DevFW-CICD/argocd-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(argo-cd): Finalize update to argocd 2.1.0 (#884)

Browse source 
Signed-off-by: Emanuel Oliveira <emanuelolive@grupoboticario.com.br>

Co-authored-by: Mateus Miranda <mateus.miranda@sumup.com>
Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
This commit is contained in:
Emanuel Oliveira 2021-08-26 10:42:47 -03:00 committed by GitHub
parent 8e11387e7d
commit 31803c05d6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 138 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
charts/argo-cd/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
appVersion: 2.1.0
description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 3.16.0
version: 3.17.0
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-cd/assets/logo.png
keywords:
@ -21,5 +21,6 @@ dependencies:
condition: redis-ha.enabled
annotations:
artifacthub.io/changes: |
- "[Added]: Service monitor relabelings and metricsRelabelings"
- "[Fixed]: Service monitor interval configuration for all components"
- "[Changed]: Sync CRDs of ArgoCD v2.1.0"
- "[Added]: Enable use of separated secret just for repositories"
- "[Deprecated]: configs.repositoryCredentials is deprecated now. Instead, use configs.credentialTemplates and/or configs.repositories"

4
charts/argo-cd/README.md
View file

@ -167,6 +167,9 @@ NAME: my-release
| configs.secret.createSecret | Create the argocd-secret. | `true` |
| configs.secret.githubSecret | GitHub incoming webhook secret | `""` |
| configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` |
| configs.repositoryCredentials | DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories. | `{}` |
| configs.credentialTemplates | Repository credentials to be used as Templates for other repos. | `{}` |
| configs.repositories | Repositories list to be used by applications. | `{}` |
| configs.tlsCertsAnnotations | TLS certificate configmap annotations | `{}` |
| configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) |
| configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` |
@ -301,6 +304,7 @@ NAME: my-release
| server.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` |
| server.configAnnotations | ArgoCD configuration configmap annotations | `{}` |
| server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) |
| server.config.repositories | [DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories.](https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour) | See [values.yaml](values.yaml) |
| server.containerPort | Server container port. | `8080` |
| server.extraArgs | Additional arguments for the server. A list of flags. | `[]` |
| server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` |

41
charts/argo-cd/crds/crd-application.yaml
View file

@ -267,6 +267,12 @@ spec:
type: string
description: CommonLabels is a list of additional labels to add to rendered manifests
type: object
forceCommonAnnotations:
description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps
type: boolean
forceCommonLabels:
description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps
type: boolean
images:
description: Images is a list of Kustomize image override specifications
items:
@ -365,6 +371,10 @@ spec:
properties:
group:
type: string
jqPathExpressions:
items:
type: string
type: array
jsonPointers:
items:
type: string
@ -376,7 +386,6 @@ spec:
namespace:
type: string
required:
- jsonPointers
- kind
type: object
type: array
@ -543,6 +552,12 @@ spec:
type: string
description: CommonLabels is a list of additional labels to add to rendered manifests
type: object
forceCommonAnnotations:
description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps
type: boolean
forceCommonLabels:
description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps
type: boolean
images:
description: Images is a list of Kustomize image override specifications
items:
@ -838,6 +853,12 @@ spec:
type: string
description: CommonLabels is a list of additional labels to add to rendered manifests
type: object
forceCommonAnnotations:
description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps
type: boolean
forceCommonLabels:
description: ForceCommonLabels specifies whether toforce applying common labels to resources for Kustomizeapps
type: boolean
images:
description: Images is a list of Kustomize image override specifications
items:
@ -1134,6 +1155,12 @@ spec:
type: string
description: CommonLabels is a list of additional labels to add to rendered manifests
type: object
forceCommonAnnotations:
description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps
type: boolean
forceCommonLabels:
description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps
type: boolean
images:
description: Images is a list of Kustomize image override specifications
items:
@ -1412,6 +1439,12 @@ spec:
type: string
description: CommonLabels is a list of additional labels to add to rendered manifests
type: object
forceCommonAnnotations:
description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps
type: boolean
forceCommonLabels:
description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps
type: boolean
images:
description: Images is a list of Kustomize image override specifications
items:
@ -1687,6 +1720,12 @@ spec:
type: string
description: CommonLabels is a list of additional labels to add to rendered manifests
type: object
forceCommonAnnotations:
description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps
type: boolean
forceCommonLabels:
description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps
type: boolean
images:
description: Images is a list of Kustomize image override specifications
items:

6
charts/argo-cd/templates/NOTES.txt
View file

@ -1,3 +1,9 @@
{{- if or .Values.configs.repositoryCredentials .Values.server.config.repositories }}
WARNING: You are using configs.repositoryCredentials and/or server.config.repositories parameter that are DEPRECATED
Instead, use configs.repositoryTemplates and/or configs.repositories parameters
Read More about here: https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour
{{- end}}
In order to access the server UI you have the following options:
1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443

7
charts/argo-cd/templates/argocd-application-controller/deployment.yaml
View file

@ -48,6 +48,8 @@ spec:
- {{ .Values.controller.args.selfHealTimeout | quote }}
- --repo-server
- {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
- --repo-server-timeout-seconds
- {{ .Values.controller.args.repoServerTimeoutSeconds | quote }}
- --logformat
- {{ .Values.controller.logFormat }}
- --loglevel
@ -93,7 +95,10 @@ spec:
timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.controller.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }}
workingDir: /home/argocd
volumeMounts:
- name: argocd-home
mountPath: /home/argocd
- mountPath: /app/config/controller/tls
name: argocd-repo-server-tls
{{- with .Values.controller.volumeMounts }}
@ -119,6 +124,8 @@ spec:
{{ toYaml . | indent 6 }}
{{- end }}
volumes:
- emptyDir: {}
name: argocd-home
- name: argocd-repo-server-tls
secret:
items:

2
charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml → charts/argo-cd/templates/argocd-configs/repository-credentials-secret-legacy.yaml
View file

@ -10,4 +10,4 @@ data:
{{- range $key, $value := .Values.configs.repositoryCredentials }}
{{ $key }}: {{ $value | b64enc }}
{{- end }}
{{- end }}
{{- end }}

14
charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml Normal file
View file

@ -0,0 +1,14 @@
{{- range $repo_cred_key, $repo_cred_value := .Values.configs.credentialTemplates }}
---
apiVersion: v1
kind: Secret
metadata:
name: argocd-repo-creds-{{ $repo_cred_key }}
labels:
argocd.argoproj.io/secret-type: repo-creds
{{- include "argo-cd.labels" (dict "context" .) | nindent 4 }}
data:
{{- range $key, $value := $repo_cred_value }}
{{ $key }}: {{ $value | toString | b64enc }}
{{- end }}
{{- end }}

14
charts/argo-cd/templates/argocd-configs/repository-secret.yaml Normal file
View file

@ -0,0 +1,14 @@
{{- range $repo_key, $repo_value := .Values.configs.repositories }}
---
apiVersion: v1
kind: Secret
metadata:
name: argocd-repo-{{ $repo_key }}
labels:
argocd.argoproj.io/secret-type: repository
{{- include "argo-cd.labels" (dict "context" .) | nindent 4 }}
data:
{{- range $key, $value := $repo_value }}
{{ $key }}: {{ $value | b64enc }}
{{- end }}
{{- end }}

70
charts/argo-cd/values.yaml
View file

@ -61,6 +61,7 @@ controller:
operationProcessors: "10"
appResyncPeriod: "180"
selfHealTimeout: "5"
repoServerTimeoutSeconds: "60"
## Argo controller log format: text|json
logFormat: text
@ -101,6 +102,7 @@ controller:
# drop:
# - all
# readOnlyRootFilesystem: true
# runAsNonRoot: true
## Configures the controller port
containerPort: 8082
@ -395,10 +397,8 @@ redis:
## Redis Pod specific security context
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
runAsNonRoot: true
runAsUser: 999
serviceAccount:
create: false
@ -696,6 +696,8 @@ server:
url: https://argocd.example.com
# Argo CD instance label key
application.instanceLabelKey: argocd.argoproj.io/instance
# DEPRECATED: Please instead use configs.credentialTemplates and configs.repositories
# repositories: |
# - url: git@github.com:group/repo.git
# sshPrivateKeySecret:
@ -707,6 +709,7 @@ server:
# - type: helm
# url: https://argoproj.github.io/argo-helm
# name: argo
# oidc.config: |
# name: AzureAD
# issuer: https://login.microsoftonline.com/TENANT_ID/v2.0
@ -1115,25 +1118,48 @@ configs:
# +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK
# XWyb96wrUlv+E8I=
# -----END CERTIFICATE-----
# Creates a secret with optional repository credentials
repositoryCredentials:
{}
# sample-ssh-key: |
# -----BEGIN RSA PRIVATE KEY-----
# MIICXAIBAAKBgQCcmiVJXGUvL8zqWmRRETbCKgFadtjJ9WDQpSwiZzMiktpYBo0N
# z0cThzGQfWqvdiJYEy72MrKCaSYssV3eHP5zTffk4VBDktNfdl1kgkOpqnh7tQO4
# nBONRLzcK6KEbKUsmiTbW8Jb4UFYDhyyyveby7y3vYePmaRQIrlEenVfKwIDAQAB
# AoGAbbg+WZjnt9jYzHWKhZX29LDzg8ty9oT6URT4yB3gIOAdJMFqQHuyg8cb/e0x
# O0AcrfK623oHwgEj4vpeFwnfaBdtM5GfH9zaj6pnXV7VZc3oBHrBnHUgFT3NEYUe
# tt6rtatIguBH61Aj/pyij9sOfF0xDj0s1nwFTbdHtZR/31kCQQDIwcVTqhKkDNW6
# cvdz+Wt3v9x1wNg+VhZhyA/pKILz3+qtn3GogLrQqhpVi+Y7tdvEv9FvgKaCjUp8
# 6Lfp6dDFAkEAx7HpQbXFdrtcveOi9kosKRDX1PT4zdhB08jAXGlV8jr0jkrZazVM
# hV5rVCuu35Vh6x1fiyGwwiVsqhgWE+KPLwJAWrDemasM/LsnmjDxhJy6ZcBwsWlK
# xu5Q8h9UwLmiXtVayNBsofh1bGpLtzWZ7oN7ImidDkgJ8JQvgDoJS0xrGQJBALPJ
# FkMFnrjtqGqBVkc8shNqyZY90v6oM2OzupO4dht2PpUZCDPAMZtlTWXjSjabbCPc
# NxexBk1UmkdtFftjHxsCQGjG+nhRYH92MsmrbvZyFzgxg9SIOu6xel7D3Dq9l5Le
# XG+bpHPF4SiCpAxthP5WNa17zuvk+CDsMZgZNuhYNMo=
# -----END RSA PRIVATE KEY-----
## # Creates a secret with optional repository credentials
## DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories
repositoryCredentials: {}
## Creates a secret for each key/value specified below to create repository credentials
credentialTemplates: {}
# github-enterprise-creds-1:
# url: https://github.com/argoproj
# githubAppID: 1
# githubAppInstallationID: 2
# githubAppEnterpriseBaseUrl: https://ghe.example.com/api/v3
# githubAppPrivateKey: |
# -----BEGIN OPENSSH PRIVATE KEY-----
# ...
# -----END OPENSSH PRIVATE KEY-----
# https-creds:
# url: https://github.com/argoproj
# password: my-password
# username: my-username
# ssh-creds:
# url: git@github.com:argoproj-labs
# sshPrivateKey: |
# -----BEGIN OPENSSH PRIVATE KEY-----
# ...
# -----END OPENSSH PRIVATE KEY-----
## Creates a secret for each key/value specified below to create repositories
## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials".
repositories: {}
# istio-helm-repo:
# url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts
# name: istio.io
# type: helm
# private-helm-repo:
# url: https://my-private-chart-repo.internal
# name: private-repo
# type: helm
# password: my-password
# username: my-username
# private-repo:
# url: https://github.com/argoproj/private-repo
secret:
createSecret: true
## Annotations to be added to argocd-secret