From 1e3a4afd0583a4c35dba2b8783f9fded82667dfc Mon Sep 17 00:00:00 2001 From: Thomas O'Neill Date: Tue, 20 Jul 2021 07:40:54 -0400 Subject: [PATCH 1/6] feat(argo-cd): Support AWS ALB Ingress with gRPC (#806) * Support AWS ALB Ingress with GRPC Signed-off-by: Thomas O'Neill Signed-off-by: Thomas O'Neill * Bump chart version Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Use single if statement Signed-off-by: Thomas O'Neill * Append -grpc to the service labels for ALB GRPC service Signed-off-by: Thomas O'Neill Co-authored-by: Thomas O'Neill Co-authored-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++-- charts/argo-cd/README.md | 21 ++++++++++++++++ .../argocd-server/alb-grpc-service.yaml | 24 +++++++++++++++++++ .../templates/argocd-server/ingress-grpc.yaml | 2 +- .../templates/argocd-server/ingress.yaml | 24 +++++++++++++++++++ charts/argo-cd/values.yaml | 1 + 6 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 60ff890e..71320643 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.9.0 +version: 3.10.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to create network policies" - - "[Changed]: Fix icon url" + - "[Added]: Support AWS ALB Ingress with gRPC" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bb929e93..05623c59 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -305,6 +305,7 @@ NAME: my-release | server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` | | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` | | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | +| server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.lifecycle | PostStart and PreStop hooks configuration | `{}` | @@ -429,3 +430,23 @@ through `xxx.extraArgs` | redis-ha.image.tag | Redis tag | `"6.2.1-alpine"` | [gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ + + +### Using AWS ALB Ingress Controller With GRPC +If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. + +Example: +```yaml +server: + ingress: + enabled: true + annotations: + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + alb.ingress.kubernetes.io/scheme: internal + alb.ingress.kubernetes.io/target-type: ip + ingressGrpc: + enabled: true + isAWSALB: true + +``` \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml new file mode 100644 index 00000000..018bca3e --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.server.ingressGrpc.enabled .Values.server.ingressGrpc.isAWSALB -}} +apiVersion: v1 +kind: Service +metadata: + annotations: + alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + labels: + {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} + name: {{ template "argo-cd.server.fullname" . }}-grpc +spec: + ports: + - name: {{ .Values.server.service.servicePortHttpName }} + protocol: TCP + port: {{ .Values.server.service.servicePortHttp }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + - name: {{ .Values.server.service.servicePortHttpsName }} + protocol: TCP + port: {{ .Values.server.service.servicePortHttps }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} + sessionAffinity: None + type: ClusterIP +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 1fb89979..6a90445e 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.ingressGrpc.enabled -}} +{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}} {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index aa7d49dc..576b94df 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -12,6 +12,10 @@ metadata: {{- range $key, $value := .Values.server.ingress.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} + alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | + [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] + {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} labels: @@ -35,6 +39,26 @@ spec: {{- toYaml $extraPaths | nindent 10 }} {{- end }} {{- range $p := $paths }} + {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} + - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: Prefix + {{- end }} + backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ template "argo-cd.server.fullname" $ }}-grpc + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc + servicePort: {{ $servicePort }} + {{- end }} + {{- end }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 452aba69..b4d5a954 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -601,6 +601,7 @@ server: # https://argoproj.github.io/argo-cd/operator-manual/ingress/ ingressGrpc: enabled: false + isAWSALB: false annotations: {} labels: {} ingressClassName: "" From 186fe34b872813cf290209fb093ba7b211c64173 Mon Sep 17 00:00:00 2001 From: Jakub Bielawski <60479855+kobejn-jb@users.noreply.github.com> Date: Tue, 20 Jul 2021 20:10:29 +0200 Subject: [PATCH 2/6] Fix controller Role/ClusterRole to work with InstanceID (#833) Bumped Chart version Add indednt in controller ConfigMap flow control Signed-off-by: Jakub Bielawski --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-cluster-roles.yaml | 10 ++++++++++ .../controller/workflow-controller-config-map.yaml | 6 +++--- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index d966c9f8..736b131d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.7 +version: 0.2.8 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Fixed]: Controller Role/ClusterRole to work with InstanceID" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 34340d14..72e97f45 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -121,8 +121,18 @@ rules: resources: - leases resourceNames: + {{- if .Values.controller.instanceID.enabled }} + {{- if .Values.controller.instanceID.useReleaseName }} + - workflow-controller-{{ .Release.Name }} + - workflow-controller-lease-{{ .Release.Name }} + {{- else }} + - workflow-controller-{{ .Values.controller.instanceID.explicitID }} + - workflow-controller-lease-{{ .Values.controller.instanceID.explicitID }} + {{- end }} + {{- else }} - workflow-controller - workflow-controller-lease + {{- end }} verbs: - get - watch diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index afddb194..dd2af42e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -7,11 +7,11 @@ metadata: data: config: | {{- if .Values.controller.instanceID.enabled }} - {{- if .Values.controller.instanceID.useReleaseName }} + {{- if .Values.controller.instanceID.useReleaseName }} instanceID: {{ .Release.Name }} - {{- else }} + {{- else }} instanceID: {{ .Values.controller.instanceID.explicitID }} - {{- end }} + {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} {{- if .Values.controller.parallelism }} From 37277315ce669a12e9a5a66ce03ab2a6e08eb184 Mon Sep 17 00:00:00 2001 From: Rein van 't Veer Date: Tue, 20 Jul 2021 20:18:26 +0200 Subject: [PATCH 3/6] feat(argo-workflows): Multiple workflow namespaces (#824) * allow workflow to be run in multiple namespaces, bump chart version Signed-off-by: reinvantveer * update helm install instructions Signed-off-by: reinvantveer * fix indents Signed-off-by: reinvantveer * add newlines Signed-off-by: reinvantveer * bump chart version Signed-off-by: reinvantveer * default to "argo" namespace for workflow service account Signed-off-by: reinvantveer * simplify setting service account, fix syntactical error in defaulting to "argo" namespace Signed-off-by: reinvantveer * Bump only the chart version, revert bumping the controller version: 3.0.8 does not exist yet as a workflow-controller image version Signed-off-by: reinvantveer * don't set a namespace if there isn't one provided Signed-off-by: reinvantveer * bump version Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces, add additional inline comments on rbac.create effect Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * dro now-redundant branch for controller.workflowNamespaces Signed-off-by: reinvantveer * use template helper "argo-workflows.fullname" instead of release name in order to be able to override the service account name Signed-off-by: reinvantveer * add missing "template" keyword Signed-off-by: reinvantveer * drop redundant $namespace assignment that was already moved inside the "range" function Signed-off-by: reinvantveer * replace "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * drop redundant $namespace assignment that was already moved inside the "range" function Signed-off-by: reinvantveer * inline "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * inline "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * add missing "$" to denote target for templating the workflows fullname helper Signed-off-by: reinvantveer * restore `with` blocks for service account name and service account annotations Signed-off-by: reinvantveer * drop validations: considering cases of `workflowNamespaces`, `namespace` and `singleNamespace` Signed-off-by: reinvantveer * include case for single namespaces with default ("") namespace, otherwise (ternary) combine the workflow namespace and workflowNamespaces from the controller settings into a list to iterate over Signed-off-by: reinvantveer * wrap namespace configuration in `with` block to prevent setting it to "" Signed-off-by: reinvantveer * fix append vs. concat bug: append workflowNamespace to (possibly 0-lenght) list of controller.workflowNamespaces Signed-off-by: reinvantveer * fix namespace range with additional check for either single namespace being false, or append to the workflow namespaces: the first non-null (coalesce) from the workflow namespace or the namespace Argo is being deployed to. Signed-off-by: reinvantveer * add changelog entries Signed-off-by: reinvantveer * unwrap (inline) with-block for service account name Signed-off-by: reinvantveer Co-authored-by: Vlad Losev --- CONTRIBUTING.md | 2 +- charts/argo-workflows/Chart.yaml | 6 ++- .../templates/controller/workflow-rb.yaml | 19 ++++----- .../templates/controller/workflow-role.yaml | 40 ++++++++++--------- .../templates/controller/workflow-sa.yaml | 13 +++--- charts/argo-workflows/values.yaml | 8 +++- 6 files changed, 51 insertions(+), 37 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 070b0981..3d6e1782 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -55,7 +55,7 @@ annotations: Minimally: ``` -helm install charts/argo -n argo +helm install charts/argo-workflows -n argo argo version ``` diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 736b131d..70b9bf10 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.8 +version: 0.2.9 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,6 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Controller Role/ClusterRole to work with InstanceID" + - "[Changed]: Service accounts, roles and role bindings can now be auto-created for each workflow controller namespace" + - "[Fixed]: The contributer testing guidelines were updated to reflect the chart name change from 'argo' to + 'argo-workflows'" diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 9b27c045..004d40d0 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,19 +1,20 @@ {{- if .Values.workflow.rbac.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-workflows.fullname" . }}-workflow - {{- with .Values.workflow.namespace }} - namespace: {{ . }} - {{- end }} + name: {{ template "argo-workflows.fullname" $ }}-workflow + namespace: {{ $namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-workflows.fullname" . }}-workflow + name: {{ template "argo-workflows.fullname" $ }}-workflow subjects: -- kind: ServiceAccount - name: {{ .Values.workflow.serviceAccount.name }} - {{- with .Values.workflow.namespace }} - namespace: {{ . }} + - kind: ServiceAccount + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index bf8b3cff..4ca10e8e 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,25 +1,29 @@ {{- if .Values.workflow.rbac.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ template "argo-workflows.fullname" . }}-workflow - {{- with .Values.workflow.namespace }} + name: {{ template "argo-workflows.fullname" $ }}-workflow + {{- with $namespace }} namespace: {{ . }} - {{- end }} + {{- end }} rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - watch - - patch -- apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - patch + - apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - watch + {{- end }} + {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index dc84f2b1..2ea64771 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,13 +1,16 @@ {{- if .Values.workflow.serviceAccount.