diff --git a/charts/argo-applicationset/.helmignore b/charts/argo-applicationset/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/argo-applicationset/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/argo-applicationset/Chart.yaml b/charts/argo-applicationset/Chart.yaml new file mode 100644 index 00000000..6973c1c1 --- /dev/null +++ b/charts/argo-applicationset/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +name: argocd-applicationset +description: A Helm chart for installing ArgoCD ApplicationSet +type: application +version: 0.1.0 +appVersion: "v0.1.0-prerelease" +home: https://github.com/argoproj/argo-helm +icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +keywords: + - argoproj + - appset + - gitops +maintainers: + - name: maruina diff --git a/charts/argo-applicationset/README.md b/charts/argo-applicationset/README.md new file mode 100644 index 00000000..5cc51a1a --- /dev/null +++ b/charts/argo-applicationset/README.md @@ -0,0 +1,60 @@ +# Argo CD ApplicationSet Chart + +A Helm chart for Argo CD ApplicationSet, a controller to programmatically generate Argo CD Application. + +Source code can be found [here](https://github.com/argoproj-labs/applicationset/) + +## Additional Information + +This is a **community maintained** chart. This chart installs the [applicationset](https://github.com/argoproj-labs/applicationset) controller. + +This chart currently installs the non-HA version of Argo CD ApplicationSet. + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install --name my-release argo/argo-applicationset +NAME: my-release +... +``` + +### Helm v3 Compatibility + +Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks. + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | +| args.metricsAddr | int | `8080` | The default metric address | +| args.probeBindAddr | int | `8081` | The default health check port | +| args.enableLeaderElection | bool | `false` | The default leader election setting | +| args.namespace | string | `argocd` | The default Argo CD repo namespace | +| args.argocdRepoServer | string | `argocd-repo-server:8081` | The default Argo CD repo server address | +| args.policy | string | `sync` | How application is synced between the generator and the cluster | +| args.debug | bool | `false` | Print debug logs | +| args.dryRun | bool | `false` | Enable dry run mode | +| fullnameOverride | string | `""` | Override the default fully qualified app name | +| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| installCRDs | bool | `true` | Install Custom Resource Definition | +| nameOverride | string | `""` | Provide a name in place of `argo-applicationset` | +| nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | +| podAnnotations | object | `{}` | Annotations for the controller pods | +| podSecurityContext | object | `{}` | Pod Security Context | +| rbac.pspEnabled | bool | `true` | Enable Pod Security Policy | +| replicaCount | int | `1` | The number of controller pods to run | +| resources | object | `{}` | Resource limits and requests for the controller pods. | +| securityContext | object | `{}` | Security Context | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | diff --git a/charts/argo-applicationset/crds/crd-applicationset.yaml b/charts/argo-applicationset/crds/crd-applicationset.yaml new file mode 100644 index 00000000..734ce34a --- /dev/null +++ b/charts/argo-applicationset/crds/crd-applicationset.yaml @@ -0,0 +1,1740 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.3.0 + name: applicationsets.argoproj.io +spec: + group: argoproj.io + names: + kind: ApplicationSet + listKind: ApplicationSetList + plural: applicationsets + singular: applicationset + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ApplicationSet is a set of Application resources + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ApplicationSetSpec represents a class of application set + state. + properties: + generators: + items: + description: ApplicationSetGenerator include list item info + properties: + clusters: + description: ClusterGenerator defines a generator to match against + clusters registered with ArgoCD. + properties: + selector: + description: Selector defines a label selector to match + against all clusters registered with ArgoCD. Clusters + today are stored as Kubernetes Secrets, thus the Secret + labels will be used for matching the selector. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination overrides the kubernetes + server and namespace defined in the environment + ksonnet app.yaml + properties: + name: + description: Name of the destination cluster + which can be used instead of server (url) + field + type: string + namespace: + description: Namespace overrides the environment + namespace value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment + server value in the ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences controls resources + fields which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Infos contains a list of useful information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a application project name. + Empty name means that application belongs to 'default' + project. + type: string + revisionHistoryLimit: + description: This limits this number of items kept + in the apps revision history. This should only + be changed in exceptional circumstances. Setting + to zero will store no history. This will reduce + storage used. Increasing will increase the space + used to store the history, so we do not recommend + increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + ksonnet application definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + type: string + jsonnet: + description: ApplicationSourceJsonnet holds + jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter to a helm template + properties: + name: + description: Name is the name of the + helm parameter + type: string + path: + description: Path is the path value + for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to + the helm template + items: + description: HelmParameter is a parameter + to a helm template + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + helm parameter + type: string + value: + description: Value is the value for + the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted + it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations adds additional + kustomize commonAnnotations + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional + kustomize commonLabels + type: object + images: + description: Images are kustomize image + overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize + version + type: string + type: object + path: + description: Path is a directory path within + the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of + the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, + tag, or branch in which to sync the application + to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will + be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune will prune resources + automatically as part of automated sync + (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal enables auto-syncing + if (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts when retrying a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + description: Values contains key/value pairs which are passed + directly as parameters to the template + type: object + type: object + git: + properties: + directories: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination overrides the kubernetes + server and namespace defined in the environment + ksonnet app.yaml + properties: + name: + description: Name of the destination cluster + which can be used instead of server (url) + field + type: string + namespace: + description: Namespace overrides the environment + namespace value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment + server value in the ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences controls resources + fields which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Infos contains a list of useful information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a application project name. + Empty name means that application belongs to 'default' + project. + type: string + revisionHistoryLimit: + description: This limits this number of items kept + in the apps revision history. This should only + be changed in exceptional circumstances. Setting + to zero will store no history. This will reduce + storage used. Increasing will increase the space + used to store the history, so we do not recommend + increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + ksonnet application definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + type: string + jsonnet: + description: ApplicationSourceJsonnet holds + jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter to a helm template + properties: + name: + description: Name is the name of the + helm parameter + type: string + path: + description: Path is the path value + for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to + the helm template + items: + description: HelmParameter is a parameter + to a helm template + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + helm parameter + type: string + value: + description: Value is the value for + the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted + it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations adds additional + kustomize commonAnnotations + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional + kustomize commonLabels + type: object + images: + description: Images are kustomize image + overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize + version + type: string + type: object + path: + description: Path is a directory path within + the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of + the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, + tag, or branch in which to sync the application + to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will + be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune will prune resources + automatically as part of automated sync + (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal enables auto-syncing + if (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts when retrying a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + description: ListGenerator include items info + properties: + elements: + items: + description: ListGeneratorElement include cluster and + url info + properties: + cluster: + type: string + url: + type: string + values: + additionalProperties: + type: string + description: Values contains key/value pairs which + are passed directly as parameters to the template + type: object + required: + - cluster + - url + type: object + type: array + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination overrides the kubernetes + server and namespace defined in the environment + ksonnet app.yaml + properties: + name: + description: Name of the destination cluster + which can be used instead of server (url) + field + type: string + namespace: + description: Namespace overrides the environment + namespace value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment + server value in the ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences controls resources + fields which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Infos contains a list of useful information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a application project name. + Empty name means that application belongs to 'default' + project. + type: string + revisionHistoryLimit: + description: This limits this number of items kept + in the apps revision history. This should only + be changed in exceptional circumstances. Setting + to zero will store no history. This will reduce + storage used. Increasing will increase the space + used to store the history, so we do not recommend + increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + ksonnet application definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + type: string + jsonnet: + description: ApplicationSourceJsonnet holds + jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter to a helm template + properties: + name: + description: Name is the name of the + helm parameter + type: string + path: + description: Path is the path value + for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to + the helm template + items: + description: HelmParameter is a parameter + to a helm template + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + helm parameter + type: string + value: + description: Value is the value for + the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted + it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations adds additional + kustomize commonAnnotations + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional + kustomize commonLabels + type: object + images: + description: Images are kustomize image + overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize + version + type: string + type: object + path: + description: Path is a directory path within + the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of + the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, + tag, or branch in which to sync the application + to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will + be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune will prune resources + automatically as part of automated sync + (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal enables auto-syncing + if (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts when retrying a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + type: object + type: array + syncPolicy: + description: ApplicationSetSyncPolicy configures how generated Applications + will relate to their ApplicationSet. + properties: + skipPrune: + description: SkipPrune will disable the default behavior which + will delete Applications that are no longer being generated + for the ApplicationSet which created them, or the ApplicationSet + itself is deleted. If SkipPrune is set to true, these Applications + will be orphaned but continue to exist. + type: boolean + type: object + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the Argo CD + application fields that may be used for Applications generated + from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application state. + Contains link to repository with application definition and + additional parameters link definition revision. + properties: + destination: + description: Destination overrides the kubernetes server and + namespace defined in the environment ksonnet app.yaml + properties: + name: + description: Name of the destination cluster which can + be used instead of server (url) field + type: string + namespace: + description: Namespace overrides the environment namespace + value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment server value + in the ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences controls resources fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains resource + filter and list of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Infos contains a list of useful information (URLs, + email addresses, and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a application project name. Empty + name means that application belongs to 'default' project. + type: string + revisionHistoryLimit: + description: This limits this number of items kept in the + apps revision history. This should only be changed in exceptional + circumstances. Setting to zero will store no history. This + will reduce storage used. Increasing will increase the space + used to store the history, so we do not recommend increasing + it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location ksonnet + application definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + type: string + jsonnet: + description: ApplicationSourceJsonnet holds jsonnet + specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + to a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the + helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to the helm + template + items: + description: HelmParameter is a parameter to a helm + template + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm + parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted it + will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically defined + as a block + type: string + version: + description: Version is the Helm version to use for + templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet component + parameter override values + items: + description: KsonnetParameter is a ksonnet component + parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations adds additional kustomize + commonAnnotations + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional kustomize + commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for kustomize apps + type: string + version: + description: Version contains optional Kustomize version + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config management + plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of the application + manifests + type: string + targetRevision: + description: TargetRevision defines the commit, tag, or + branch in which to sync the application to. If omitted, + will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will be performed + properties: + automated: + description: Automated will keep an application synced + to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have zero live + resources (default: false)' + type: boolean + prune: + description: 'Prune will prune resources automatically + as part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal enables auto-syncing if (default: + false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. + Default unit is seconds, but could also be a + duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the + base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount + of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts + when retrying a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - generators + - template + type: object + status: + description: ApplicationSetStatus defines the observed state of ApplicationSet + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/argo-applicationset/templates/_helpers.tpl b/charts/argo-applicationset/templates/_helpers.tpl new file mode 100644 index 00000000..4d0e98b5 --- /dev/null +++ b/charts/argo-applicationset/templates/_helpers.tpl @@ -0,0 +1,65 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "argo-applicationset.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "argo-applicationset.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "argo-applicationset.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "argo-applicationset.labels" -}} +helm.sh/chart: {{ include "argo-applicationset.chart" . }} +{{ include "argo-applicationset.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/name: {{ include "argo-applicationset.name" . }} +app.kubernetes.io/part-of: argo-cd-applicationset +app.kubernetes.io/component: controller +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "argo-applicationset.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argo-applicationset.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "argo-applicationset.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "argo-applicationset.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/argo-applicationset/templates/crds.yaml b/charts/argo-applicationset/templates/crds.yaml new file mode 100644 index 00000000..45ab72d4 --- /dev/null +++ b/charts/argo-applicationset/templates/crds.yaml @@ -0,0 +1,6 @@ +{{- if .Values.installCRDs }} +{{- range $path, $_ := .Files.Glob "crds/*.yaml" }} +{{ $.Files.Get $path }} +--- +{{- end }} +{{- end }} diff --git a/charts/argo-applicationset/templates/deployment.yaml b/charts/argo-applicationset/templates/deployment.yaml new file mode 100644 index 00000000..10ebe70f --- /dev/null +++ b/charts/argo-applicationset/templates/deployment.yaml @@ -0,0 +1,63 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "argo-applicationset.fullname" . }} + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "argo-applicationset.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "argo-applicationset.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argo-applicationset.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + command: + - applicationset-controller + - --metrics-addr={{ .Values.args.metricsAddr }} + - --probe-addr={{ .Values.args.probeBindAddr }} + {{- if or (gt ( .Values.replicaCount | int64) 1) .Values.args.enableLeaderElection }} + - --enable-leader-election=true + {{- end }} + - --namespace={{ .Values.args.namespace }} + - --argocd-repo-server={{ .Values.args.argocdRepoServer }} + - --policy={{ .Values.args.policy }} + - --debug={{ .Values.args.debug }} + - --dry-run={{ .Values.args.dryRun }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ (split ":" .Values.args.probeBindAddr)._1 }} + protocol: TCP + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-applicationset/templates/psp.yaml b/charts/argo-applicationset/templates/psp.yaml new file mode 100644 index 00000000..dbb75854 --- /dev/null +++ b/charts/argo-applicationset/templates/psp.yaml @@ -0,0 +1,57 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "argo-applicationset.fullname" . }} + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*' +spec: + privileged: false + hostIPC: false + hostNetwork: false + hostPID: false + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + allowedCapabilities: + - '*' + fsGroup: + rule: RunAsAny + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - '*' +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "argo-applicationset.fullname" . }}-psp + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} +rules: + - apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "argo-applicationset.fullname" . }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-applicationset.fullname" . }}-psp + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "argo-applicationset.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ template "argo-applicationset.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-applicationset/templates/rbac.yaml b/charts/argo-applicationset/templates/rbac.yaml new file mode 100644 index 00000000..8610a2f3 --- /dev/null +++ b/charts/argo-applicationset/templates/rbac.yaml @@ -0,0 +1,89 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "argo-applicationset.fullname" . }} + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} +rules: + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + - applicationsets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - applicationsets/status + verbs: + - get + - patch + - update + - apiGroups: + - '' + resources: + - events + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - '' + resources: + - configmaps/status + verbs: + - get + - update + - patch + - apiGroups: + - '' + resources: + - events + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "argo-applicationset.fullname" . }} + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "argo-applicationset.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "argo-applicationset.serviceAccountName" . }} diff --git a/charts/argo-applicationset/templates/serviceaccount.yaml b/charts/argo-applicationset/templates/serviceaccount.yaml new file mode 100644 index 00000000..1e3c2eaa --- /dev/null +++ b/charts/argo-applicationset/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "argo-applicationset.serviceAccountName" . }} + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-applicationset/values.yaml b/charts/argo-applicationset/values.yaml new file mode 100644 index 00000000..9a69f216 --- /dev/null +++ b/charts/argo-applicationset/values.yaml @@ -0,0 +1,72 @@ +# Default values for argo-applicationset. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +installCRDs: true + +image: + # The image repository + repository: quay.io/argocdapplicationset/argocd-applicationset + # Image pull policy + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +args: + metricsAddr: :8080 + probeBindAddr: :8081 + enableLeaderElection: false + namespace: argocd + argocdRepoServer: argocd-repo-server:8081 + policy: sync + debug: false + dryRun: false + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +rbac: + pspEnabled: true + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {}