Merge branch 'master' into argo-events/logging_options

2021-07-27 09:05:58 +02:00 · 2021-07-27 09:05:58 +02:00 · 4d83241a50
commit 4d83241a50
parent e0503f6ba5 2358b152f9
66 changed files with 618 additions and 282 deletions
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@ -4,9 +4,9 @@ If the DCO action in the integration test fails, one or more of your commits are
 Checklist:
-* [ ] I have updated the chart version in `Chart.yaml` following Semantic Versioning.
+* [ ] I have bumped the chart version according to [versioning](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#versioning)
 * [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#changelog).
 * [ ] Any new values are backwards compatible and/or have sensible default.
 * [ ] I have followed the testing instructions in the [contributing guide](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md).
 * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/tree/master/community#contributing-to-argo).
 * [ ] My build is green ([troubleshooting builds](https://argoproj.github.io/argo-cd/developer-guide/ci/)).
--- a/.github/semantic.yml
+++ b/.github/semantic.yml
@ -0,0 +1,3 @@
 ## Reference: https://github.com/zeke/semantic-pull-requests
 # Always validate the PR title, and ignore the commits
 titleOnly: true
--- a/.github/workflows/lint-and-test.yml
+++ b/.github/workflows/lint-and-test.yml
@ -21,7 +21,7 @@ jobs:
      - name: Setup Chart Linting
        id: lint
-        uses: helm/chart-testing-action@v2.0.1
+        uses: helm/chart-testing-action@v2.1.0
      - name: List changed charts
        id: list-changed
@ -37,7 +37,7 @@ jobs:
        run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml
      - name: Create kind cluster
-        uses: helm/kind-action@v1.1.0
+        uses: helm/kind-action@v1.2.0
        if: steps.list-changed.outputs.changed == 'true'
      - name: Run chart-testing (install)
--- a/8
+++ b/8
@ -7,13 +7,13 @@
 /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler
 # Argo CD
-/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1
+/charts/argo-cd/ @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1
 # Argo Events
-/charts/argo-events @jbehling @VaibhavPage @oliverbaehler
+/charts/argo-events/ @jbehling @VaibhavPage @oliverbaehler
 # Argo Rollouts
-/charts/argo-rollouts @oliverbaehler
+/charts/argo-rollouts/ @oliverbaehler
 # Argo CD Notifications
-/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler @mbevc1
+/charts/argocd-notifications/ @alexmt @andyfeller @oliverbaehler @mbevc1
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -2,12 +2,60 @@
 Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently.
 # Pull Requests
 All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project.
 ## Versioning
 Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease).
 Any breaking changes to a chart (backwards incompatible) require:
  * Bump of the current Major version of the chart
  * State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades))
 ### Immutability
 Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error.
 ### Artifact Hub Annotations
 Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub.
  * [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/)
 #### Changelog
 We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release.
 Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template:
 ```
 name: argo-cd
 version: 3.4.1
 ...
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Something New was added"
    - "[Changed]: Changed Something within this chart"
    - "[Changed]: Changed Something else within this chart"
    - "[Deprecated]: Something deprecated"
    - "[Removed]: Something was removed"
    - "[Fixed]: Something was fixed"
    - "[Security]": Some Security Patch was included"
 ```
 # Testing
 ## Testing Argo Workflows Changes
 Minimally:
 ```
-helm install charts/argo -n argo
+helm install charts/argo-workflows -n argo
 argo version
 ```
@ -96,4 +144,4 @@ The linting can be invoked manually with the following command:
 ## Publishing Changes
-Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`).
+Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`).
--- a/README.md
+++ b/README.md
@ -1,5 +1,6 @@
 # Argo Helm Charts
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=master)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml)
 Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. The charts can be added using following command:
@ -7,3 +8,7 @@ Argo Helm is a collection of **community maintained** charts for http://argoproj
 ```
 helm repo add argo https://argoproj.github.io/argo-helm
 ```
 ## Contributing
 We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details.
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@ -1,10 +1,10 @@
 apiVersion: v2
-appVersion: 2.0.3
+appVersion: 2.0.5
 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 3.6.5
+version: 3.10.1
 home: https://github.com/argoproj/argo-helm
-icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
+icon: https://argoproj.github.io/argo-cd/assets/logo.png
 keywords:
  - argoproj
  - argocd
@ -19,3 +19,6 @@ dependencies:
    version: 4.12.14
    repository: https://dandydeveloper.github.io/charts/
    condition: redis-ha.enabled
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Support AWS ALB Ingress with gRPC"
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@ -34,6 +34,34 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop
 ## Upgrading
 ### 3.8.1
 This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization:
 ```yaml
 # Case 1) - only happens when you do not specify a custom name (repoServer.serviceAccount.name)
 repoServer:
  serviceAccount:
    create: true
 # Case 2)
 controller:
  serviceAccount:
    name: "" # or <nil>
 # Case 3)
 dex:
  serviceAccount:
    name: "" # or <nil>
 # Case 4)
 server:
  serviceAccount:
    name: "" # or <nil>
 ```
 Please check if you are affected by one of these cases **before you upgrade**, especially when you use **cloud IAM roles for service accounts.** (eg. IRSA on AWS or Workload Identity for GKE)
 ### 3.2.* 
 With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637).
@ -83,6 +111,7 @@ server:
 ## Prerequisites
 - Kubernetes 1.7+
 - Helm v3.0.0+
 ## Installing the Chart
@ -97,27 +126,26 @@ NAME: my-release
 ...
 ```
 ### Helm v3 Compatibility
 Requires chart version 1.5.2 or newer.
 Helm v3 has removed the `install-crds` hook so CRDs are now populated by files in the [crds](./crds) directory. Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks.
 ## Chart Values
 | Parameter | Description | Default |
 |-----|------|---------|
 | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` |
 | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` |
-| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.8.4"` |
+| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` |
 | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) |
 | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` |
 | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` |
 | global.networkPolicy.create | Create NetworkPolicy objects for all components | `false` |
 | global.networkPolicy.defaultDenyIngress | Default deny all ingress traffic | `false` |
 | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` |
 | nameOverride | Provide a name in place of `argocd` | `"argocd"` |
 | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` |
-| installCRDs | Install CRDs if you are using Helm2. | `true` |
+| apiVersionOverrides.certmanager | String to override apiVersion of certmanager resources rendered by this helm chart | `""` |
 | apiVersionOverrides.ingress | String to override apiVersion of ingresses rendered by this helm chart | `""` |
 | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) |
 | configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` |
 | configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) |
 | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` |
 | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) |
 | configs.secret.annotations | Annotations for argocd-secret | `{}` |
@ -277,6 +305,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i
 | server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` |
 | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` |
 | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` |
 | server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` |
 | server.route.enabled | Enable a OpenShift route for the server | `false` |
 | server.route.hostname | Hostname of OpenShift route | `""` |
 | server.lifecycle | PostStart and PreStop hooks configuration | `{}` |
@ -401,3 +430,23 @@ through `xxx.extraArgs`
 | redis-ha.image.tag | Redis tag | `"6.2.1-alpine"` |
 [gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/
 ### Using AWS ALB Ingress Controller With GRPC
 If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. 
 Example:
 ```yaml
 server:
  ingress:
    enabled: true
    annotations: 
      alb.ingress.kubernetes.io/backend-protocol: HTTPS
      alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
      alb.ingress.kubernetes.io/scheme: internal
      alb.ingress.kubernetes.io/target-type: ip
  ingressGrpc:
    enabled: true
    isAWSALB: true
 ```
--- a/charts/argo-cd/crds/crd-application.yaml
+++ b/charts/argo-cd/crds/crd-application.yaml
@ -5,8 +5,6 @@ metadata:
    app.kubernetes.io/name: applications.argoproj.io
    app.kubernetes.io/part-of: argocd
  name: applications.argoproj.io
  annotations:
    helm.sh/hook: crd-install
 spec:
  group: argoproj.io
  names:
--- a/charts/argo-cd/crds/crd-project.yaml
+++ b/charts/argo-cd/crds/crd-project.yaml
@ -5,8 +5,6 @@ metadata:
    app.kubernetes.io/name: appprojects.argoproj.io
    app.kubernetes.io/part-of: argocd
  name: appprojects.argoproj.io
  annotations:
    helm.sh/hook: crd-install
 spec:
  group: argoproj.io
  names:
--- a/charts/argo-cd/templates/_helpers.tpl
+++ b/charts/argo-cd/templates/_helpers.tpl
@ -71,7 +71,7 @@ Create the name of the controller service account to use
 */}}
 {{- define "argo-cd.controllerServiceAccountName" -}}
 {{- if .Values.controller.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }}
+    {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.controller.serviceAccount.name }}
 {{- end -}}
@ -82,18 +82,29 @@ Create the name of the dex service account to use
 */}}
 {{- define "argo-cd.dexServiceAccountName" -}}
 {{- if .Values.dex.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }}
+    {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.dex.serviceAccount.name }}
 {{- end -}}
 {{- end -}}
 {{/*
 Create the name of the redis service account to use
 */}}
 {{- define "argo-cd.redisServiceAccountName" -}}
 {{- if .Values.redis.serviceAccount.create -}}
    {{ default (include "argo-cd.redis.fullname" .) .Values.redis.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.redis.serviceAccount.name }}
 {{- end -}}
 {{- end -}}
 {{/*
 Create the name of the ArgoCD server service account to use
 */}}
 {{- define "argo-cd.serverServiceAccountName" -}}
 {{- if .Values.server.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }}
+    {{ default (include "argo-cd.server.fullname" .) .Values.server.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.server.serviceAccount.name }}
 {{- end -}}
@ -104,7 +115,7 @@ Create the name of the repo-server service account to use
 */}}
 {{- define "argo-cd.repoServerServiceAccountName" -}}
 {{- if .Values.repoServer.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }}
+    {{ default (include "argo-cd.repoServer.fullname" .) .Values.repoServer.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.repoServer.serviceAccount.name }}
 {{- end -}}
@ -144,7 +155,9 @@ app.kubernetes.io/component: {{ .component }}
 Return the appropriate apiVersion for ingress
 */}}
 {{- define "argo-cd.ingress.apiVersion" -}}
-{{- if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}}
+{{- if .Values.apiVersionOverrides.ingress -}}
 {{- print .Values.apiVersionOverrides.ingress -}}
 {{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}}
 {{- print "extensions/v1beta1" -}}
 {{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" $) -}}
 {{- print "networking.k8s.io/v1beta1" -}}
--- a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml
@ -0,0 +1,19 @@
 {{- if .Values.global.networkPolicy.create }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
  name: {{ template "argo-cd.controller.fullname" . }}
 spec:
  ingress:
  - from:
    - namespaceSelector: {}
    ports:
    - port: controller
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml
+++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml
@ -0,0 +1,16 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  {{- if .Values.configs.gpgKeysAnnotations }}
  annotations:
    {{- range $key, $value := .Values.configs.gpgKeysAnnotations }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }}
  name: argocd-gpg-keys-cm
 {{- with .Values.configs.gpgKeys }}
 data:
  {{- toYaml . | nindent 2 }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml
@ -72,8 +72,10 @@ spec:
        {{- end }}
        volumeMounts:
        {{- if .Values.repoServer.volumeMounts }}
-{{- toYaml .Values.repoServer.volumeMounts | nindent 8}}
+          {{- toYaml .Values.repoServer.volumeMounts | nindent 8 }}
        {{- end }}
        - mountPath: /app/config/gpg/source
          name: gpg-keys
        - mountPath: /app/config/gpg/keys
          name: gpg-keyring
        {{- if .Values.configs.knownHosts }}
@ -134,8 +136,11 @@ spec:
 {{- end }}
      volumes:
      {{- if .Values.repoServer.volumes }}
-{{- toYaml .Values.repoServer.volumes | nindent 6}}
+        {{- toYaml .Values.repoServer.volumes | nindent 6 }}
      {{- end }}
      - name: gpg-keys
        configMap:
          name: argocd-gpg-keys-cm
      - emptyDir: {}
        name: gpg-keyring
      {{- if .Values.configs.knownHosts }}