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.workflow.serviceAccount.name }} - {{- with .Values.workflow.namespace }} + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} namespace: {{ . }} - {{- end }} - {{- with .Values.workflow.serviceAccount.annotations }} + {{- end }} + {{- with $.Values.workflow.serviceAccount.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 864c9931..ebd7fc92 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -29,13 +29,15 @@ kubeVersionOverride: "" singleNamespace: false workflow: - namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. + namespace: # Deprecated, for backwards compatibility: specify a single namespace to run workflows in serviceAccount: create: false # Specifies whether a service account should be created annotations: {} name: "argo-workflow" # Service account which is used to run workflows rbac: - create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows + # Adds Role and RoleBinding for the above specified service account to be able to run workflows + # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) + create: true controller: image: @@ -109,6 +111,8 @@ controller: # Annotations applied to created service account annotations: {} name: workflow-controller + # Specify all namespaces to run worksflows need to be able to run in. This controls where the service + # account and RBAC resources will be created. If unspecified, will run in the default namespace. workflowNamespaces: - default containerRuntimeExecutor: docker From e393ef1ba2017973fc52208abcc5243e52b2443d Mon Sep 17 00:00:00 2001 From: Zadkiel Date: Tue, 20 Jul 2021 20:24:41 +0200 Subject: [PATCH 4/6] fix(argo-workflows): remove old default init service account (#834) * fix(argo-workflows): remove old default init service account Signed-off-by: GitHub * fix(argo-workflows): remove init.serviceAccount from README Signed-off-by: GitHub * chore(argo-workflows): update changelog Signed-off-by: GitHub * chore(argo-workflows): bump chart to 0.2.8 Signed-off-by: GitHub Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 6 ++---- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 5 ----- 3 files changed, 3 insertions(+), 10 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 70b9bf10..a342b248 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.9 +version: 0.2.10 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,6 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Service accounts, roles and role bindings can now be auto-created for each workflow controller namespace" - - "[Fixed]: The contributer testing guidelines were updated to reflect the chart name change from 'argo' to - 'argo-workflows'" + - "[Fixed]: Removed init.serviceAccount unused fields" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 7e1c9dd7..e25a3840 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -10,7 +10,7 @@ This chart uses an install hook to configure the CRD definition. Installation of A few options are: -- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute +- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions ## Usage Notes diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index ebd7fc92..68f6f459 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -5,11 +5,6 @@ images: pullSecrets: [] # - name: argo-pull-secret -init: - # By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is - # being deployed to. In RBAC clusters, that will almost certainly fail. See the NOTES: section of the readme for more info. - serviceAccount: "" - createAggregateRoles: true ## String to partially override "argo-workflows.fullname" template From 4e739561c0e2e9807e297905313710f95790522a Mon Sep 17 00:00:00 2001 From: kostas-theo <43744618+kostas-theo@users.noreply.github.com> Date: Tue, 20 Jul 2021 23:51:02 +0200 Subject: [PATCH 5/6] fix: pod status pending issue (#837) Signed-off-by: kostas-theo Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/crds/argoproj.io_workflows.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a342b248..60d4305d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.10 +version: 0.2.11 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Removed init.serviceAccount unused fields" + - "[Fixed]: Pods stuck in pending phase due to workflow update timeouts." diff --git a/charts/argo-workflows/crds/argoproj.io_workflows.yaml b/charts/argo-workflows/crds/argoproj.io_workflows.yaml index f3751e18..59d2fc3b 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflows.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workflows.yaml @@ -36,9 +36,11 @@ spec: spec: type: object x-kubernetes-preserve-unknown-fields: true + x-kubernetes-map-type: atomic status: type: object x-kubernetes-preserve-unknown-fields: true + x-kubernetes-map-type: atomic required: - metadata - spec From 3ca4a4eca08b7a35aa1e9ce9ad92dcb8cdf76fa3 Mon Sep 17 00:00:00 2001 From: Niels ten Boom Date: Wed, 21 Jul 2021 18:02:03 +0200 Subject: [PATCH 6/6] docs: Rename argocd references to argoworkflows in workflow chart (#842) * rename argocd to argoworkflows Signed-off-by: Niels ten Boom * bump patch version Signed-off-by: Niels ten Boom * bump patch version Signed-off-by: Niels ten Boom Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/values.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 60d4305d..768d2266 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.11 +version: 0.2.12 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Pods stuck in pending phase due to workflow update timeouts." + - "[Changed]: Argo workflows values file no longer has examples referencing ArgoCD" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 68f6f459..50085773 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -278,7 +278,7 @@ server: ## hosts: [] - # - argocd.example.com + # - argoworkflows.example.com paths: - / extraPaths: @@ -297,9 +297,9 @@ server: # name: use-annotation tls: [] - # - secretName: argocd-example-tls + # - secretName: argoworkflows-example-tls # hosts: - # - argocd.example.com + # - argoworkflows.example.com https: false clusterWorkflowTemplates: