From 1d96f80dac56a6305bd263c6370ba3c38dadbaca Mon Sep 17 00:00:00 2001 From: Jesse Bye Date: Wed, 7 Apr 2021 08:42:39 -0700 Subject: [PATCH 01/24] fix(argo-cd): Fix breaking dex change in argocd 2.0 (#645) Co-authored-by: David J. M. Karlsen --- charts/argo-cd/Chart.lock | 6 ++++++ charts/argo-cd/Chart.yaml | 11 ++++++++--- charts/argo-cd/README.md | 4 ++++ charts/argo-cd/requirements.lock | 6 ------ charts/argo-cd/requirements.yaml | 5 ----- charts/argo-cd/templates/dex/deployment.yaml | 6 +++--- charts/argo-cd/values.yaml | 2 +- 7 files changed, 22 insertions(+), 18 deletions(-) create mode 100644 charts/argo-cd/Chart.lock delete mode 100644 charts/argo-cd/requirements.lock delete mode 100644 charts/argo-cd/requirements.yaml diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock new file mode 100644 index 00000000..646d7e56 --- /dev/null +++ b/charts/argo-cd/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: redis-ha + repository: https://dandydeveloper.github.io/charts/ + version: 4.10.1 +digest: sha256:e1e0526ad009ecc065df937b48c4e0e5877e5194242c7888b1dc4467775f2663 +generated: "2021-04-01T08:36:01.324672-07:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 408fda4f..2320a609 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ -apiVersion: v1 -appVersion: 1.8.4 +apiVersion: v2 +appVersion: 2.0.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.17.5 +version: 3.0.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -14,3 +14,8 @@ maintainers: - name: alexmt - name: jessesuen - name: seanson +dependencies: + - name: redis-ha + version: 4.10.1 + repository: https://dandydeveloper.github.io/charts/ + condition: redis-ha.enabled diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 75a57d67..22806038 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -14,6 +14,10 @@ This chart currently installs the non-HA version of ArgoCD. ## Upgrading +### 3.0.0 and above + +Helm apiVersion switched to `v2`. Requires Helm `3.0.0` or above to install. [Read More](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/) on how to migrate your release from Helm 2 to Helm 3. + ### 2.14.7 and above The `matchLabels` key in the ArgoCD Appliaction Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. diff --git a/charts/argo-cd/requirements.lock b/charts/argo-cd/requirements.lock deleted file mode 100644 index 45d95b5b..00000000 --- a/charts/argo-cd/requirements.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: redis-ha - repository: https://dandydeveloper.github.io/charts/ - version: 4.10.4 -digest: sha256:e36321520ffd6f91962b0bcfeae947a86983d6b6d273eb616f08425e2b8ab9c2 -generated: "2021-03-03T10:13:21.0955491+01:00" diff --git a/charts/argo-cd/requirements.yaml b/charts/argo-cd/requirements.yaml deleted file mode 100644 index fad20e4a..00000000 --- a/charts/argo-cd/requirements.yaml +++ /dev/null @@ -1,5 +0,0 @@ -dependencies: -- name: redis-ha - version: 4.10.4 - repository: https://dandydeveloper.github.io/charts/ - condition: redis-ha.enabled diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index cb40ba54..45a2e09e 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -44,8 +44,8 @@ spec: command: - cp - -n - - /usr/local/bin/argocd-util - - /shared + - /usr/local/bin/argocd + - /shared/argocd-dex volumeMounts: - mountPath: /shared name: static-files @@ -54,7 +54,7 @@ spec: image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} imagePullPolicy: {{ .Values.dex.image.imagePullPolicy }} command: - - /shared/argocd-util + - /shared/argocd-dex - rundex {{- if .Values.dex.containerSecurityContext }} securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2a6ce24f..a7e84181 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.8.4 + tag: v2.0.0 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 From b8f483fb731e9ce40cec5059954119d288686429 Mon Sep 17 00:00:00 2001 From: Anderson Silva Date: Wed, 7 Apr 2021 21:29:47 +0100 Subject: [PATCH 02/24] feat(argo-rollouts): Match autogenerated/tested CRDs in upstream argo-rollouts (#638) --- charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-rollouts/README.md | 3 +- .../templates/crds/analysis-run-crd.yaml | 546 +------------ .../templates/crds/analysis-template-crd.yaml | 536 +----------- .../crds/cluster-analysis-template-crd.yaml | 536 +----------- .../templates/crds/experiment-crd.yaml | 505 ++---------- .../templates/crds/rollout-crd.yaml | 764 ++---------------- charts/argo-rollouts/values.yaml | 5 +- 8 files changed, 256 insertions(+), 2641 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index e69e101c..bf8cd3b3 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.10.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.4.3 +version: 0.5.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 38bef6ea..6d2bef84 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -2,7 +2,7 @@ Argo Rollouts Chart ============= A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. -Current chart version is `0.4.0` +Current chart version is `0.5.0` Source code can be found [here](https://github.com/argoproj/argo-rollouts) @@ -42,6 +42,7 @@ $ helm install --name my-release argo/argo-rollouts | controller.metrics.serviceMonitor.enabled | bool | `false` | | | imagePullSecrets | list | `[]` | | | installCRDs | bool | `true` | | +| crdAnnotations | object | `{}` | | | podAnnotations | object | `{}` | | | podLabels | object | `{}` | | | serviceAccount.name | string | `"argo-rollouts"` | | diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index e2099790..0ddf3ca3 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,7 +3,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.0 + controller-gen.kubebuilder.io/version: v0.4.1 + {{- if .Values.crdAnnotations }} +{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- end }} name: analysisruns.argoproj.io spec: group: argoproj.io @@ -16,15 +19,12 @@ spec: singular: analysisrun scope: Namespaced versions: - - name: v1alpha1 - served: true - storage: true - additionalPrinterColumns: - - jsonPath: .status.phase - description: AnalysisRun status + - additionalPrinterColumns: + - description: AnalysisRun status + jsonPath: .status.phase name: Status type: string - subresources: {} + name: v1alpha1 schema: openAPIV3Schema: properties: @@ -723,11 +723,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -794,6 +799,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -1271,6 +1281,7 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort @@ -1342,6 +1353,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -1823,11 +1839,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1894,6 +1915,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -2233,503 +2259,12 @@ spec: - whenUnsatisfiable type: object type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - readOnly: - type: boolean - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array + x-kubernetes-preserve-unknown-fields: true required: - containers type: object @@ -2960,4 +2495,7 @@ spec: required: - spec type: object + served: true + storage: true + subresources: {} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index d7d4edd6..0854fc4c 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,7 +3,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.0 + controller-gen.kubebuilder.io/version: v0.4.1 + {{- if .Values.crdAnnotations }} +{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- end }} name: analysistemplates.argoproj.io spec: group: argoproj.io @@ -17,8 +20,6 @@ spec: scope: Namespaced versions: - name: v1alpha1 - served: true - storage: true schema: openAPIV3Schema: properties: @@ -717,11 +718,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -788,6 +794,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -1265,6 +1276,7 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort @@ -1336,6 +1348,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -1817,11 +1834,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1888,6 +1910,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -2227,503 +2254,12 @@ spec: - whenUnsatisfiable type: object type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - readOnly: - type: boolean - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array + x-kubernetes-preserve-unknown-fields: true required: - containers type: object @@ -2882,4 +2418,6 @@ spec: required: - spec type: object + served: true + storage: true {{- end }} diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 71cdde1d..dd9d89cd 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,7 +3,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.0 + controller-gen.kubebuilder.io/version: v0.4.1 + {{- if .Values.crdAnnotations }} +{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- end }} name: clusteranalysistemplates.argoproj.io spec: group: argoproj.io @@ -17,8 +20,6 @@ spec: scope: Cluster versions: - name: v1alpha1 - served: true - storage: true schema: openAPIV3Schema: properties: @@ -717,11 +718,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -788,6 +794,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -1265,6 +1276,7 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort @@ -1336,6 +1348,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -1817,11 +1834,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1888,6 +1910,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -2227,503 +2254,12 @@ spec: - whenUnsatisfiable type: object type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - readOnly: - type: boolean - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array + x-kubernetes-preserve-unknown-fields: true required: - containers type: object @@ -2882,4 +2418,6 @@ spec: required: - spec type: object + served: true + storage: true {{- end }} diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 492a0eea..6fec00ab 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,7 +3,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.0 + controller-gen.kubebuilder.io/version: v0.4.1 + {{- if .Values.crdAnnotations }} +{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- end }} name: experiments.argoproj.io spec: group: argoproj.io @@ -16,15 +19,12 @@ spec: singular: experiment scope: Namespaced versions: - - name: v1alpha1 - served: true - storage: true - subresources: {} - additionalPrinterColumns: - - jsonPath: .status.phase - description: Experiment status + - additionalPrinterColumns: + - description: Experiment status + jsonPath: .status.phase name: Status type: string + name: v1alpha1 schema: openAPIV3Schema: properties: @@ -684,11 +684,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -755,6 +760,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -796,6 +806,15 @@ spec: user: type: string type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object windowsOptions: properties: gmsaCredentialSpec: @@ -1223,6 +1242,7 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort @@ -1294,6 +1314,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -1335,6 +1360,15 @@ spec: user: type: string type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object windowsOptions: properties: gmsaCredentialSpec: @@ -1766,11 +1800,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1837,6 +1876,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -1878,6 +1922,15 @@ spec: user: type: string type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object windowsOptions: properties: gmsaCredentialSpec: @@ -2063,6 +2116,15 @@ spec: user: type: string type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object supplementalGroups: items: format: int64 @@ -2094,6 +2156,8 @@ spec: type: string serviceAccountName: type: string + setHostnameAsFQDN: + type: boolean shareProcessNamespace: type: boolean subdomain: @@ -2156,424 +2220,12 @@ spec: - whenUnsatisfiable type: object type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array + x-kubernetes-preserve-unknown-fields: true required: - containers type: object @@ -2680,4 +2332,7 @@ spec: required: - spec type: object + served: true + storage: true + subresources: {} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 21b5e671..01eaccac 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,7 +3,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.0 + controller-gen.kubebuilder.io/version: v0.4.1 + {{- if .Values.crdAnnotations }} +{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- end }} name: rollouts.argoproj.io spec: group: argoproj.io @@ -16,32 +19,24 @@ spec: singular: rollout scope: Namespaced versions: - - name: v1alpha1 - served: true - storage: true - additionalPrinterColumns: - - jsonPath: .spec.replicas - description: Number of desired pods + - additionalPrinterColumns: + - description: Number of desired pods + jsonPath: .spec.replicas name: Desired type: integer - - jsonPath: .status.replicas - description: Total number of non-terminated pods targeted by this rollout + - description: Total number of non-terminated pods targeted by this rollout + jsonPath: .status.replicas name: Current type: integer - - jsonPath: .status.updatedReplicas - description: Total number of non-terminated pods targeted by this rollout that have the desired template spec + - description: Total number of non-terminated pods targeted by this rollout that have the desired template spec + jsonPath: .status.updatedReplicas name: Up-to-date type: integer - - jsonPath: .status.availableReplicas - description: Total number of available pods (ready for at least minReadySeconds) targeted by this rollout + - description: Total number of available pods (ready for at least minReadySeconds) targeted by this rollout + jsonPath: .status.availableReplicas name: Available type: integer - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.HPAReplicas - status: {} + name: v1alpha1 schema: openAPIV3Schema: properties: @@ -158,10 +153,6 @@ spec: - name type: object type: array - clusterScope: - type: boolean - templateName: - type: string templates: items: properties: @@ -197,10 +188,6 @@ spec: - name type: object type: array - clusterScope: - type: boolean - templateName: - type: string templates: items: properties: @@ -263,13 +250,9 @@ spec: - name type: object type: array - clusterScope: - type: boolean startingStep: format: int32 type: integer - templateName: - type: string templates: items: properties: @@ -357,10 +340,6 @@ spec: - name type: object type: array - clusterScope: - type: boolean - templateName: - type: string templates: items: properties: @@ -1122,11 +1101,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1193,6 +1177,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -1670,6 +1659,7 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort @@ -1741,6 +1731,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -2222,11 +2217,16 @@ spec: name: type: string protocol: + default: TCP type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -2293,6 +2293,11 @@ spec: type: integer type: object resources: + properties: + limits: + x-kubernetes-preserve-unknown-fields: true + requests: + x-kubernetes-preserve-unknown-fields: true type: object securityContext: properties: @@ -2632,670 +2637,12 @@ spec: - whenUnsatisfiable type: object type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - readOnly: - type: boolean - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array + x-kubernetes-preserve-unknown-fields: true required: - containers type: object @@ -3321,8 +2668,6 @@ spec: properties: activeSelector: type: string - postPromotionAnalysisRun: - type: string postPromotionAnalysisRunStatus: properties: message: @@ -3335,8 +2680,6 @@ spec: - name - status type: object - prePromotionAnalysisRun: - type: string prePromotionAnalysisRunStatus: properties: message: @@ -3351,18 +2694,11 @@ spec: type: object previewSelector: type: string - previousActiveSelector: - type: string - scaleDownDelayStartTime: - format: date-time - type: string scaleUpPreviewCheckPoint: type: boolean type: object canary: properties: - currentBackgroundAnalysisRun: - type: string currentBackgroundAnalysisRunStatus: properties: message: @@ -3377,8 +2713,6 @@ spec: type: object currentExperiment: type: string - currentStepAnalysisRun: - type: string currentStepAnalysisRunStatus: properties: message: @@ -3467,4 +2801,12 @@ spec: required: - spec type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.HPAReplicas + status: {} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 4e11b693..a3200728 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -30,10 +30,13 @@ controller: additionalLabels: {} additionalAnnotations: {} - serviceAccount: name: argo-rollouts +## Annotations to be added to all CRDs +## +crdAnnotations: {} + ## Annotations to be added to the Rollout pods ## podAnnotations: {} From 4b9c2817115ff40de74f231cc3c8202809897db9 Mon Sep 17 00:00:00 2001 From: Matteo Ruina Date: Tue, 13 Apr 2021 14:59:29 +0200 Subject: [PATCH 03/24] fix(argo-applicationset): Fix deployment issue with AppSet v0.1.0 (#650) * fix: Add supports for private repos configured using SSH Signed-off-by: Matteo Ruina * fix(argo-applicationset): Allow to select with volumes to mount Signed-off-by: Matteo Ruina * Fix RBAC rules Signed-off-by: Matteo Ruina * Fix linting issue Signed-off-by: Matteo Ruina * Fix chart version Signed-off-by: Matteo Ruina Co-authored-by: Jonathan West --- charts/argo-applicationset/Chart.yaml | 4 +- charts/argo-applicationset/README.md | 4 + .../templates/deployment.yaml | 37 +++++++++ .../argo-applicationset/templates/rbac.yaml | 81 ++++++++----------- charts/argo-applicationset/values.yaml | 5 ++ 5 files changed, 81 insertions(+), 50 deletions(-) diff --git a/charts/argo-applicationset/Chart.yaml b/charts/argo-applicationset/Chart.yaml index 6973c1c1..19f9e7fd 100644 --- a/charts/argo-applicationset/Chart.yaml +++ b/charts/argo-applicationset/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.0 -appVersion: "v0.1.0-prerelease" +version: 0.1.1 +appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-applicationset/README.md b/charts/argo-applicationset/README.md index 5cc51a1a..efebc869 100644 --- a/charts/argo-applicationset/README.md +++ b/charts/argo-applicationset/README.md @@ -46,6 +46,10 @@ Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | | installCRDs | bool | `true` | Install Custom Resource Definition | +| mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume | +| mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume | +| mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | +| mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` | | nameOverride | string | `""` | Provide a name in place of `argo-applicationset` | | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | | podAnnotations | object | `{}` | Annotations for the controller pods | diff --git a/charts/argo-applicationset/templates/deployment.yaml b/charts/argo-applicationset/templates/deployment.yaml index 10ebe70f..d2cd345c 100644 --- a/charts/argo-applicationset/templates/deployment.yaml +++ b/charts/argo-applicationset/templates/deployment.yaml @@ -49,6 +49,43 @@ spec: protocol: TCP resources: {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + {{- if .Values.mountSSHKnownHostsVolume }} + - mountPath: /app/config/ssh + name: ssh-known-hosts + {{- end }} + {{- if .Values.mountTLSCertsVolume }} + - mountPath: /app/config/tls + name: tls-certs + {{- end }} + {{- if .Values.mountGPGKeysVolume }} + - mountPath: /app/config/gpg/source + name: gpg-keys + {{- end }} + {{- if .Values.mountGPGKeyringVolume }} + - mountPath: /app/config/gpg/keys + name: gpg-keyring + {{- end }} + volumes: + {{- if .Values.mountSSHKnownHostsVolume }} + - configMap: + name: argocd-ssh-known-hosts-cm + name: ssh-known-hosts + {{- end }} + {{- if .Values.mountTLSCertsVolume }} + - configMap: + name: argocd-tls-certs-cm + name: tls-certs + {{- end }} + {{- if .Values.mountGPGKeysVolume }} + - configMap: + name: argocd-gpg-keys-cm + name: gpg-keys + {{- end }} + {{- if .Values.mountGPGKeyringVolume }} + - emptyDir: {} + name: gpg-keyring + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-applicationset/templates/rbac.yaml b/charts/argo-applicationset/templates/rbac.yaml index 8610a2f3..a70179ea 100644 --- a/charts/argo-applicationset/templates/rbac.yaml +++ b/charts/argo-applicationset/templates/rbac.yaml @@ -6,73 +6,58 @@ metadata: {{- include "argo-applicationset.labels" . | nindent 4 }} rules: - apiGroups: - - argoproj.io + - argoproj.io resources: - - applications - - applicationsets - - applicationsets/finalizers + - applications + - appprojects + - applicationsets + - applicationsets/finalizers verbs: - - create - - delete - - get - - list - - patch - - update - - watch + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - - argoproj.io + - argoproj.io resources: - - applicationsets/status + - applicationsets/status verbs: - - get - - patch - - update + - get + - patch + - update - apiGroups: - - '' + - "" resources: - - events + - events verbs: - - create - - delete - - get - - list - - patch - - update - - watch + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - - '' - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - '' + - "" resources: + - secrets - configmaps verbs: - get - list - watch - - create - - update - - patch - - delete - apiGroups: - - '' + - apps + - extensions resources: - - configmaps/status + - deployments verbs: - get - - update - - patch - - apiGroups: - - '' - resources: - - events - verbs: - - create + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/charts/argo-applicationset/values.yaml b/charts/argo-applicationset/values.yaml index 9a69f216..f7be897d 100644 --- a/charts/argo-applicationset/values.yaml +++ b/charts/argo-applicationset/values.yaml @@ -70,3 +70,8 @@ nodeSelector: {} tolerations: [] affinity: {} + +mountSSHKnownHostsVolume: true +mountTLSCertsVolume: true +mountGPGKeysVolume: false +mountGPGKeyringVolume: true From 84120e6da3f451a375a9be7fe2e72ba02e063703 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 14 Apr 2021 03:10:04 +0200 Subject: [PATCH 04/24] feat(argo-cd): Add ability to handle cluster credentials (#632) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-cd): Add ability to handle cluster credentials Signed-off-by: Marco Kilchhofer * Apply review changes Co-authored-by: Oliver Bähler Signed-off-by: Marco Kilchhofer * fix: use stringData in cluster secret Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler Co-authored-by: Spencer Gilbert --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 1 + .../argocd-configs/cluster-secrets.yaml | 23 +++++++++++++++++++ charts/argo-cd/values.yaml | 23 +++++++++++++++++++ 4 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2320a609..d115b875 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.0.0 +version: 3.1.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 22806038..d94003d7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -80,6 +80,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | installCRDs | Install CRDs if you are using Helm2. | `true` | +| configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | | configs.secret.annotations | Annotations for argocd-secret | `{}` | diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml new file mode 100644 index 00000000..a4190768 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -0,0 +1,23 @@ +{{- range .Values.configs.clusterCredentials }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} + labels: + {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} + argocd.argoproj.io/secret-type: cluster + {{- with .annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +type: Opaque +stringData: + name: {{ required "A valid .Values.configs.clusterCredentials[].name entry is required!" .name }} + server: {{ required "A valid .Values.configs.clusterCredentials[].server entry is required!" .server }} + {{- with .namespaces }} + namespaces: {{ . }} + {{- end }} + config: | + {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toPrettyJson | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a7e84181..1b7c2682 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -872,6 +872,29 @@ repoServer: ## Argo Configs configs: + ## External Cluster Credentials + ## reference: + ## - https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters + ## - https://argoproj.github.io/argo-cd/operator-manual/security/#external-cluster-credentials + clusterCredentials: [] + # - name: mycluster + # server: https://mycluster.com + # annotations: {} + # config: + # bearerToken: "" + # tlsClientConfig: + # insecure: false + # caData: "" + # - name: mycluster2 + # server: https://mycluster2.com + # annotations: {} + # namespaces: namespace1,namespace2 + # config: + # bearerToken: "" + # tlsClientConfig: + # insecure: false + # caData: "" + knownHostsAnnotations: {} knownHosts: data: From f007e1a9c3e1246a1d052e31aff9e4a7e41c2dd8 Mon Sep 17 00:00:00 2001 From: Matteo Ruina Date: Wed, 14 Apr 2021 21:06:45 +0200 Subject: [PATCH 05/24] fix(argo-applicationset): Fix leader election rbac (#674) * fix(argo-applicationset): Fix leader election rbac * fix(argo-applicationset): Add tests * Use defaults volume mount flags Signed-off-by: Matteo Ruina --- charts/argo-applicationset/Chart.yaml | 2 +- charts/argo-applicationset/README.md | 11 +++ .../ci/default-values.yaml | 77 +++++++++++++++++++ .../ci/leader-election-values.yaml | 6 ++ .../argo-applicationset/templates/rbac.yaml | 25 +++++- 5 files changed, 119 insertions(+), 2 deletions(-) create mode 100644 charts/argo-applicationset/ci/default-values.yaml create mode 100644 charts/argo-applicationset/ci/leader-election-values.yaml diff --git a/charts/argo-applicationset/Chart.yaml b/charts/argo-applicationset/Chart.yaml index 19f9e7fd..c467c3c6 100644 --- a/charts/argo-applicationset/Chart.yaml +++ b/charts/argo-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.1 +version: 0.1.2 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png diff --git a/charts/argo-applicationset/README.md b/charts/argo-applicationset/README.md index efebc869..316bd8ce 100644 --- a/charts/argo-applicationset/README.md +++ b/charts/argo-applicationset/README.md @@ -27,6 +27,17 @@ NAME: my-release Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks. +### Testing + +Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing). + +```console +kind create cluster +kubectl create namespace argocd +kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml +ct install --namespace argocd +``` + ## Values | Key | Type | Default | Description | diff --git a/charts/argo-applicationset/ci/default-values.yaml b/charts/argo-applicationset/ci/default-values.yaml new file mode 100644 index 00000000..eb1b7aae --- /dev/null +++ b/charts/argo-applicationset/ci/default-values.yaml @@ -0,0 +1,77 @@ +# Default values for argo-applicationset. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +installCRDs: false # this needs to be false with ct + +image: + # The image repository + repository: quay.io/argocdapplicationset/argocd-applicationset + # Image pull policy + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +args: + metricsAddr: :8080 + probeBindAddr: :8081 + enableLeaderElection: false + namespace: argocd + argocdRepoServer: argocd-repo-server:8081 + policy: sync + debug: false + dryRun: false + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +rbac: + pspEnabled: true + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +mountSSHKnownHostsVolume: true +mountTLSCertsVolume: true +mountGPGKeysVolume: false +mountGPGKeyringVolume: true diff --git a/charts/argo-applicationset/ci/leader-election-values.yaml b/charts/argo-applicationset/ci/leader-election-values.yaml new file mode 100644 index 00000000..e7201ac1 --- /dev/null +++ b/charts/argo-applicationset/ci/leader-election-values.yaml @@ -0,0 +1,6 @@ +args: + enableLeaderElection: true + +replicaCount: 3 + +installCRDs: false diff --git a/charts/argo-applicationset/templates/rbac.yaml b/charts/argo-applicationset/templates/rbac.yaml index a70179ea..1181e3d2 100644 --- a/charts/argo-applicationset/templates/rbac.yaml +++ b/charts/argo-applicationset/templates/rbac.yaml @@ -44,11 +44,22 @@ rules: - "" resources: - secrets - - configmaps verbs: - get - list - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - apps - extensions @@ -58,6 +69,18 @@ rules: - get - list - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding From 49211390fd8db0e4c903a63a2f1fcc23780510e6 Mon Sep 17 00:00:00 2001 From: Scott Cabrinha Date: Wed, 14 Apr 2021 14:08:01 -0700 Subject: [PATCH 06/24] fix: Update redis-ha helm chart to 4.10.4 (#676) Signed-off-by: Scott Cabrinha --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 646d7e56..497aa297 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.10.1 -digest: sha256:e1e0526ad009ecc065df937b48c4e0e5877e5194242c7888b1dc4467775f2663 -generated: "2021-04-01T08:36:01.324672-07:00" + version: 4.10.4 +digest: sha256:e36321520ffd6f91962b0bcfeae947a86983d6b6d273eb616f08425e2b8ab9c2 +generated: "2021-04-14T13:41:16.151666-07:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d115b875..d3c33558 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.1.0 +version: 3.1.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -16,6 +16,6 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.10.1 + version: 4.10.4 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled From 190defcc8b4acfcd7908459fbcdc6d3c2c9cdbbc Mon Sep 17 00:00:00 2001 From: ryota-sakamoto Date: Fri, 16 Apr 2021 07:57:31 +0900 Subject: [PATCH 07/24] chore(argocd-notifications): update argocd-notifications to 1.1.0 (#671) Signed-off-by: Ryota Sakamoto Co-authored-by: Alexander Matyushentsev --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index b3853226..cac04baf 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.0.2 +appVersion: 1.1.0 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.0.15 +version: 1.1.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index ae3fda8f..5fa4bddb 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -7,7 +7,7 @@ fullnameOverride: "" image: repository: argoprojlabs/argocd-notifications - tag: v1.0.2 + tag: v1.1.0 pullPolicy: IfNotPresent imagePullSecrets: [] @@ -337,7 +337,7 @@ bots: image: repository: argoprojlabs/argocd-notifications - tag: v1.0.1 + tag: v1.1.0 pullPolicy: IfNotPresent imagePullSecrets: [] From 913a623dfb2f7e3d0e072b28f7b85c32eaecad34 Mon Sep 17 00:00:00 2001 From: ryota-sakamoto Date: Tue, 20 Apr 2021 01:23:06 +0900 Subject: [PATCH 08/24] chore(argocd-notifications): update argocd-notifications to 1.1.1 (#679) Signed-off-by: Ryota Sakamoto --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index cac04baf..2d1ada91 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.1.0 +appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.1.0 +version: 1.1.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index 5fa4bddb..35cce8df 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -7,7 +7,7 @@ fullnameOverride: "" image: repository: argoprojlabs/argocd-notifications - tag: v1.1.0 + tag: v1.1.1 pullPolicy: IfNotPresent imagePullSecrets: [] @@ -337,7 +337,7 @@ bots: image: repository: argoprojlabs/argocd-notifications - tag: v1.1.0 + tag: v1.1.1 pullPolicy: IfNotPresent imagePullSecrets: [] From 5fc4ed7d5b758a7bc8c6030e7d8760dfdf6b2afd Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Wed, 21 Apr 2021 02:35:38 -0700 Subject: [PATCH 09/24] feat(argo-events): Add support for pod annotations. (#680) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-events): Add support for pod annotations. Signed-off-by: Vlad Losev * Apply suggestions from code review. Co-authored-by: Oliver Bähler Signed-off-by: Vlad Losev Co-authored-by: Oliver Bähler --- charts/argo-events/Chart.yaml | 2 +- .../argo-events/templates/eventbus-controller-deployment.yaml | 3 +++ .../templates/eventsource-controller-deployment.yaml | 3 +++ charts/argo-events/templates/sensor-controller-deployment.yaml | 3 +++ charts/argo-events/values.yaml | 3 +++ 5 files changed, 13 insertions(+), 1 deletion(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index fcea120d..d579e214 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.2.4 +version: 1.3.0 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index dd734a88..900daf41 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} release: {{ .Release.Name }} + {{- with .Values.eventbusController.podAnnotations }} + annotations: {{- toYaml . | nindent 8 }} + {{- end }} spec: serviceAccountName: {{ .Values.serviceAccount }} containers: diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 95e7e83a..9fcd1eaf 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} release: {{ .Release.Name }} + {{- with .Values.eventsourceController.podAnnotations }} + annotations: {{- toYaml . | nindent 8 }} + {{- end }} spec: serviceAccountName: {{ .Values.serviceAccount }} containers: diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 214ee2bb..371fe82f 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ .Release.Name }}-{{ .Values.sensorController.name }} release: {{ .Release.Name }} + {{- with .Values.sensorController.podAnnotations }} + annotations: {{- toYaml . | nindent 8 }} + {{- end }} spec: serviceAccountName: {{ .Values.serviceAccount }} containers: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 05a8d634..ec251fe6 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -48,6 +48,7 @@ sensorController: tag: v1.2.3 replicaCount: 1 sensorImage: sensor + podAnnotations: {} nodeSelector: {} tolerations: {} affinity: {} @@ -58,6 +59,7 @@ eventsourceController: tag: v1.2.3 replicaCount: 1 eventsourceImage: eventsource + podAnnotations: {} nodeSelector: {} tolerations: {} affinity: {} @@ -67,6 +69,7 @@ eventbusController: image: eventbus-controller tag: v1.2.3 replicaCount: 1 + podAnnotations: {} nodeSelector: {} tolerations: {} affinity: {} From f80ab1a2fb2ed34fe73dbb85614f9fcc3f40c704 Mon Sep 17 00:00:00 2001 From: chgl Date: Wed, 21 Apr 2021 14:42:16 +0200 Subject: [PATCH 10/24] fix(argocd-applicationset): corrected chart directory name (#672) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: corrected argocd-applicationset chart dir Signed-off-by: chgl * bumped chart version Signed-off-by: chgl Co-authored-by: Oliver Bähler --- .../.helmignore | 0 .../{argo-applicationset => argocd-applicationset}/Chart.yaml | 2 +- .../{argo-applicationset => argocd-applicationset}/README.md | 4 ++-- .../ci/default-values.yaml | 0 .../ci/leader-election-values.yaml | 0 .../crds/crd-applicationset.yaml | 0 .../templates/_helpers.tpl | 0 .../templates/crds.yaml | 0 .../templates/deployment.yaml | 0 .../templates/psp.yaml | 0 .../templates/rbac.yaml | 0 .../templates/serviceaccount.yaml | 0 .../values.yaml | 0 13 files changed, 3 insertions(+), 3 deletions(-) rename charts/{argo-applicationset => argocd-applicationset}/.helmignore (100%) rename charts/{argo-applicationset => argocd-applicationset}/Chart.yaml (95%) rename charts/{argo-applicationset => argocd-applicationset}/README.md (98%) rename charts/{argo-applicationset => argocd-applicationset}/ci/default-values.yaml (100%) rename charts/{argo-applicationset => argocd-applicationset}/ci/leader-election-values.yaml (100%) rename charts/{argo-applicationset => argocd-applicationset}/crds/crd-applicationset.yaml (100%) rename charts/{argo-applicationset => argocd-applicationset}/templates/_helpers.tpl (100%) rename charts/{argo-applicationset => argocd-applicationset}/templates/crds.yaml (100%) rename charts/{argo-applicationset => argocd-applicationset}/templates/deployment.yaml (100%) rename charts/{argo-applicationset => argocd-applicationset}/templates/psp.yaml (100%) rename charts/{argo-applicationset => argocd-applicationset}/templates/rbac.yaml (100%) rename charts/{argo-applicationset => argocd-applicationset}/templates/serviceaccount.yaml (100%) rename charts/{argo-applicationset => argocd-applicationset}/values.yaml (100%) diff --git a/charts/argo-applicationset/.helmignore b/charts/argocd-applicationset/.helmignore similarity index 100% rename from charts/argo-applicationset/.helmignore rename to charts/argocd-applicationset/.helmignore diff --git a/charts/argo-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml similarity index 95% rename from charts/argo-applicationset/Chart.yaml rename to charts/argocd-applicationset/Chart.yaml index c467c3c6..ebb5ee1c 100644 --- a/charts/argo-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.2 +version: 0.1.3 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png diff --git a/charts/argo-applicationset/README.md b/charts/argocd-applicationset/README.md similarity index 98% rename from charts/argo-applicationset/README.md rename to charts/argocd-applicationset/README.md index 316bd8ce..b200d9cf 100644 --- a/charts/argo-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -18,7 +18,7 @@ To install the chart with the release name `my-release`: $ helm repo add argo https://argoproj.github.io/argo-helm "argo" has been added to your repositories -$ helm install --name my-release argo/argo-applicationset +$ helm install --name my-release argo/argocd-applicationset NAME: my-release ... ``` @@ -61,7 +61,7 @@ ct install --namespace argocd | mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume | | mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | | mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` | -| nameOverride | string | `""` | Provide a name in place of `argo-applicationset` | +| nameOverride | string | `""` | Provide a name in place of `argocd-applicationset` | | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | | podAnnotations | object | `{}` | Annotations for the controller pods | | podSecurityContext | object | `{}` | Pod Security Context | diff --git a/charts/argo-applicationset/ci/default-values.yaml b/charts/argocd-applicationset/ci/default-values.yaml similarity index 100% rename from charts/argo-applicationset/ci/default-values.yaml rename to charts/argocd-applicationset/ci/default-values.yaml diff --git a/charts/argo-applicationset/ci/leader-election-values.yaml b/charts/argocd-applicationset/ci/leader-election-values.yaml similarity index 100% rename from charts/argo-applicationset/ci/leader-election-values.yaml rename to charts/argocd-applicationset/ci/leader-election-values.yaml diff --git a/charts/argo-applicationset/crds/crd-applicationset.yaml b/charts/argocd-applicationset/crds/crd-applicationset.yaml similarity index 100% rename from charts/argo-applicationset/crds/crd-applicationset.yaml rename to charts/argocd-applicationset/crds/crd-applicationset.yaml diff --git a/charts/argo-applicationset/templates/_helpers.tpl b/charts/argocd-applicationset/templates/_helpers.tpl similarity index 100% rename from charts/argo-applicationset/templates/_helpers.tpl rename to charts/argocd-applicationset/templates/_helpers.tpl diff --git a/charts/argo-applicationset/templates/crds.yaml b/charts/argocd-applicationset/templates/crds.yaml similarity index 100% rename from charts/argo-applicationset/templates/crds.yaml rename to charts/argocd-applicationset/templates/crds.yaml diff --git a/charts/argo-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml similarity index 100% rename from charts/argo-applicationset/templates/deployment.yaml rename to charts/argocd-applicationset/templates/deployment.yaml diff --git a/charts/argo-applicationset/templates/psp.yaml b/charts/argocd-applicationset/templates/psp.yaml similarity index 100% rename from charts/argo-applicationset/templates/psp.yaml rename to charts/argocd-applicationset/templates/psp.yaml diff --git a/charts/argo-applicationset/templates/rbac.yaml b/charts/argocd-applicationset/templates/rbac.yaml similarity index 100% rename from charts/argo-applicationset/templates/rbac.yaml rename to charts/argocd-applicationset/templates/rbac.yaml diff --git a/charts/argo-applicationset/templates/serviceaccount.yaml b/charts/argocd-applicationset/templates/serviceaccount.yaml similarity index 100% rename from charts/argo-applicationset/templates/serviceaccount.yaml rename to charts/argocd-applicationset/templates/serviceaccount.yaml diff --git a/charts/argo-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml similarity index 100% rename from charts/argo-applicationset/values.yaml rename to charts/argocd-applicationset/values.yaml From 50caa3d28941d7e5966d9097931f9c0ff12aaebf Mon Sep 17 00:00:00 2001 From: Kai Kahllund Date: Wed, 21 Apr 2021 15:05:39 +0200 Subject: [PATCH 11/24] fix: add missing status resources in rbac role (#667) Signed-off-by: shortmann --- charts/argo-events/Chart.yaml | 2 +- charts/argo-events/templates/argo-events-roles.yaml | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index d579e214..a7a9854e 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.3.0 +version: 1.3.1 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml index d6de39d2..56721159 100644 --- a/charts/argo-events/templates/argo-events-roles.yaml +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -49,10 +49,13 @@ rules: - workflowtemplates/finalizers - sensors - sensors/finalizers + - sensors/status - eventsources - eventsources/finalizers + - eventsources/status - eventbus - eventbus/finalizers + - eventbus/status - apiGroups: - "" resources: From 5955a3bef8409a3edb19a59f6eda32023b255b2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Wed, 21 Apr 2021 15:18:55 +0200 Subject: [PATCH 12/24] fix(argo-cd): Disable Dex ServiceAccount (#648) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: oliverbaehler as codeowner Signed-off-by: Oliver Bähler * Disable ServiceAccount on disabled Dex Signed-off-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/dex/serviceaccount.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d3c33558..8019e90d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.1.1 +version: 3.1.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/dex/serviceaccount.yaml b/charts/argo-cd/templates/dex/serviceaccount.yaml index bb235eec..71707f09 100644 --- a/charts/argo-cd/templates/dex/serviceaccount.yaml +++ b/charts/argo-cd/templates/dex/serviceaccount.yaml @@ -1,4 +1,4 @@ -{{- if .Values.dex.serviceAccount.create }} +{{- if and .Values.dex.enabled .Values.dex.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.dex.serviceAccount.automountServiceAccountToken }} From abcd61717ff91c1f3b3d547be2bcd2d2c5a61db3 Mon Sep 17 00:00:00 2001 From: Sergey <41047934+1Psy@users.noreply.github.com> Date: Wed, 21 Apr 2021 18:45:05 +0300 Subject: [PATCH 13/24] feat(argocd-notifications): Add securityContext (#644) Signed-off-by: 1Psy <41047934+1Psy@users.noreply.github.com> --- charts/argocd-notifications/Chart.yaml | 2 +- charts/argocd-notifications/templates/deployment.yaml | 8 ++++++-- charts/argocd-notifications/values.yaml | 7 +++++++ 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 2d1ada91..881c18ae 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.1.1 +version: 1.1.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml index bc6948d3..0e18f698 100644 --- a/charts/argocd-notifications/templates/deployment.yaml +++ b/charts/argocd-notifications/templates/deployment.yaml @@ -26,8 +26,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argocd-notifications.serviceAccountName" . }} - securityContext: - runAsNonRoot: true + {{- if .Values.securityContext }} + securityContext: {{- toYaml .Values.securityContext | nindent 8 }} + {{- end }} containers: - name: {{ include "argocd-notifications.name" . }}-controller image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" @@ -51,6 +52,9 @@ spec: name: metrics protocol: TCP {{- end }} + {{- if .Values.containerSecurityContext }} + securityContext: {{- toYaml .Values.containerSecurityContext | nindent 12 }} + {{- end }} {{- with .Values.extraEnv }} env: {{ toYaml . | nindent 12 }} {{- end }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index 35cce8df..0a27e643 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -65,6 +65,13 @@ notifiers: podAnnotations: {} +## Pod Security Context +securityContext: + runAsNonRoot: true + +## Container Security Context +containerSecurityContext: {} + resources: {} # limits: # cpu: 100m From 49ccf4ae8ab84a244a09c0a20deac3a4f32d09e9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 21 Apr 2021 21:31:16 +0200 Subject: [PATCH 14/24] feat(argo-cd): Add compatibility to v1 Ingress (#637) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-cd): Add compatibility to v1 Ingress Signed-off-by: Marco Kilchhofer * chore(argo-cd): Add spaces to improve readability Signed-off-by: Marco Kilchhofer * feat(argo-cd): Bump chart version Signed-off-by: Marco Kilchhofer * fix: Apply review changes Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler Co-authored-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 2 + charts/argo-cd/templates/_helpers.tpl | 15 +++- .../templates/argocd-server/ingress-grpc.yaml | 71 +++++++++++++------ .../templates/argocd-server/ingress.yaml | 71 +++++++++++++------ charts/argo-cd/values.yaml | 2 + 6 files changed, 119 insertions(+), 44 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8019e90d..ed2d87be 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.1.2 +version: 3.2.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d94003d7..6d1430d1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -227,12 +227,14 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | server.ingress.enabled | Enable an ingress resource for the server | `false` | | server.ingress.hosts | List of ingress hosts | `[]` | | server.ingress.labels | Additional ingress labels. | `{}` | +| server.ingress.ingressClassName | Defines which ingress controller will implement the resource | `""` | | server.ingress.tls | Ingress TLS configuration. | `[]` | | server.ingress.https | Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` | `false` | | server.ingressGrpc.annotations | Additional ingress annotations for dedicated [gRPC-ingress] | `{}` | | server.ingressGrpc.enabled | Enable an ingress resource for the server for dedicated [gRPC-ingress] | `false` | | server.ingressGrpc.hosts | List of ingress hosts for dedicated [gRPC-ingress] | `[]` | | server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` | +| server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` | | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 431f9069..9ab07ef4 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -138,4 +138,17 @@ app.kubernetes.io/instance: {{ .context.Release.Name }} {{- if .component }} app.kubernetes.io/component: {{ .component }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} + +{{/* +Return the appropriate apiVersion for ingress +*/}} +{{- define "argo-cd.ingress.apiVersion" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 914f1b8a..1f5fc4ea 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -3,11 +3,7 @@ {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} -{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} -apiVersion: networking.k8s.io/v1beta1 -{{ else }} -apiVersion: extensions/v1beta1 -{{ end -}} +apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} kind: Ingress metadata: {{- if .Values.server.ingressGrpc.annotations }} @@ -19,41 +15,74 @@ metadata: name: {{ template "argo-cd.server.fullname" . }}-grpc labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} -{{- if .Values.server.ingressGrpc.labels }} -{{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }} -{{- end }} + {{- if .Values.server.ingressGrpc.labels }} + {{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }} + {{- end }} spec: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- with .Values.server.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + {{- end }} rules: {{- if .Values.server.ingressGrpc.hosts }} - {{- range $host := .Values.server.ingressGrpc.hosts }} + {{- range $host := .Values.server.ingressGrpc.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end -}} - {{- range $p := $paths }} + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end -}} + {{- range $p := $paths }} - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: Prefix + {{- end }} backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} serviceName: {{ $serviceName }} servicePort: {{ $servicePort }} - {{- end -}} - {{- end -}} + {{- end }} + {{- end -}} + {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end -}} - {{- range $p := $paths }} + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end -}} + {{- range $p := $paths }} - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: Prefix + {{- end }} backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} serviceName: {{ $serviceName }} servicePort: {{ $servicePort }} - {{- end -}} + {{- end }} + {{- end -}} {{- end -}} {{- if .Values.server.ingressGrpc.tls }} tls: -{{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} + {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index d4e5020f..1bd2c53c 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -3,11 +3,7 @@ {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} -{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} -apiVersion: networking.k8s.io/v1beta1 -{{ else }} -apiVersion: extensions/v1beta1 -{{ end -}} +apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} kind: Ingress metadata: {{- if .Values.server.ingress.annotations }} @@ -19,41 +15,74 @@ metadata: name: {{ template "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} -{{- if .Values.server.ingress.labels }} -{{- toYaml .Values.server.ingress.labels | nindent 4 }} -{{- end }} + {{- if .Values.server.ingress.labels }} + {{- toYaml .Values.server.ingress.labels | nindent 4 }} + {{- end }} spec: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- with .Values.server.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + {{- end }} rules: {{- if .Values.server.ingress.hosts }} - {{- range $host := .Values.server.ingress.hosts }} + {{- range $host := .Values.server.ingress.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end }} - {{- range $p := $paths }} + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: Prefix + {{- end }} backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} serviceName: {{ $serviceName }} servicePort: {{ $servicePort }} - {{- end -}} - {{- end -}} + {{- end }} + {{- end -}} + {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end }} - {{- range $p := $paths }} + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: Prefix + {{- end }} backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} serviceName: {{ $serviceName }} servicePort: {{ $servicePort }} - {{- end -}} + {{- end }} + {{- end -}} {{- end -}} {{- if .Values.server.ingress.tls }} tls: -{{- toYaml .Values.server.ingress.tls | nindent 4 }} + {{- toYaml .Values.server.ingress.tls | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1b7c2682..32e244ab 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -493,6 +493,7 @@ server: enabled: false annotations: {} labels: {} + ingressClassName: "" ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. @@ -521,6 +522,7 @@ server: enabled: false annotations: {} labels: {} + ingressClassName: "" ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. From 8f7d9ff0d8e9a2afcbfc20407f857d95df1afcc9 Mon Sep 17 00:00:00 2001 From: Spencer Gilbert Date: Thu, 22 Apr 2021 11:50:04 -0400 Subject: [PATCH 15/24] Update CODEOWNERS (#691) Unfortunately I haven't had the time to participate here for a while, and seem to be moving away from using ArgoCD so I think it'd be appropriate to remove me from here. Signed-off-by: Spencer Gilbert --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index f35c9b71..bb890183 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -4,7 +4,7 @@ /charts/argo @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler # Argo CD -/charts/argo-cd @seanson @spencergilbert @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler +/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler # Argo Events /charts/argo-events @jbehling @VaibhavPage @oliverbaehler From 7e5a2e136f537a7af0080dd408ae9477f80923bf Mon Sep 17 00:00:00 2001 From: AIKAWA Date: Sat, 24 Apr 2021 00:36:55 +0900 Subject: [PATCH 16/24] chore(argo): fix referenced URL (#693) * fix referenced URL Signed-off-by: yu-croco * update chart version due to referenced link fix Signed-off-by: yu-croco --- charts/argo/Chart.yaml | 2 +- charts/argo/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 1ce323cc..741fa2e6 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.12.5 description: A Helm chart for Argo Workflows name: argo -version: 0.16.8 +version: 0.16.9 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 0a5be36d..31a36041 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -136,7 +136,7 @@ controller: # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ # PriorityClass: system-cluster-critical priorityClassName: "" - # https://argoproj.github.io/argo/links/ + # https://argoproj.github.io/argo-workflows/links/ links: [] # executor controls how the init and wait container should be customized @@ -206,7 +206,7 @@ server: # Run the argo server in "secure" mode. Configure this value instead of # "--secure" in extraArgs. See the following documentation for more details # on secure mode: - # https://argoproj.github.io/argo/tls/#encrypted + # https://argoproj.github.io/argo-workflows/tls/#encrypted secure: false # Extra arguments to provide to the Argo server binary. From bb9af68fc2cc7d1f846855e19d00c8659a8a7c4f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Fri, 23 Apr 2021 21:54:05 +0200 Subject: [PATCH 17/24] feat(argo-ci): deprecate argo-ci helm chart (#688) Co-authored-by: Alex Collins --- charts/argo-ci/Chart.yaml | 13 +++++++------ charts/argo-ci/README.md | 2 ++ charts/argo-ci/requirements.lock | 6 ------ charts/argo-ci/requirements.yaml | 4 ---- 4 files changed, 9 insertions(+), 16 deletions(-) delete mode 100644 charts/argo-ci/requirements.lock delete mode 100644 charts/argo-ci/requirements.yaml diff --git a/charts/argo-ci/Chart.yaml b/charts/argo-ci/Chart.yaml index b658915d..c41334d9 100644 --- a/charts/argo-ci/Chart.yaml +++ b/charts/argo-ci/Chart.yaml @@ -1,11 +1,12 @@ -apiVersion: v1 +apiVersion: v2 description: A Helm chart for Argo-CI name: argo-ci -version: 0.1.7 +version: 1.0.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png appVersion: v1.0.0-alpha2 home: https://github.com/argoproj/argo-helm -maintainers: - - name: alexec - - name: alexmt - - name: jessesuen +deprecated: true +dependencies: + - name: argo + version: "^0.16.0" + repository: https://argoproj.github.io/argo-helm diff --git a/charts/argo-ci/README.md b/charts/argo-ci/README.md index 28231e8c..7eaa9039 100644 --- a/charts/argo-ci/README.md +++ b/charts/argo-ci/README.md @@ -1,3 +1,5 @@ # Argo CI Chart +**Deprecated** - Use [Argo-Events](./argo-events) instead. + This is a **community maintained** chart. diff --git a/charts/argo-ci/requirements.lock b/charts/argo-ci/requirements.lock deleted file mode 100644 index 14b83c58..00000000 --- a/charts/argo-ci/requirements.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: argo - repository: https://argoproj.github.io/argo-helm - version: 0.2.1 -digest: sha256:af0f837200061b1720c0e05168dfc4a9537582f3004de62eeb5ef01b4c78db64 -generated: 2018-10-23T14:50:47.570677461-07:00 diff --git a/charts/argo-ci/requirements.yaml b/charts/argo-ci/requirements.yaml deleted file mode 100644 index e9370ec3..00000000 --- a/charts/argo-ci/requirements.yaml +++ /dev/null @@ -1,4 +0,0 @@ -dependencies: -- name: argo - version: 0.2.1 - repository: https://argoproj.github.io/argo-helm From 7b78693819dcea0d34097865df71b3978b12b712 Mon Sep 17 00:00:00 2001 From: kostas-theo <43744618+kostas-theo@users.noreply.github.com> Date: Fri, 23 Apr 2021 23:00:23 +0200 Subject: [PATCH 18/24] fix: add missing status resources in rbac clusterrole (#694) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: kostas-theo Co-authored-by: Oliver Bähler --- charts/argo-events/Chart.yaml | 2 +- charts/argo-events/templates/argo-events-cluster-roles.yaml | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a7a9854e..1f138c3c 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.3.1 +version: 1.3.2 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index 16f55e46..bfd2d021 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -47,10 +47,13 @@ rules: - workflowtemplates/finalizers - sensors - sensors/finalizers + - sensors/status - eventsources - eventsources/finalizers + - eventsources/status - eventbus - eventbus/finalizers + - eventbus/status - apiGroups: - "" resources: From 71cbdbb811655b2a8ed1b7f8f36347061052ce1c Mon Sep 17 00:00:00 2001 From: Mike Sarver Date: Fri, 23 Apr 2021 17:14:52 -0600 Subject: [PATCH 19/24] feat(argo-cd): Add label to cluster-secrets for usage with appSet cluster selector (#692) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * add cluster label for use with appSet cluster selector Signed-off-by: mike sarver * feat(argo-cd): Add label to cluster-secrets for usage with appSet cluster selector Signed-off-by: mike sarver * feat(argo-cd): use with for adding labels Signed-off-by: mike sarver Co-authored-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ed2d87be..72994ece 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.2.0 +version: 3.2.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index a4190768..4fb7e883 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -6,6 +6,9 @@ metadata: name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} argocd.argoproj.io/secret-type: cluster {{- with .annotations }} annotations: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 32e244ab..adc358f7 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -881,6 +881,7 @@ configs: clusterCredentials: [] # - name: mycluster # server: https://mycluster.com + # labels: {} # annotations: {} # config: # bearerToken: "" @@ -889,6 +890,7 @@ configs: # caData: "" # - name: mycluster2 # server: https://mycluster2.com + # labels: {} # annotations: {} # namespaces: namespace1,namespace2 # config: From 3ba4cdb1ca9bf1c7bdc561b2255886ff4cb17949 Mon Sep 17 00:00:00 2001 From: Marcel Hoyer Date: Sat, 24 Apr 2021 12:50:25 +0200 Subject: [PATCH 20/24] fix(argo-cd): Sync ArgoCD helm chart with kustomize (#659) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * copy CRD resource files from https://github.com/argoproj/argo-cd/tree/v2.0.0/manifests/crds Signed-off-by: Marcel Hoyer * update `global.image` values in `values.yaml` to quay.io Signed-off-by: Marcel Hoyer * update redis image to 6.2.1 Signed-off-by: Marcel Hoyer * add optional volume mount to secret `argocd-repo-server-tls` according to https://github.com/argoproj/argo-cd/commit/7a68880e2ea825afb0076637b51b1e9b26a9c8f0 Signed-off-by: Marcel Hoyer * increase patch version of chart to 3.0.1 Signed-off-by: Marcel Hoyer * add `redis.extraArgs` to enable customization of `redis-server` arguments Signed-off-by: Marcel Hoyer * add some notes to the `README` about syncing changes from original `manifests/install.yaml` Signed-off-by: Marcel Hoyer * fix example for `extraArgs` in `values.yaml` of argo-cd chart Signed-off-by: Marcel Hoyer * Bump chart version to 3.1.2 Signed-off-by: Marcel Hoyer * Bump argo-cd version to 3.2.2 Signed-off-by: Marcel Hoyer Co-authored-by: Oliver Bähler Co-authored-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 25 +- charts/argo-cd/crds/crd-application.yaml | 506 ++++++++++-------- charts/argo-cd/crds/crd-project.yaml | 33 +- .../deployment.yaml | 17 +- .../argocd-repo-server/deployment.yaml | 13 + .../templates/argocd-server/deployment.yaml | 13 + .../argo-cd/templates/redis/deployment.yaml | 5 +- charts/argo-cd/values.yaml | 24 +- 9 files changed, 386 insertions(+), 252 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72994ece..766578ef 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.2.1 +version: 3.2.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6d1430d1..7716e41e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -12,6 +12,26 @@ The default installation is intended to be similar to the provided ArgoCD [relea This chart currently installs the non-HA version of ArgoCD. +### Synchronizing Changes from Original Repository + +In the original [ArgoCD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). + +When installing ArgoCD using this helm chart the user should have a similar experience and configuration rolled out. Hence, it makes sense to try to achieve a similar output of rendered `.yaml` resources when calling `helm template` using the default settings in `values.yaml`. + +To update the templates and default settings in `values.yaml` it may come in handy to look up the diff of the `manifests/install.yaml` between two versions accordingly. This can either be done directly via github and look for `manifests/install.yaml`: + +https://github.com/argoproj/argo-cd/compare/v1.8.7...v2.0.0#files_bucket + +Or you clone the repository and do a local `git-diff`: + +```bash +git clone https://github.com/argoproj/argo-cd.git +cd argo-cd +git diff v1.8.7 v2.0.0 -- manifests/install.yaml +``` + +Changes in the `CustomResourceDefinition` resources shall be fixed easily by copying 1:1 from the [`manifests/crds` folder](https://github.com/argoproj/argo-cd/tree/master/manifests/crds) into this [`charts/argo-cd/crds` folder](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd/crds). + ## Upgrading ### 3.0.0 and above @@ -334,7 +354,8 @@ through `xxx.extraArgs` | redis.enabled | Enable redis | `true` | | redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` | | redis.image.repository | Redis repository | `"redis"` | -| redis.image.tag | Redis tag | `"5.0.8"` | +| redis.image.tag | Redis tag | `"6.2.1-alpine"` | +| redis.extraArgs | Additional arguments for the `redis-server`. A list of flags. | `[]` | | redis.name | Redis name | `"redis"` | | redis.env | Environment variables for the Redis server. | `[]` | | redis.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | @@ -354,6 +375,6 @@ through `xxx.extraArgs` | redis-ha.redis.config.save | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | `""` | | redis-ha.haproxy.enabled | Enabled HAProxy LoadBalancing/Proxy | `true` | | redis-ha.haproxy.metrics.enabled | HAProxy enable prometheus metric scraping | `true` | -| redis-ha.image.tag | Redis tag | `"5.0.8-alpine"` | +| redis-ha.image.tag | Redis tag | `"6.2.1-alpine"` | [gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index cd4678fa..c62189e8 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -19,10 +19,7 @@ spec: singular: application scope: Namespaced versions: - - name: v1alpha1 - served: true - storage: true - additionalPrinterColumns: + - additionalPrinterColumns: - jsonPath: .status.sync.status name: Sync Status type: string @@ -33,7 +30,7 @@ spec: name: Revision priority: 10 type: string - subresources: {} + name: v1alpha1 schema: openAPIV3Schema: description: Application is a definition of Application resource. @@ -47,9 +44,10 @@ spec: metadata: type: object operation: - description: Operation contains requested operation parameters. + description: Operation contains information about a requested or running operation properties: info: + description: Info is a list of informational items for this operation items: properties: name: @@ -62,20 +60,20 @@ spec: type: object type: array initiatedBy: - description: OperationInitiator holds information about the operation initiator + description: InitiatedBy contains information about who initiated the operations properties: automated: description: Automated is set to true if operation was initiated automatically by the application controller. type: boolean username: - description: Name of a user who started operation. + description: Username contains the name of a user who started operation type: string type: object retry: - description: Retry controls failed sync retry behavior + description: Retry controls the strategy to apply if a sync fails properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff on subsequent retries of failed syncs properties: duration: description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") @@ -89,15 +87,15 @@ spec: type: string type: object limit: - description: Limit is the maximum number of attempts when retrying a container + description: Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. format: int64 type: integer type: object sync: - description: SyncOperation contains sync operation details. + description: Sync contains parameters for the operation properties: dryRun: - description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync + description: DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync type: boolean manifests: description: Manifests is an optional field that overrides sync source with a local directory for development @@ -105,10 +103,10 @@ spec: type: string type: array prune: - description: Prune deletes resources that are no longer tracked in git + description: Prune specifies to delete resources from the cluster that are no longer tracked in git type: boolean resources: - description: Resources describes which resources to sync + description: Resources describes which resources shall be part of the sync items: description: SyncOperationResource contains resources to sync. properties: @@ -126,26 +124,30 @@ spec: type: object type: array revision: - description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. + description: Revision is the revision (Git) or chart version (Helm) which to sync the application to If omitted, will use the revision specified in app spec. type: string source: - description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and is nil during a Sync operation properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options + description: Jsonnet holds options specific to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -166,7 +168,7 @@ spec: tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -181,6 +183,7 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to scan a directory recursively for manifests type: boolean type: object helm: @@ -189,34 +192,34 @@ spec: fileParameters: description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to a helm template + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation properties: name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string path: - description: Path is the path value for the helm parameter + description: Path is the path to the file containing the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm template + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation items: - description: HelmParameter is a parameter to a helm template + description: HelmParameter is a parameter that's passed to helm template during manifest generation properties: forceString: description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the helm parameter + description: Value is the value for the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it will use the application name + description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -224,10 +227,10 @@ spec: type: string type: array values: - description: Values is Helm values, typically defined as a block + description: Values specifies Helm values to be passed to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating with + description: Version is the Helm version to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -259,42 +262,45 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional kustomize commonAnnotations + description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize commonLabels + description: CommonLabels is a list of additional labels to add to rendered manifests type: object images: - description: Images are kustomize image overrides + description: Images is a list of Kustomize image override specifications items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps + description: NamePrefix is a prefix appended to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps + description: NameSuffix is a suffix appended to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize version + description: Version controls which version of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment variable entries items: + description: EnvEntry represents an entry in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of the variable type: string required: - name @@ -305,10 +311,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application manifests + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -342,20 +348,20 @@ spec: description: ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. properties: destination: - description: Destination overrides the kubernetes server and namespace defined in the environment ksonnet app.yaml + description: Destination is a reference to the target Kubernetes server and namespace properties: name: - description: Name of the destination cluster which can be used instead of server (url) field + description: Name is an alternate way of specifying the target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment namespace value in the ksonnet app.yaml + description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server overrides the environment server value in the ksonnet app.yaml + description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources fields which should be ignored during comparison + description: IgnoreDifferences is a list of resources and their fields which should be ignored during comparison items: description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. properties: @@ -377,7 +383,7 @@ spec: type: object type: array info: - description: Infos contains a list of useful information (URLs, email addresses, and plain text) that relates to the application + description: Info contains a list of information (URLs, email addresses, and plain text) that relates to the application items: properties: name: @@ -390,30 +396,34 @@ spec: type: object type: array project: - description: Project is a application project name. Empty name means that application belongs to 'default' project. + description: Project is a reference to the project this application belongs to. The empty string means that application belongs to the 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept in the apps revision history. This should only be changed in exceptional circumstances. Setting to zero will store no history. This will reduce storage used. Increasing will increase the space used to store the history, so we do not recommend increasing it. Default is 10. + description: RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions. This should only be changed in exceptional circumstances. Setting to zero will store no history. This will reduce storage used. Increasing will increase the space used to store the history, so we do not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location ksonnet application definition + description: Source is a reference to the location of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options + description: Jsonnet holds options specific to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -434,7 +444,7 @@ spec: tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -449,6 +459,7 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to scan a directory recursively for manifests type: boolean type: object helm: @@ -457,34 +468,34 @@ spec: fileParameters: description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to a helm template + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation properties: name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string path: - description: Path is the path value for the helm parameter + description: Path is the path to the file containing the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm template + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation items: - description: HelmParameter is a parameter to a helm template + description: HelmParameter is a parameter that's passed to helm template during manifest generation properties: forceString: description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the helm parameter + description: Value is the value for the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it will use the application name + description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -492,10 +503,10 @@ spec: type: string type: array values: - description: Values is Helm values, typically defined as a block + description: Values specifies Helm values to be passed to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating with + description: Version is the Helm version to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -527,42 +538,45 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional kustomize commonAnnotations + description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize commonLabels + description: CommonLabels is a list of additional labels to add to rendered manifests type: object images: - description: Images are kustomize image overrides + description: Images is a list of Kustomize image override specifications items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps + description: NamePrefix is a prefix appended to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps + description: NameSuffix is a suffix appended to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize version + description: Version controls which version of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment variable entries items: + description: EnvEntry represents an entry in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of the variable type: string required: - name @@ -573,16 +587,16 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application manifests + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when a sync will be performed + description: SyncPolicy controls when and how a sync will be performed properties: automated: description: Automated will keep an application synced to the target revision @@ -591,17 +605,17 @@ spec: description: 'AllowEmpty allows apps have zero live resources (default: false)' type: boolean prune: - description: 'Prune will prune resources automatically as part of automated sync (default: false)' + description: 'Prune specifies whether to delete resources from the cluster that are not found in the sources anymore as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal enables auto-syncing if (default: false)' + description: 'SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)' type: boolean type: object retry: description: Retry controls failed sync retry behavior properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff on subsequent retries of failed syncs properties: duration: description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") @@ -615,7 +629,7 @@ spec: type: string type: object limit: - description: Limit is the maximum number of attempts when retrying a container + description: Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. format: int64 type: integer type: object @@ -631,14 +645,15 @@ spec: - source type: object status: - description: ApplicationStatus contains information about application sync, health status + description: ApplicationStatus contains status information for the application properties: conditions: + description: Conditions is a list of currently observed application conditions items: - description: ApplicationCondition contains details about current application condition + description: ApplicationCondition contains details about an application condition, which is usally an error or warning properties: lastTransitionTime: - description: LastTransitionTime is the time the condition was first observed. + description: LastTransitionTime is the time the condition was last observed format: date-time type: string message: @@ -653,24 +668,26 @@ spec: type: object type: array health: + description: Health contains information about the application's current health status properties: message: + description: Message is a human-readable informational message describing the health status type: string status: - description: Represents resource health status + description: Status holds the status code of the application or resource type: string type: object history: - description: RevisionHistories is a array of history, oldest first and newest last + description: History contains information about the application's sync history items: - description: RevisionHistory contains information relevant to an application deployment + description: RevisionHistory contains history information about a previous sync properties: deployStartedAt: - description: DeployStartedAt holds the time the deployment started + description: DeployStartedAt holds the time the sync operation started format: date-time type: string deployedAt: - description: DeployedAt holds the time the deployment completed + description: DeployedAt holds the time the sync operation completed format: date-time type: string id: @@ -678,26 +695,30 @@ spec: format: int64 type: integer revision: - description: Revision holds the revision of the sync + description: Revision holds the revision the sync was performed against type: string source: - description: ApplicationSource contains information about github repository, path within repository and target application environment. + description: Source is a reference to the application source used for the sync operation properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options + description: Jsonnet holds options specific to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -718,7 +739,7 @@ spec: tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -733,6 +754,7 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to scan a directory recursively for manifests type: boolean type: object helm: @@ -741,34 +763,34 @@ spec: fileParameters: description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to a helm template + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation properties: name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string path: - description: Path is the path value for the helm parameter + description: Path is the path to the file containing the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm template + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation items: - description: HelmParameter is a parameter to a helm template + description: HelmParameter is a parameter that's passed to helm template during manifest generation properties: forceString: description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the helm parameter + description: Value is the value for the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it will use the application name + description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -776,10 +798,10 @@ spec: type: string type: array values: - description: Values is Helm values, typically defined as a block + description: Values specifies Helm values to be passed to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating with + description: Version is the Helm version to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -811,42 +833,45 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional kustomize commonAnnotations + description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize commonLabels + description: CommonLabels is a list of additional labels to add to rendered manifests type: object images: - description: Images are kustomize image overrides + description: Images is a list of Kustomize image override specifications items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps + description: NamePrefix is a prefix appended to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps + description: NameSuffix is a suffix appended to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize version + description: Version controls which version of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment variable entries items: + description: EnvEntry represents an entry in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of the variable type: string required: - name @@ -857,10 +882,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application manifests + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -876,19 +901,20 @@ spec: format: date-time type: string operationState: - description: OperationState contains information about state of currently performing operation on application. + description: OperationState contains information about any ongoing operations, such as a sync properties: finishedAt: description: FinishedAt contains time of operation completion format: date-time type: string message: - description: Message hold any pertinent messages when attempting to perform operation (typically errors). + description: Message holds any pertinent messages when attempting to perform operation (typically errors). type: string operation: description: Operation is the original requested operation properties: info: + description: Info is a list of informational items for this operation items: properties: name: @@ -901,20 +927,20 @@ spec: type: object type: array initiatedBy: - description: OperationInitiator holds information about the operation initiator + description: InitiatedBy contains information about who initiated the operations properties: automated: description: Automated is set to true if operation was initiated automatically by the application controller. type: boolean username: - description: Name of a user who started operation. + description: Username contains the name of a user who started operation type: string type: object retry: - description: Retry controls failed sync retry behavior + description: Retry controls the strategy to apply if a sync fails properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff on subsequent retries of failed syncs properties: duration: description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") @@ -928,15 +954,15 @@ spec: type: string type: object limit: - description: Limit is the maximum number of attempts when retrying a container + description: Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. format: int64 type: integer type: object sync: - description: SyncOperation contains sync operation details. + description: Sync contains parameters for the operation properties: dryRun: - description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync + description: DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync type: boolean manifests: description: Manifests is an optional field that overrides sync source with a local directory for development @@ -944,10 +970,10 @@ spec: type: string type: array prune: - description: Prune deletes resources that are no longer tracked in git + description: Prune specifies to delete resources from the cluster that are no longer tracked in git type: boolean resources: - description: Resources describes which resources to sync + description: Resources describes which resources shall be part of the sync items: description: SyncOperationResource contains resources to sync. properties: @@ -965,26 +991,30 @@ spec: type: object type: array revision: - description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. + description: Revision is the revision (Git) or chart version (Helm) which to sync the application to If omitted, will use the revision specified in app spec. type: string source: - description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and is nil during a Sync operation properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options + description: Jsonnet holds options specific to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1005,7 +1035,7 @@ spec: tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1020,6 +1050,7 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to scan a directory recursively for manifests type: boolean type: object helm: @@ -1028,34 +1059,34 @@ spec: fileParameters: description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to a helm template + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation properties: name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string path: - description: Path is the path value for the helm parameter + description: Path is the path to the file containing the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm template + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation items: - description: HelmParameter is a parameter to a helm template + description: HelmParameter is a parameter that's passed to helm template during manifest generation properties: forceString: description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the helm parameter + description: Value is the value for the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it will use the application name + description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1063,10 +1094,10 @@ spec: type: string type: array values: - description: Values is Helm values, typically defined as a block + description: Values specifies Helm values to be passed to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating with + description: Version is the Helm version to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -1098,42 +1129,45 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional kustomize commonAnnotations + description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize commonLabels + description: CommonLabels is a list of additional labels to add to rendered manifests type: object images: - description: Images are kustomize image overrides + description: Images is a list of Kustomize image override specifications items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps + description: NamePrefix is a prefix appended to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps + description: NameSuffix is a suffix appended to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize version + description: Version controls which version of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment variable entries items: + description: EnvEntry represents an entry in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of the variable type: string required: - name @@ -1144,10 +1178,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application manifests + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -1192,34 +1226,39 @@ spec: description: SyncResult is the result of a Sync operation properties: resources: - description: Resources holds the sync result of each individual resource + description: Resources contains a list of sync result items for each individual resource in a sync operation items: description: ResourceResult holds the operation result details of a specific resource properties: group: + description: Group specifies the API group of the resource type: string hookPhase: - description: 'the state of any operation associated with this resource OR hook note: can contain values for non-hook resources' + description: HookPhase contains the state of any operation associated with this resource OR hook This can also contain values for non-hook resources. type: string hookType: - description: the type of the hook, empty for non-hook resources + description: HookType specifies the type of the hook. Empty for non-hook resources type: string kind: + description: Kind specifies the API kind of the resource type: string message: - description: message for the last sync OR operation + description: Message contains an informational or error message for the last sync OR operation type: string name: + description: Name specifies the name of the resource type: string namespace: + description: Namespace specifies the target namespace of the resource type: string status: - description: the final result of the sync, this is be empty if the resources is yet to be applied/pruned and is always zero-value for hooks + description: Status holds the final result of the sync. Will be empty if the resources is yet to be applied/pruned and is always zero-value for hooks type: string syncPhase: - description: indicates the particular phase of the sync that this is for + description: SyncPhase indicates the particular phase of the sync that this result was acquired in type: string version: + description: Version specifies the API version of the resource type: string required: - group @@ -1230,26 +1269,30 @@ spec: type: object type: array revision: - description: Revision holds the revision of the sync + description: Revision holds the revision this sync operation was performed to type: string source: description: Source records the application source information of the sync, used for comparing auto-sync properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options + description: Jsonnet holds options specific to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1270,7 +1313,7 @@ spec: tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1285,6 +1328,7 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to scan a directory recursively for manifests type: boolean type: object helm: @@ -1293,34 +1337,34 @@ spec: fileParameters: description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to a helm template + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation properties: name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string path: - description: Path is the path value for the helm parameter + description: Path is the path to the file containing the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm template + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation items: - description: HelmParameter is a parameter to a helm template + description: HelmParameter is a parameter that's passed to helm template during manifest generation properties: forceString: description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the helm parameter + description: Value is the value for the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it will use the application name + description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1328,10 +1372,10 @@ spec: type: string type: array values: - description: Values is Helm values, typically defined as a block + description: Values specifies Helm values to be passed to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating with + description: Version is the Helm version to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -1363,42 +1407,45 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional kustomize commonAnnotations + description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize commonLabels + description: CommonLabels is a list of additional labels to add to rendered manifests type: object images: - description: Images are kustomize image overrides + description: Images is a list of Kustomize image override specifications items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps + description: NamePrefix is a prefix appended to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps + description: NameSuffix is a suffix appended to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize version + description: Version controls which version of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment variable entries items: + description: EnvEntry represents an entry in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of the variable type: string required: - name @@ -1409,10 +1456,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application manifests + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -1430,17 +1477,20 @@ spec: format: date-time type: string resources: + description: Resources is a list of Kubernetes resources managed by this application items: - description: ResourceStatus holds the current sync and health status of a resource + description: 'ResourceStatus holds the current sync and health status of a resource TODO: describe members of this type' properties: group: type: string health: + description: HealthStatus contains information about the currently observed health state of an application or resource properties: message: + description: Message is a human-readable informational message describing the health status type: string status: - description: Represents resource health status + description: Status holds the status code of the application or resource type: string type: object hook: @@ -1461,8 +1511,10 @@ spec: type: object type: array sourceType: + description: SourceType specifies the type of this application type: string summary: + description: Summary contains a list of URLs and container images used by this application properties: externalURLs: description: ExternalURLs holds all external URLs of application child resources. @@ -1476,42 +1528,46 @@ spec: type: array type: object sync: - description: SyncStatus is a comparison result of application spec and deployed application. + description: Sync contains information about the application's current sync status properties: comparedTo: - description: ComparedTo contains application source and target which was used for resources comparison + description: ComparedTo contains information about what has been compared properties: destination: - description: ApplicationDestination contains deployment destination information + description: Destination is a reference to the application's destination used for comparison properties: name: - description: Name of the destination cluster which can be used instead of server (url) field + description: Name is an alternate way of specifying the target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment namespace value in the ksonnet app.yaml + description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server overrides the environment server value in the ksonnet app.yaml + description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API type: string type: object source: - description: ApplicationSource contains information about github repository, path within repository and target application environment. + description: Source is a reference to the application's source used for comparison properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options + description: Jsonnet holds options specific to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1532,7 +1588,7 @@ spec: tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1547,6 +1603,7 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to scan a directory recursively for manifests type: boolean type: object helm: @@ -1555,34 +1612,34 @@ spec: fileParameters: description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to a helm template + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation properties: name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string path: - description: Path is the path value for the helm parameter + description: Path is the path to the file containing the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm template + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation items: - description: HelmParameter is a parameter to a helm template + description: HelmParameter is a parameter that's passed to helm template during manifest generation properties: forceString: description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the helm parameter + description: Value is the value for the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it will use the application name + description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1590,10 +1647,10 @@ spec: type: string type: array values: - description: Values is Helm values, typically defined as a block + description: Values specifies Helm values to be passed to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating with + description: Version is the Helm version to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -1625,42 +1682,45 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional kustomize commonAnnotations + description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize commonLabels + description: CommonLabels is a list of additional labels to add to rendered manifests type: object images: - description: Images are kustomize image overrides + description: Images is a list of Kustomize image override specifications items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps + description: NamePrefix is a prefix appended to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps + description: NameSuffix is a suffix appended to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize version + description: Version controls which version of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment variable entries items: + description: EnvEntry represents an entry in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of the variable type: string required: - name @@ -1671,10 +1731,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application manifests + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -1684,9 +1744,10 @@ spec: - source type: object revision: + description: Revision contains information about the revision the comparison has been performed to type: string status: - description: SyncStatusCode is a type which represents possible comparison results + description: Status is the sync state of the comparison type: string required: - status @@ -1696,3 +1757,6 @@ spec: - metadata - spec type: object + served: true + storage: true + subresources: {} diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 2dab45a5..40182848 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -20,8 +20,6 @@ spec: scope: Namespaced versions: - name: v1alpha1 - served: true - storage: true schema: openAPIV3Schema: description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)' @@ -71,16 +69,16 @@ spec: destinations: description: Destinations contains list of destinations available for deployment items: - description: ApplicationDestination contains deployment destination information + description: ApplicationDestination holds information about the application's destination properties: name: - description: Name of the destination cluster which can be used instead of server (url) field + description: Name is an alternate way of specifying the target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment namespace value in the ksonnet app.yaml + description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server overrides the environment server value in the ksonnet app.yaml + description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API type: string type: object type: array @@ -116,7 +114,9 @@ spec: description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project properties: ignore: + description: Ignore contains a list of resources that are to be excluded from orphaned resources monitoring items: + description: OrphanedResourceKey is a reference to a resource to be ignored from properties: group: type: string @@ -173,7 +173,7 @@ spec: type: object type: array signatureKeys: - description: List of PGP key IDs that commits to be synced to must be signed with + description: SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync items: description: SignatureKey is the specification of a key required to verify commit signatures with properties: @@ -225,34 +225,35 @@ spec: type: array type: object status: - description: Status of the AppProject + description: AppProjectStatus contains status information for AppProject CRs properties: jwtTokensByRole: - description: JWT Tokens issued for each of the roles in the project additionalProperties: + description: JWTTokens represents a list of JWT tokens properties: - items: - description: List of JWT Tokens issued for the role - items: - description: Holds the issuedAt and expiresAt values of the token + items: + items: + description: JWTToken holds the issuedAt and expiresAt values of a token properties: exp: - description: The expiresAt value of a token format: int64 type: integer iat: - description: The issuedAt value of a token format: int64 type: integer id: - description: ID of the token type: string + required: + - iat type: object type: array type: object + description: JWTTokensByRole contains a list of JWT tokens issued for a given role type: object type: object required: - metadata - spec type: object + served: true + storage: true diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 6fe98a24..7c87bce8 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -92,8 +92,10 @@ spec: timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} -{{- if .Values.controller.volumeMounts }} volumeMounts: + - mountPath: /app/config/controller/tls + name: argocd-repo-server-tls +{{- if .Values.controller.volumeMounts }} {{- toYaml .Values.controller.volumeMounts | nindent 10}} {{- end }} resources: @@ -115,8 +117,19 @@ spec: hostAliases: {{ toYaml . | indent 6 }} {{- end }} -{{- if .Values.controller.volumes }} volumes: + - name: argocd-repo-server-tls + secret: + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + optional: true + secretName: argocd-repo-server-tls +{{- if .Values.controller.volumes }} {{- toYaml .Values.controller.volumes | nindent 8 }} {{- end }} {{- if .Values.controller.priorityClassName }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 47f04d9d..7350db37 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -81,6 +81,8 @@ spec: - mountPath: /app/config/tls name: tls-certs {{- end }} + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls - mountPath: /tmp name: tmp-dir ports: @@ -143,6 +145,17 @@ spec: name: argocd-tls-certs-cm name: tls-certs {{- end }} + - name: argocd-repo-server-tls + secret: + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + optional: true + secretName: argocd-repo-server-tls - emptyDir: {} name: tmp-dir {{- if .Values.repoServer.initContainers }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 4ae1c4c2..d12c8446 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -80,6 +80,8 @@ spec: - mountPath: /app/config/tls name: tls-certs {{- end }} + - mountPath: /app/config/server/tls + name: argocd-repo-server-tls ports: - name: {{ .Values.server.name }} containerPort: {{ .Values.server.containerPort }} @@ -149,6 +151,17 @@ spec: name: argocd-tls-certs-cm name: tls-certs {{- end }} + - name: argocd-repo-server-tls + secret: + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + optional: true + secretName: argocd-repo-server-tls {{- if .Values.server.priorityClassName }} priorityClassName: {{ .Values.server.priorityClassName }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index de88c0d3..f3dd7f05 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -41,11 +41,14 @@ spec: - "" - --appendonly - "no" + {{- with .Values.redis.extraArgs }} + {{- . | toYaml | nindent 8 }} + {{- end }} image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}} {{- if .Values.redis.containerSecurityContext }} securityContext: {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }} - {{- end }} + {{- end }} {{- if .Values.redis.env }} env: {{- toYaml .Values.redis.env | nindent 8 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index adc358f7..dc04e3eb 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -9,7 +9,7 @@ installCRDs: true global: image: - repository: argoproj/argocd + repository: quay.io/argoproj/argocd tag: v2.0.0 imagePullPolicy: IfNotPresent securityContext: {} @@ -27,8 +27,8 @@ controller: name: application-controller image: - repository: # argoproj/argocd - tag: # v1.7.11 + repository: # defaults to global.image.repository + tag: # defaults to global.image.tag imagePullPolicy: # IfNotPresent # If changing the number of replicas you must pass the number as ARGOCD_CONTROLLER_REPLICAS as an environment variable @@ -276,9 +276,15 @@ redis: image: repository: redis - tag: 5.0.10-alpine + tag: 6.2.1-alpine imagePullPolicy: IfNotPresent + ## Additional command line arguments to pass to redis-server + ## + extraArgs: [] + # - --bind + # - "0.0.0.0" + containerPort: 6379 servicePort: 6379 @@ -347,7 +353,7 @@ redis-ha: metrics: enabled: true image: - tag: 5.0.8-alpine + tag: 6.2.1-alpine ## Server server: @@ -363,8 +369,8 @@ server: targetMemoryUtilizationPercentage: 50 image: - repository: # argoproj/argocd - tag: # v1.7.11 + repository: # defaults to global.image.repository + tag: # defaults to global.image.tag imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server @@ -733,8 +739,8 @@ repoServer: targetMemoryUtilizationPercentage: 50 image: - repository: # argoproj/argocd - tag: # v1.7.11 + repository: # defaults to global.image.repository + tag: # defaults to global.image.tag imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server From 72f71923f2b7e01a0651b404aefe6d62fb8aacfb Mon Sep 17 00:00:00 2001 From: t3mi Date: Mon, 26 Apr 2021 15:35:41 +0300 Subject: [PATCH 21/24] feat(argo-events): add priorityClassName and podLabels options (#610) Signed-off-by: t3mi --- charts/argo-events/Chart.yaml | 2 +- .../templates/eventbus-controller-deployment.yaml | 6 ++++++ .../templates/eventsource-controller-deployment.yaml | 6 ++++++ .../templates/sensor-controller-deployment.yaml | 6 ++++++ charts/argo-events/values.yaml | 12 +++++++++--- 5 files changed, 28 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 1f138c3c..c9f2ae12 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.3.2 +version: 1.3.3 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index 900daf41..e3631828 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} release: {{ .Release.Name }} + {{- with .Values.eventbusController.podLabels }} + {{- tpl (toYaml .) $ | nindent 8 }} + {{- end }} {{- with .Values.eventbusController.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} @@ -52,6 +55,9 @@ spec: port: 8081 initialDelaySeconds: 3 periodSeconds: 3 + {{- with .Values.eventbusController.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} {{- with .Values.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 9fcd1eaf..a6522da6 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} release: {{ .Release.Name }} + {{- with .Values.eventsourceController.podLabels }} + {{- tpl (toYaml .) $ | nindent 8 }} + {{- end }} {{- with .Values.eventsourceController.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} @@ -50,6 +53,9 @@ spec: port: 8081 initialDelaySeconds: 3 periodSeconds: 3 + {{- with .Values.eventsourceController.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} {{- with .Values.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 371fe82f..e6a1c104 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ .Release.Name }}-{{ .Values.sensorController.name }} release: {{ .Release.Name }} + {{- with .Values.sensorController.podLabels }} + {{- tpl (toYaml .) $ | nindent 8 }} + {{- end }} {{- with .Values.sensorController.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} @@ -50,6 +53,9 @@ spec: port: 8081 initialDelaySeconds: 3 periodSeconds: 3 + {{- with .Values.sensorController.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} {{- with .Values.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index ec251fe6..b786e260 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -50,7 +50,9 @@ sensorController: sensorImage: sensor podAnnotations: {} nodeSelector: {} - tolerations: {} + podLabels: {} + priorityClassName: "" + tolerations: [] affinity: {} eventsourceController: @@ -61,7 +63,9 @@ eventsourceController: eventsourceImage: eventsource podAnnotations: {} nodeSelector: {} - tolerations: {} + podLabels: {} + priorityClassName: "" + tolerations: [] affinity: {} eventbusController: @@ -71,7 +75,9 @@ eventbusController: replicaCount: 1 podAnnotations: {} nodeSelector: {} - tolerations: {} + podLabels: {} + priorityClassName: "" + tolerations: [] affinity: {} natsStreamingImage: nats-streaming:0.17.0 natsMetricsExporterImage: synadia/prometheus-nats-exporter:0.6.2 From 4e0bf1e19d75f3efc9f48f422440455a11f5c95a Mon Sep 17 00:00:00 2001 From: Sergey <41047934+1Psy@users.noreply.github.com> Date: Mon, 26 Apr 2021 21:55:12 +0300 Subject: [PATCH 22/24] fix(argocd-notifications): Changes to rules RBAC role. (#697) add role resourceNames argoproj-labs/argocd-notifications#199 allow configmap/secret list verb argoproj-labs/argocd-notifications#244 Signed-off-by: 1Psy <41047934+1Psy@users.noreply.github.com> --- charts/argocd-notifications/Chart.yaml | 2 +- .../templates/bots/slack/role.yaml | 18 +++++++++--------- .../argocd-notifications/templates/role.yaml | 19 +++++++++++++++++-- 3 files changed, 27 insertions(+), 12 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 881c18ae..04851ad0 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.1.2 +version: 1.1.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/bots/slack/role.yaml b/charts/argocd-notifications/templates/bots/slack/role.yaml index b509f6d4..5193a109 100644 --- a/charts/argocd-notifications/templates/bots/slack/role.yaml +++ b/charts/argocd-notifications/templates/bots/slack/role.yaml @@ -4,6 +4,15 @@ kind: Role metadata: name: {{ include "argocd-notifications.name" . }}-bot rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch - apiGroups: - argoproj.io resources: @@ -15,13 +24,4 @@ rules: - watch - update - patch -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch {{ end }} diff --git a/charts/argocd-notifications/templates/role.yaml b/charts/argocd-notifications/templates/role.yaml index fcd99ef6..0b07afd7 100644 --- a/charts/argocd-notifications/templates/role.yaml +++ b/charts/argocd-notifications/templates/role.yaml @@ -19,9 +19,24 @@ rules: - apiGroups: - "" resources: + - configmaps - secrets + verbs: + - list + - watch +- apiGroups: + - "" + resourceNames: + - {{ include "argocd-notifications.name" . }}-cm + resources: - configmaps verbs: - get - - list - - watch +- apiGroups: + - "" + resourceNames: + - {{ include "argocd-notifications.name" . }}-secret + resources: + - secrets + verbs: + - get \ No newline at end of file From d40a9be8106a207067241c75557888a7127fa55b Mon Sep 17 00:00:00 2001 From: Geoffrey Gouez Date: Mon, 26 Apr 2021 23:38:11 +0200 Subject: [PATCH 23/24] feat(argocd-notifications): Optional ConfigMap for argocd-notifications (#656) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argocd-notifications): Optional ConfigMap for argocd-notifications Signed-off-by: Cicatrice * feat(argocd-notifications): version bump Co-authored-by: Oliver Bähler Signed-off-by: Cicatrice Co-authored-by: Oliver Bähler --- charts/argocd-notifications/Chart.yaml | 2 +- charts/argocd-notifications/templates/configmap.yaml | 4 +++- charts/argocd-notifications/values.yaml | 4 ++++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 04851ad0..12c03d53 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.1.3 +version: 1.2.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/configmap.yaml b/charts/argocd-notifications/templates/configmap.yaml index 9090a162..442234bc 100644 --- a/charts/argocd-notifications/templates/configmap.yaml +++ b/charts/argocd-notifications/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{ if .Values.cm.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -19,4 +20,5 @@ data: {{- end }} {{- with .Values.triggers }} {{- toYaml . | nindent 2 }} - {{- end }} \ No newline at end of file + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index 0a27e643..ace4c84e 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -88,6 +88,10 @@ serviceAccount: # If not set and create is true, a name is generated using the fullname template name: argocd-notifications-controller +cm: + # Whether helm chart creates controller config map + create: true + subscriptions: # For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ From 7efd2d4a44da349c508ec50a8f3630c47ad1456d Mon Sep 17 00:00:00 2001 From: "Wen-Chih (Ryan) Lo" Date: Wed, 28 Apr 2021 02:33:31 +0800 Subject: [PATCH 24/24] chore(argo): Fix service name in argo/templates/NOTES.txt (#701) Signed-off-by: Ryan Lo --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/NOTES.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 741fa2e6..3f10ee6f 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.12.5 description: A Helm chart for Argo Workflows name: argo -version: 0.16.9 +version: 0.16.10 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/NOTES.txt b/charts/argo/templates/NOTES.txt index 327b262d..7b4c02f0 100644 --- a/charts/argo/templates/NOTES.txt +++ b/charts/argo/templates/NOTES.txt @@ -11,6 +11,6 @@ argo submit https://raw.githubusercontent.com/argoproj/argo/master/examples/hell 3. Access Minio UI and create bucket '{{ .Values.minio.defaultBucket.name }}'. Minio UI is available on port 9000 and available via external URL. URL might be retrieved using following command: -kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-minio-svc +kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-minio {{ end }}