init v1.0.0 (#129)

CONTRIBUTING.md

@@ -26,7 +26,7 @@ Minimally:
 
 ```
 helm install charts/argo-cd --namespace argocd -n argo-cd
-kubectl port-forward svc/argocd-server -n argocd 8080:443
+kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443
 ```
 
 In a new terminal:
@@ -40,6 +40,8 @@ kubectl -n argocd patch secret argocd-secret \
     "admin.passwordMtime": "'$(date +%FT%T%Z)'"
   }}'
 argocd login localhost:8080 --username admin --password 'Password1!'
+
+# WARNING: server certificate had error: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y
 ```
 
 Create and sync app:

charts/argo-cd/.helmignore

@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj

charts/argo-cd/Chart.yaml

@@ -1,6 +1,16 @@
 apiVersion: v1
 appVersion: "1.2.4"
-description: A Helm chart for Argo-CD
+description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 0.7.2
+version: 1.0.0
+home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
+keywords:
+  - argoproj
+  - argocd
+  - gitops
+maintainers:
+  - name: alexec
+  - name: alexmt
+  - name: jessesuen
+  - name: seanson

charts/argo-cd/README.md

@@ -1,5 +1,12 @@
-# Argo CD Chart
+Argo CD Chart
+======
+A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 
+Current chart version is `1.0.0`
+
+Source code can be found [here](https://argoproj.github.io/argo-cd/)
+
+## Additional Information
 This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes.
 
 The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases).
@@ -19,73 +26,201 @@ $ helm repo add argo https://argoproj.github.io/argo-helm
 $ helm install --name my-release argo/argo-cd
 ```
 
