diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 118f9a52..1a448072 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -11,7 +11,7 @@ Create argo workflows server name and version as used by the chart label. Create controller name and version as used by the chart label. */}} {{- define "argo-workflows.controller.fullname" -}} -{{- printf "%s-%s" (include "argo-workflows.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}} +{{- printf "%s-%s" (include "argo-workflows.fullname" .) .controller.name | trunc 63 | trimSuffix "-" -}} {{- end -}} {{/* @@ -55,7 +55,7 @@ image.tag = v3.4.4@sha256:d06860f1394a94ac3ff8401126ef32ba28915aa6c3c982c7e607ea output = v3.4.4 */}} {{- define "argo-workflows.controller_chart_version_label" -}} -{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag) "") "" | trunc 63 | quote -}} +{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-workflows.defaultTag" .) .controller.image.tag) "") "" | trunc 63 | quote -}} {{- end -}} {{/* @@ -101,7 +101,7 @@ app.kubernetes.io/component: {{ .component }} Create the name of the controller configMap */}} {{- define "argo-workflows.controller.config-map.name" -}} -{{- .Values.controller.configMap.name | default (printf "%s-%s" (include "argo-workflows.controller.fullname" .) "configmap") | trunc 63 | trimSuffix "-" -}} +{{- .controller.configMap.name | default (printf "%s-%s" (include "argo-workflows.controller.fullname" .) "configmap") | trunc 63 | trimSuffix "-" -}} {{- end -}} {{/* @@ -119,10 +119,10 @@ Create the name of the server service account to use Create the name of the controller service account to use */}} {{- define "argo-workflows.controllerServiceAccountName" -}} -{{- if .Values.controller.serviceAccount.create -}} - {{ default (include "argo-workflows.controller.fullname" .) .Values.controller.serviceAccount.name }} +{{- if .controller.serviceAccount.create -}} + {{ default (include "argo-workflows.controller.fullname" .) .controller.serviceAccount.name }} {{- else -}} - {{ default "default" .Values.controller.serviceAccount.name }} + {{ default "default" .serviceAccount.name }} {{- end -}} {{- end -}} diff --git a/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml index 81c1d0a7..03b775ac 100644 --- a/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml +++ b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml @@ -1,12 +1,16 @@ {{- range $cm_name, $cm_val := .Values.artifactRepositoryRef }} +{{ $controllers := deepCopy $.Values.controllers | merge (dict (include "argo-workflows.namespace" $) $.Values.controller) }} +{{ range $ns, $config := $controllers -}} +{{ $controller := deepCopy $.Values.controller | merge $config -}} +{{- $context := merge (dict "controller" $controller) $}} --- apiVersion: v1 kind: ConfigMap metadata: name: {{ $cm_name }} - namespace: {{ include "argo-workflows.namespace" $ | quote }} + namespace: {{ $ns | quote }} labels: - {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $cm_name) | nindent 4 }} + {{- include "argo-workflows.labels" (dict "context" $context "component" $controller.name "name" $cm_name) | nindent 4 }} {{- with $cm_val.annotations }} annotations: {{- toYaml . | nindent 4 }} @@ -17,3 +21,4 @@ data: {{- toYaml $data_val | nindent 4 }} {{- end }} {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml index 2a407b1b..b8963aea 100644 --- a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -1,10 +1,15 @@ {{- if .Values.createAggregateRoles }} +{{ $controllers := deepCopy $.Values.controllers | merge (dict (include "argo-workflows.namespace" $) $.Values.controller) }} +{{ range $ns, $config := $controllers -}} +{{ $controller := deepCopy $.Values.controller | merge $config -}} +{{- $context := merge (dict "controller" $controller) $}} +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-workflows.fullname" . }}-view + name: {{ template "argo-workflows.fullname" $context }}-view labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- include "argo-workflows.labels" (dict "context" $context "component" $controller.name "name" $controller.name) | nindent 4 }} rbac.authorization.k8s.io/aggregate-to-view: "true" rules: - apiGroups: @@ -30,6 +35,7 @@ rules: - get - list - watch +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 1b01b117..cb4a3cfc 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -1,17 +1,18 @@ {{- if .Values.controller.rbac.create }} +{{- $context := merge (dict "controller" $.Values.controller) . }} apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} +{{- if and .Values.singleNamespace (eq (len .Values.controllers) 0) }} kind: Role {{- else }} kind: ClusterRole {{- end }} metadata: - name: {{ template "argo-workflows.controller.fullname" . }} - {{- if .Values.singleNamespace }} + name: {{ template "argo-workflows.controller.fullname" $context }} + {{- if and .Values.singleNamespace (eq (len .Values.controllers) 0) }} namespace: {{ include "argo-workflows.namespace" . | quote }} {{- end }} labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- include "argo-workflows.labels" (dict "context" $context "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: - apiGroups: - "" @@ -203,9 +204,9 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template + name: {{ template "argo-workflows.controller.fullname" $context }}-cluster-template labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- include "argo-workflows.labels" (dict "context" $context "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: - apiGroups: - argoproj.io diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 1997d9d3..1f0eeb69 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -1,203 +1,209 @@ -{{- if .Values.controller.configMap.create }} +{{ $controllers := deepCopy .Values.controllers | merge (dict (include "argo-workflows.namespace" .) .Values.controller) }} +{{ range $ns, $config := $controllers -}} +{{ $controller := deepCopy $.Values.controller | merge $config -}} +{{- if $controller.configMap.create }} +{{- $context := merge (dict "controller" $controller) $}} +--- apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "argo-workflows.controller.config-map.name" . }} - namespace: {{ include "argo-workflows.namespace" . | quote }} + name: {{ template "argo-workflows.controller.config-map.name" $context }} + namespace: {{ $ns | quote }} labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} + {{- include "argo-workflows.labels" (dict "context" $context "component" $controller.name "name" "cm") | nindent 4 }} data: config: | - {{- if .Values.controller.instanceID.enabled }} - {{- if .Values.controller.instanceID.useReleaseName }} - instanceID: {{ .Release.Name }} + {{- if $controller.instanceID.enabled }} + {{- if $controller.instanceID.useReleaseName }} + instanceID: {{ $.Release.Name }} {{- else }} - instanceID: {{ .Values.controller.instanceID.explicitID }} + instanceID: {{ $controller.instanceID.explicitID }} {{- end }} {{- end }} - {{- if .Values.controller.parallelism }} - parallelism: {{ .Values.controller.parallelism }} + {{- if $controller.parallelism }} + parallelism: {{ $controller.parallelism }} {{- end }} - {{- if .Values.controller.resourceRateLimit }} - resourceRateLimit: {{- toYaml .Values.controller.resourceRateLimit | nindent 6 }} + {{- if $controller.resourceRateLimit }} + resourceRateLimit: {{- toYaml $controller.resourceRateLimit | nindent 6 }} {{- end }} - {{- with .Values.controller.namespaceParallelism }} + {{- with $controller.namespaceParallelism }} namespaceParallelism: {{ . }} {{- end }} - {{- with .Values.controller.initialDelay }} + {{- with $controller.initialDelay }} initialDelay: {{ . }} {{- end }} - {{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.envFrom .Values.mainContainer.securityContext}} + {{- if or $.Values.mainContainer.resources $.Values.mainContainer.env $.Values.mainContainer.envFrom $.Values.mainContainer.securityContext}} mainContainer: - imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.mainContainer.imagePullPolicy }} - {{- with .Values.mainContainer.resources }} + imagePullPolicy: {{ default (.Values.images.pullPolicy) $.Values.mainContainer.imagePullPolicy }} + {{- with $.Values.mainContainer.resources }} resources: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.mainContainer.env }} + {{- with $.Values.mainContainer.env }} env: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.mainContainer.envFrom }} + {{- with $.Values.mainContainer.envFrom }} envFrom: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.mainContainer.securityContext }} + {{- with $.Values.mainContainer.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if or .Values.executor.resources .Values.executor.env .Values.executor.args .Values.executor.securityContext}} + {{- if or $.Values.executor.resources $.Values.executor.env $.Values.executor.args $.Values.executor.securityContext}} executor: - imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.executor.image.pullPolicy }} - {{- with .Values.executor.resources }} + imagePullPolicy: {{ default ($.Values.images.pullPolicy) $.Values.executor.image.pullPolicy }} + {{- with $.Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.executor.args }} + {{- with $.Values.executor.args }} args: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.executor.env }} + {{- with $.Values.executor.env }} env: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.executor.securityContext }} + {{- with $.Values.executor.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if or .Values.artifactRepository.s3 .Values.artifactRepository.gcs .Values.artifactRepository.azure .Values.customArtifactRepository }} + {{- if or $.Values.artifactRepository.s3 $.Values.artifactRepository.gcs $.Values.artifactRepository.azure $.Values.customArtifactRepository }} artifactRepository: - {{- if .Values.artifactRepository.archiveLogs }} - archiveLogs: {{ .Values.artifactRepository.archiveLogs }} + {{- if $.Values.artifactRepository.archiveLogs }} + archiveLogs: {{ $.Values.artifactRepository.archiveLogs }} {{- end }} - {{- with .Values.artifactRepository.gcs }} + {{- with $.Values.artifactRepository.gcs }} gcs: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} - {{- with .Values.artifactRepository.azure }} + {{- with $.Values.artifactRepository.azure }} azure: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} - {{- if .Values.artifactRepository.s3 }} + {{- if $.Values.artifactRepository.s3 }} s3: - {{- if .Values.useStaticCredentials }} + {{- if $.Values.useStaticCredentials }} accessKeySecret: - key: {{ tpl .Values.artifactRepository.s3.accessKeySecret.key . }} - name: {{ tpl .Values.artifactRepository.s3.accessKeySecret.name . }} + key: {{ tpl $.Values.artifactRepository.s3.accessKeySecret.key . }} + name: {{ tpl $.Values.artifactRepository.s3.accessKeySecret.name . }} secretKeySecret: - key: {{ tpl .Values.artifactRepository.s3.secretKeySecret.key . }} - name: {{ tpl .Values.artifactRepository.s3.secretKeySecret.name . }} + key: {{ tpl $.Values.artifactRepository.s3.secretKeySecret.key . }} + name: {{ tpl $.Values.artifactRepository.s3.secretKeySecret.name . }} {{- end }} bucket: {{ tpl (.Values.artifactRepository.s3.bucket | default "") . }} endpoint: {{ tpl (.Values.artifactRepository.s3.endpoint | default "") . }} - insecure: {{ .Values.artifactRepository.s3.insecure }} - {{- if .Values.artifactRepository.s3.caSecret }} + insecure: {{ $.Values.artifactRepository.s3.insecure }} + {{- if $.Values.artifactRepository.s3.caSecret }} caSecret: - name: {{ tpl .Values.artifactRepository.s3.caSecret.name . }} - key: {{ tpl .Values.artifactRepository.s3.caSecret.key . }} + name: {{ tpl $.Values.artifactRepository.s3.caSecret.name . }} + key: {{ tpl $.Values.artifactRepository.s3.caSecret.key . }} {{- end }} - {{- if .Values.artifactRepository.s3.keyFormat }} - keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }} + {{- if $.Values.artifactRepository.s3.keyFormat }} + keyFormat: {{ $.Values.artifactRepository.s3.keyFormat | quote }} {{- end }} - {{- if .Values.artifactRepository.s3.region }} - region: {{ tpl .Values.artifactRepository.s3.region $ }} + {{- if $.Values.artifactRepository.s3.region }} + region: {{ tpl $.Values.artifactRepository.s3.region $ }} {{- end }} - {{- if .Values.artifactRepository.s3.roleARN }} - roleARN: {{ .Values.artifactRepository.s3.roleARN }} + {{- if $.Values.artifactRepository.s3.roleARN }} + roleARN: {{ $.Values.artifactRepository.s3.roleARN }} {{- end }} - {{- if .Values.artifactRepository.s3.useSDKCreds }} - useSDKCreds: {{ .Values.artifactRepository.s3.useSDKCreds }} + {{- if $.Values.artifactRepository.s3.useSDKCreds }} + useSDKCreds: {{ $.Values.artifactRepository.s3.useSDKCreds }} {{- end }} - {{- with .Values.artifactRepository.s3.encryptionOptions }} + {{- with $.Values.artifactRepository.s3.encryptionOptions }} encryptionOptions: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- if .Values.customArtifactRepository }} - {{- toYaml .Values.customArtifactRepository | nindent 6 }} + {{- if $.Values.customArtifactRepository }} + {{- toYaml $.Values.customArtifactRepository | nindent 6 }} {{- end }} {{- end }} - {{- if .Values.controller.metricsConfig.enabled }} + {{- if $controller.metricsConfig.enabled }} metricsConfig: - enabled: {{ .Values.controller.metricsConfig.enabled }} - path: {{ .Values.controller.metricsConfig.path }} - port: {{ .Values.controller.metricsConfig.port }} - {{- if .Values.controller.metricsConfig.metricsTTL }} - metricsTTL: {{ .Values.controller.metricsConfig.metricsTTL }} + enabled: {{ $controller.metricsConfig.enabled }} + path: {{ $controller.metricsConfig.path }} + port: {{ $controller.metricsConfig.port }} + {{- if $controller.metricsConfig.metricsTTL }} + metricsTTL: {{ $controller.metricsConfig.metricsTTL }} {{- end }} - ignoreErrors: {{ .Values.controller.metricsConfig.ignoreErrors }} - secure: {{ .Values.controller.metricsConfig.secure }} + ignoreErrors: {{ $controller.metricsConfig.ignoreErrors }} + secure: {{ $controller.metricsConfig.secure }} {{- end }} - {{- if .Values.controller.telemetryConfig.enabled }} + {{- if $controller.telemetryConfig.enabled }} telemetryConfig: - enabled: {{ .Values.controller.telemetryConfig.enabled }} - path: {{ .Values.controller.telemetryConfig.path }} - port: {{ .Values.controller.telemetryConfig.port }} - {{- if .Values.controller.telemetryConfig.metricsTTL }} - metricsTTL: {{ .Values.controller.telemetryConfig.metricsTTL }} + enabled: {{ $controller.telemetryConfig.enabled }} + path: {{ $controller.telemetryConfig.path }} + port: {{ $controller.telemetryConfig.port }} + {{- if $controller.telemetryConfig.metricsTTL }} + metricsTTL: {{ $controller.telemetryConfig.metricsTTL }} {{- end }} - ignoreErrors: {{ .Values.controller.telemetryConfig.ignoreErrors }} - secure: {{ .Values.controller.telemetryConfig.secure }} + ignoreErrors: {{ $controller.telemetryConfig.ignoreErrors }} + secure: {{ $controller.telemetryConfig.secure }} {{- end }} - {{- if .Values.controller.persistence }} + {{- if $controller.persistence }} persistence: -{{ toYaml .Values.controller.persistence | indent 6 }}{{- end }} - {{- if .Values.controller.workflowDefaults }} +{{ toYaml $controller.persistence | indent 6 }}{{- end }} + {{- if $controller.workflowDefaults }} workflowDefaults: -{{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} - {{- if .Values.server.sso.enabled }} +{{ toYaml $controller.workflowDefaults | indent 6 }}{{- end }} + {{- if $.Values.server.sso.enabled }} sso: - issuer: {{ .Values.server.sso.issuer }} + issuer: {{ $.Values.server.sso.issuer }} clientId: - name: {{ .Values.server.sso.clientId.name }} - key: {{ .Values.server.sso.clientId.key }} + name: {{ $.Values.server.sso.clientId.name }} + key: {{ $.Values.server.sso.clientId.key }} clientSecret: - name: {{ .Values.server.sso.clientSecret.name }} - key: {{ .Values.server.sso.clientSecret.key }} - redirectUrl: {{ .Values.server.sso.redirectUrl | quote }} + name: {{ $.Values.server.sso.clientSecret.name }} + key: {{ $.Values.server.sso.clientSecret.key }} + redirectUrl: {{ $.Values.server.sso.redirectUrl | quote }} rbac: - enabled: {{ .Values.server.sso.rbac.enabled }} - {{- with .Values.server.sso.scopes }} + enabled: {{ $.Values.server.sso.rbac.enabled }} + {{- with $.Values.server.sso.scopes }} scopes: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.sso.issuerAlias }} + {{- with $.Values.server.sso.issuerAlias }} issuerAlias: {{ toYaml . }} {{- end }} - {{- with .Values.server.sso.sessionExpiry }} + {{- with $.Values.server.sso.sessionExpiry }} sessionExpiry: {{ toYaml . }} {{- end }} - {{- with .Values.server.sso.customGroupClaimName }} + {{- with $.Values.server.sso.customGroupClaimName }} customGroupClaimName: {{ toYaml . }} {{- end }} - {{- with .Values.server.sso.userInfoPath }} + {{- with $.Values.server.sso.userInfoPath }} userInfoPath: {{ toYaml . }} {{- end }} - {{- with .Values.server.sso.insecureSkipVerify }} + {{- with $.Values.server.sso.insecureSkipVerify }} insecureSkipVerify: {{ toYaml . }} {{- end }} - {{- with .Values.server.sso.filterGroupsRegex }} + {{- with $.Values.server.sso.filterGroupsRegex }} filterGroupsRegex: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- with .Values.controller.workflowRestrictions }} + {{- with $controller.workflowRestrictions }} workflowRestrictions: {{- toYaml . | nindent 6 }} {{- end }} - {{- with .Values.controller.links }} + {{- with $controller.links }} links: {{- toYaml . | nindent 6 }} {{- end }} - {{- with .Values.controller.columns }} + {{- with $controller.columns }} columns: {{- toYaml . | nindent 6 }} {{- end }} - {{- with .Values.controller.navColor }} + {{- with $controller.navColor }} navColor: {{ . }} {{- end }} - {{- with .Values.controller.retentionPolicy }} + {{- with $controller.retentionPolicy }} retentionPolicy: {{- toYaml . | nindent 6 }} {{- end }} - {{- with .Values.emissary.images }} + {{- with $.Values.emissary.images }} images: {{- toYaml . | nindent 6 }} {{- end }} nodeEvents: - enabled: {{ .Values.controller.nodeEvents.enabled }} - {{- with .Values.controller.kubeConfig }} + enabled: {{ $controller.nodeEvents.enabled }} + {{- with $controller.kubeConfig }} kubeConfig: {{- toYaml . | nindent 6 }} {{- end }} - {{- with .Values.controller.podGCGracePeriodSeconds }} + {{- with $controller.podGCGracePeriodSeconds }} podGCGracePeriodSeconds: {{ . }} {{- end }} - {{- with .Values.controller.podGCDeleteDelayDuration }} + {{- with $controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} {{- end }} +{{ end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index 69883f60..553ea4ee 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -1,45 +1,51 @@ {{- if .Values.controller.rbac.create }} +{{- $context := merge (dict "controller" $.Values.controller) . }} +{{- $namespaces := keys (.Values.controllers | default (dict (include "argo-workflows.namespace" .) .Values.controller)) }} apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} +{{- if and .Values.singleNamespace (eq (len .Values.controllers) 0) }} kind: RoleBinding {{ else }} kind: ClusterRoleBinding {{- end }} metadata: - name: {{ template "argo-workflows.controller.fullname" . }} - {{- if .Values.singleNamespace }} + name: {{ template "argo-workflows.controller.fullname" $context }} + {{- if and .Values.singleNamespace (eq (len .Values.controllers) 0) }} namespace: {{ include "argo-workflows.namespace" . | quote }} {{- end }} labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- include "argo-workflows.labels" (dict "context" $context "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io - {{- if .Values.singleNamespace }} + {{- if and .Values.singleNamespace (eq (len .Values.controllers) 0) }} kind: Role {{ else }} kind: ClusterRole {{- end }} - name: {{ template "argo-workflows.controller.fullname" . }} + name: {{ template "argo-workflows.controller.fullname" $context }} subjects: + {{ range $ns := $namespaces -}} - kind: ServiceAccount - name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ include "argo-workflows.namespace" . | quote }} + name: {{ template "argo-workflows.controllerServiceAccountName" $context }} + namespace: {{ $ns | quote }} + {{ end }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template + name: {{ template "argo-workflows.controller.fullname" $context }}-cluster-template labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- include "argo-workflows.labels" (dict "context" $context "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template + name: {{ template "argo-workflows.controller.fullname" $context }}-cluster-template subjects: + {{ range $ns := $namespaces -}} - kind: ServiceAccount - name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ include "argo-workflows.namespace" . | quote }} + name: {{ template "argo-workflows.controllerServiceAccountName" $context }} + namespace: {{ $ns | quote }} + {{ end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml index bee7c199..b71a17a0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -1,20 +1,25 @@ -{{- if .Values.controller.pdb.enabled }} +{{ $controllers := deepCopy $.Values.controllers | merge (dict (include "argo-workflows.namespace" $) $.Values.controller) }} +{{ range $ns, $config := $controllers -}} +{{ $controller := deepCopy $.Values.controller | merge $config -}} +{{- $context := merge (dict "controller" $controller) $}} +{{- if $controller.pdb.enabled }} apiVersion: policy/v1 kind: PodDisruptionBudget metadata: - name: {{ template "argo-workflows.controller.fullname" . }} - namespace: {{ include "argo-workflows.namespace" . | quote }} + name: {{ template "argo-workflows.controller.fullname" $context }} + namespace: {{ $ns | quote }} labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- include "argo-workflows.labels" (dict "context" $context "component" $controller.name "name" $controller.name) | nindent 4 }} spec: - {{- if .Values.controller.pdb.minAvailable }} - minAvailable: {{ .Values.controller.pdb.minAvailable }} - {{- else if .Values.controller.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} + {{- if $controller.pdb.minAvailable }} + minAvailable: {{ $controller.pdb.minAvailable }} + {{- else if $controller.pdb.maxUnavailable }} + maxUnavailable: {{ $controller.pdb.maxUnavailable }} {{- else }} minAvailable: 0 {{- end }} selector: matchLabels: - {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} + {{- include "argo-workflows.selectorLabels" (dict "context" $context "name" $controller.name) | nindent 6 }} +{{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index b3db5f4e..7317decf 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -1,83 +1,88 @@ +{{ $controllers := .Values.controllers | default (dict (include "argo-workflows.namespace" .) .Values.controller) -}} +{{ range $ns, $config := $controllers -}} +{{ $controller := deepCopy $.Values.controller | merge $config -}} +{{- $context := merge (dict "controller" $controller) $ }} +--- apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "argo-workflows.controller.fullname" . }} - namespace: {{ include "argo-workflows.namespace" . | quote }} + name: {{ template "argo-workflows.controller.fullname" $context }} + namespace: {{ $ns | quote }} labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} - {{- with .Values.controller.deploymentAnnotations }} + {{- include "argo-workflows.labels" (dict "context" $ "component" $controller.name "name" $controller.name) | nindent 4 }} + app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" $context }} + {{- with $controller.deploymentAnnotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: - replicas: {{ .Values.controller.replicas }} - revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }} + replicas: {{ $controller.replicas }} + revisionHistoryLimit: {{ $controller.revisionHistoryLimit }} selector: matchLabels: - {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} + {{- include "argo-workflows.selectorLabels" (dict "context" $ "name" $controller.name) | nindent 6 }} template: metadata: labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} - app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} - {{- with.Values.controller.podLabels }} + {{- include "argo-workflows.labels" (dict "context" $context "component" $controller.name "name" $controller.name) | nindent 8 }} + app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" $context }} + {{- with $controller.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.podAnnotations }} + {{- with $controller.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} spec: - serviceAccountName: {{ template "argo-workflows.controllerServiceAccountName" . }} - {{- with .Values.controller.podSecurityContext }} + serviceAccountName: {{ template "argo-workflows.controllerServiceAccountName" $context }} + {{- with $controller.podSecurityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.extraInitContainers }} + {{- with $controller.extraInitContainers }} initContainers: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} containers: - name: controller - image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} + image: "{{- include "argo-workflows.image" (dict "context" $context "image" $controller.image) }}:{{ default (include "argo-workflows.defaultTag" $context) $controller.image.tag }}" + imagePullPolicy: {{ $.Values.images.pullPolicy }} command: [ "workflow-controller" ] args: - "--configmap" - - "{{ template "argo-workflows.controller.config-map.name" . }}" + - "{{ template "argo-workflows.controller.config-map.name" $context }}" - "--executor-image" - - "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" + - "{{- include "argo-workflows.image" (dict "context" $context "image" $.Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" $context) $.Values.executor.image.tag }}" - "--loglevel" - - "{{ .Values.controller.logging.level }}" + - "{{ $controller.logging.level }}" - "--gloglevel" - - "{{ .Values.controller.logging.globallevel }}" + - "{{ $controller.logging.globallevel }}" - "--log-format" - - "{{ .Values.controller.logging.format }}" - {{- if .Values.singleNamespace }} + - "{{ $controller.logging.format }}" + {{- if $.Values.singleNamespace }} - "--namespaced" {{- end }} - {{- with .Values.controller.workflowWorkers }} + {{- with $controller.workflowWorkers }} - "--workflow-workers" - {{ . | quote }} {{- end }} - {{- with .Values.controller.workflowTTLWorkers }} + {{- with $controller.workflowTTLWorkers }} - "--workflow-ttl-workers" - {{ . | quote }} {{- end }} - {{- with .Values.controller.podCleanupWorkers }} + {{- with $controller.podCleanupWorkers }} - "--pod-cleanup-workers" - {{ . | quote }} {{- end }} - {{- with .Values.controller.cronWorkflowWorkers }} + {{- with $controller.cronWorkflowWorkers }} - "--cron-workflow-workers" - {{ . | quote }} {{- end }} - {{- with .Values.controller.extraArgs }} + {{- with $controller.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} securityContext: - {{- toYaml .Values.controller.securityContext | nindent 12 }} + {{- toYaml $controller.securityContext | nindent 12 }} env: - name: ARGO_NAMESPACE valueFrom: @@ -89,58 +94,59 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.name - {{- if eq (int .Values.controller.replicas) 1 }} + {{- if eq (int $controller.replicas) 1 }} - name: LEADER_ELECTION_DISABLE value: "true" {{- end }} - {{- with .Values.controller.extraEnv }} + {{- with $controller.extraEnv }} {{- toYaml . | nindent 12 }} {{- end }} resources: - {{- toYaml .Values.controller.resources | nindent 12 }} - {{- with .Values.controller.volumeMounts }} + {{- toYaml $controller.resources | nindent 12 }} + {{- with $controller.volumeMounts }} volumeMounts: {{- toYaml . | nindent 10 }} {{- end }} ports: - - name: {{ .Values.controller.metricsConfig.portName }} - containerPort: {{ .Values.controller.metricsConfig.port }} + - name: {{ $controller.metricsConfig.portName }} + containerPort: {{ $controller.metricsConfig.port }} - containerPort: 6060 - livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }} - {{- with .Values.controller.extraContainers }} + livenessProbe: {{ $controller.livenessProbe | toYaml | nindent 12 }} + {{- with $controller.extraContainers }} {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.images.pullSecrets }} + {{- with $.Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.volumes }} + {{- with $controller.volumes }} volumes: {{- toYaml . | nindent 6 }} {{- end }} - {{- with .Values.controller.nodeSelector }} + {{- with $controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.tolerations }} + {{- with $controller.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.affinity }} + {{- with $controller.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.topologySpreadConstraints }} + {{- with $controller.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} {{- if not $constraint.labelSelector }} labelSelector: matchLabels: - {{- include "argo-workflows.selectorLabels" (dict "context" $ "name" $.Values.controller.name) | nindent 12 }} + {{- include "argo-workflows.selectorLabels" (dict "context" $ "name" $controller.name) | nindent 12 }} {{- end }} {{- end }} {{- end }} - {{- with .Values.controller.priorityClassName }} + {{- with $controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index fd1db89f..d0fd5a1d 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -1,16 +1,22 @@ {{- if .Values.controller.serviceAccount.create }} +{{ $controllers := .Values.controllers | default (dict (include "argo-workflows.namespace" .) .Values.controller) -}} +{{ range $ns, $config := $controllers -}} +{{ $controller := deepCopy $.Values.controller | merge $config -}} +{{- $context := merge (dict "controller" $controller) $ }} +--- apiVersion: v1 kind: ServiceAccount metadata: - name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ include "argo-workflows.namespace" . | quote }} + name: {{ template "argo-workflows.controllerServiceAccountName" $context }} + namespace: {{ $ns | quote }} labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - {{- with .Values.controller.serviceAccount.labels }} + {{- include "argo-workflows.labels" (dict "context" $context "component" $controller.name "name" $controller.name) | nindent 4 }} + {{- with $controller.serviceAccount.