dex.volumes | nindent 8}} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 0cbfbb15..19ace947 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2,21 +2,25 @@ ## Ref: https://github.com/argoproj/argo-cd ## nameOverride: argocd +fullnameOverride: "" + +# Optional CRD installation for those without Helm hooks +installCRDs: true global: image: repository: argoproj/argocd - tag: v1.2.4 + tag: v1.3.0 imagePullPolicy: IfNotPresent ## Controller controller: name: application-controller - image: {} - # repository: argoproj/argocd - # tag: v1.2.1 - # imagePullPolicy: IfNotPresent + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent ## Argo controller commandline flags args: @@ -118,7 +122,10 @@ dex: repository: quay.io/dexidp/dex tag: v2.14.0 imagePullPolicy: IfNotPresent - initImage: {} + initImage: + repository: + tag: + imagePullPolicy: serviceAccount: create: true @@ -187,14 +194,17 @@ redis: # cpu: 100m # memory: 64Mi + volumeMounts: [] + volumes: [] + ## Server server: name: server - image: {} - # repository: argoproj/argocd - # tag: v1.2.1 - # imagePullPolicy: IfNotPresent + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server ## - key: value @@ -297,11 +307,13 @@ server: ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace ## - hosts: [] + hosts: + [] # - argocd.example.com paths: - - / - tls: [] + - / + tls: + [] # - secretName: argocd-example-tls # hosts: # - argocd.example.com @@ -321,10 +333,34 @@ server: url: https://argocd.example.com # Argo CD instance label key application.instanceLabelKey: argocd.argoproj.io/instance + # repositories: | + # - url: git@github.com:group/repo.git + # sshPrivateKeySecret: + # name: secret-name + # key: sshPrivateKey + # - type: helm + # url: https://kubernetes-charts.storage.googleapis.com + # name: stable + # - type: helm + # url: https://argoproj.github.io/argo-helm + # name: argo + # oidc.config: | + # name: AzureAD + # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 + # clientID: CLIENT_ID + # clientSecret: $oidc.azuread.clientSecret + # requestedIDTokenClaims: + # groups: + # essential: true + # requestedScopes: + # - openid + # - profile + # - email ## ArgoCD rbac config ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md - rbacConfig: {} + rbacConfig: + {} # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). # Policy rules are in the form: # p, subject, resource, action, object, effect @@ -340,7 +376,6 @@ server: # authorizing API requests (optional). If omitted or empty, users may be still be able to login, # but will see no apps, projects, etc... # policy.default: role:readonly - # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. # scopes: '[cognito:groups, email]' @@ -398,10 +433,10 @@ server: repoServer: name: repo-server - image: {} - # repository: argoproj/argocd - # tag: v1.2.1 - # imagePullPolicy: IfNotPresent + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server ## - key: value @@ -511,7 +546,8 @@ configs: gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - tlsCerts: {} + tlsCerts: + {} # data: # argocd.example.com: | # -----BEGIN CERTIFICATE----- From 5e0dcfe117d7513b25b786ad43e17164b21f01fb Mon Sep 17 00:00:00 2001 From: Abhishek Jaisingh Date: Tue, 26 Nov 2019 04:25:05 +0530 Subject: [PATCH 16/18] ArgoCD: Configure Repository Credentials in Values (#167) * ArgoCD: Configure Repository Credentials in Values * Argo CD Helm Chart: Add a Secret Resource in Repo Server for configuring Repository Credentials Change-Id: I64c343d3558a939d0faef795e62d4e258810bc67 * Minor formatting fix, add documentation. --- charts/argo-cd/Chart.yaml | 2 +- .../repository-credentials-secret.yaml | 18 ++++++++++++++++++ charts/argo-cd/values.yaml | 19 +++++++++++++++++++ 3 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a9b28699..f3e351ec 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.3.0" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.2.0 +version: 1.2.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml new file mode 100644 index 00000000..aed7700f --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml @@ -0,0 +1,18 @@ +{{- if .Values.configs.repositoryCredentials }} +apiVersion: v1 +kind: Secret +metadata: + name: argocd-repository-credentials + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.server.name }} +type: Opaque +data: +{{- range $key, $value := .Values.configs.repositoryCredentials }} + {{ $key }}: {{ $value | b64enc }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 19ace947..f697c192 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -584,6 +584,25 @@ configs: # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK # XWyb96wrUlv+E8I= # -----END CERTIFICATE----- + # Creates a secret with optional repository credentials + repositoryCredentials: + {} + # sample-ssh-key: | + # -----BEGIN RSA PRIVATE KEY----- + # MIICXAIBAAKBgQCcmiVJXGUvL8zqWmRRETbCKgFadtjJ9WDQpSwiZzMiktpYBo0N + # z0cThzGQfWqvdiJYEy72MrKCaSYssV3eHP5zTffk4VBDktNfdl1kgkOpqnh7tQO4 + # nBONRLzcK6KEbKUsmiTbW8Jb4UFYDhyyyveby7y3vYePmaRQIrlEenVfKwIDAQAB + # AoGAbbg+WZjnt9jYzHWKhZX29LDzg8ty9oT6URT4yB3gIOAdJMFqQHuyg8cb/e0x + # O0AcrfK623oHwgEj4vpeFwnfaBdtM5GfH9zaj6pnXV7VZc3oBHrBnHUgFT3NEYUe + # tt6rtatIguBH61Aj/pyij9sOfF0xDj0s1nwFTbdHtZR/31kCQQDIwcVTqhKkDNW6 + # cvdz+Wt3v9x1wNg+VhZhyA/pKILz3+qtn3GogLrQqhpVi+Y7tdvEv9FvgKaCjUp8 + # 6Lfp6dDFAkEAx7HpQbXFdrtcveOi9kosKRDX1PT4zdhB08jAXGlV8jr0jkrZazVM + # hV5rVCuu35Vh6x1fiyGwwiVsqhgWE+KPLwJAWrDemasM/LsnmjDxhJy6ZcBwsWlK + # xu5Q8h9UwLmiXtVayNBsofh1bGpLtzWZ7oN7ImidDkgJ8JQvgDoJS0xrGQJBALPJ + # FkMFnrjtqGqBVkc8shNqyZY90v6oM2OzupO4dht2PpUZCDPAMZtlTWXjSjabbCPc + # NxexBk1UmkdtFftjHxsCQGjG+nhRYH92MsmrbvZyFzgxg9SIOu6xel7D3Dq9l5Le + # XG+bpHPF4SiCpAxthP5WNa17zuvk+CDsMZgZNuhYNMo= + # -----END RSA PRIVATE KEY----- secret: createSecret: true githubSecret: "" From 26aea348312d37f8de7bae9bcade3510a55a7eaf Mon Sep 17 00:00:00 2001 From: Ryota Date: Mon, 25 Nov 2019 23:01:18 +0000 Subject: [PATCH 17/18] Correct the values.yaml comment for extra arg (#174) Extra arg handling changed in v1 release, and expects map rather than list --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f3e351ec..5ce46ded 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.3.0" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.2.1 +version: 1.2.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f697c192..dfd95c9b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -31,7 +31,7 @@ controller: logLevel: info ## Additional command line arguments to pass to argocd-controller - ## - key: value + ## key: value extraArgs: [] ## Annotations to be added to controller pods @@ -207,9 +207,9 @@ server: imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server - ## - key: value + ## key: value # extraArgs: [] - # - insecure: true + # insecure: true extraArgs: [] ## Argo server log level @@ -439,7 +439,7 @@ repoServer: imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server - ## - key: value + ## key: value extraArgs: [] ## Argo repoServer log level From 5330efa6d8401074e250f3ecd2741c0bfbb6b692 Mon Sep 17 00:00:00 2001 From: Alex Collins Date: Tue, 26 Nov 2019 13:12:54 -0800 Subject: [PATCH 18/18] Update CODEOWNERS (#175) --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 28539881..a4ca6084 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,7 +1,7 @@ # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners # Argo CD -/charts/argo-cd @seanson +/charts/argo-cd @seanson @spencergilbert # Argo Events /charts/argo-events @jbehling