+
 ## Chart Values
 
-| Key                                    | Type   | Default                | Description                                                                                                                                                                                                                                                                   |
+| Parameter | Description | Default |
-| -------------------------------------- | ------ | ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+|-----|------|---------|
-| applicationController.containerPort    | int    | `8082`                 | Container port for application controller server and metrics                                                                                                                                                                                                                  |
+| global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` |
-| applicationController.image.pullPolicy | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` |
-| applicationController.image.repository | string | `"argoproj/argocd"`    | Docker image repo                                                                                                                                                                                                                                                             |
+| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.2.3"` |
-| applicationController.image.tag        | string | `"v1.2.4"`             | Docker image tag                                                                                                                                                                                                                                                              |
+| nameOverride | Provide a name in place of `argocd` | `"argocd"` |
-| applicationController.servicePort      | int    | `8082`                 | Service port for applicaiton controller server                                                                                                                                                                                                                                |
+| configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) |
-| applicationController.volumeMounts     | list   | `[]`                   | Additional volume mounts                                                                                                                                                                                                                                                      |
+| configs.secret.bitbucketSecret | BitBucket incoming webhook secret | `""` |
-| applicationController.volumes          | list   | `[]`                   | Additional volumes                                                                                                                                                                                                                                                            |
+| configs.secret.createSecret | Create the argocd-secret. | `true` |
-| certificate.enabled                    | bool   | `false`                | Enable certificate (requires cert-manager)                                                                                                                                                                                                                                    |
+| configs.secret.githubSecret | GitHub incoming webhook secret | `""` |
-| clusterAdminAccess.enabled             | bool   | `true`                 | Standard Argo CD installation with cluster-admin access. Set this true if you plan to use Argo CD to deploy applications in the same cluster that Argo CD runs in (i.e. kubernetes.svc.default). Will still be able to deploy to external clusters with inputted credentials. |
+| configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` |
-| config.configManagementPlugins         | string | `nil`                  | List of custom config management plugins, see [values.yaml](./values.yaml) for format                                                                                                                                                                                         |
+| configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) |
-| config.createSecret                    | bool   | `true`                 | Creates the argocd-secret secret, set to false to manage externally                                                                                                                                                                                                           |
+
-| config.dexConfig                       | string | `nil`                  | Configuration for external auth and URL, see [values.yaml](./values.yaml) for format                                                                                                                                                                                          |
+## ArgoCD Controller
-| config.helmRepositories                | string | `nil`                  | Configuration for external Helm charts, see [values.yaml](./values.yaml) for format                                                                                                                                                                                           |
+
-| config.oidcConfig                      | string | `nil`                  | Configuration for OpenID connect, see [values.yaml](./values.yaml) for format                                                                                                                                                                                                 |
+| Key | Type | Default | Description |
-| config.repositories                    | string | `nil`                  | Configuration for remote Git repositories for Applications, see [values.yaml](./values.yaml) for format                                                                                                                                                                       |
+|-----|------|---------|-------------|
-| config.resourceCustomizations          | string | `nil`                  | resourceCustomizations can be used to create custom health checks for resources [https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/health.md#way-1-define-a-custom-health-check-in-argocd-cm-configmap]                                                    |
+| controller.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
-| config.url                             | string | `nil`                  | External URL for ArgoCD                                                                                                                                                                                                                                                       |
+| controller.args.operationProcessors | define the controller `--operation-processors` | `"10"` |
-| config.instanceLabelKey                | string | `nil`                  | Custom instance label key                                                                                                                                                                                                                                                     |
+| controller.args.statusProcessors | define the controller `--status-processors` | `"20"` |
-| config.webhook.bitbucketSecret         | string | `nil`                  | BitBucket incoming webhook secret                                                                                                                                                                                                                                             |
+| controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` |
-| config.webhook.githubSecret            | string | `nil`                  | GitHub incoming webhook secret                                                                                                                                                                                                                                                |
+| controller.containerPort | Controller listening port. | `8082` |
-| config.webhook.gitlabSecret            | string | `nil`                  | GitLab incoming webhook secret                                                                                                                                                                                                                                                |
+| controller.extraArgs | Additional arguments for the controller. | `[]` |
-| dexServer.containerPortGrpc            | int    | `5557`                 | Container port for Dex Server GRPC                                                                                                                                                                                                                                            |
+| controller.image.repository | Repository to use for the controller | `global.image.repository` |
-| dexServer.containerPortHttp            | int    | `5556`                 | Container port for Dex Server HTTP                                                                                                                                                                                                                                            |
+| controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` |
-| dexServer.image.pullPolicy             | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| controller.image.tag | Tag to use for the controller | `global.image.tag` |
-| dexServer.image.repository             | string | `"quay.io/dexidp/dex"` | Docker image repo                                                                                                                                                                                                                                                             |
+| controller.livenessProbe.failureThreshold | int | `3` |
-| dexServer.image.tag                    | string | `"v2.12.0"`            | Docker image tag                                                                                                                                                                                                                                                              |
+| controller.livenessProbe.initialDelaySeconds | int | `10` |
-| dexServer.initImage.pullPolicy         | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| controller.livenessProbe.periodSeconds | int | `10` |
-| dexServer.initImage.repository         | string | `"argoproj/argocd"`    | Docker image repo                                                                                                                                                                                                                                                             |
+| controller.livenessProbe.successThreshold | int | `1` |
-| dexServer.initImage.tag                | string | `"v1.2.0"`             | Docker image tag                                                                                                                                                                                                                                                              |
+| controller.livenessProbe.timeoutSeconds | int | `1` |
-| dexServer.servicePortGrpc              | int    | `5557`                 | Service port for Dex Server GRPC                                                                                                                                                                                                                                              |
+| controller.logLevel | Controller log level | `"info"` |
-| dexServer.servicePortHttp              | int    | `5556`                 | Service port for Dex Server GRPC                                                                                                                                                                                                                                              |
+| controller.metrics.enabled | Deploy metrics service | `false` |
-| dexServer.volumeMounts                 | list   | `[]`                   | Additional volume mounts                                                                                                                                                                                                                                                      |
+| controller.metrics.service.annotations | Metrics service annotations | `{}` |
-| dexServer.volumes                      | list   | `[]`                   | Additional volumes                                                                                                                                                                                                                                                            |
+| controller.metrics.service.labels | Metrics service labels | `{}` |
-| ingress.additionalHosts                | list   | `[]`                   | Ingress additional hosts                                                                                                                                                                                                                                                      |
+| controller.metrics.service.servicePort | Metrics service port | `8082` |
-| ingress.annotations                    | object | `{}`                   | Annotations for ingress object, set `nginx.ingress.kubernetes.io/force-ssl-redirect: "true"` and `nginx.ingress.kubernetes.io/ssl-passthrough: "true"` if serving GRPC and HTTPS on the same ingress                                                                          |
+| controller.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
-| ingress.enabled                        | bool   | `false`                | Enable ingress                                                                                                                                                                                                                                                                |
+| controller.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
-| ingress.tls                            | object | `{}`                   | Ingress TLS configuration                                                                                                                                                                                                                                                     |
+| controller.name | Controller name string. | `"application-controller"` |
-| rbac.policyCsv                         | string | `nil`                  | RBAC policy in CSV, see [values.yaml](./values.yaml) for format                                                                                                                                                                                                               |
+| controller.nodeSelector | controller node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
-| rbac.policyDefault                     | string | `nil`                  | The default role Argo CD will fall back to, when authorizing API requests, ie: `role:readonly`                                                                                                                                                                                |
+| controller.podAnnotations | Annotations for the controller pods | `{}` |
-| rbac.scopes                            | string | `nil`                  | Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). ie: `[groups]`                                                                                                                                                             |
+| controller.podLabels | Labels for the controller pods | `{}` |
-| redis.containerPort                    | int    | `6379`                 | Container port for Redis                                                                                                                                                                                                                                                      |
+| controller.priorityClassName | Priority class for the controller pods | `""` |
-| redis.image.pullPolicy                 | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| controller.readinessProbe.failureThreshold | int | `3` |
-| redis.image.repository                 | string | `"redis"`              | Docker image repo                                                                                                                                                                                                                                                             |
+| controller.readinessProbe.initialDelaySeconds | int | `10` |
-| redis.image.tag                        | string | `"5.0.3"`              | Docker image tag                                                                                                                                                                                                                                                              |
+| controller.readinessProbe.periodSeconds | int | `10` |
-| redis.servicePort                      | int    | `6379`                 | Service port for Redis                                                                                                                                                                                                                                                        |
+| controller.readinessProbe.successThreshold | int | `1` |
-| repoServer.containerPort               | int    | `8081`                 | Container port for repo server                                                                                                                                                                                                                                                |
+| controller.readinessProbe.timeoutSeconds | int | `1` |
-| repoServer.image.pullPolicy            | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| controller.resources | Resource limits and requests for the controller pods. | `{}` |
-| repoServer.image.repository            | string | `"argoproj/argocd"`    | Docker image repo                                                                                                                                                                                                                                                             |
+| controller.service.annotations | Controller service annotations. | `{}` |
-| repoServer.image.tag                   | string | `"v1.2.0"`             | Docker image tag                                                                                                                                                                                                                                                              |
+| controller.service.labels | Controller service labels. | `{}` |
-| repoServer.servicePort                 | int    | `8081`                 | Service port for repo server                                                                                                                                                                                                                                                  |
+| controller.service.port | Controller service port. | `8082` |
-| repoServer.volumeMounts                | list   | `[]`                   | Additional volume mounts                                                                                                                                                                                                                                                      |
+| controller.serviceAccount.create | Create a service account for the controller | `true` |
-| repoServer.volumes                     | list   | `[]`                   | Additional volumes                                                                                                                                                                                                                                                            |
+| controller.serviceAccount.name | Service account name. | `"argocd-application-controller"` |
-| repoServer.initContainers              | list   | `[]`                   | Initialisation containers, see [values.yaml](./values.yaml) for syntax for Helm v2.12.3                                                                                                                                                                                       |
+| controller.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` |
-| repoServer.imagePullSecrets            | list   | `[]`                   | List of image pull secrets, see [values.yaml](./values.yaml) for syntax for a secret called "docker-auth-secret"                                                                                                                                                              |
+| controller.volumeMounts | Controller volume mounts | `[]` |
-| server.annotations                     | object | `{}`                   | Annotations for the server deployment                                                                                                                                                                                                                                         |
+| controller.volumes | Controller volumes | `[]` |
-| server.containerPort                   | int    | `8080`                 | Container port for server                                                                                                                                                                                                                                                     |
+
-| server.extraArgs                       | list   | `[]`                   | Add additional arguments                                                                                                                                                                                                                                                      |
+## Argo Repo Server
-| server.image.pullPolicy                | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+
-| server.image.repository                | string | `"argoproj/argocd"`    | Docker image repo                                                                                                                                                                                                                                                             |
+| Key | Type | Default | Description |
-| server.image.tag                       | string | `"v1.2.0"`             | Docker image tag                                                                                                                                                                                                                                                              |
+|-----|------|---------|-------------|
-| server.metricsPort                     | int    | `8083`                 | Container port for server metrics                                                                                                                                                                                                                                             |
+| repoServer.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
-| server.serviceAnnotations              | object | `{}`                   | Annotations for server service                                                                                                                                                                                                                                                |
+| repoServer.containerPort | Repo server port | `8081` |
-| server.servicePortHttp                 | int    | `80`                   | HTTP Container port for server                                                                                                                                                                                                                                                |
+| repoServer.extraArgs | Additional arguments for the repo server | `[]` |
-| server.servicePortHttps                | int    | `443`                  | HTTPS Container port for server                                                                                                                                                                                                                                               |
+| repoServer.image.repository | Repository to use for the repo server | `global.image.repository` |
-| server.volumeMounts                    | list   | `[]`                   | Additional volume mounts, see [values.yaml](./values.yaml) for syntax for SSH known hosts                                                                                                                                                                                     |
+| repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` |
-| server.volumes                         | list   | `[]`                   | Additional volumes, see [values.yaml](./values.yaml) for syntax for SSH known hosts                                                                                                                                                                                           |
+| repoServer.image.tag | Tag to use for the repo server | `global.image.tag` |
+| repoServer.livenessProbe.failureThreshold | int | `3` |
+| repoServer.livenessProbe.initialDelaySeconds | int | `10` |
+| repoServer.livenessProbe.periodSeconds | int | `10` |
+| repoServer.livenessProbe.successThreshold | int | `1` |
+| repoServer.livenessProbe.timeoutSeconds | int | `1` |
+| repoServer.logLevel | Log level | `"info"` |
+| repoServer.metrics.enabled | Deploy metrics service | `false` |
+| repoServer.metrics.service.annotations | Metrics service annotations | `{}` |
+| repoServer.metrics.service.labels | Metrics service labels | `{}` |
+| repoServer.metrics.service.servicePort | Metrics service port | `8082` |
+| repoServer.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
+| repoServer.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
+| repoServer.name | Repo server name | `"repo-server"` |
+| repoServer.nodeSelector | controller node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
+| repoServer.podAnnotations | Annotations for the repo server pods | `{}` |
+| repoServer.podLabels | Labels for the repo server pods | `{}` |
+| repoServer.priorityClassName | Priority class for the repo server | `""` |
+| repoServer.readinessProbe.failureThreshold | int | `3` |
+| repoServer.readinessProbe.initialDelaySeconds | int | `10` |
+| repoServer.readinessProbe.periodSeconds | int | `10` |
+| repoServer.readinessProbe.successThreshold | int | `1` |
+| repoServer.readinessProbe.timeoutSeconds | int | `1` |
+| repoServer.resources | Resource limits and requests for the repo server pods. | `{}` |
+| repoServer.service.annotations | Repo server service annotations. | `{}` |
+| repoServer.service.labels | Repo server service labels. | `{}` |
+| repoServer.service.port | Repo server service port. | `8081` |
+| repoServer.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` |
+| repoServer.volumeMounts | Repo server volume mounts | `[]` |
+| repoServer.volumes | Repo server volumes | `[]` |
+
+## Argo Server
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| server.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
+| server.certificate.additionalHosts | Certificate manager additional hosts | `[]` |
+| server.certificate.domain | Certificate manager domain | `"argocd.example.com"` |
+| server.certificate.enabled | Enables a certificate manager certificate. | `false` |
+| server.certificate.issuer | Certificate manager issuer | `{}` |
+| server.config | URL for Argo CD | `{}` |
+| server.containerPort | Server container port. | `8080` |
+| server.extraArgs | Additional arguments for the server | `[]` |
+| server.image.repository | Repository to use for the server | `global.image.repository` |
+| server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` |
+| server.image.tag | Tag to use for the repo server | `global.image.tag` |
+| server.ingress.annotations | Additional ingress annotations | `{}` |
+| server.ingress.enabled | Enable an ingress resource for the server | `false` |
+| server.ingress.hosts | List of ingress hosts | `[]` |
+| server.ingress.labels | Additional ingress labels. | `{}` |
+| server.ingress.tls | Ingress TLS configuration. | `[]` |
+| server.livenessProbe.failureThreshold | int | `3` |
+| server.livenessProbe.initialDelaySeconds | int | `10` |
+| server.livenessProbe.periodSeconds | int | `10` |
+| server.livenessProbe.successThreshold | int | `1` |
+| server.livenessProbe.timeoutSeconds | int | `1` |
+| server.logLevel | Log level | `"info"` |
+| server.metrics.enabled | Deploy metrics service | `false` |
+| server.metrics.service.annotations | Metrics service annotations | `{}` |
+| server.metrics.service.labels | Metrics service labels | `{}` |
+| server.metrics.service.servicePort | Metrics service port | `8082` |
+| server.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
+| server.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
+| server.name | Argo CD server name | `"server"` |
+| server.nodeSelector | controller node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
+| server.podAnnotations | Annotations for the repo server pods | `{}` |
+| server.podLabels | Labels for the repo server pods | `{}` |
+| server.priorityClassName | Priority class for the repo server | `""` |
+| server.rbacConfig | Argo CD RBAC policy https://argoproj.github.io/argo-cd/operator-manual/rbac/ | `See [values.yaml](values.yaml)` |
+| server.readinessProbe.failureThreshold | int | `3` |
+| server.readinessProbe.initialDelaySeconds | int | `10` |
+| server.readinessProbe.periodSeconds | int | `10` |
+| server.readinessProbe.successThreshold | int | `1` |
+| server.readinessProbe.timeoutSeconds | int | `1` |
+| server.resources | Resource limits and requests for the server | `{}` |
+| server.service.annotations | Server service annotations | `{}` |
+| server.service.labels | Server service labels | `{}` |
+| server.service.servicePortHttp | Server service http port | `80` |
+| server.service.servicePortHttps | Server service https port | `443` |
+| server.service.type | Server service type | `"ClusterIP"` |
+| server.serviceAccount.create | Create server service account | `true` |
+| server.serviceAccount.name | Server service account name | `"argocd-server"` |
+| server.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` |
+| server.volumeMounts | Server volume mounts | `[]` |
+| server.volumes | Server volumes | `[]` |
+
+## Dex
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| dex.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
+| dex.containerPortGrpc | GRPC container port | `5557` |
+| dex.containerPortHttp | HTTP container port | `5556` |
+| dex.enabled | Enable dex | `true` |
+| dex.image.imagePullPolicy | Dex imagePullPolicy | `"IfNotPresent"` |
+| dex.image.repository | Dex image repository | `"quay.io/dexidp/dex"` |
+| dex.image.tag | Dex image tag | `"v2.14.0"` |
+| dex.initImage.repository | Argo CD init image repository. | `global.image.repository` |
+| dex.initImage.imagePullPolicy | Argo CD init image imagePullPolicy | `global.image.imagePullPolicy` |
+| dex.initImage.tag | Argo CD init image tag | `global.image.tag` |
+| dex.name | Dex name | `"dex-server"` |
+| dex.nodeSelector | Dex node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
+| dex.priorityClassName | Priority class for dex | `""` |
+| dex.resources | Resource limits and requests for dex | `{}` |
+| dex.serviceAccount.create | Create dex service account | `true` |
+| dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` |
+| dex.servicePortGrpc | Server GRPC port | `5557` |
+| dex.servicePortHttp | Server HTTP port | `5556` |
+| dex.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` |
+| dex.volumeMounts | Dex volume mounts | `"/shared"` |
+| dex.volumes | Dex volumes | `{}` |
+
+## Redis
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| redis.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
+| redis.containerPort | Redis container port | `6379` |
+| redis.enabled | Enable redis | `false` |
+| redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` |
+| redis.image.repository | Redis repository | `"redis"` |
+| redis.image.tag | Redis tag | `"5.0.3"` |
+| redis.name | Redis name | `"redis"` |
+| redis.nodeSelector | Redis node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
+| redis.priorityClassName | Priority class for redis | `""` |
+| redis.resources | Resource limits and requests for redis | `{}` |
+| redis.servicePort | Redis service port | `6379` |
+| redis.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `{}` |

charts/argo-cd/templates/NOTES.txt

@@ -1,13 +1,15 @@
 In order to access the server UI you have the following options:
 
-1. kubectl port-forward svc/argocd-server -n argocd 8080:443
+1. kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443
 
     and then open the browser on http://localhost:8080 and accept the certificate
 
-2. enable ingress and check the first option ssl passthrough:
+2. enable ingress in the values file `service.ingress.enabled` and either
-    https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough
+      - Add the annotation for ssl passthrough: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough
+      - Add the `insecure: ""` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts
+
 
 After reaching the UI the first time you can login with username: admin and the password will be the
 name of the server pod. You can get the pod name by running:
 
-kubectl get pods -n argocd -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2
+kubectl get pods -n argocd -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2

charts/argo-cd/templates/_helpers.tpl

@@ -24,9 +24,77 @@ If release name contains chart name it will be used as a full name.
 {{- end -}}
 {{- end -}}
 
+{{/*
+Create controller name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.controller.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create dex name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.dex.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.dex.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create redis name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.redis.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.redis.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create argocd server name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.server.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create argocd repo-server name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.repoServer.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create the name of the controller service account to use
+*/}}
+{{- define "argo-cd.controllerServiceAccountName" -}}
+{{- if .Values.controller.serviceAccount.create -}}
+    {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.controller.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the dex service account to use
+*/}}
+{{- define "argo-cd.dexServiceAccountName" -}}
+{{- if .Values.dex.serviceAccount.create -}}
+    {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.dex.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the ArgoCD server service account to use
+*/}}
+{{- define "argo-cd.serverServiceAccountName" -}}
+{{- if .Values.server.serviceAccount.create -}}
+    {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.server.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "argo-cd.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
+{{- end -}}

charts/argo-cd/templates/argocd-application-controller-deployment.yaml

@@ -1,51 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-application-controller
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: application-controller
-    spec:
-      containers:
-      - command:
-        - argocd-application-controller
-        - --status-processors
-        - "20"
-        - --operation-processors
-        - "10"
-        image: {{ .Values.applicationController.image.repository }}:{{ .Values.applicationController.image.tag }}
-        imagePullPolicy: {{ .Values.applicationController.image.pullPolicy }}
-        name: argocd-application-controller
-        ports:
-        - containerPort: {{ .Values.applicationController.containerPort }}
-        readinessProbe:
-          tcpSocket:
-            port: {{ .Values.applicationController.containerPort }}
-          initialDelaySeconds: 5
-          periodSeconds: 10
-        volumeMounts:
-        {{- if .Values.applicationController.volumeMounts }}
-        {{ toYaml .Values.applicationController.volumeMounts | nindent 8 | trim }}
-        {{- end }}
-      serviceAccountName: argocd-application-controller
-      volumes:
-      {{- if .Values.applicationController.volumes }}
-      {{ toYaml .Values.applicationController.volumes | nindent 6 | trim }}
-      {{- end }}

charts/argo-cd/templates/argocd-application-controller-metrics-service.yaml

@@ -1,19 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
-  name: argocd-metrics
-spec:
-  ports:
-  - name: metrics
-    protocol: TCP
-    port: {{ .Values.applicationController.servicePort }}
-    targetPort: {{ .Values.applicationController.containerPort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller

charts/argo-cd/templates/argocd-application-controller-service.yaml

@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: argocd-application-controller
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
-spec:
-  ports:
-  - port: {{ .Values.applicationController.servicePort }}
-    targetPort: {{ .Values.applicationController.containerPort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller

charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml

@@ -1,15 +1,15 @@
-{{- if .Values.clusterAdminAccess.enabled }}
+{{- if .Values.controller.clusterAdminAccess.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: argocd-application-controller
+  name: {{ template "argo-cd.controller.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
+    app.kubernetes.io/component: {{ .Values.controller.name }}
 rules:
 - apiGroups:
   - '*'

charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml

@@ -0,0 +1,21 @@
+{{- if .Values.controller.clusterAdminAccess.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "argo-cd.controller.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "argo-cd.controller.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "argo-cd.controllerServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end }}

charts/argo-cd/templates/argocd-application-controller/deployment.yaml

@@ -0,0 +1,106 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.controller.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  revisionHistoryLimit: 5
+  replicas: 1
+  template:
+    metadata:
+      {{- if .Values.controller.podAnnotations }}
+      annotations:
+      {{- range $key, $value := .Values.controller.podAnnotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+        app.kubernetes.io/component: {{ .Values.controller.name }}
+        {{- if .Values.controller.podLabels }}
+{{- toYaml .Values.controller.podLabels | nindent 8 }}
+        {{- end }}
+    spec:
+      containers:
+      - command:
+        - argocd-application-controller
+        - --status-processors
+        - {{ .Values.controller.args.statusProcessors | quote }}
+        - --operation-processors
+        - {{ .Values.controller.args.operationProcessors | quote }}
+        - --repo-server
+        - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
+        - --loglevel
+        - {{ .Values.controller.logLevel }}
+        {{- if .Values.redis.enabled }}
+        - --redis
+        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
+        {{- end }}
+        {{- range $key, $value := .Values.controller.extraArgs }}
+          {{- if $value }}
+        - --{{ $key }}={{ $value }}
+          {{- else }}
+        - --{{ $key }}
+          {{- end }}
+        {{- end }}
+        image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default .Values.global.image.tag .Values.controller.image.tag }}
+        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }}
+        name: {{ .Values.controller.name }}
+        ports:
+        - name: controller
+          containerPort: {{ .Values.controller.containerPort }}
+          protocol: TCP
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: {{ .Values.controller.containerPort }}
+          initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.controller.livenessProbe.successThreshold }}
+          failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }}
+        readinessProbe:
+          tcpSocket:
+            port: {{ .Values.controller.containerPort }}
+          initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.controller.readinessProbe.successThreshold }}
+          failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }}
+{{- if .Values.controller.volumeMounts }}
+        volumeMounts:
+{{- toYaml .Values.controller.volumeMounts | nindent 10}}
+{{- end }}
+        resources:
+{{- toYaml .Values.controller.resources | nindent 10 }}
+    {{- if .Values.controller.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.controller.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.controller.tolerations }}
+      tolerations:
+{{- toYaml .Values.controller.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.controller.affinity }}
+      affinity:
+{{- toYaml .Values.controller.affinity | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }}
+{{- if .Values.controller.volumes }}
+      volumes:
+{{- toYaml .Values.controller.volumes | nindent 8 }}
+{{- end }}

charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml

@@ -0,0 +1,31 @@
+{{- if .Values.controller.metrics.enabled}}
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.controller.metrics.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.controller.metrics.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+{{- if .Values.controller.metrics.service.labels }}
+{{- toYaml .Values.controller.metrics.service.labels | nindent 4 }}
+{{- end }}
+  name: {{ template "argo-cd.controller.fullname" . }}-metrics
+spec:
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: {{ .Values.controller.metrics.service.servicePort }}
+    targetPort: controller
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+{{- end }}

charts/argo-cd/templates/argocd-application-controller/role.yaml

@@ -1,14 +1,14 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: argocd-application-controller
+  name: {{ template "argo-cd.controller.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
+    app.kubernetes.io/component: {{ .Values.controller.name }}
 rules:
 - apiGroups:
   - ""
@@ -38,5 +38,4 @@ rules:
   - events
   verbs:
   - create
-  - list
+  - list
-  

charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml

@@ -1,18 +1,19 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: argocd-dex-server
+  name: {{ template "argo-cd.controller.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: dex-server
+    app.kubernetes.io/component: {{ .Values.controller.name }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: argocd-dex-server
+  name: {{ template "argo-cd.controller.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: argocd-dex-server
+  name: {{ template "argo-cd.controllerServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}

charts/argo-cd/templates/argocd-application-controller/service.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.controller.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.controller.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.controller.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+spec:
+  ports:
+  - name: {{ .Values.controller.name }}
+    port: {{ .Values.controller.service.port }}
+    targetPort: {{ .Values.controller.containerPort }}
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}

charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml

@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: argocd-application-controller
+  name: {{ template "argo-cd.controllerServiceAccountName" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
+    app.kubernetes.io/component: {{ .Values.controller.name }}

charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml

@@ -0,0 +1,32 @@
+{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "argo-cd.controller.fullname" . }}
+  {{- if .Values.controller.metrics.serviceMonitor.namespace }}
+  namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }}
+  {{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+{{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }}
+    {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }}
+{{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: metrics
+      interval: 30s
+      path: /metrics
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
+      app.kubernetes.io/component: {{ .Values.controller.name }}
+{{- end }}

charts/argo-cd/templates/argocd-cm.yaml

@@ -1,48 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: argocd-cm
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-data:
-{{- if .Values.config.enableAnonymousAccess }}
-  users.anonymous.enabled: "{{ .Values.config.enableAnonymousAccess }}"
-{{- end }}
-{{- if .Values.config.helmRepositories }}
-  helm.repositories: |
-{{ toYaml .Values.config.helmRepositories | indent 4 }}
-{{- end }}
-{{- if .Values.config.repositories }}
-  repositories: |
-{{ toYaml .Values.config.repositories | indent 4 }}
-{{- end }}
-{{- if .Values.config.dexConfig }}
-  dex.config: |
-{{ toYaml .Values.config.dexConfig | indent 4 }}
-{{- end }}
-{{- if .Values.config.url }}
-  url: {{ .Values.config.url }}
-{{- end }}
-{{- if .Values.config.instanceLabelKey }}
-  application.instanceLabelKey: {{ .Values.config.instanceLabelKey }}
-{{- end }}
-{{- if .Values.config.oidcConfig }}
-  oidc.config: |
-{{ toYaml .Values.config.oidcConfig | indent 4 }}
-{{- end }}
-{{- if .Values.config.resourceCustomizations }}
-  resource.customizations: |
-{{ toYaml .Values.config.resourceCustomizations | indent 4 }}
-{{- end }}
-{{- if .Values.config.resourceExclusions }}
-  resource.exclusions: |
-{{ toYaml .Values.config.resourceExclusions | indent 4 }}
-{{- end }}
-{{- if .Values.config.configManagementPlugins }}
-  configManagementPlugins: |
-{{ toYaml .Values.config.configManagementPlugins | indent 4 }}
-{{- end }}

charts/argo-cd/templates/argocd-configs/argocd-cm.yaml

@@ -1,11 +1,13 @@
 apiVersion: v1
-kind: ServiceAccount
+kind: ConfigMap
 metadata:
-  name: argocd-dex-server
+  name: argocd-cm
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-cm
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: dex-server
+    app.kubernetes.io/component: {{ .Values.server.name }}
+data:
+{{- toYaml .Values.server.config | nindent 4 }}

charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml

@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: argocd-rbac-cm
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-rbac-cm
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
+data:
+{{- toYaml .Values.server.rbacConfig | nindent 4 }}

charts/argo-cd/templates/argocd-configs/argocd-secret.yaml

@@ -0,0 +1,27 @@
+{{- if .Values.configs.secret.createSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: argocd-secret
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
+type: Opaque
+{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketSecret) }}
+# Setting a blank data again will wipe admin password/key/cert
+data:
+  {{- if .Values.configs.secret.githubSecret }}
+  github.webhook.secret: {{ .Values.configs.secret.githubSecret | b64enc }}
+  {{- end }}
+  {{- if .Values.configs.secret.gitlabSecret }}
+  gitlab.webhook.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }}
+  {{- end }}
+  {{- if .Values.configs.secret.bitbucketSecret }}
+  bitbucket.webhook.uuid: {{ .Values.configs.secret.bitbucketSecret | b64enc }}
+  {{- end }}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+{{- toYaml .Values.configs.knownHosts | nindent 0 }}
+kind: ConfigMap
+metadata:
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-ssh-known-hosts-cm
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
+  name: argocd-ssh-known-hosts-cm

charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+{{- if .Values.configs.tlsCerts }}
+{{- toYaml .Values.configs.tlsCerts | nindent 0 }}
+{{- end }}
+kind: ConfigMap
+metadata:
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-tls-certs-cm
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
+  name: argocd-tls-certs-cm

charts/argo-cd/templates/argocd-dex-server-deployment.yaml

@@ -1,54 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-dex-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: dex-server
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: dex-server
-    spec:
-      serviceAccountName: argocd-dex-server
-      initContainers:
-      - name: copyutil
-        image: {{ .Values.dexServer.initImage.repository }}:{{ .Values.dexServer.initImage.tag }}
-        imagePullPolicy: {{ .Values.dexServer.initImage.pullPolicy }}
-        command: [cp, /usr/local/bin/argocd-util, /shared]
-        volumeMounts:
-        - mountPath: /shared
-          name: static-files
-      containers:
-      - name: dex
-        image: {{ .Values.dexServer.image.repository }}:{{ .Values.dexServer.image.tag }}
-        imagePullPolicy: {{ .Values.dexServer.image.pullPolicy }}
-        command: [/shared/argocd-util, rundex]
-        ports:
-        - containerPort: {{ .Values.dexServer.containerPortHttp }}
-        - containerPort: {{ .Values.dexServer.containerPortGrpc }}
-        volumeMounts:
-        - mountPath: /shared
-          name: static-files
-        {{- if .Values.dexServer.volumeMounts }}
-        {{ toYaml .Values.dexServer.volumeMounts | nindent 8 | trim }}
-        {{- end }}
-      volumes:
-      - emptyDir: {}
-        name: static-files
-      {{- if .Values.dexServer.volumes }}
-      {{ toYaml .Values.dexServer.volumes | nindent 6 | trim }}
-      {{- end }}

charts/argo-cd/templates/argocd-dex-server-service.yaml

@@ -1,23 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: argocd-dex-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: dex-server  
-spec:
-  ports:
-  - name: http
-    protocol: TCP
-    port: {{ .Values.dexServer.servicePortHttp }}
-    targetPort: {{ .Values.dexServer.containerPortHttp }}
-  - name: grpc
-    protocol: TCP
-    port: {{ .Values.dexServer.servicePortGrpc }}
-    targetPort: {{ .Values.dexServer.containerPortGrpc }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server

charts/argo-cd/templates/argocd-rbac-cm.yaml

@@ -1,21 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: argocd-rbac-cm
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-data:
-{{- if .Values.rbac.policyDefault }}
-  policy.default: {{ .Values.rbac.policyDefault }}
-{{- end }}
-{{- if .Values.rbac.policyCsv }}
-  policy.csv:
-{{- toYaml .Values.rbac.policyCsv | indent 4 }}
-{{- end }}
-{{- if .Values.rbac.scopes }}
-  scopes: {{ .Values.rbac.scopes }}
-{{- end }}

charts/argo-cd/templates/argocd-redis-deployment.yaml

@@ -1,38 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-redis
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: redis
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: redis
-    spec:
-      automountServiceAccountToken: false
-      containers:
-      - name: redis
-        args:
-        - --save
-        - ""
-        - --appendonly
-        - "no"
-        image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
-        imagePullPolicy: {{ .Values.redis.image.pullPolicy}}
-        ports:
-        - containerPort: {{ .Values.redis.containerPort }}
-

charts/argo-cd/templates/argocd-repo-server-deployment.yaml

@@ -1,69 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-repo-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: repo-server
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: repo-server
-    spec:
-      automountServiceAccountToken: false
-      containers:
-      - name: argocd-repo-server
-        image: {{ .Values.repoServer.image.repository }}:{{ .Values.repoServer.image.tag }}
-        imagePullPolicy: {{ .Values.repoServer.image.pullPolicy}}
-        command: [argocd-repo-server]
-        ports:
-        - containerPort: {{ .Values.repoServer.containerPort }}
-        livenessProbe:
-          initialDelaySeconds: 5
-          periodSeconds: 10
-          tcpSocket:
-            port: {{ .Values.repoServer.containerPort }}
-        readinessProbe:
-          tcpSocket:
-            port: {{ .Values.repoServer.containerPort }}
-          initialDelaySeconds: 5
-          periodSeconds: 10
-        volumeMounts:
-        - mountPath: /app/config/ssh
-          name: ssh-known-hosts
-        - mountPath: /app/config/tls
-          name: tls-certs
-        {{- if .Values.repoServer.volumeMounts }}
-        {{ toYaml .Values.repoServer.volumeMounts | nindent 8 | trim }}
-        {{- end }}
-      volumes:
-      - configMap:
-          name: argocd-ssh-known-hosts-cm
-        name: ssh-known-hosts
-      - configMap:
-          name: argocd-tls-certs-cm
-        name: tls-certs
-      {{- if .Values.repoServer.volumes }}
-      {{ toYaml .Values.repoServer.volumes | nindent 6 | trim }}
-      {{- end }}
-      {{- if .Values.repoServer.initContainers }}
-      initContainers:
-      {{ toYaml .Values.repoServer.initContainers | nindent 6 | trim }}
-      {{- end }}
-      {{- if .Values.repoServer.imagePullSecrets }}
-      imagePullSecrets:
-      {{ toYaml .Values.repoServer.imagePullSecrets | nindent 6 | trim }}
-      {{- end }}

charts/argo-cd/templates/argocd-repo-server-service.yaml

@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: argocd-repo-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: repo-server
-spec:
-  ports:
-  - port: {{ .Values.repoServer.servicePort }}
-    targetPort: {{ .Values.repoServer.servicePort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server

charts/argo-cd/templates/argocd-repo-server/deployment.yaml

@@ -0,0 +1,121 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.repoServer.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  revisionHistoryLimit: 5
+  replicas: 1
+  template:
+    metadata:
+      {{- if .Values.repoServer.podAnnotations }}
+      annotations:
+      {{- range $key, $value := .Values.repoServer.podAnnotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+        app.kubernetes.io/component: {{ .Values.repoServer.name }}
+        {{- if .Values.controller.podLabels }}
+{{- toYaml .Values.controller.podLabels | nindent 8 }}
+        {{- end }}
+    spec:
+      containers:
+      - name: {{ .Values.repoServer.name }}
+        image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }}
+        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
+        command:
+        - argocd-repo-server
+        {{- if .Values.redis.enabled }}
+        - --redis
+        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
+        {{- end }}
+        - --loglevel
+        - {{ .Values.repoServer.logLevel }}
+        {{- range $key, $value := .Values.repoServer.extraArgs }}
+          {{- if $value }}
+        - --{{ $key }}={{ $value }}
+          {{- else }}
+        - --{{ $key }}
+          {{- end }}
+        {{- end }}
+        volumeMounts:
+        {{- if .Values.repoServer.volumeMounts }}
+{{- toYaml .Values.repoServer.volumeMounts | nindent 10}}
+        {{- end }}
+        {{- if .Values.configs.knownHosts }}
+        - mountPath: /app/config/ssh
+          name: ssh-known-hosts
+        {{- end }}
+        {{- if .Values.configs.tlsCerts }}
+        - mountPath: /app/config/tls
+          name: tls-certs
+        {{- end }}
+        ports:
+        - name: repo-server
+          containerPort: {{ .Values.repoServer.containerPort }}
+          protocol: TCP
+        {{ if .Values.repoServer.metrics.enabled }}
+        - name: metrics
+          containerPort: 8084
+          protocol: TCP
+        {{- end }}
+        livenessProbe:
+          tcpSocket:
+            port: {{ .Values.repoServer.containerPort }}
+          initialDelaySeconds: {{ .Values.repoServer.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.repoServer.livenessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.repoServer.livenessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.repoServer.livenessProbe.successThreshold }}
+          failureThreshold: {{ .Values.repoServer.livenessProbe.failureThreshold }}
+        readinessProbe:
+          tcpSocket:
+            port: {{ .Values.repoServer.containerPort }}
+          initialDelaySeconds: {{ .Values.repoServer.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.repoServer.readinessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.repoServer.readinessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.repoServer.readinessProbe.successThreshold }}
+          failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }}
+        resources:
+{{- toYaml .Values.repoServer.resources | nindent 10 }}
+    {{- if .Values.repoServer.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.repoServer.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.repoServer.tolerations }}
+      tolerations:
+{{- toYaml .Values.repoServer.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.repoServer.affinity }}
+      affinity:
+{{- toYaml .Values.repoServer.affinity | nindent 8 }}
+    {{- end }}
+      volumes:
+      {{- if .Values.repoServer.volumes }}
+{{- toYaml .Values.repoServer.volumes | nindent 8}}
+      {{- end }}
+      {{- if .Values.configs.knownHosts }}
+      - configMap:
+          name: argocd-ssh-known-hosts-cm
+        name: ssh-known-hosts
+      {{- end }}
+      {{- if .Values.configs.tlsCerts }}
+      - configMap:
+          name: argocd-tls-certs-cm
+        name: tls-certs
+      {{- end }}

charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml

@@ -0,0 +1,31 @@
+{{- if .Values.repoServer.metrics.enabled}}
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.repoServer.metrics.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.repoServer.metrics.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+{{- if .Values.repoServer.metrics.service.labels }}
+{{- toYaml .Values.repoServer.metrics.service.labels | nindent 4 }}
+{{- end }}
+  name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
+spec:
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: {{ .Values.repoServer.metrics.service.servicePort }}
+    targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+{{- end }}

charts/argo-cd/templates/argocd-repo-server/service.yaml

@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.repoServer.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.repoServer.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+  name: {{ template "argo-cd.repoServer.fullname" . }}
+spec:
+  ports:
+  - name: repo-server
+    protocol: TCP
+    port: {{ .Values.repoServer.service.port }}
+    targetPort: repo-server
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}

charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml

@@ -0,0 +1,33 @@
+{{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "argo-cd.repoServer.fullname" . }}
+  {{- if .Values.repoServer.metrics.serviceMonitor.namespace }}
+  namespace: {{ .Values.repoServer.metrics.serviceMonitor.namespace }}
+  {{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+{{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }}
+    {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }}
+{{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: metrics
+      interval: 30s
+      path: /metrics
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: {{ .Release.Name }}
+      app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
+      app.kubernetes.io/component: {{ .Values.repoServer.name }}
+{{- end }}

charts/argo-cd/templates/argocd-secret.yaml

@@ -1,26 +0,0 @@
-{{- if .Values.config.createSecret }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: argocd-secret
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-type: Opaque
-{{- if or .Values.config.webhook.githubSecret (or .Values.config.webhook.gitlabSecret .Values.config.webhook.bitbucketSecret) }}
-# Setting a blank data again will wipe admin password/key/cert
-data:
-{{- if .Values.config.webhook.githubSecret }}
-  github.webhook.secret: {{ .Values.config.webhook.githubSecret }}
-{{- end }}
-{{- if .Values.config.webhook.gitlabSecret }}
-  gitlab.webhook.secret: {{ .Values.config.webhook.gitlabSecret }}
-{{- end }}
-{{- if .Values.config.webhook.bitbucketSecret }}
-  bitbucket.webhook.uuid: {{ .Values.config.webhook.bitbucketSecret }}
-{{- end }}
-{{- end }}
-{{- end }}

charts/argo-cd/templates/argocd-server-clusterrolebinding.yaml

@@ -1,21 +0,0 @@
-{{- if .Values.clusterAdminAccess.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: argocd-server
-subjects:
-  - kind: ServiceAccount
-    name: argocd-server
-    namespace: {{ .Release.Namespace }}
-{{- end -}}

charts/argo-cd/templates/argocd-server-deployment.yaml

@@ -1,77 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: server
-      annotations:
-        {{- range $key, $value := .Values.server.annotations }}
-        {{ $key }}: {{ $value | quote }}
-        {{- end }}
-    spec:
-      serviceAccountName: argocd-server
-      containers:
-      - name: argocd-server
-        image: {{ .Values.server.image.repository }}:{{ .Values.server.image.tag }}
-        imagePullPolicy: {{ .Values.server.image.pullPolicy }}
-        command:
-        - argocd-server
-        - --staticassets
-        - /shared/app
-        {{- range .Values.server.extraArgs }}
-        - {{. | quote }}
-        {{- end }}
-        volumeMounts:
-        - mountPath: /app/config/ssh
-          name: ssh-known-hosts
-        - mountPath: /app/config/tls
-          name: tls-certs
-        {{- if .Values.server.volumeMounts }}
-        {{ toYaml .Values.server.volumeMounts | nindent 8 | trim }}
-        {{- end }}
-        ports:
-        - containerPort: {{ .Values.server.containerPort }}
-        - containerPort: {{ .Values.server.metricsPort }}
-        livenessProbe:
-          httpGet:
-            path: /healthz
-            port: {{ .Values.server.containerPort }}
-          initialDelaySeconds: 3
-          periodSeconds: 30
-        readinessProbe:
-          httpGet:
-            path: /healthz
-            port: {{ .Values.server.containerPort }}
-          initialDelaySeconds: 3
-          periodSeconds: 30
-      volumes:
-      - emptyDir: {}
-        name: static-files
-      - configMap:
-          name: argocd-ssh-known-hosts-cm
-        name: ssh-known-hosts
-      - configMap:
-          name: argocd-tls-certs-cm
-        name: tls-certs
-      {{- if .Values.server.volumes }}
-      {{ toYaml .Values.server.volumes | nindent 6 | trim }}
-      {{- end }}
-

charts/argo-cd/templates/argocd-server-ingress.yaml

@@ -1,33 +0,0 @@
-{{- if .Values.ingress.enabled -}}
-{{- $host := regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.config.url "${1}" }}
-{{- $path := default "/" (regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.config.url "${2}") }}
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-{{- with .Values.ingress.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-  rules:
-  {{- range prepend .Values.ingress.additionalHosts $host }}
-    - host: {{ . | quote }}
-      http:
-        paths:
-          - path: {{ $path | quote }}
-            backend:
-              serviceName: argocd-server
-              servicePort: https
-  {{- end }}
-  {{- if .Values.ingress.tls }}
-  tls:
-{{ toYaml .Values.ingress.tls | indent 4 }}
-  {{- end -}}
-{{- end }}

charts/argo-cd/templates/argocd-server-metrics.yaml

@@ -1,19 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
-  name: argocd-server-metrics
-spec:
-  ports:
-  - name: metrics
-    protocol: TCP
-    port: {{ .Values.server.servicePortHttp }}
-    targetPort: {{ .Values.server.metricsPort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server

charts/argo-cd/templates/argocd-server-service.yaml

@@ -1,28 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
-  {{- if .Values.server.serviceAnnotations }}
-  annotations:
-{{ toYaml .Values.server.serviceAnnotations | indent 4}}{{- end }}
-spec:
-  type: {{ .Values.server.serviceType }}
-  ports:
-  - name: http
-    protocol: TCP
-    port: {{ .Values.server.servicePortHttp }}
-    targetPort: {{ .Values.server.containerPort }}
-  - name: https
-    protocol: TCP
-    port: {{ .Values.server.servicePortHttps }}
-    targetPort: {{ .Values.server.containerPort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-

charts/argo-cd/templates/argocd-server/applications.yaml

@@ -0,0 +1,42 @@
+{{- if .Values.server.additionalApplications }}
+apiVersion: v1
+kind: List
+items:
+{{- range .Values.server.additionalApplications }}
+  - apiVersion: argoproj.io/v1alpha1
+    kind: Application
+    metadata:
+      {{- if .additionalAnnotations }}
+      annotations:
+      {{- range $key, $value := .additionalAnnotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      {{- if .additionalLabels }}
+      labels:
+{{- toYaml .additionalLabels | nindent 8 }}
+      {{- end }}
+      name: {{ .name }}
+      {{- if .namespace }}
+      namespace: {{ .namespace }}
+      {{- end }}
+      {{- if .finalizers }}
+      finalizers:
+{{- toYaml .finalizers | nindent 8 }}
+      {{- end }}
+    spec:
+      project: {{ tpl .project $ }}
+      source:
+{{- toYaml .source | nindent 8 }}
+      destination:
+{{- toYaml .destination | nindent 8 }}
+      {{- if .syncPolicy }}
+      syncPolicy:
+{{- toYaml .syncPolicy | nindent 8 }}
+      {{- end }}
+      {{- if .ignoreDifferences }}
+      ignoreDifferences:
+{{- toYaml .ignoreDifferences | nindent 8 }}
+      {{- end }}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-server/certificate.yaml

@@ -1,19 +1,19 @@
-{{- if .Values.certificate.enabled -}}
+{{- if .Values.server.certificate.enabled -}}
-{{- $commonName := regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.config.url "${1}" }}
 apiVersion: certmanager.k8s.io/v1alpha1
 kind: Certificate
 metadata:
-  name: argocd-server
+  name: {{ template "argo-cd.server.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
 spec:
-  commonName: {{ $commonName | quote }}
+  commonName: {{ .Values.server.certificate.domain | quote }}
   dnsNames:
-    - {{ $commonName | quote }}
+    - {{ .Values.server.certificate.domain | quote }}
   {{- range .Values.ingress.additionalHosts }}
     - {{ . | quote }}
   {{- end }}

charts/argo-cd/templates/argocd-server/clusterrole.yaml

@@ -1,15 +1,14 @@
-{{- if .Values.clusterAdminAccess.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: argocd-server
+  name: {{ template "argo-cd.server.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
+    app.kubernetes.io/component: {{ .Values.server.name }}
 rules:
   - apiGroups:
       - '*'
@@ -31,5 +30,4 @@ rules:
       - pods
       - pods/log
     verbs:
-      - get
+      - get
-{{- end }}

charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml

@@ -1,21 +1,19 @@
-{{- if .Values.clusterAdminAccess.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: argocd-application-controller
+  name: {{ template "argo-cd.server.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
+    app.kubernetes.io/component: {{ .Values.server.name }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: argocd-application-controller
+  name: {{ template "argo-cd.server.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: argocd-application-controller
+  name: {{ template "argo-cd.serverServiceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ .Release.Namespace }}
-{{- end -}}

charts/argo-cd/templates/argocd-server/deployment.yaml

@@ -0,0 +1,134 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.server.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  revisionHistoryLimit: 5
+  replicas: 1
+  template:
+    metadata:
+      {{- if .Values.server.podAnnotations }}
+      annotations:
+      {{- range $key, $value := .Values.server.podAnnotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+        app.kubernetes.io/component: {{ .Values.server.name }}
+        {{- if .Values.controller.podLabels }}
+{{- toYaml .Values.controller.podLabels | nindent 8 }}
+        {{- end }}
+    spec:
+      containers:
+      - name: {{ .Values.server.name }}
+        image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default .Values.global.image.tag .Values.server.image.tag }}
+        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
+        command:
+        - argocd-server
+        - --staticassets
+        - /shared/app
+        - --repo-server
+        - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
+        {{- if .Values.dex.enabled }}
+        - --dex-server
+        - http://{{ template "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }}
+        {{- end }}
+        - --loglevel
+        - {{ .Values.server.logLevel }}
+        {{- if .Values.redis.enabled }}
+        - --redis
+        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
+        {{- end }}
+        {{- range $key, $value := .Values.server.extraArgs }}
+          {{- if $value }}
+        - --{{ $key }}={{ $value }}
+          {{- else }}
+        - --{{ $key }}
+          {{- end }}
+        {{- end }}
+        volumeMounts:
+        {{- if .Values.server.volumeMounts }}
+{{- toYaml .Values.server.volumeMounts | nindent 10}}
+        {{- end }}
+        {{- if .Values.configs.knownHosts }}
+        - mountPath: /app/config/ssh
+          name: ssh-known-hosts
+        {{- end }}
+        {{- if .Values.configs.tlsCerts }}
+        - mountPath: /app/config/tls
+          name: tls-certs
+        {{- end }}
+        ports:
+        - name: {{ .Values.server.name }}
+          containerPort: {{ .Values.server.containerPort }}
+          protocol: TCP
+        {{ if .Values.server.metrics.enabled }}
+        - name: metrics
+          containerPort: 8083
+          protocol: TCP
+        {{- end }}
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: {{ .Values.server.containerPort }}
+          initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.server.livenessProbe.successThreshold }}
+          failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }}
+        readinessProbe:
+          httpGet:
+            path: /healthz
+            port: {{ .Values.server.containerPort }}
+          initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.server.readinessProbe.successThreshold }}
+          failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }}
+        resources:
+{{- toYaml .Values.server.resources | nindent 10 }}
+    {{- if .Values.server.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.server.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.server.tolerations }}
+      tolerations:
+{{- toYaml .Values.server.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.server.affinity }}
+      affinity:
+{{- toYaml .Values.server.affinity | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }}
+      volumes:
+      {{- if .Values.server.volumes }}
+{{- toYaml .Values.server.volumes | nindent 8}}
+      {{- end }}
+      - emptyDir: {}
+        name: static-files
+      {{- if .Values.configs.knownHosts }}
+      - configMap:
+          name: argocd-ssh-known-hosts-cm
+        name: ssh-known-hosts
+      {{- end }}
+      {{- if .Values.configs.tlsCerts }}
+      - configMap:
+          name: argocd-tls-certs-cm
+        name: tls-certs
+      {{- end }}

charts/argo-cd/templates/argocd-server/ingress.yaml

@@ -0,0 +1,53 @@
+{{- if .Values.server.ingress.enabled -}}
+{{- $serviceName := include "argo-cd.server.fullname" . -}}
+{{- $servicePort := .Values.server.name -}}
+{{- $paths := .Values.server.ingress.paths -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+{{- if .Values.server.ingress.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.server.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.server.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
+{{- if .Values.server.ingress.labels }}
+{{- toYaml .Values.server.ingress.labels | nindent 4 }}
+{{- end }}
+spec:
+  rules:
+  {{- if .Values.server.ingress.hosts }}
+  {{- range $host := .Values.server.ingress.hosts }}
+    - host: {{ $host }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ $p }}
+            backend:
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ $p }}
+            backend:
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.server.ingress.tls }}
+  tls:
+{{- toYaml .Values.server.ingress.tls | nindent 4 }}
+  {{- end -}}
+{{- end -}}

charts/argo-cd/templates/argocd-server/metrics-service.yaml

@@ -0,0 +1,31 @@
+{{- if .Values.server.metrics.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  {{- if .Values.server.metrics.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.server.metrics.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
+{{- if .Values.server.metrics.service.labels }}
+{{- toYaml .Values.server.metrics.service.labels | nindent 4 }}
+{{- end }}
+  name: {{ template "argo-cd.server.fullname" . }}-metrics
+spec:
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: {{ .Values.server.metrics.service.servicePort }}
+    targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+{{- end }}

charts/argo-cd/templates/argocd-server/projects.yaml

@@ -0,0 +1,46 @@
+{{- if .Values.server.additionalProjects }}
+apiVersion: v1
+kind: List
+items:
+{{- range .Values.server.additionalProjects }}
+  - apiVersion: argoproj.io/v1alpha1
+    kind: AppProject
+    metadata:
+      {{- if .additionalProjects }}
+      annotations:
+      {{- range $key, $value := .additionalProjects }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      {{- if .additionalLabels }}
+      labels:
+{{- toYaml .additionalLabels | nindent 8 }}
+      {{- end }}
+      name: {{ .name }}
+      {{- if .namespace }}
+      namespace: {{ .namespace }}
+      {{- end }}
+    spec:
+      description: {{ .description }}
+      sourceRepos:
+{{- toYaml .sourceRepos | nindent 8 }}
+      destinations:
+{{- toYaml .destinations | nindent 8 }}
+      {{- if .clusterResourceWhitelist }}
+      clusterResourceWhitelist:
+{{- toYaml .clusterResourceWhitelist | nindent 8 }}
+      {{- end }}
+      {{- if .namespaceResourceBlacklist }}
+      namespaceResourceBlacklist:
+{{- toYaml .namespaceResourceBlacklist | nindent 8 }}
+      {{- end }}
+      {{- if .orphanedResources }}
+      orphanedResources:
+{{- toYaml .orphanedResources | nindent 8 }}
+      {{- end }}
+      {{- if .roles }}
+      roles:
+{{- toYaml .roles | nindent 8 }}
+      {{- end }}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-server/role.yaml

@@ -1,14 +1,14 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: argocd-server
+  name: {{ template "argo-cd.server.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
+    app.kubernetes.io/component: {{ .Values.server.name }}
 rules:
 - apiGroups:
   - ""
@@ -42,4 +42,4 @@ rules:
   - events
   verbs:
   - create
-  - list
+  - list

charts/argo-cd/templates/argocd-server/rolebinding.yaml

@@ -1,18 +1,19 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: argocd-application-controller
+  name: {{ template "argo-cd.server.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
+    app.kubernetes.io/component: {{ .Values.server.name }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: argocd-application-controller
+  name: {{ template "argo-cd.server.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: argocd-application-controller
+  name: {{ template "argo-cd.serverServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}

charts/argo-cd/templates/argocd-server/service.yaml

@@ -0,0 +1,31 @@
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.server.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.server.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.server.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
+spec:
+  type: {{ .Values.server.service.type }}
+  ports:
+  - name: http
+    protocol: TCP
+    port: {{ .Values.server.service.servicePortHttp }}
+    targetPort: {{ .Values.server.name }}
+  - name: https
+    protocol: TCP
+    port: {{ .Values.server.service.servicePortHttps }}
+    targetPort: {{ .Values.server.name }}
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}

charts/argo-cd/templates/argocd-server/serviceaccount.yaml

@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: argocd-server
+  name: {{ template "argo-cd.serverServiceAccountName" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
+    app.kubernetes.io/component: {{ .Values.server.name }}

charts/argo-cd/templates/argocd-server/servicemonitor.yaml

@@ -0,0 +1,33 @@
+{{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "argo-cd.server.fullname" . }}
+  {{- if .Values.server.metrics.serviceMonitor.namespace }}
+  namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }}
+  {{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.server.name }}
+{{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }}
+    {{- if .Values.server.metrics.serviceMonitor.additionalLabels }}
+{{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: metrics
+      interval: 30s
+      path: /metrics
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: {{ .Release.Name }}
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics
+      app.kubernetes.io/component: {{ .Values.server.name }}
+{{- end }}

charts/argo-cd/templates/argocd-ssh-known-hosts-cm.yaml

@@ -1,19 +0,0 @@
-apiVersion: v1
-data:
-  ssh_known_hosts: |
-    bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
-    github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
-    gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=
-    gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf
-    gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
-    ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
-    vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
-kind: ConfigMap
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-  name: argocd-ssh-known-hosts-cm

charts/argo-cd/templates/argocd-tls-certs-cm.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-data: null
-kind: ConfigMap
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-  name: argocd-tls-certs-cm

charts/argo-cd/templates/dex/deployment.yaml

@@ -0,0 +1,76 @@
+{{- if .Values.dex.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.dex.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.dex.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+        app.kubernetes.io/component: {{ .Values.dex.name }}
+    spec:
+      initContainers:
+      - name: copyutil
+        image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }}
+        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.pullPolicy }}
+        command:
+        - cp
+        - /usr/local/bin/argocd-util
+        - /shared
+        volumeMounts:
+        - mountPath: /shared
+          name: static-files
+      containers:
+      - name: {{ .Values.dex.name }}
+        image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
+        imagePullPolicy: {{ .Values.dex.image.pullPolicy }}
+        command:
+        - /shared/argocd-util
+        - rundex
+        ports:
+        - name: http
+          containerPort: {{ .Values.dex.containerPortHttp }}
+          protocol: TCP
+        - name: grpc
+          containerPort: {{ .Values.dex.containerPortGrpc }}
+          protocol: TCP
+{{- if .Values.dex.volumeMounts }}
+        volumeMounts:
+{{- toYaml .Values.dex.volumeMounts | nindent 10 }}
+{{- end }}
+        resources:
+{{- toYaml .Values.dex.resources | nindent 10 }}
+    {{- if .Values.dex.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.dex.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.dex.tolerations }}
+      tolerations:
+{{- toYaml .Values.dex.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.dex.affinity }}
+      affinity:
+{{- toYaml .Values.dex.affinity | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
+{{- if .Values.dex.volumes }}
+      volumes:
+{{- toYaml .Values.dex.volumes | nindent 8}}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/dex/role.yaml

@@ -1,14 +1,15 @@
+{{- if .Values.dex.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: argocd-dex-server
+  name: {{ template "argo-cd.dex.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: dex-server
+    app.kubernetes.io/component: {{ .Values.dex.name }}
 rules:
 - apiGroups:
   - ""
@@ -18,4 +19,5 @@ rules:
   verbs:
   - get
   - list
-  - watch
+  - watch
+{{- end }}

charts/argo-cd/templates/dex/rolebinding.yaml

@@ -1,19 +1,21 @@
+{{- if .Values.dex.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: argocd-server
+  name: {{ template "argo-cd.dex.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
+    app.kubernetes.io/component: {{ .Values.dex.name }}
-
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: argocd-server
+  name: {{ template "argo-cd.dex.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: argocd-server
+  name: {{ template "argo-cd.dexServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end }}

charts/argo-cd/templates/dex/service.yaml

@@ -0,0 +1,26 @@
+{{- if .Values.dex.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "argo-cd.dex.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.dex.name }}
+spec:
+  ports:
+  - name: http
+    protocol: TCP
+    port: {{ .Values.dex.servicePortHttp }}
+    targetPort: http
+  - name: grpc
+    protocol: TCP
+    port: {{ .Values.dex.servicePortGrpc }}
+    targetPort: grpc
+  selector:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}

charts/argo-cd/templates/dex/serviceaccount.yaml

@@ -0,0 +1,13 @@
+{{- if .Values.dex.enabled }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "argo-cd.dexServiceAccountName" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.dex.name }}
+{{- end }}

charts/argo-cd/templates/redis/deployment.yaml

@@ -0,0 +1,61 @@
+{{- if .Values.redis.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.redis.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/component: {{ .Values.redis.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+        app.kubernetes.io/component: {{ .Values.redis.name }}
+    spec:
+      automountServiceAccountToken: false
+      containers:
+      - name: {{ template "argo-cd.redis.fullname" . }}
+        args:
+        - --save
+        - ""
+        - --appendonly
+        - "no"
+        image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
+        imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}}
+        ports:
+        - containerPort: {{ .Values.redis.containerPort }}
+{{- if .Values.redis.volumeMounts }}
+        volumeMounts:
+{{- toYaml .Values.redis.volumeMounts | nindent 10 }}
+{{- end }}
+        resources:
+{{- toYaml .Values.redis.resources | nindent 10 }}
+    {{- if .Values.redis.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.redis.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.redis.tolerations }}
+      tolerations:
+{{- toYaml .Values.redis.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.redis.affinity }}
+      affinity:
+{{- toYaml .Values.redis.affinity | nindent 8 }}
+    {{- end }}
+{{- if .Values.redis.volumes }}
+      volumes:
+{{- toYaml .Values.redis.volumes | nindent 8}}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/redis/service.yaml

@@ -1,17 +1,19 @@
+{{- if .Values.redis.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
-  name: argocd-redis
+  name: {{ template "argo-cd.redis.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: redis
+    app.kubernetes.io/component: {{ .Values.redis.name }}
 spec:
   ports:
   - port: {{ .Values.redis.servicePort }}
     targetPort: {{ .Values.redis.servicePort }}
   selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
+{{- end }}

charts/argo-cd/values.yaml

@@ -1,198 +1,526 @@
-applicationController:
+## ArgoCD configuration
-  containerPort: 8082
+## Ref: https://github.com/argoproj/argo-cd
-  servicePort: 8082
+##
-  image:
+nameOverride: argocd
-    repository: argoproj/argocd
-    tag: v1.2.4
-    pullPolicy: Always
-  volumeMounts: []
-  volumes: []
 
-server:
+global:
-  containerPort: 8080
-  metricsPort: 8083
-  servicePortHttp: 80
-  servicePortHttps: 443
-  serviceAnnotations: {}
   image:
     repository: argoproj/argocd
     tag: v1.2.4
-    pullPolicy: Always
+    imagePullPolicy: IfNotPresent
-  serviceType: ClusterIP
+
+## Controller
+controller:
+  name: application-controller
+
+  image: {}
+  #  repository: argoproj/argocd
+  #  tag: v1.2.1
+  #  imagePullPolicy: IfNotPresent
+
+  ## Argo controller commandline flags
+  args:
+    statusProcessors: "20"
+    operationProcessors: "10"
+
+  ## Argo controller log level
+  logLevel: info
+
+  ## Additional command line arguments to pass to argocd-controller
   extraArgs: []
-  volumeMounts: []
-  # - name: ssh-known-hosts
-  #   mountPath: /app/config/ssh
-  volumes: []
-  # - name: ssh-known-hosts
-  #   configMap:
-  #     name: argocd-ssh-known-hosts-cm
-  annotations: {}
 
-repoServer:
+  ## Annotations to be added to controller pods
-  containerPort: 8081
+  ##
-  servicePort: 8081
+  podAnnotations: {}
-  image:
+
-    repository: argoproj/argocd
+  ## Labels to be added to controller pods
-    tag: v1.2.4
+  ##
-    pullPolicy: Always
+  podLabels: {}
-  volumeMounts: []
+
-  volumes: []
+  ## Configures the controller port
-  #   - name: custom-tools
+  containerPort: 8082
-  #     emptyDir: {}
+
-  initContainers: []
+  ## Readiness and liveness probes for default backend
-  # - name: download-tools
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
-  #   image: alpine:3.8
+  ##
-  #   command: [sh, -c]
+  readinessProbe:
-  #   args:
+    failureThreshold: 3
-  #   - wget -qO- https://storage.googleapis.com/kubernetes-helm/helm-v2.12.3-linux-amd64.tar.gz | tar -xvzf - &&
+    initialDelaySeconds: 10
-  #     mv linux-amd64/helm /custom-tools/
+    periodSeconds: 10
-  #   volumeMounts:
+    successThreshold: 1
-  #   - mountPath: /custom-tools
+    timeoutSeconds: 1
-  #     name: custom-tools
+  livenessProbe:
-  imagePullSecrets: []
+    failureThreshold: 3
-  # - name: docker-auth-secret
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+
+  ## Additional volumeMounts to the controller main container.
+  volumeMounts: []
+
+  ## Additional volumes to the controller pod.
+  volumes: []
+
+  ## Controller service configuration
+  service:
+    annotations: {}
+    labels: {}
+    port: 8082
+
+  ## Node selectors and tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  nodeSelector: {}
+  tolerations: {}
+  affinity: {}
+
+  priorityClassName: ""
+
+  resources: {}
+  #  limits:
+  #    cpu: 500m
+  #    memory: 512Mi
+  #  requests:
+  #    cpu: 250m
+  #    memory: 256Mi
+
+  serviceAccount:
+    create: true
+    name: argocd-application-controller
+
+  ## Server metrics controller configuration
+  metrics:
+    enabled: false
+    service:
+      annotations: {}
+      labels: {}
+      servicePort: 8082
+    serviceMonitor:
+      enabled: false
+    #   selector:
+    #     prometheus: kube-prometheus
+    #   namespace: monitoring
+    #   additionalLabels: {}
+
+  ## Enable Admin ClusterRole resources.
+  ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster.
+  clusterAdminAccess:
+    enabled: true
+
+## Dex
+dex:
+  enabled: true
+  name: dex-server
 
-dexServer:
-  containerPortHttp: 5556
-  containerPortGrpc: 5557
-  servicePortHttp: 5556
-  servicePortGrpc: 5557
   image:
     repository: quay.io/dexidp/dex
-    tag: v2.19.0
+    tag: v2.14.0
-    pullPolicy: Always
+    imagePullPolicy: IfNotPresent
-  initImage:
+  initImage: {}
-    repository: argoproj/argocd
-    tag: v1.2.4
-    pullPolicy: Always
-  volumeMounts: []
-  volumes: []
 
-# terminate tls at ArgoCD level
+  serviceAccount:
-ingress:
+    create: true
-  enabled: false
+    name: argocd-dex-server
-  annotations:
-    {}
-    # kubernetes.io/ingress.class: nginx
-    # nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
-    # nginx.ingress.kubernetes.io/ssl-passthrough: "true"
-  path: /
-  additionalHosts: []
-  tls:
-    # Secrets must be manually created in the namespace.
-    # - secretName: chart-example-tls
-    #   hosts:
-    #     - chart-example.local
 
-certificate:
+  ## Additional volumeMounts to the controller main container.
-  enabled: false
+  volumeMounts:
-  issuer:
+    - name: static-files
-    kind: # ClusterIssuer
+      mountPath: /shared
-    name: # letsencrypt
 
-clusterAdminAccess:
+  ## Additional volumes to the controller pod.
-  enabled: true
+  volumes:
+    - name: static-files
+      emptyDir: {}
 
-config:
+  ## Dex deployment container ports
-  createSecret: true
+  containerPortHttp: 5556
-  enableAnonymousAccess: false
+  servicePortHttp: 5556
-  resourceExclusions:
+  containerPortGrpc: 5557
-    # - apiGroups:
+  servicePortGrpc: 5557
-    #   - "*"
-    #   kinds:
-    #   - "*"
-    #   clusters:
-    #   - https://192.168.0.20
-  helmRepositories:
-    # - name: privateRepo
-    #   url: http://chartmuseum.privatecloud.com
-    #   usernameSecret:
-    #     name: private-chartmuseum
-    #     key: username
-    #   passwordSecret:
-    #     name: private-chartmuseum
-    #     key: password
-    # - name: incubator
-    #   url: https://kubernetes-charts-incubator.storage.googleapis.com/
-  repositories:
-    # - url: git@gitlab.com:usersprivategroup/users-gitops-config.git
-    #   sshPrivateKeySecret:
-    #     key: privateKey
-    #     name: argocd-dev-key
-    # - url: git@gitlab.com:accountingprivategroup/accounting-gitops-config.git
-    #   sshPrivateKeySecret:
-    #     key: privateKey
-    #     name: argocd-dev-key
-  dexConfig:
-    #   # Argo CD's externally facing base URL. Required for configuring SSO
-    #   # url: https://argo-cd-demo.argoproj.io
-    #
-    #   # A dex connector configuration. See documentation on how to configure SSO:
-    #   # https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/sso.md#2-configure-argo-cd-for-sso
-    # connectors:
-    #   # GitHub example
-    #   - type: github
-    #     id: github
-    #     name: GitHub
-    #     config:
-    #       clientID: aabbccddeeff00112233
-    #       clientSecret: $dex.github.clientSecret
-    #       orgs:
-    #       - name: your-github-org
-    #         teams:
-  url: # https://argocd.example.com/
-  oidcConfig:
-    # name: Okta
-    # issuer: https://dev-123456.oktapreview.com
-    # clientID: aaaabbbbccccddddeee
-    # clientSecret: $oidc.okta.clientSecret
-  # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook
-  # events. To enable webhooks, configure one or more of the following keys with the shared git
-  # provider webhook secret. The payload URL configured in the git provider should use the
-  # /api/webhook endpoint of your Argo CD instance (e.g. https://argocd.example.com/api/webhook)
-  webhook:
-    githubSecret:
-    gitlabSecret:
-    bitbucketSecret:
-  resourceCustomizations:
-  #   certmanager.k8s.io/Certificate:
-  #     health.lua: |
-  #       hs = {}
-  #       ...
-  #       return hs
-  configManagementPlugins:
-    # - name: pluginName
-    #   init:                          # Optional command to initialize application source directory
-    #     command: ["sample command"]
-    #     args: ["sample args"]
-    #   generate:                      # Command to generate manifests YAML
-    #     command: ["sample command"]
-    #     args: ["sample args"]
 
-rbac:
+  ## Node selectors and tolerations for server scheduling to nodes with taints
-  #   # An RBAC policy .csv file containing additional policy and role definitions.
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-  #   # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md on how to write RBAC policies.
+  ##
-  #   policy.csv: |
+  nodeSelector: {}
-  #     # Give all members of "my-org:team-alpha" the ability to sync apps in "my-project"
+  tolerations: {}
-  #     p, my-org:team-alpha, applications, sync, my-project/*, allow
+  affinity: {}
-  #     # Make all members of "my-org:team-beta" admins
-  #     g, my-org:team-beta, role:admin
-  policyCsv: #|
-  #   p, role:org-admin, applications, *, */*, allow
-  #   p, role:org-admin, clusters, get, *, allow
-  #   p, role:org-admin, repositories, get, *, allow
-  #   p, role:org-admin, repositories, create, *, allow
-  #   p, role:org-admin, repositories, update, *, allow
-  #   p, role:org-admin, repositories, delete, *, allow
-  #   g, your-github-org:your-team, role:org-admin
-  policyDefault: #role:readonly
-  scopes: #[groups]
 
+  priorityClassName: ""
+
+  resources: {}
+  #  limits:
+  #    cpu: 50m
+  #    memory: 64Mi
+  #  requests:
+  #    cpu: 10m
+  #    memory: 32Mi
+
+## Redis
 redis:
+  enabled: false
+  name: redis
+
   image:
     repository: redis
     tag: 5.0.3
-    pullPolicy: Always
+    imagePullPolicy: IfNotPresent
+
   containerPort: 6379
   servicePort: 6379
+
+  ## Node selectors and tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  nodeSelector: {}
+  tolerations: {}
+  affinity: {}
+
+  priorityClassName: ""
+
+  resources: {}
+  #  limits:
+  #    cpu: 200m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 100m
+  #    memory: 64Mi
+
+## Server
+server:
+  name: server
+
+  image: {}
+  #  repository: argoproj/argocd
+  #  tag: v1.2.1
+  #  imagePullPolicy: IfNotPresent
+
+  ## Additional command line arguments to pass to argocd-server
+  # extraArgs: []
+  #   - insecure
+  extraArgs: []
+
+  ## Argo server log level
+  logLevel: info
+
+  ## Annotations to be added to controller pods
+  ##
+  podAnnotations: {}
+
+  ## Labels to be added to controller pods
+  ##
+  podLabels: {}
+
+  ## Configures the server port
+  containerPort: 8080
+
+  ## Readiness and liveness probes for default backend
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
+  ##
+  readinessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+  livenessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+
+  ## Additional volumeMounts to the server main container.
+  volumeMounts: []
+
+  ## Additional volumes to the controller pod.
+  volumes: []
+
+  ## Node selectors and tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  nodeSelector: {}
+  tolerations: {}
+  affinity: {}
+
+  priorityClassName: ""
+
+  resources: {}
+  #  limits:
+  #    cpu: 100m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 50m
+  #    memory: 64Mi
+
+  ## Certificate configuration
+  certificate:
+    enabled: false
+    domain: argocd.example.com
+    issuer: {}
+    additionalHosts: []
+
+  ## Server service configuration
+  service:
+    annotations: {}
+    labels: {}
+    type: ClusterIP
+    servicePortHttp: 80
+    servicePortHttps: 443
+
+  ## Server metrics service configuration
+  metrics:
+    enabled: false
+    service:
+      annotations: {}
+      labels: {}
+      servicePort: 8083
+    serviceMonitor:
+      enabled: false
+    #   selector:
+    #     prometheus: kube-prometheus
+    #   namespace: monitoring
+    #   additionalLabels: {}
+
+  serviceAccount:
+    create: true
+    name: argocd-server
+
+  ingress:
+    enabled: false
+    annotations: {}
+    labels: {}
+
+    ## Argo Ingress.
+    ## Hostnames must be provided if Ingress is enabled.
+    ## Secrets must be manually created in the namespace
+    ##
+    hosts: []
+      # - argocd.example.com
+    paths:
+    - /
+    tls: []
+      # - secretName: argocd-example-tls
+      #   hosts:
+      #     - argocd.example.com
+
+  ## ArgoCD config
+  ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml
+  config:
+    # Argo CD's externally facing base URL (optional). Required when configuring SSO
+    url: https://argocd.example.com
+    # Argo CD instance label key
+    application.instanceLabelKey: argocd.argoproj.io/instance
+
+  ## ArgoCD rbac config
+  ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md
+  rbacConfig:
+    # policy.csv is an file containing user-defined RBAC policies and role definitions (optional).
+    # Policy rules are in the form:
+    #   p, subject, resource, action, object, effect
+    # Role definitions and bindings are in the form:
+    #   g, subject, inherited-subject
+    # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information.
+    policy.csv: |
+      # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project'
+      p, my-org:team-alpha, applications, sync, my-project/*, allow
+      # Grant all members of 'my-org:team-beta' admins
+      g, my-org:team-beta, role:admin
+    # policy.default is the name of the default role which Argo CD will falls back to, when
+    # authorizing API requests (optional). If omitted or empty, users may be still be able to login,
+    # but will see no apps, projects, etc...
+    policy.default: role:readonly
+
+    # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope).
+    # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings.
+    scopes: '[cognito:groups, email]'
+
+  ## Not well tested and not well supported on release v1.0.0.
+  ## Applications
+  ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/
+  additionalApplications: []
+  # - name: guestbook
+  #   namespace: argocd
+  #   additionalLabels: {}
+  #   additionalAnnotations: {}
+  #   project: guestbook
+  #   source:
+  #     repoURL: https://github.com/argoproj/argocd-example-apps.git
+  #     targetRevision: HEAD
+  #     path: guestbook
+  #     directory:
+  #       recurse: true
+  #  destination:
+  #     server: https://kubernetes.default.svc
+  #     namespace: guestbook
+  #   syncPolicy:
+  #     automated:
+  #       prune: false
+  #      selfHeal: false
+
+  ## Projects
+  ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/
+  additionalProjects: []
+  # - name: guestbook
+  #   namespace: argocd
+  #   additionalLabels: {}
+  #   additionalAnnotations: {}
+  #   description: Example Project
+  #   sourceRepos:
+  #   - '*'
+  #   destinations:
+  #   - namespace: guestbook
+  #     server: https://kubernetes.default.svc
+  #   clusterResourceWhitelist: []
+  #   namespaceResourceBlacklist:
+  #   - group: ''
+  #     kind: ResourceQuota
+  #   - group: ''
+  #     kind: LimitRange
+  #   - group: ''
+  #     kind: NetworkPolicy
+  #     orphanedResources: {}
+  #     roles: []
+  #   orphanedResources: {}
+  #   roles: []
+
+## Repo Server
+repoServer:
+  name: repo-server
+
+  image: {}
+  #  repository: argoproj/argocd
+  #  tag: v1.2.1
+  #  imagePullPolicy: IfNotPresent
+
+  ## Additional command line arguments to pass to argocd-repo-server
+  ##
+  extraArgs: []
+
+  ## Argo repoServer log level
+  logLevel: info
+
+  ## Annotations to be added to repo server pods
+  ##
+  podAnnotations: {}
+
+  ## Labels to be added to repo server pods
+  ##
+  podLabels: {}
+
+  ## Configures the repo server port
+  containerPort: 8081
+
+  ## Readiness and liveness probes for default backend
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
+  ##
+  readinessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+  livenessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+
+  ## Additional volumeMounts to the repo server main container.
+  volumeMounts: []
+
+  ## Additional volumes to the repo server pod.
+  volumes: []
+
+  ## Node selectors and tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  nodeSelector: {}
+  tolerations: {}
+  affinity: {}
+
+  priorityClassName: ""
+
+  resources: {}
+  #  limits:
+  #    cpu: 50m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 10m
+  #    memory: 64Mi
+
+  ## Repo server service configuration
+  service:
+    annotations: {}
+    labels: {}
+    port: 8081
+
+  ## Repo server metrics service configuration
+  metrics:
+    enabled: false
+    service:
+      annotations: {}
+      labels: {}
+      servicePort: 8084
+    serviceMonitor:
+      enabled: false
+    #   selector:
+    #     prometheus: kube-prometheus
+    #   namespace: monitoring
+    #   additionalLabels: {}
+
+## Argo Configs
+configs:
+  knownHosts:
+    data:
+      ssh_known_hosts: |
+        bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
+        github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
+        gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=
+        gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf
+        gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
+        ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
+        vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
+  tlsCerts: {}
+    # data:
+    #   argocd.example.com: |
+    #     -----BEGIN CERTIFICATE-----
+    #     MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL
+    #     BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE
+    #     BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0
+    #     c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda
+    #     Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT
+    #     YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES
+    #     MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi
+    #     MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5
+    #     NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc
+    #     CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u
+    #     P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G
+    #     ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+
+    #     YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E
+    #     Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko
+    #     Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J
+    #     kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u
+    #     kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO
+    #     gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7
+    #     bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86
+    #     r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/
+    #     BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn
+    #     Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx
+    #     CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2
+    #     XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT
+    #     +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr
+    #     d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO
+    #     OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so
+    #     6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr
+    #     jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8
+    #     9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W
+    #     +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK
+    #     XWyb96wrUlv+E8I=
+    #     -----END CERTIFICATE-----
+  secret:
+    createSecret: true
+    githubSecret: ""
+    gitlabSecret: ""
+    bitbucketSecret: ""