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{ with .Values.controller.serviceAccount.annotations }} + {{ with $controller.serviceAccount.annotations }} annotations: {{- toYaml .| nindent 4 }} {{- end }} {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 51362c4f..321bb3e8 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -1,39 +1,45 @@ -{{- if or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled }} +{{ $controllers := deepCopy $.Values.controllers | merge (dict (include "argo-workflows.namespace" $) $.Values.controller) }} +{{ range $ns, $config := $controllers -}} +{{ $controller := deepCopy $.Values.controller | merge $config -}} +{{- $context := merge (dict "controller" $controller) $}} +{{- if or $controller.metricsConfig.enabled $controller.telemetryConfig.enabled }} +--- apiVersion: v1 kind: Service metadata: - name: {{ template "argo-workflows.controller.fullname" . }} - namespace: {{ include "argo-workflows.namespace" . | quote }} + name: {{ template "argo-workflows.controller.fullname" $context }} + namespace: {{ $ns | quote }} labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} - {{- with .Values.controller.serviceLabels }} + {{- include "argo-workflows.labels" (dict "context" $context "component" $controller.name "name" $controller.name) | nindent 4 }} + app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" $context }} + {{- with $controller.serviceLabels }} {{ toYaml . | nindent 4 }} {{- end }} - {{- with .Values.controller.serviceAnnotations }} + {{- with $controller.serviceAnnotations }} annotations: {{- toYaml . | nindent 4}} {{- end }} spec: ports: - {{- if .Values.controller.metricsConfig.enabled }} - - name: {{ .Values.controller.metricsConfig.servicePortName }} - port: {{ .Values.controller.metricsConfig.servicePort }} + {{- if $controller.metricsConfig.enabled }} + - name: {{ $controller.metricsConfig.servicePortName }} + port: {{ $controller.metricsConfig.servicePort }} protocol: TCP - targetPort: {{ .Values.controller.metricsConfig.port }} + targetPort: {{ $controller.metricsConfig.port }} {{- end }} - {{- if .Values.controller.telemetryConfig.enabled }} - - name: {{ .Values.controller.telemetryConfig.servicePortName }} - port: {{ .Values.controller.telemetryConfig.servicePort }} + {{- if $controller.telemetryConfig.enabled }} + - name: {{ $controller.telemetryConfig.servicePortName }} + port: {{ $controller.telemetryConfig.servicePort }} protocol: TCP - targetPort: {{ .Values.controller.telemetryConfig.port }} + targetPort: {{ $controller.telemetryConfig.port }} {{- end }} selector: - {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} + {{- include "argo-workflows.selectorLabels" (dict "context" $context "name" $controller.name) | nindent 4 }} sessionAffinity: None - type: {{ .Values.controller.serviceType }} - {{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }} + type: {{ $controller.serviceType }} + {{- if and (eq $controller.serviceType "LoadBalancer") $controller.loadBalancerSourceRanges }} loadBalancerSourceRanges: - {{- toYaml .Values.controller.loadBalancerSourceRanges | nindent 4 }} + {{- toYaml $controller.loadBalancerSourceRanges | nindent 4 }} {{- end }} {{- end -}} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index df318fc2..2c41844e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -1,50 +1,52 @@ {{- if and (or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled) .Values.controller.serviceMonitor.enabled }} +{{ $namespaces := keys (deepCopy $.Values.controllers | merge (dict (include "argo-workflows.namespace" $) $.Values.controller)) }} +{{- $context := merge (dict "controller" $.Values.controller) $ }} + apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: - name: {{ template "argo-workflows.controller.fullname" . }} - namespace: {{ default (include "argo-workflows.namespace" .) .Values.controller.serviceMonitor.namespace | quote }} + name: {{ template "argo-workflows.controller.fullname" $context }} + namespace: {{ default (include "argo-workflows.namespace" $) $.Values.controller.serviceMonitor.namespace | quote }} labels: - {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - {{- with .Values.controller.serviceMonitor.additionalLabels }} + {{- include "argo-workflows.labels" (dict "context" $context "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} + {{- with $.Values.controller.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: - {{- if .Values.controller.metricsConfig.enabled }} - - port: {{ .Values.controller.metricsConfig.servicePortName }} - path: {{ .Values.controller.metricsConfig.path }} + {{- if $.Values.controller.metricsConfig.enabled }} + - port: {{ $.Values.controller.metricsConfig.servicePortName }} + path: {{ $.Values.controller.metricsConfig.path }} interval: 30s - {{- with .Values.controller.metricsConfig.relabelings }} + {{- with $.Values.controller.metricsConfig.relabelings }} relabelings: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.metricsConfig.metricRelabelings }} + {{- with $.Values.controller.metricsConfig.metricRelabelings }} metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if .Values.controller.telemetryConfig.enabled }} + {{- if $.Values.controller.telemetryConfig.enabled }} - port: telemetry - path: {{ .Values.controller.telemetryConfig.path }} + path: {{ $.Values.controller.telemetryConfig.path }} interval: 30s - {{- with .Values.controller.metricsConfig.relabelings }} + {{- with $.Values.controller.metricsConfig.relabelings }} relabelings: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.metricsConfig.metricRelabelings }} + {{- with $.Values.controller.metricsConfig.metricRelabelings }} metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- with .Values.controller.metricsConfig.targetLabels }} + {{- with $.Values.controller.metricsConfig.targetLabels }} targetLabels: {{- toYaml . | nindent 8 }} {{- end }} namespaceSelector: - matchNames: - - {{ include "argo-workflows.namespace" . | quote }} + matchNames: {{ $namespaces | toYaml | nindent 6 }} selector: matchLabels: - {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} + {{- include "argo-workflows.selectorLabels" (dict "context" $context "name" $.Values.controller.name) | nindent 6 }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 4402a722..bac28c41 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,5 +1,11 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} +{{- $controllers := .Values.controllers | default (dict (include "argo-workflows.namespace" .) .Values.controller) }} +{{- $workflowNamespaces := default list }} +{{- range $config := values $controllers }} +{{- $controller := deepCopy $.Values.controller | merge $config }} +{{- $workflowNamespaces = concat $workflowNamespaces $controller.workflowNamespaces }} +{{- end }} +{{- range $ns := $workflowNamespaces }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -7,7 +13,7 @@ metadata: name: {{ template "argo-workflows.fullname" $ }}-workflow labels: {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} - {{- with $namespace }} + {{- with $ns }} namespace: {{ . }} {{- end }} roleRef: @@ -17,7 +23,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ $.Values.workflow.serviceAccount.name }} - {{- with $namespace }} + {{- with $ns }} namespace: {{ . }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 14265372..6b3b1966 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,5 +1,11 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} +{{- $controllers := .Values.controllers | default (dict (include "argo-workflows.namespace" .) .Values.controller) }} +{{- $workflowNamespaces := default list }} +{{- range $config := values $controllers }} +{{- $controller := deepCopy $.Values.controller | merge $config }} +{{- $workflowNamespaces = concat $workflowNamespaces $controller.workflowNamespaces }} +{{- end }} +{{- range $ns := $workflowNamespaces }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -7,7 +13,7 @@ metadata: name: {{ template "argo-workflows.fullname" $ }}-workflow labels: {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} - {{- with $namespace }} + {{- with $ns }} namespace: {{ . }} {{- end }} rules: diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index c6fff691..fa79cce5 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,5 +1,11 @@ {{- if .Values.workflow.serviceAccount.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} +{{- $controllers := .Values.controllers | default (dict (include "argo-workflows.namespace" .) .Values.controller) }} +{{- $workflowNamespaces := default list }} +{{- range $config := values $controllers }} +{{- $controller := deepCopy $.Values.controller | merge $config }} +{{- $workflowNamespaces = concat $workflowNamespaces $controller.workflowNamespaces }} +{{- end }} +{{- range $ns := $workflowNamespaces }} --- apiVersion: v1 kind: ServiceAccount @@ -10,7 +16,7 @@ metadata: {{- with $.Values.workflow.serviceAccount.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with $namespace }} + {{- with $ns }} namespace: {{ . }} {{- end }} {{- with $.Values.workflow.serviceAccount.annotations }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index a4b8df7b..b73cba2f 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -53,7 +53,7 @@ spec: {{- toYaml .Values.server.securityContext | nindent 12 }} args: - server - - --configmap={{ template "argo-workflows.controller.config-map.name" . }} + - --configmap={{ template "argo-workflows.controller.config-map.name" merge (dict "controller" .Values.controller) . }} {{- with .Values.server.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 0f2d6ca7..31f3af7f 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -396,6 +396,9 @@ controller: # @default -- `5s` (Argo Workflows default) podGCDeleteDelayDuration: "" +# namespace => controller-config map that to describes namespaced instances config, which overrides default controller config +controllers: {} + # mainContainer adds default config for main container that could be overriden in workflows template mainContainer: # -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`.