DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into bug/703

Browse source
This commit is contained in:
Marco Kilchhofer 2021-05-22 15:46:25 +02:00 committed by GitHub
commit 44676678ef
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
115 changed files with 1229 additions and 1043 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.circleci/chart-testing.yaml
View file

@ -1,4 +0,0 @@
chart-repos:
- argo=https://argoproj.github.io/argo-helm
- minio=https://helm.min.io/
- dandydeveloper=https://dandydeveloper.github.io/charts/

27
.circleci/config.yml
View file

@ -5,32 +5,13 @@ jobs:
- image: quay.io/helmpack/chart-testing:v3.3.1
steps:
- checkout
- run: helm repo add stable https://charts.helm.sh/stable
- run: ct lint --config .circleci/chart-testing.yaml --lint-conf .circleci/lintconf.yaml
# Technically this only needs to be run on master, but it's good to have it run on every PR
# so that it is regularly tested.
- run: ct lint --config .github/configs/ct-lint.yaml --lint-conf .github/configs/lintconf.yaml
publish:
docker:
# We just need an image with `helm` on it. Handily we know of one already.
- image: quay.io/helmpack/chart-testing:v3.3.1
- image: bash
steps:
# install the additional keys needed to push to GitHub. Alex Collins owns these keys.
- add_ssh_keys
- run: git config --global user.email "nobody@circleci.com"
- run: git config --global user.name "Circle CI Build"
- checkout
- run: helm repo add stable https://charts.helm.sh/stable
- run: helm repo add minio https://helm.min.io/
- run: helm repo add dandydeveloper https://dandydeveloper.github.io/charts/
# Only actually publish charts on master.
- run: |
set -x
if [ "$CIRCLE_BRANCH" = "master" ]; then
export GIT_PUSH=true
else
export GIT_PUSH=false
fi
sh ./scripts/publish.sh
- run: echo "Replaced by Github Workflow - https://github.com/argoproj/argo-helm/actions/workflows/publish.yml"
workflows:
version: 2
workflow:

2
.github/configs/cr.yaml vendored Normal file
View file

@ -0,0 +1,2 @@
## Reference: https://github.com/helm/chart-releaser
index-path: "./index.yaml"

19
.github/configs/ct-install.yaml vendored Normal file
View file

@ -0,0 +1,19 @@
## Reference: https://github.com/helm/chart-testing/blob/master/doc/ct_lint-and-install.md
# Don't add the 'debug' attribute, otherwise the workflow won't work anymore
# Only Used for the CT Install Stage
remote: origin
chart-dirs:
- charts
chart-repos:
- argo=https://argoproj.github.io/argo-helm
- minio=https://helm.min.io/
- dandydeveloper=https://dandydeveloper.github.io/charts/
- stable=https://charts.helm.sh/stable
- incubator=https://charts.helm.sh/incubator
helm-extra-args: "--timeout 600s"
validate-chart-schema: false
validate-maintainers: true
validate-yaml: true
exclude-deprecated: true
excluded-charts:
- "argocd-applicationset"

18
.github/configs/ct-lint.yaml vendored Normal file
View file

@ -0,0 +1,18 @@
## Reference: https://github.com/helm/chart-testing/blob/master/doc/ct_lint-and-install.md
# Don't add the 'debug' attribute, otherwise the workflow won't work anymore
# Only Used for the CT Lint Stage
remote: origin
chart-dirs:
- charts
chart-repos:
- argo=https://argoproj.github.io/argo-helm
- minio=https://helm.min.io/
- dandydeveloper=https://dandydeveloper.github.io/charts/
- stable=https://charts.helm.sh/stable
- incubator=https://charts.helm.sh/incubator
helm-extra-args: "--timeout 600s"
validate-chart-schema: false
validate-maintainers: true
validate-yaml: true
exclude-deprecated: true
excluded-charts: []

0
.circleci/lintconf.yaml → .github/configs/lintconf.yaml vendored
View file

1
.github/stale.yml vendored
View file

@ -1 +0,0 @@
# See https://github.com/probot/stale

45
.github/workflows/lint-and-test.yml vendored Normal file
View file

@ -0,0 +1,45 @@
## Reference: https://github.com/helm/chart-testing-action
---
name: Linting and Testing
on: pull_request
jobs:
chart-test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up Helm
uses: azure/setup-helm@v1
- name: Set up python
uses: actions/setup-python@v2
with:
python-version: 3.7
- name: Setup Chart Linting
id: lint
uses: helm/chart-testing-action@v2.0.1
- name: List changed charts
id: list-changed
run: |
## If executed with debug this won't work anymore.
changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed)
charts=$(echo "$changed" | tr '\n' ' ' | xargs)
if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true"
echo "::set-output name=changed_charts::$charts"
fi
- name: Run chart-testing (lint)
run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml
- name: Create kind cluster
uses: helm/kind-action@v1.1.0
if: steps.list-changed.outputs.changed == 'true'
- name: Run chart-testing (install)
run: ct install --config ./.github/configs/ct-install.yaml
if: steps.list-changed.outputs.changed == 'true'

14
.github/workflows/pr-sizing.yml vendored Normal file
View file

@ -0,0 +1,14 @@
## Reference: https://github.com/pascalgn/size-label-action
---
name: 'PR Size'
on:
pull_request_target:
types: [opened, synchronize, reopened]
jobs:
size-label:
runs-on: ubuntu-latest
steps:
- name: size-label
uses: "pascalgn/size-label-action@v0.4.2"
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

42
.github/workflows/publish.yml vendored Normal file
View file

@ -0,0 +1,42 @@
---
name: Chart Publish
on:
push:
branches:
- master
- rewrite-build
jobs:
publish:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Install Helm
uses: azure/setup-helm@v1
- name: Add dependency chart repos
run: |
helm repo add argo https://argoproj.github.io/argo-helm
helm repo add minio https://helm.min.io/
helm repo add dandydeveloper https://dandydeveloper.github.io/charts/
helm repo add stable https://charts.helm.sh/stable
helm repo add incubator https://charts.helm.sh/incubator
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
## This is required to consider the old Circle-CI Index and to stay compatible with all the old releases.
- name: Fetch current Chart Index
run: |
git checkout origin/gh-pages index.yaml
- name: Run chart-releaser
uses: helm/chart-releaser-action@v1.2.0
with:
config: "./.github/configs/cr.yaml"
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

4
.github/workflows/stale.yml vendored
View file

@ -1,14 +1,10 @@
name: Mark stale issues and pull requests
on:
schedule:
- cron: "30 1 * * *"
jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v3
with:

5
CODEOWNERS
View file

@ -1,5 +1,8 @@
# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
# All charts
/charts/ @mkilchhofer
# Argo Workflows
/charts/argo @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler
@ -10,7 +13,7 @@
/charts/argo-events @jbehling @VaibhavPage @oliverbaehler
# Argo Rollouts
/charts/argo-rollouts @cabrinha @oliverbaehler
/charts/argo-rollouts @oliverbaehler
# Argo CD Notifications
/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler

17
CONTRIBUTING.md
View file

@ -22,6 +22,12 @@ helm delete argo-cd --purge
kubectl delete crd -l app.kubernetes.io/part-of=argocd
```
Pre-requisites:
```
helm repo add redis-ha https://dandydeveloper.github.io/charts/
helm dependency update
```
Minimally:
```
@ -80,7 +86,7 @@ As part of the Continuous Integration system we run Helm's [Chart Testing](https
The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames.
Linting configuration can be found in [lintconf.yaml](.circleci/lintconf.yaml)
Linting configuration can be found in [ct-lint.yaml](./.github/configs/ct-lint.yaml)
The linting can be invoked manually with the following command:
@ -90,11 +96,4 @@ The linting can be invoked manually with the following command:
## Publishing Changes
Changes are automatically publish whenever a commit is merged to master. The CI job (see `.circleci/config.yaml`) runs this:
```
GIT_PUSH=true ./scripts/publish.sh
```
Script generates tar file for each chart in `charts` directory and push changes to `gh-pages` branch.
Write access to https://github.com/argoproj/argo-helm.git is required to publish changes.
Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`).

2
README.md
View file

@ -1,5 +1,7 @@
# Argo Helm Charts
[![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=master)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml)
Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. The charts can be added using following command:
```

6
charts/argo-cd/Chart.lock
View file

@ -1,6 +1,6 @@
dependencies:
- name: redis-ha
repository: https://dandydeveloper.github.io/charts/
version: 4.10.4
digest: sha256:e36321520ffd6f91962b0bcfeae947a86983d6b6d273eb616f08425e2b8ab9c2
generated: "2021-04-14T13:41:16.151666-07:00"
version: 4.12.14
digest: sha256:34275a4f4df92c570d07b0553da5d1fa200b6f057f7091746c853fd7399ee30a
generated: "2021-05-03T16:02:41.4356045-04:00"

6
charts/argo-cd/Chart.yaml
View file

@ -1,8 +1,8 @@
apiVersion: v2
appVersion: 2.0.0
appVersion: 2.0.1
description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 3.3.0
version: 3.6.0
home: https://github.com/argoproj/argo-helm
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
keywords:
@ -16,6 +16,6 @@ maintainers:
- name: seanson
dependencies:
- name: redis-ha
version: 4.10.4
version: 4.12.14
repository: https://dandydeveloper.github.io/charts/
condition: redis-ha.enabled

3
charts/argo-cd/README.md
View file

@ -55,7 +55,7 @@ Helm apiVersion switched to `v2`. Requires Helm `3.0.0` or above to install. [Re
### 2.14.7 and above
The `matchLabels` key in the ArgoCD Appliaction Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource.
The `matchLabels` key in the ArgoCD Application Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource.
### 2.10.x to 2.11.0
@ -130,6 +130,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i
| configs.tlsCertsAnnotations | TLS certificate configmap annotations | `{}` |
| configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) |
| configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` |
| configs.styles | Define custom CSS styles for your argo instance ([Read More](https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/)). This Settings will automatically mount the provided css and reference it in the argo configuration. | `""` (See [values.yaml](values.yaml)) |
| openshift.enabled | enables using arbitrary uid for argo repo server | `false` |
## ArgoCD Controller

7
charts/argo-cd/templates/NOTES.txt
View file

@ -9,7 +9,8 @@ In order to access the server UI you have the following options:
- Add the `--insecure` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts
After reaching the UI the first time you can login with username: admin and the password will be the
name of the server pod. You can get the pod name by running:
After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running:
kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2
kubectl -n {{ .Release.Namespace }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
(You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://github.com/argoproj/argo-cd/blob/master/docs/getting_started.md#4-login-using-the-cli)

17
charts/argo-cd/templates/_helpers.tpl
View file

@ -160,3 +160,20 @@ Return the target Kubernetes version
{{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }}
{{- end -}}
{{/*
Argo Configuration Preset Values (Incluenced by Values configuration)
*/}}
{{- define "argo-cd.config.presets" -}}
{{- if .Values.configs.styles }}
ui.cssurl: "./custom/custom.styles.css"
{{- end }}
{{- end -}}
{{/*
Merge Argo Configuration with Preset Configuration
*/}}
{{- define "argo-cd.config" -}}
{{- if .Values.server.configEnabled -}}
{{- toYaml (mergeOverwrite (default dict (fromYaml (include "argo-cd.config.presets" $))) .Values.server.config) }}
{{- end -}}
{{- end -}}

4
charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml
View file

@ -6,6 +6,9 @@ metadata:
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
rules:
{{- if .Values.controller.clusterRoleRules.enabled }}
{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }}
{{ else }}
- apiGroups:
- '*'
resources:
@ -17,3 +20,4 @@ rules:
verbs:
- '*'
{{- end }}
{{- end }}

15
charts/argo-cd/templates/argocd-application-controller/deployment.yaml
View file

@ -70,6 +70,9 @@ spec:
{{- if .Values.controller.env }}
env:
{{- toYaml .Values.controller.env | nindent 8 }}
{{- end }}
{{- with .Values.controller.envFrom }}
envFrom: {{- toYaml . | nindent 8 }}
{{- end }}
ports:
- name: controller
@ -95,9 +98,9 @@ spec:
volumeMounts:
- mountPath: /app/config/controller/tls
name: argocd-repo-server-tls
{{- if .Values.controller.volumeMounts }}
{{- toYaml .Values.controller.volumeMounts | nindent 10}}
{{- end }}
{{- with .Values.controller.volumeMounts }}
{{- toYaml . | nindent 8 }}
{{- end }}
resources:
{{- toYaml .Values.controller.resources | nindent 10 }}
{{- if .Values.controller.nodeSelector }}
@ -129,9 +132,9 @@ spec:
path: ca.crt
optional: true
secretName: argocd-repo-server-tls
{{- if .Values.controller.volumes }}
{{- toYaml .Values.controller.volumes | nindent 8 }}
{{- end }}
{{- with .Values.controller.volumes }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- if .Values.controller.priorityClassName }}
priorityClassName: {{ .Values.controller.priorityClassName }}
{{- end }}

4
charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml
View file

@ -17,7 +17,9 @@ metadata:
spec:
endpoints:
- port: metrics
interval: 30s
{{- with .Values.controller.metrics.serviceMonitor.interval }}
interval: {{ . }}
{{- end }}
path: /metrics
namespaceSelector:
matchNames:

3
charts/argo-cd/templates/argocd-configs/argocd-cm.yaml
View file

@ -11,6 +11,5 @@ metadata:
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
data:
{{- toYaml .Values.server.config | nindent 4 }}
data: {{- include "argo-cd.config" $ | nindent 4 }}
{{- end }}

11
charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml Normal file
View file

@ -0,0 +1,11 @@
{{- if .Values.configs.styles }}
apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-custom-styles
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
data:
custom.styles.css: |
{{- .Values.configs.styles | nindent 4 }}
{{- end }}

3
charts/argo-cd/templates/argocd-repo-server/deployment.yaml
View file

@ -67,6 +67,9 @@ spec:
value: argocd
{{- end }}
{{- end }}
{{- with .Values.openshift.envFrom }}
envFrom: {{- toYaml . | nindent 8 }}
{{- end }}
volumeMounts:
{{- if .Values.repoServer.volumeMounts }}
{{- toYaml .Values.repoServer.volumeMounts | nindent 8}}

4
charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml
View file

@ -17,7 +17,9 @@ metadata:
spec:
endpoints:
- port: metrics
interval: 30s
{{- with .Values.controller.metrics.serviceMonitor.interval }}
interval: {{ . }}
{{- end }}
path: /metrics
namespaceSelector:
matchNames:

13
charts/argo-cd/templates/argocd-server/deployment.yaml
View file

@ -67,6 +67,9 @@ spec:
{{- if .Values.server.env }}
env:
{{- toYaml .Values.server.env | nindent 8 }}
{{- end }}
{{- with .Values.server.envFrom }}
envFrom: {{- toYaml . | nindent 8 }}
{{- end }}
volumeMounts:
{{- if .Values.server.volumeMounts }}
@ -82,6 +85,11 @@ spec:
{{- end }}
- mountPath: /app/config/server/tls
name: argocd-repo-server-tls
{{- if .Values.configs.styles }}
- mountPath: "/shared/app/custom/custom.styles.css"
subPath: "custom.styles.css"
name: custom-styles
{{- end }}
ports:
- name: {{ .Values.server.name }}
containerPort: {{ .Values.server.containerPort }}
@ -141,6 +149,11 @@ spec:
{{- end }}
- emptyDir: {}
name: static-files
{{- if .Values.configs.styles }}
- configMap:
name: argocd-custom-styles
name: custom-styles
{{- end }}
{{- if .Values.configs.knownHosts }}
- configMap:
name: argocd-ssh-known-hosts-cm

3
charts/argo-cd/templates/argocd-server/service.yaml
View file

@ -44,3 +44,6 @@ spec:
{{ toYaml .Values.server.service.loadBalancerSourceRanges | indent 4 }}
{{- end }}
{{- end -}}
{{- with .Values.server.service.externalTrafficPolicy }}
externalTrafficPolicy: {{ . }}
{{- end }}

4
charts/argo-cd/templates/argocd-server/servicemonitor.yaml
View file

@ -17,7 +17,9 @@ metadata:
spec:
endpoints:
- port: metrics
interval: 30s
{{- with .Values.controller.metrics.serviceMonitor.interval }}
interval: {{ . }}
{{- end }}
path: /metrics
namespaceSelector:
matchNames:

3
charts/argo-cd/templates/dex/deployment.yaml
View file

@ -62,6 +62,9 @@ spec:
{{- if .Values.dex.env }}
env:
{{- toYaml .Values.dex.env | nindent 8 }}
{{- end }}
{{- with .Values.dex.envFrom }}
envFrom: {{- toYaml . | nindent 8 }}
{{- end }}
ports:
- name: http

4
charts/argo-cd/templates/dex/servicemonitor.yaml
View file

@ -17,7 +17,9 @@ metadata:
spec:
endpoints:
- port: metrics
interval: 30s
{{- with .Values.controller.metrics.serviceMonitor.interval }}
interval: {{ . }}
{{- end }}
path: /metrics
namespaceSelector:
matchNames:

3
charts/argo-cd/templates/redis/deployment.yaml
View file

@ -52,6 +52,9 @@ spec:
{{- if .Values.redis.env }}
env:
{{- toYaml .Values.redis.env | nindent 8 }}
{{- end }}
{{- with .Values.redis.envFrom }}
envFrom: {{- toYaml . | nindent 8 }}
{{- end }}
ports:
- containerPort: {{ .Values.redis.containerPort }}

66
charts/argo-cd/values.yaml
View file

@ -11,7 +11,7 @@ installCRDs: true
global:
image:
repository: quay.io/argoproj/argocd
tag: v2.0.0
tag: v2.0.1
imagePullPolicy: IfNotPresent
securityContext: {}
# runAsUser: 999
@ -62,6 +62,14 @@ controller:
# - name: "ARGOCD_CONTROLLER_REPLICAS"
# value: ""
## envFrom to pass to argocd-controller
##
envFrom: []
# - configMapRef:
# name: config-map-name
# - secretRef:
# name: secret-name
## Annotations to be added to controller pods
##
podAnnotations: {}
@ -144,6 +152,7 @@ controller:
servicePort: 8082
serviceMonitor:
enabled: false
interval: 30s
# selector:
# prometheus: kube-prometheus
# namespace: monitoring
@ -184,6 +193,13 @@ controller:
## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster.
clusterAdminAccess:
enabled: true
## Enable Custom Rules for the Application Controller's Cluster Role resource
## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource.
## Defaults to off
clusterRoleRules:
enabled: false
rules: []
## Dex
dex:
@ -197,6 +213,7 @@ dex:
labels: {}
serviceMonitor:
enabled: false
interval: 30s
image:
repository: quay.io/dexidp/dex
@ -211,6 +228,13 @@ dex:
##
env: []
## envFrom to pass to the Dex server
envFrom: []
# - configMapRef:
# name: config-map-name
# - secretRef:
# name: secret-name
## Annotations to be added to the Dex server pods
##
podAnnotations: {}
@ -277,7 +301,7 @@ redis:
image:
repository: redis
tag: 6.2.1-alpine
tag: 6.2.2-alpine
imagePullPolicy: IfNotPresent
## Additional command line arguments to pass to redis-server
@ -293,6 +317,14 @@ redis:
##
env: []
## envFrom to pass to the Redis server
##
envFrom: []
# - configMapRef:
# name: config-map-name
# - secretRef:
# name: secret-name
## Annotations to be added to the Redis server pods
##
podAnnotations: {}
@ -354,7 +386,7 @@ redis-ha:
metrics:
enabled: true
image:
tag: 6.2.1-alpine
tag: 6.2.2-alpine
## Server
server:
@ -383,6 +415,14 @@ server:
##
env: []
## envFrom to pass to argocd-server
##
envFrom: []
# - configMapRef:
# name: config-map-name
# - secretRef:
# name: secret-name
## Specify postStart and preStop lifecycle hooks for your argo-cd-server container
##
lifecycle: {}
@ -473,6 +513,7 @@ server:
loadBalancerIP: ""
loadBalancerSourceRanges: []
externalIPs: []
externalTrafficPolicy: ""
## Server metrics service configuration
metrics:
@ -483,6 +524,7 @@ server:
servicePort: 8083
serviceMonitor:
enabled: false
interval: 30s
# selector:
# prometheus: kube-prometheus
# namespace: monitoring
@ -752,6 +794,14 @@ repoServer:
##
env: []
## envFrom to pass to argocd-repo-server
##
envFrom: []
# - configMapRef:
# name: config-map-name
# - secretRef:
# name: secret-name
## Argo repoServer log format: text|json
logFormat: text
## Argo repoServer log level
@ -831,6 +881,7 @@ repoServer:
servicePort: 8084
serviceMonitor:
enabled: false
interval: 30s
# selector:
# prometheus: kube-prometheus
# namespace: monitoring
@ -1009,9 +1060,16 @@ configs:
# Argo expects the password in the secret to be bcrypt hashed. You can create this hash with
# `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'`
# argocdServerAdminPassword:
# argocdServerAdminPassword: ""
# Password modification time defaults to current time if not set
# argocdServerAdminPasswordMtime: "2006-01-02T15:04:05Z"
## Custom CSS Styles
## Reference: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/
# styles: |
# .nav-bar {
# background: linear-gradient(to bottom, #999, #777, #333, #222, #111);
# }
openshift:
enabled: false

12
charts/argo-ci/Chart.yaml
View file

@ -1,12 +0,0 @@
apiVersion: v2
description: A Helm chart for Argo-CI
name: argo-ci
version: 1.0.0
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
appVersion: v1.0.0-alpha2
home: https://github.com/argoproj/argo-helm
deprecated: true
dependencies:
- name: argo
version: "^0.16.0"
repository: https://argoproj.github.io/argo-helm

5
charts/argo-ci/README.md
View file

@ -1,5 +0,0 @@
# Argo CI Chart
**Deprecated** - Use [Argo-Events](./argo-events) instead.
This is a **community maintained** chart.

0
charts/argo-ci/templates/NOTES.txt
View file

16
charts/argo-ci/templates/_helpers.tpl
View file

@ -1,16 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}

39
charts/argo-ci/templates/ci-deployment.yaml
View file

@ -1,39 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-ci
labels:
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
selector:
matchLabels:
app: {{ .Release.Name }}-ci
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-ci
release: {{ .Release.Name }}
spec:
containers:
- name: ci
image: "{{ .Values.imageNamespace }}/{{ .Values.ciImage }}:{{ .Values.imageTag }}"
imagePullPolicy: {{ .Values.imagePullPolicy }}
env:
- name: IN_CLUSTER
value: "true"
- name: NAMESPACE
value: {{ .Values.workflowNamespace }}
- name: ARGO_CI_IMAGE
value: "{{ .Values.imageNamespace }}/{{ .Values.ciImage }}:{{ .Values.imageTag }}"
- name: CONTROLLER_INSTANCE_ID
value: {{ .Release.Name }}
ports:
- containerPort: 8001
- containerPort: 8002
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}

17
charts/argo-ci/templates/ci-service.yaml
View file

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-ci
labels:
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
ports:
- port: 80
protocol: TCP
targetPort: 8001
selector:
app: {{ .Release.Name }}-ci
sessionAffinity: None
type: LoadBalancer

14
charts/argo-ci/values.yaml
View file

@ -1,14 +0,0 @@
imageNamespace: argoproj
ciImage: argoci
imageTag: v1.0.0-alpha2
imagePullPolicy: Always
# Secrets with credentials to pull images from a private registry
imagePullSecrets: []
# - name: argo-pull-secret
workflowNamespace: default
argo:
imagesNamespace: argoproj
installMinio: true
minioBucketName: argo-artifacts
useReleaseAsInstanceID: true

4
charts/argo-events/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v2
description: A Helm chart to install Argo-Events in k8s Cluster
name: argo-events
version: 1.3.3
version: 1.4.2
keywords:
- argo-events
- sensor-controller
@ -12,6 +12,6 @@ sources:
maintainers:
- name: VaibhavPage
- name: whynowy
appVersion: 1.2.3
appVersion: 1.3.1
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
home: https://github.com/argoproj/argo-helm

3
charts/argo-events/ci/test-values.yaml
View file

@ -1,6 +1,3 @@
serviceAccount: argo-events-sa-test
additionalSaNamespaces:
- nsone
- nstwo
instanceID: test-argo-events
singleNamespace: false

6
charts/argo-events/values.yaml
View file

@ -45,7 +45,7 @@ singleNamespace: true
sensorController:
name: sensor-controller
image: sensor-controller
tag: v1.2.3
tag: v1.3.1
replicaCount: 1
sensorImage: sensor
podAnnotations: {}
@ -58,7 +58,7 @@ sensorController:
eventsourceController:
name: eventsource-controller
image: eventsource-controller
tag: v1.2.3
tag: v1.3.1
replicaCount: 1
eventsourceImage: eventsource
podAnnotations: {}
@ -71,7 +71,7 @@ eventsourceController:
eventbusController:
name: eventbus-controller
image: eventbus-controller
tag: v1.2.3
tag: v1.3.1
replicaCount: 1
podAnnotations: {}
nodeSelector: {}

2
charts/argo-rollouts/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "0.10.2"
description: A Helm chart for Argo Rollouts
name: argo-rollouts
version: 0.5.0
version: 0.5.3
icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
home: https://github.com/argoproj/argo-helm
maintainers:

1
charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml
View file

@ -130,6 +130,7 @@ rules:
- networking.istio.io
resources:
- virtualservices
- destinationrules
verbs:
- watch
- get

4
charts/argo-rollouts/templates/argo-rollouts-deployment.yaml
View file

@ -38,6 +38,10 @@ spec:
imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
name: {{ .Values.controller.name }}
resources:
{{- toYaml .Values.controller.resources | nindent 10 }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
resources:
{{- toYaml .Values.controller.resources | nindent 10 }}
{{- if .Values.controller.nodeSelector }}
nodeSelector:

1
charts/argo-rollouts/templates/crds/analysis-run-crd.yaml
View file

@ -17,6 +17,7 @@ spec:
shortNames:
- ar
singular: analysisrun
preserveUnknownFields: false
scope: Namespaced
versions:
- additionalPrinterColumns:

1
charts/argo-rollouts/templates/crds/analysis-template-crd.yaml
View file

@ -17,6 +17,7 @@ spec:
shortNames:
- at
singular: analysistemplate
preserveUnknownFields: false
scope: Namespaced
versions:
- name: v1alpha1

1
charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml
View file

@ -17,6 +17,7 @@ spec:
shortNames:
- cat
singular: clusteranalysistemplate
preserveUnknownFields: false
scope: Cluster
versions:
- name: v1alpha1

1
charts/argo-rollouts/templates/crds/experiment-crd.yaml
View file

@ -17,6 +17,7 @@ spec:
shortNames:
- exp
singular: experiment
preserveUnknownFields: false
scope: Namespaced
versions:
- additionalPrinterColumns:

1
charts/argo-rollouts/templates/crds/rollout-crd.yaml
View file

@ -17,6 +17,7 @@ spec:
shortNames:
- ro
singular: rollout
preserveUnknownFields: false
scope: Namespaced
versions:
- additionalPrinterColumns:

0
charts/argo-ci/.helmignore → charts/argo-workflows/.helmignore
View file

15
charts/argo-workflows/Chart.yaml Normal file
View file

@ -0,0 +1,15 @@
apiVersion: v2
name: argo-workflows
description: A Helm chart for Argo Workflows
type: application
version: 0.1.2
appVersion: "v3.0.2"
icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png
home: https://github.com/argoproj/argo-helm
sources:
- https://github.com/argoproj/argo-workflows
maintainers:
- name: alexec
- name: alexmt
- name: jessesuen
- name: benjaminws

48
charts/argo-workflows/README.md Normal file
View file

@ -0,0 +1,48 @@
# Argo Workflows Chart
This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm).
If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo-workflows), you should deploy it in the `kube-system` namespace.
## Pre-Requisites
This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to do create these.
A few options are:
- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute
- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
## Usage Notes
This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs.
## Values
The `values.yaml` contains items used to tweak a deployment of this chart.
Fields to note:
- `controller.instanceID.enabled`: If set to true, the Argo Controller will **ONLY** monitor Workflow submissions with a `--instanceid` attribute
- `controller.instanceID.useReleaseName`: If set to true then chart set controller instance id to release name
- `controller.instanceID.explicitID`: Allows customization of an instance id for the workflow controller to monitor
- `controller.workflowNamespaces`: This is a list of namespaces where workflows will be ran
## Breaking changes from the deprecated `argo` chart
1. the `installCRD` value has been removed. CRDs are now only installed from the conventional crds/ directory
1. the CRDs were updated to `apiextensions.k8s.io/v1`
1. the container image registry/project/tag format was changed to be more in line with the more common
```yaml
image:
registry: quay.io
repository: argoproj/argocli
tag: v3.0.1
```
this also makes it easier for automatic update tooling (eg. renovate bot) to detect and update images.
1. switched to quay.io as the default registry for all images
1. removed any included usage of Minio
1. aligned the configuration of serviceAccounts with the argo-cd chart, ie: what used to be `server.createServiceAccount` is now `server.serviceAccount.create`
1. moved the previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig`

5
charts/argo-workflows/ci/enable-ingress-values.yaml Normal file
View file

@ -0,0 +1,5 @@
server:
ingress:
enabled: true
hosts:
- argo-workflows.127.0.0.1.xip.io

7
charts/argo-workflows/ci/enable-metrics-values.yaml Normal file
View file

@ -0,0 +1,7 @@
controller:
serviceMonitor:
enabled: false
metricsConfig:
enabled: true
telemetryConfig:
enabled: true

5
charts/argo-workflows/ci/enable-rbac-values.yaml Normal file
View file

@ -0,0 +1,5 @@
workflow:
serviceAccount:
create: true # Specifies whether a service account should be created
rbac:
create: true # adds Role and RoleBinding for the above specified service account to be able to run workflows

24
charts/argo/crds/cluster-workflow-template-crd.yaml → charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml
View file

@ -1,14 +1,9 @@
apiVersion: apiextensions.k8s.io/v1beta1
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: clusterworkflowtemplates.argoproj.io
annotations:
helm.sh/hook: crd-install
helm.sh/hook-delete-policy: before-hook-creation
spec:
group: argoproj.io
version: v1alpha1
scope: Cluster
names:
kind: ClusterWorkflowTemplate
listKind: ClusterWorkflowTemplateList
@ -17,7 +12,24 @@ spec:
- clusterwftmpl
- cwft
singular: clusterworkflowtemplate
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true

38
charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml Normal file
View file

@ -0,0 +1,38 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: cronworkflows.argoproj.io
spec:
group: argoproj.io
names:
kind: CronWorkflow
listKind: CronWorkflowList
plural: cronworkflows
shortNames:
- cwf
- cronwf
singular: cronworkflow
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true

34
charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml Normal file
View file

@ -0,0 +1,34 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: workfloweventbindings.argoproj.io
spec:
group: argoproj.io
names:
kind: WorkflowEventBinding
listKind: WorkflowEventBindingList
plural: workfloweventbindings
shortNames:
- wfeb
singular: workfloweventbinding
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true

48
charts/argo-workflows/crds/argoproj.io_workflows.yaml Normal file
View file

@ -0,0 +1,48 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: workflows.argoproj.io
spec:
group: argoproj.io
names:
kind: Workflow
listKind: WorkflowList
plural: workflows
shortNames:
- wf
singular: workflow
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Status of the workflow
jsonPath: .status.phase
name: Status
type: string
- description: When the workflow was started
format: date-time
jsonPath: .status.startedAt
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources: {}

34
charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml Normal file
View file

@ -0,0 +1,34 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: workflowtemplates.argoproj.io
spec:
group: argoproj.io
names:
kind: WorkflowTemplate
listKind: WorkflowTemplateList
plural: workflowtemplates
shortNames:
- wftmpl
singular: workflowtemplate
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true

7
charts/argo-workflows/templates/NOTES.txt Normal file
View file

@ -0,0 +1,7 @@
1. Get Argo Server external IP/domain by running:
kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-{{ .Values.server.name }}
2. Submit the hello-world workflow by running:
argo submit https://raw.githubusercontent.com/argoproj/argo-workflows/master/examples/hello-world.yaml --watch

96
charts/argo-workflows/templates/_helpers.tpl Normal file
View file

@ -0,0 +1,96 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Create argo workflows server name and version as used by the chart label.
*/}}
{{- define "argo-workflows.server.fullname" -}}
{{- printf "%s-%s" (include "argo-workflows.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create controller name and version as used by the chart label.
*/}}
{{- define "argo-workflows.controller.fullname" -}}
{{- printf "%s-%s" (include "argo-workflows.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Expand the name of the chart.
*/}}
{{- define "argo-workflows.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "argo-workflows.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "argo-workflows.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "argo-workflows.labels" -}}
helm.sh/chart: {{ include "argo-workflows.chart" .context }}
{{ include "argo-workflows.selectorLabels" (dict "context" .context "component" .component "name" .name) }}
app.kubernetes.io/managed-by: {{ .context.Release.Service }}
app.kubernetes.io/part-of: argo-workflows
{{- end }}
{{/*
Selector labels
*/}}
{{- define "argo-workflows.selectorLabels" -}}
{{- if .name -}}
app.kubernetes.io/name: {{ include "argo-workflows.name" .context }}-{{ .name }}
{{ end -}}
app.kubernetes.io/instance: {{ .context.Release.Name }}
{{- if .component }}
app.kubernetes.io/component: {{ .component }}
{{- end }}
{{- end }}
{{/*
Create the name of the server service account to use
*/}}
{{- define "argo-workflows.serverServiceAccountName" -}}
{{- if .Values.server.serviceAccount.create -}}
{{ default (include "argo-workflows.fullname" .) .Values.server.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.server.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the controller service account to use
*/}}
{{- define "argo-workflows.controllerServiceAccountName" -}}
{{- if .Values.controller.serviceAccount.create -}}
{{ default (include "argo-workflows.fullname" .) .Values.controller.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.controller.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for ingress
*/}}
{{- define "argo-workflows.ingress.apiVersion" -}}
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}}
{{- print "extensions/v1beta1" -}}
{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.Version -}}
{{- print "networking.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1" -}}
{{- end -}}
{{- end -}}

12
charts/argo/templates/workflow-aggregate-roles.yaml → charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml
View file

@ -5,7 +5,7 @@ metadata:
annotations:
helm.sh/hook: pre-install
helm.sh/hook-delete-policy: before-hook-creation
name: argo-aggregate-to-view
name: argo-workflows-aggregate-to-view
labels:
rbac.authorization.k8s.io/aggregate-to-view: "true"
rules:
@ -14,6 +14,8 @@ rules:
resources:
- workflows
- workflows/finalizers
- workfloweventbindings
- workfloweventbindings/finalizers
- workflowtemplates
- workflowtemplates/finalizers
- cronworkflows
@ -31,7 +33,7 @@ metadata:
annotations:
helm.sh/hook: pre-install
helm.sh/hook-delete-policy: before-hook-creation
name: argo-aggregate-to-edit
name: argo-workflows-aggregate-to-edit
labels:
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rules:
@ -40,6 +42,8 @@ rules:
resources:
- workflows
- workflows/finalizers
- workfloweventbindings
- workfloweventbindings/finalizers
- workflowtemplates
- workflowtemplates/finalizers
- cronworkflows
@ -62,7 +66,7 @@ metadata:
annotations:
helm.sh/hook: pre-install
helm.sh/hook-delete-policy: before-hook-creation
name: argo-aggregate-to-admin
name: argo-workflows-aggregate-to-admin
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
@ -71,6 +75,8 @@ rules:
resources:
- workflows
- workflows/finalizers
- workfloweventbindings
- workfloweventbindings/finalizers
- workflowtemplates
- workflowtemplates/finalizers
- cronworkflows

4
charts/argo/templates/workflow-controller-cluster-roles.yaml → charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
View file

@ -5,7 +5,9 @@ kind: Role
kind: ClusterRole
{{- end }}
metadata:
name: {{ .Release.Name }}-{{ .Values.controller.name }}
name: {{ template "argo-workflows.controller.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
rules:
- apiGroups:
- ""

16
charts/argo/templates/workflow-controller-config-map.yaml → charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
View file

@ -1,11 +1,9 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-{{ .Values.controller.name }}-configmap
name: {{ template "argo-workflows.controller.fullname" . }}-configmap
labels:
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }}
data:
config: |
{{- if .Values.controller.instanceID.enabled }}
@ -31,7 +29,7 @@ data:
securityContext: {{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
{{- if or .Values.minio.install .Values.useDefaultArtifactRepo }}
{{- if .Values.useDefaultArtifactRepo }}
artifactRepository:
{{- if .Values.artifactRepository.archiveLogs }}
archiveLogs: {{ .Values.artifactRepository.archiveLogs }}
@ -44,13 +42,13 @@ data:
{{- if .Values.useStaticCredentials }}
accessKeySecret:
key: {{ .Values.artifactRepository.s3.accessKeySecret.key }}
name: {{ .Values.artifactRepository.s3.accessKeySecret.name | default (printf "%s-%s" .Release.Name "minio") }}
name: {{ .Values.artifactRepository.s3.accessKeySecret.name }}
secretKeySecret:
key: {{ .Values.artifactRepository.s3.secretKeySecret.key }}
name: {{ .Values.artifactRepository.s3.secretKeySecret.name | default (printf "%s-%s" .Release.Name "minio") }}
name: {{ .Values.artifactRepository.s3.secretKeySecret.name }}
{{- end }}
bucket: {{ .Values.artifactRepository.s3.bucket | default .Values.minio.defaultBucket.name }}
endpoint: {{ .Values.artifactRepository.s3.endpoint | default (printf "%s-%s" .Release.Name "minio:9000") }}
bucket: {{ .Values.artifactRepository.s3.bucket }}
endpoint: {{ .Values.artifactRepository.s3.endpoint }}
insecure: {{ .Values.artifactRepository.s3.insecure }}
{{- if .Values.artifactRepository.s3.keyFormat }}
keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }}

18
charts/argo/templates/workflow-controller-crb.yaml → charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
View file

@ -5,7 +5,9 @@ kind: RoleBinding
kind: ClusterRoleBinding
{{- end }}
metadata:
name: {{ .Release.Name }}-{{ .Values.controller.name }}
name: {{ template "argo-workflows.controller.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
{{- if .Values.singleNamespace }}
@ -13,13 +15,13 @@ roleRef:
{{ else }}
kind: ClusterRole
{{- end }}
name: {{ .Release.Name }}-{{ .Values.controller.name }}
name: {{ template "argo-workflows.controller.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ .Values.controller.serviceAccount }}
name: {{ template "argo-workflows.controllerServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- if .Values.controller.workflowNamespaces }}
{{- $uiServiceAccount := .Values.controller.serviceAccount }}
{{- $uiServiceAccount := (include "argo-workflows.controllerServiceAccountName" .) }}
{{- $namespace := .Release.Namespace }}
{{- range $key := .Values.controller.workflowNamespaces }}
{{- if not (eq $key $namespace) }}
@ -33,12 +35,14 @@ subjects:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template
name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template
name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template
subjects:
- kind: ServiceAccount
name: {{ .Values.controller.serviceAccount }}
name: {{ template "argo-workflows.controllerServiceAccountName" . }}
namespace: {{ .Release.Namespace }}

10
charts/argo/templates/workflow-controller-deployment-pdb.yaml → charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml
View file

@ -2,12 +2,9 @@
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ .Release.Name }}-{{ .Values.controller.name}}
name: {{ template "argo-workflows.controller.fullname" . }}
labels:
app: {{ .Release.Name }}-{{ .Values.controller.name}}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
spec:
{{- if .Values.controller.pdb.minAvailable }}
minAvailable: {{ .Values.controller.pdb.minAvailable }}
@ -18,6 +15,5 @@ spec:
{{- end }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.controller.name}}
release: {{ .Release.Name }}
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }}
{{- end }}

104
charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml Normal file
View file

@ -0,0 +1,104 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "argo-workflows.controller.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | quote }}
spec:
replicas: {{ .Values.controller.replicas }}
selector:
matchLabels:
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }}
template:
metadata:
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }}
app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | quote }}
{{- with.Values.controller.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
serviceAccountName: {{ template "argo-workflows.controllerServiceAccountName" . }}
{{- with .Values.controller.podSecurityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: controller
image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.images.pullPolicy }}
command: [ "workflow-controller" ]
args:
- "--configmap"
- "{{ template "argo-workflows.controller.fullname" . }}-configmap"
- "--executor-image"
- "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ .Values.executor.image.tag | default .Chart.AppVersion }}"
- "--loglevel"
- "{{ .Values.controller.logging.level }}"
- "--gloglevel"
- "{{ .Values.controller.logging.globallevel }}"
{{- if .Values.singleNamespace }}
- "--namespaced"
{{- end }}
{{- with .Values.controller.workflowWorkers }}
- "--workflow-workers"
- {{ . | quote }}
{{- end }}
{{- with .Values.controller.podWorkers }}
- "--pod-workers"
- {{ . | quote }}
{{- end }}
{{- with .Values.controller.extraArgs }}
{{- toYaml . | nindent 10 }}
{{- end }}
securityContext:
{{- toYaml .Values.controller.securityContext | nindent 12 }}
env:
- name: ARGO_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: LEADER_ELECTION_IDENTITY
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
{{- with .Values.controller.extraEnv }}
{{ toYaml . | nindent 10 }}
{{- end }}
resources:
{{- toYaml .Values.controller.resources | nindent 12 }}
ports:
- name: metrics
containerPort: {{ .Values.controller.metricsConfig.port }}
livenessProbe:
httpGet:
port: metrics
path: {{ .Values.controller.metricsConfig.path }}
initialDelaySeconds: 30
periodSeconds: 30
{{- with .Values.images.pullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}

8
charts/argo-workflows/templates/controller/workflow-controller-sa.yaml Normal file
View file

@ -0,0 +1,8 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "argo-workflows.controllerServiceAccountName" . }}
{{ with .Values.controller.serviceAccount.annotations }}
annotations:
{{- toYaml .| nindent 4 }}
{{- end }}

38
charts/argo-workflows/templates/controller/workflow-controller-service.yaml Normal file
View file

@ -0,0 +1,38 @@
{{- if or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "argo-workflows.controller.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | quote }}
{{- with .Values.controller.serviceLabels }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.controller.serviceAnnotations }}
annotations:
{{- toYaml . | nindent 4}}
{{- end }}
spec:
ports:
{{- if .Values.controller.metricsConfig.enabled }}
- name: {{ .Values.controller.metricsConfig.servicePortName }}
port: {{ .Values.controller.metricsConfig.servicePort }}
protocol: TCP
targetPort: {{ .Values.controller.metricsConfig.port }}
{{- end }}
{{- if .Values.controller.telemetryConfig.enabled }}
- name: {{ .Values.controller.telemetryConfig.servicePortName }}
port: {{ .Values.controller.telemetryConfig.servicePort }}
protocol: TCP
targetPort: {{ .Values.controller.telemetryConfig.port }}
{{- end }}
selector:
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 4 }}
sessionAffinity: None
type: {{ .Values.controller.serviceType }}
{{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{- toYaml .Values.controller.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
{{- end -}}

14
charts/argo/templates/workflow-controller-servicemonitor.yaml → charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
View file

@ -2,14 +2,11 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ .Release.Name }}-{{ .Values.controller.name }}
name: {{ template "argo-workflows.controller.fullname" . }}
labels:
app: {{ .Release.Name }}-{{ .Values.controller.name}}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- if .Values.controller.serviceMonitor.additionalLabels }}
{{ toYaml .Values.controller.serviceMonitor.additionalLabels | indent 4 }}
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
{{- with .Values.controller.serviceMonitor.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
endpoints:
@ -28,6 +25,5 @@ spec:
- {{ .Release.Namespace }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.controller.name}}
release: {{ .Release.Name }}
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }}
{{- end }}

14
charts/argo/templates/workflow-rb.yaml → charts/argo-workflows/templates/controller/workflow-rb.yaml
View file

@ -2,18 +2,18 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ .Release.Name }}-workflow
{{- if .Values.workflow.namespace }}
namespace: {{ .Values.workflow.namespace }}
{{- end }}
name: {{ template "argo-workflows.fullname" . }}-workflow
{{- with .Values.workflow.namespace }}
namespace: {{ . }}
{{- end }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ .Release.Name }}-workflow
name: {{ template "argo-workflows.fullname" . }}-workflow
subjects:
- kind: ServiceAccount
name: {{ .Values.workflow.serviceAccount.name }}
{{- if .Values.workflow.namespace }}
namespace: {{ .Values.workflow.namespace }}
{{- with .Values.workflow.namespace }}
namespace: {{ . }}
{{- end }}
{{- end }}

6
charts/argo/templates/workflow-role.yaml → charts/argo-workflows/templates/controller/workflow-role.yaml
View file

@ -2,9 +2,9 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ .Release.Name }}-workflow
{{- if .Values.workflow.namespace }}
namespace: {{ .Values.workflow.namespace }}
name: {{ template "argo-workflows.fullname" . }}-workflow
{{- with .Values.workflow.namespace }}
namespace: {{ . }}
{{- end }}
rules:
- apiGroups:

4
charts/argo/templates/workflow-sa.yaml → charts/argo-workflows/templates/controller/workflow-sa.yaml
View file

@ -3,8 +3,8 @@ apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.workflow.serviceAccount.name }}
{{- if .Values.workflow.namespace }}
namespace: {{ .Values.workflow.namespace }}
{{- with .Values.workflow.namespace }}
namespace: {{ . }}
{{- end }}
{{- with .Values.workflow.serviceAccount.annotations }}
annotations:

50
charts/argo/templates/server-cluster-roles.yaml → charts/argo-workflows/templates/server/server-cluster-roles.yaml
View file

@ -1,12 +1,14 @@
{{- if .Values.server.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
{{- if .Values.singleNamespace }}
{{- if .Values.singleNamespace }}
kind: Role
{{- else }}
{{- else }}
kind: ClusterRole
{{- end }}
{{- end }}
metadata:
name: {{ .Release.Name }}-{{ .Values.server.name }}
name: {{ template "argo-workflows.server.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
rules:
- apiGroups:
- ""
@ -28,7 +30,7 @@ rules:
- list
- watch
- delete
{{- if .Values.server.sso }}
{{- if .Values.server.sso }}
- apiGroups:
- ""
resources:
@ -44,9 +46,7 @@ rules:
- secrets
verbs:
- create
{{- end}}
{{- if .Values.server.sso }}
{{- if .Values.server.sso.rbac }}
{{- if .Values.server.sso.rbac }}
- apiGroups:
- ""
resources:
@ -54,8 +54,8 @@ rules:
verbs:
- get
- list
{{- end }}
{{- end }}
{{- end }}
- apiGroups:
- ""
resources:
@ -95,27 +95,29 @@ rules:
- get
{{- end}}
- apiGroups:
- argoproj.io
- argoproj.io
resources:
- workflows
- workfloweventbindings
- workflowtemplates
- cronworkflows
- cronworkflows/finalizers
- clusterworkflowtemplates
- eventsources
- sensors
- workflows
- workfloweventbindings
- workflowtemplates
- cronworkflows
verbs:
- create
- get
- list
- watch
- update
- patch
- delete
- create
- get
- list
- watch
- update
- patch
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Release.Name }}-{{ .Values.server.name }}-cluster-template
name: {{ template "argo-workflows.server.fullname" . }}-cluster-template
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
rules:
- apiGroups:
- argoproj.io

39
charts/argo-workflows/templates/server/server-crb.yaml Normal file
View file

@ -0,0 +1,39 @@
{{- if and .Values.server.enabled .Values.server.serviceAccount.create -}}
apiVersion: rbac.authorization.k8s.io/v1
{{- if .Values.singleNamespace }}
kind: RoleBinding
{{ else }}
kind: ClusterRoleBinding
{{- end }}
metadata:
name: {{ template "argo-workflows.server.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
{{- if .Values.singleNamespace }}
kind: Role
{{ else }}
kind: ClusterRole
{{- end }}
name: {{ template "argo-workflows.server.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "argo-workflows.serverServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "argo-workflows.server.fullname" . }}-cluster-template
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "argo-workflows.server.fullname" . }}-cluster-template
subjects:
- kind: ServiceAccount
name: {{ template "argo-workflows.serverServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end -}}

19
charts/argo-workflows/templates/server/server-deployment-pdb.yaml Normal file
View file

@ -0,0 +1,19 @@
{{- if and .Values.server.enabled .Values.server.pdb.enabled -}}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ template "argo-workflows.server.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
spec:
{{- if .Values.server.pdb.minAvailable }}
minAvailable: {{ .Values.server.pdb.minAvailable }}
{{- else if .Values.server.pdb.maxUnavailable }}
maxUnavailable: {{ .Values.server.pdb.maxUnavailable }}
{{- else }}
minAvailable: 0
{{- end }}
selector:
matchLabels:
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }}
{{- end -}}

53
charts/argo/templates/server-deployment.yaml → charts/argo-workflows/templates/server/server-deployment.yaml
View file

@ -2,55 +2,52 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-{{ .Values.server.name}}
name: {{ template "argo-workflows.server.fullname" . }}
labels:
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | quote }}
spec:
replicas: {{ .Values.server.replicas }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.server.name}}
release: {{ .Release.Name }}
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.server.name}}
release: {{ .Release.Name }}
{{- if .Values.server.podLabels }}
{{- toYaml .Values.server.podLabels | nindent 8 }}
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }}
app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | quote }}
{{- with .Values.server.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.server.podAnnotations }}
{{- with .Values.server.podAnnotations }}
annotations:
{{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }}
{{- toYaml .Values.server.podAnnotations | nindent 8 }}
{{- end }}
spec:
serviceAccountName: {{ .Values.server.serviceAccount | quote }}
{{- if .Values.server.podSecurityContext }}
serviceAccountName: {{ template "argo-workflows.serverServiceAccountName" . }}
{{- with .Values.server.podSecurityContext }}
securityContext:
{{- toYaml .Values.server.podSecurityContext | nindent 8 }}
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: argo-server
image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ .Values.server.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.images.pullPolicy }}
securityContext:
{{- toYaml .Values.server.securityContext | nindent 12 }}
args:
- server
- --configmap={{ .Release.Name }}-{{ .Values.controller.name }}-configmap
{{- if .Values.server.extraArgs }}
{{- toYaml .Values.server.extraArgs | nindent 10 }}
{{- end }}
{{- if .Values.server.secure }}
- "--secure"
- --configmap={{ template "argo-workflows.controller.fullname" . }}-configmap
{{- with .Values.server.extraArgs }}
{{- toYaml . | nindent 10 }}
{{- end }}
- "--secure={{ .Values.server.secure }}"
{{- if .Values.singleNamespace }}
- "--namespaced"
{{- end }}
image: "{{ .Values.images.namespace }}/{{ .Values.images.server }}:{{ default .Values.images.tag .Values.server.image.tag }}"
imagePullPolicy: {{ .Values.images.pullPolicy }}
{{- if .Values.server.podPortName }}
ports:
- name: {{ .Values.server.podPortName }}
- name: web
containerPort: 2746
{{- end }}
readinessProbe:
httpGet:
path: /
@ -102,7 +99,7 @@ spec:
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.server.priorityClassName }}
priorityClassName: {{ .Values.server.priorityClassName }}
{{- with .Values.server.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
{{- end -}}

88
charts/argo-workflows/templates/server/server-ingress.yaml Normal file
View file

@ -0,0 +1,88 @@
{{- if .Values.server.ingress.enabled -}}
{{- $serviceName := include "argo-workflows.server.fullname" . -}}
{{- $servicePort := .Values.server.servicePort -}}
{{- $paths := .Values.server.ingress.paths -}}
{{- $extraPaths := .Values.server.ingress.extraPaths -}}
apiVersion: {{ include "argo-workflows.ingress.apiVersion" . }}
kind: Ingress
metadata:
{{- if .Values.server.ingress.annotations }}
annotations:
{{- range $key, $value := .Values.server.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ template "argo-workflows.server.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
{{- if .Values.server.ingress.labels }}
{{- toYaml .Values.server.ingress.labels | nindent 4 }}
{{- end }}
spec:
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
{{- with .Values.server.ingress.ingressClassName }}
ingressClassName: {{ . }}
{{- end }}
{{- end }}
rules:
{{- if .Values.server.ingress.hosts }}
{{- range $host := .Values.server.ingress.hosts }}
- host: {{ $host }}
http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
pathType: Prefix
{{- end }}
backend:
{{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
pathType: Prefix
{{- end }}
backend:
{{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- if .Values.server.ingress.tls }}
tls:
{{- toYaml .Values.server.ingress.tls | nindent 4 }}
{{- end -}}
{{- end -}}

10
charts/argo-workflows/templates/server/server-sa.yaml Normal file
View file

@ -0,0 +1,10 @@
{{- if and .Values.server.enabled .Values.server.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "argo-workflows.serverServiceAccountName" . }}
{{- with .Values.server.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end -}}

31
charts/argo-workflows/templates/server/server-service.yaml Normal file
View file

@ -0,0 +1,31 @@
{{- if .Values.server.enabled -}}
apiVersion: v1
kind: Service
metadata:
name: {{ template "argo-workflows.server.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | quote }}
{{- with .Values.server.serviceAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
ports:
- port: {{ .Values.server.servicePort }}
{{- with .Values.server.servicePortName }}
name: {{ . }}
{{- end }}
targetPort: 2746
selector:
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }}
sessionAffinity: None
type: {{ .Values.server.serviceType }}
{{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerIP }}
loadBalancerIP: {{ .Values.server.loadBalancerIP | quote }}
{{- end }}
{{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{- toYaml .Values.server.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
{{- end -}}

167
charts/argo/values.yaml → charts/argo-workflows/values.yaml
View file

@ -1,16 +1,9 @@
images:
namespace: argoproj
controller: workflow-controller
server: argocli
executor: argoexec
# imagePullPolicy to apply to all containers
pullPolicy: Always
# Secrets with credentials to pull images from a private registry
pullSecrets: []
# - name: argo-pull-secret
tag: v2.12.5
crdVersion: v1alpha1
installCRD: true
init:
# By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is
@ -24,17 +17,19 @@ createAggregateRoles: true
singleNamespace: false
workflow:
namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created.
namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created.
serviceAccount:
create: false # Specifies whether a service account should be created
create: false # Specifies whether a service account should be created
annotations: {}
name: "argo-workflow" # Service account which is used to run workflows
name: "argo-workflow" # Service account which is used to run workflows
rbac:
create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows
create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows
controller:
image:
# Overrides .images.tag if defined.
registry: quay.io
repository: argoproj/workflow-controller
# Overrides the image tag whose default is the chart appVersion.
tag: ""
# parallelism dictates how many workflows can be running at the same time
parallelism:
@ -48,7 +43,17 @@ controller:
metricsConfig:
enabled: false
path: /metrics
port: 8080
port: 9090
servicePort: 8080
servicePortName: metrics
# the controller container's securityContext
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
persistence: {}
# connectionPool:
# maxIdleConns: 100
@ -69,24 +74,28 @@ controller:
# passwordSecret:
# name: argo-postgres-config
# key: password
workflowDefaults: {} # Only valid for 2.7+
workflowDefaults: {} # Only valid for 2.7+
# spec:
# ttlStrategy:
# secondsAfterCompletion: 84600
# workflowWorkers: 32
# podWorkers: 32
workflowRestrictions: {} # Only valid for 2.9+
workflowRestrictions: {} # Only valid for 2.9+
# templateReferencing: Strict|Secure
telemetryConfig:
enabled: false
path: /telemetry
port: 8081
servicePort: 8081
servicePortName: telemetry
serviceMonitor:
enabled: false
additionalLabels: {}
serviceAccount: argo
# Service account annotations
serviceAccountAnnotations: {}
serviceAccount:
create: true
name: argo
# Annotations applied to created service account
annotations: {}
name: workflow-controller
workflowNamespaces:
- default
@ -103,10 +112,6 @@ controller:
level: info
globallevel: "0"
serviceType: ClusterIP
metricsServicePort: 8080
metricsServicePortName: metrics
telemetryServicePort: 8081
telemetryServicePortName: telemetry
# Annotations to be applied to the controller Service
serviceAnnotations: {}
# Optional labels to add to the controller Service
@ -142,7 +147,9 @@ controller:
# executor controls how the init and wait container should be customized
executor:
image:
# Overrides .images.tag if defined.
registry: quay.io
repository: argoproj/argoexec
# Overrides the image tag whose default is the chart appVersion.
tag: ""
resources: {}
# Adds environment variables for the executor.
@ -154,10 +161,12 @@ server:
enabled: true
# only updates base url of resources on client side,
# it's expected that a proxy server rewrites the request URL and gets rid of this prefix
# https://github.com/argoproj/argo/issues/716#issuecomment-433213190
# https://github.com/argoproj/argo-workflows/issues/716#issuecomment-433213190
baseHref: /
image:
# Overrides .images.tag if defined.
registry: quay.io
repository: argoproj/argocli
# Overrides the image tag whose default is the chart appVersion.
tag: ""
# optional map of annotations to be applied to the ui Pods
podAnnotations: {}
@ -165,16 +174,21 @@ server:
podLabels: {}
# SecurityContext to set on the server pods
podSecurityContext: {}
securityContext:
readOnlyRootFilesystem: false
runAsNonRoot: true
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
name: server
serviceType: ClusterIP
servicePort: 2746
# servicePortName: http
serviceAccount: argo-server
# Whether to create the service account with the name specified in
# server.serviceAccount and bind it to the server role.
createServiceAccount: true
# Service account annotations
serviceAccountAnnotations: {}
serviceAccount:
create: true
name: argo-server
annotations: {}
# Annotations to be applied to the UI Service
serviceAnnotations: {}
# Optional labels to add to the UI Service
@ -206,7 +220,7 @@ server:
# Run the argo server in "secure" mode. Configure this value instead of
# "--secure" in extraArgs. See the following documentation for more details
# on secure mode:
# https://argoproj.github.io/argo-workflows/tls/#encrypted
# https://argoproj.github.io/argo-workflows/tls/
secure: false
# Extra arguments to provide to the Argo server binary.
@ -221,36 +235,32 @@ server:
##
ingress:
enabled: false
annotations: {}
labels: {}
ingressClassName: ""
## Annotations to be added to the web ingress.
## Argo Workflows Server Ingress.
## Hostnames must be provided if Ingress is enabled.
## Secrets must be manually created in the namespace
##
# annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
[]
# - argocd.example.com
paths:
- /
extraPaths:
[]
# - path: /*
# backend:
# serviceName: ssl-redirect
# servicePort: use-annotation
tls:
[]
# - secretName: argocd-example-tls
# hosts:
# - argocd.example.com
https: false
## Labels to be added to the web ingress.
##
# labels:
# use-cloudflare-solver: "true"
## Hostnames.
## Must be provided if Ingress is enabled.
##
# hosts:
# - argo.domain.com
## Additional Paths for each host
# paths:
# - serviceName: "ssl-redirect"
# servicePort: "use-annotation"
## TLS configuration.
## Secrets must be manually created in the namespace.
##
# tls:
# - secretName: argo-ui-tls
# hosts:
# - argo.domain.com
clusterWorkflowTemplates:
# Give the server permissions to edit ClusterWorkflowTemplates.
enableEditing: true
@ -294,7 +304,7 @@ artifactRepository:
# Note the `key` attribute is not the actual secret, it's the PATH to
# the contents in the associated secret, as defined by the `name` attribute.
accessKeySecret:
# name: <releaseName>-minio (default)
# name: <releaseName>-minio
key: accesskey
secretKeySecret:
# name: <releaseName>-minio
@ -306,25 +316,16 @@ artifactRepository:
# roleARN:
# useSDKCreds: true
# gcs:
# bucket: <project>-argo
# keyFormat: "{{workflow.namespace}}/{{workflow.name}}/"
# serviceAccountKeySecret is a secret selector.
# It references the k8s secret named 'my-gcs-credentials'.
# This secret is expected to have have the key 'serviceAccountKey',
# containing the base64 encoded credentials
# to the bucket.
#
# If it's running on GKE and Workload Identity is used,
# serviceAccountKeySecret is not needed.
# serviceAccountKeySecret:
# name: my-gcs-credentials
# key: serviceAccountKey
# NOTE: These are setting attributes for the `minio` optional dependency
minio:
# If set to true then chart installs minio and generate according artifactRepository section in workflow controller config map
install: false
defaultBucket:
enabled: true
name: argo-artifacts
# bucket: <project>-argo
# keyFormat: "{{workflow.namespace}}/{{workflow.name}}/"
# serviceAccountKeySecret is a secret selector.
# It references the k8s secret named 'my-gcs-credentials'.
# This secret is expected to have have the key 'serviceAccountKey',
# containing the base64 encoded credentials
# to the bucket.
#
# If it's running on GKE and Workload Identity is used,
# serviceAccountKeySecret is not needed.
# serviceAccountKeySecret:
# name: my-gcs-credentials
# key: serviceAccountKey

21
charts/argo/.helmignore
View file

@ -1,21 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

6
charts/argo/Chart.lock
View file

@ -1,6 +0,0 @@
dependencies:
- name: minio
repository: https://helm.min.io/
version: 8.0.9
digest: sha256:0f43ad0a4b4e9af47615ef3da85054712eb28f154418d96b7b974a095cc19260
generated: "2021-01-13T15:31:40.823086-08:00"

17
charts/argo/Chart.yaml
View file

@ -1,17 +0,0 @@
apiVersion: v2
appVersion: v2.12.5
description: A Helm chart for Argo Workflows
name: argo
version: 0.16.10
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
home: https://github.com/argoproj/argo-helm
maintainers:
- name: alexec
- name: alexmt
- name: jessesuen
- name: benjaminws
dependencies:
- name: minio
version: 8.0.9
repository: https://helm.min.io/
condition: minio.install

27
charts/argo/README.md
View file

@ -1,27 +0,0 @@
## Argo Workflows Chart
This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm).
If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo-workflows), you should deploy it in the `kube-system` namespace.
## Pre-Requisites
This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to do create these.
A few options are:
- Setup the CRD yourself manually and use `--set installCRD=false` when installing the helm chart. Find the CRDs in the [argo codebase](https://github.com/argoproj/argo-workflows/tree/master/manifests/base/crds/full)
- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute
- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
## Usage Notes:
This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs.
## Values
The `values.yaml` contains items used to tweak a deployment of this chart.
Fields to note:
* `controller.instanceID.enabled`: If set to true, the Argo Controller will **ONLY** monitor Workflow submissions with a `--instanceid` attribute
* `controller.instanceID.useReleaseName`: If set to true then chart set controller instance id to release name
* `controller.instanceID.explicitID`: Allows customization of an instance id for the workflow controller to monitor
* `controller.workflowNamespaces`: This is a list of namespaces where workflows will be ran
* `minio.install`: If this is true, we'll install [minio](https://github.com/kubernetes/charts/tree/master/stable/minio) and build out the artifactRepository section in workflow controller config map.
* `artifactRepository.s3.accessKeySecret` and `artifactRepository.s3.secretKeySecret` These by default link to minio default credentials stored in the secret deployed by the minio chart.

23
charts/argo/crds/cron-workflow-crd.yaml
View file

@ -1,23 +0,0 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: cronworkflows.argoproj.io
annotations:
helm.sh/hook: crd-install
helm.sh/hook-delete-policy: before-hook-creation
spec:
group: argoproj.io
names:
kind: CronWorkflow
listKind: CronWorkflowList
plural: cronworkflows
shortNames:
- cwf
- cronwf
singular: cronworkflow
scope: Namespaced
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true

33
charts/argo/crds/workflow-crd.yaml
View file

@ -1,33 +0,0 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: workflows.argoproj.io
annotations:
helm.sh/hook: crd-install
helm.sh/hook-delete-policy: before-hook-creation
spec:
additionalPrinterColumns:
- JSONPath: .status.phase
description: Status of the workflow
name: Status
type: string
- JSONPath: .status.startedAt
description: When the workflow was started
format: date-time
name: Age
type: date
group: argoproj.io
names:
kind: Workflow
listKind: WorkflowList
plural: workflows
shortNames:
- wf
singular: workflow
scope: Namespaced
subresources: {}
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true

19
charts/argo/crds/workflow-eventbinding-crd.yaml
View file

@ -1,19 +0,0 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: workfloweventbindings.argoproj.io
spec:
group: argoproj.io
names:
kind: WorkflowEventBinding
listKind: WorkflowEventBindingList
plural: workfloweventbindings
shortNames:
- wfeb
singular: workfloweventbinding
scope: Namespaced
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true

22
charts/argo/crds/workflow-template-crd.yaml
View file

@ -1,22 +0,0 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: workflowtemplates.argoproj.io
annotations:
helm.sh/hook: crd-install
helm.sh/hook-delete-policy: before-hook-creation
spec:
group: argoproj.io
version: v1alpha1
scope: Namespaced
names:
kind: WorkflowTemplate
listKind: WorkflowTemplateList
plural: workflowtemplates
shortNames:
- wftmpl
singular: workflowtemplate
versions:
- name: v1alpha1
served: true
storage: true

16
charts/argo/templates/NOTES.txt
View file

@ -1,16 +0,0 @@
1. Get Argo Server external IP/domain by running:
kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-{{ .Values.server.name }}
2. Submit the hello-world workflow by running:
argo submit https://raw.githubusercontent.com/argoproj/argo/master/examples/hello-world.yaml --watch
{{ if .Values.minio.install }}
3. Access Minio UI and create bucket '{{ .Values.minio.defaultBucket.name }}'. Minio UI is available on port 9000 and available via external URL. URL might be retrieved using following
command:
kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-minio
{{ end }}

16
charts/argo/templates/_helpers.tpl
View file

@ -1,16 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}

19
charts/argo/templates/cluster-workflow-template-crd.yaml
View file

@ -1,19 +0,0 @@
{{- if .Values.installCRD }}
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: clusterworkflowtemplates.argoproj.io
annotations:
helm.sh/hook: crd-install
helm.sh/hook-delete-policy: before-hook-creation
spec:
group: argoproj.io
version: v1alpha1
scope: Cluster
names:
kind: ClusterWorkflowTemplate
plural: clusterworkflowtemplates
shortNames:
- clusterwftmpl
- cwft
{{- end }}

19
charts/argo/templates/cron-workflow-crd.yaml
View file

@ -1,19 +0,0 @@
{{- if .Values.installCRD }}
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: cronworkflows.argoproj.io
annotations:
helm.sh/hook: crd-install
helm.sh/hook-delete-policy: before-hook-creation
spec:
group: argoproj.io
names:
kind: CronWorkflow
plural: cronworkflows
shortNames:
- cronwf
- cwf
scope: Namespaced
version: v1alpha1
{{- end }}

35
charts/argo/templates/server-crb.yaml
View file

@ -1,35 +0,0 @@
{{- if and .Values.server.enabled .Values.server.createServiceAccount -}}
apiVersion: rbac.authorization.k8s.io/v1
{{- if .Values.singleNamespace }}
kind: RoleBinding
{{ else }}
kind: ClusterRoleBinding
{{- end }}
metadata:
name: {{ .Release.Name }}-{{ .Values.server.name}}
roleRef:
apiGroup: rbac.authorization.k8s.io
{{- if .Values.singleNamespace }}
kind: Role
{{ else }}
kind: ClusterRole
{{- end }}
name: {{ .Release.Name }}-{{ .Values.server.name}}
subjects:
- kind: ServiceAccount
name: {{ .Values.server.serviceAccount }}
namespace: {{ .Release.Namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template
subjects:
- kind: ServiceAccount
name: {{ .Values.server.serviceAccount }}
namespace: {{ .Release.Namespace }}
{{- end -}}

25
charts/argo/templates/server-deployment-pdb.yaml
View file

@ -1,25 +0,0 @@
{{- if .Values.server.enabled -}}
{{- if .Values.server.pdb.enabled -}}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ .Release.Name }}-{{ .Values.server.name}}
labels:
app: {{ .Release.Name }}-{{ .Values.server.name}}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
{{- if .Values.server.pdb.minAvailable }}
minAvailable: {{ .Values.server.pdb.minAvailable }}
{{- else if .Values.server.pdb.maxUnavailable }}
maxUnavailable: {{ .Values.server.pdb.maxUnavailable }}
{{- else }}
minAvailable: 0
{{- end }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.server.name}}
release: {{ .Release.Name }}
{{- end -}}
{{- end -}}

46
charts/argo/templates/server-ingress.yaml
View file

@ -1,46 +0,0 @@
{{- if .Values.server.enabled -}}
{{- if .Values.server.ingress.enabled -}}
{{- $serviceName := printf "%s-%s" .Release.Name .Values.server.name -}}
{{- $servicePort := .Values.server.servicePort -}}
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
apiVersion: networking.k8s.io/v1beta1
{{ else }}
apiVersion: extensions/v1beta1
{{ end -}}
kind: Ingress
metadata:
name: {{ .Release.Name }}-{{ .Values.server.name }}
labels:
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- range $key, $value := .Values.server.ingress.labels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
annotations:
{{- range $key, $value := .Values.server.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
{{- range .Values.server.ingress.hosts }}
- host: {{ . }}
http:
paths:
{{- if $.Values.server.ingress.paths }}
{{- range $.Values.server.ingress.paths }}
- backend:
serviceName: {{ .serviceName }}
servicePort: {{ .servicePort }}
{{- end }}
{{- end }}
- backend:
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end -}}
{{- if .Values.server.ingress.tls }}
tls:
{{ toYaml .Values.server.ingress.tls | indent 4 }}
{{- end -}}
{{- end -}}
{{- end -}}

8
charts/argo/templates/server-sa.yaml
View file

@ -1,8 +0,0 @@
{{- if and .Values.server.enabled .Values.server.createServiceAccount -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.server.serviceAccount }}
annotations:
{{ toYaml .Values.server.serviceAccountAnnotations | indent 4 }}
{{- end -}}

Some files were not shown because too many files have changed in this diff Show more