--- a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml
@ -0,0 +1,31 @@
 {{- if .Values.global.networkPolicy.create }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
  name: {{ template "argo-cd.repoServer.fullname" . }}
 spec:
  ingress:
  - from:
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }}
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }}
    ports:
    - port: repo-server
      protocol: TCP
  {{- if .Values.repoServer.metrics.enabled }}
  - from:
    - namespaceSelector: {}
    ports:
    - port: metrics
  {{- end }}
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml
@ -17,7 +17,7 @@ metadata:
 spec:
  endpoints:
    - port: metrics
-      {{- with .Values.controller.metrics.serviceMonitor.interval }}
+      {{- with .Values.repoServer.metrics.serviceMonitor.interval }}
      interval: {{ . }}
      {{- end }}
      path: /metrics
--- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml
+++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml
@ -0,0 +1,24 @@
 {{- if and .Values.server.ingressGrpc.enabled .Values.server.ingressGrpc.isAWSALB -}}
 apiVersion: v1
 kind: Service
 metadata:
  annotations:
    alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }}
  name: {{ template "argo-cd.server.fullname" . }}-grpc
 spec:
  ports:
  - name: {{ .Values.server.service.servicePortHttpName }}
    protocol: TCP
    port: {{ .Values.server.service.servicePortHttp }}
    targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
  - name: {{ .Values.server.service.servicePortHttpsName }}
    protocol: TCP
    port: {{ .Values.server.service.servicePortHttps }}
    targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
  selector:
    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }}
  sessionAffinity: None
  type: ClusterIP
 {{- end -}}
--- a/charts/argo-cd/templates/argocd-server/certificate.yaml
+++ b/charts/argo-cd/templates/argocd-server/certificate.yaml
@ -1,5 +1,7 @@
 {{- if .Values.server.certificate.enabled -}}
-{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1" }}
+{{- if .Values.apiVersionOverrides.certmanager -}}
 apiVersion: {{ .Values.apiVersionOverrides.certmanager }}
 {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" }}
 apiVersion: cert-manager.io/v1
 {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }}
 apiVersion: cert-manager.io/v1alpha3
@ -23,5 +25,5 @@ spec:
  issuerRef:
    kind: {{ .Values.server.certificate.issuer.kind | quote }}
    name: {{ .Values.server.certificate.issuer.name | quote }}
-  secretName: argocd-tls-certificate
+  secretName: {{ .Values.server.certificate.secretName | quote }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-server/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-server/deployment.yaml
@ -90,6 +90,8 @@ spec:
          subPath: "custom.styles.css"
          name: custom-styles
        {{- end }}
        - mountPath: /tmp
          name: tmp-dir
        ports:
        - name: {{ .Values.server.name }}
          containerPort: {{ .Values.server.containerPort }}
@ -149,6 +151,8 @@ spec:
      {{- end }}
      - emptyDir: {}
        name: static-files
      - emptyDir: {}
        name: tmp-dir
      {{- if .Values.configs.styles }}
      - configMap:
          name: argocd-custom-styles
--- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
@ -1,8 +1,9 @@
-{{- if .Values.server.ingressGrpc.enabled -}}
+{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}}
 {{- $serviceName := include "argo-cd.server.fullname" . -}}
 {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
 {{- $paths := .Values.server.ingressGrpc.paths -}}
 {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}}
 {{- $pathType := .Values.server.ingressGrpc.pathType -}}
 apiVersion: {{ include "argo-cd.ingress.apiVersion" . }}
 kind: Ingress
 metadata:
@ -36,7 +37,7 @@ spec:
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
-            pathType: Prefix
+            pathType: {{ $pathType }}
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
@ -63,7 +64,7 @@ spec:
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
-            pathType: Prefix
+            pathType: {{ $pathType }}
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
--- a/charts/argo-cd/templates/argocd-server/ingress.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress.yaml
@ -3,6 +3,7 @@
 {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}}
 {{- $paths := .Values.server.ingress.paths -}}
 {{- $extraPaths := .Values.server.ingress.extraPaths -}}
 {{- $pathType := .Values.server.ingress.pathType -}}
 apiVersion: {{ include "argo-cd.ingress.apiVersion" . }}
 kind: Ingress
 metadata:
@ -11,6 +12,10 @@ metadata:
  {{- range $key, $value := .Values.server.ingress.annotations }}
    {{ $key }}: {{ $value | quote }}
  {{- end }}
  {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }}
    alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: |
      [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}]
  {{- end }}
 {{- end }}
  name: {{ template "argo-cd.server.fullname" . }}
  labels:
@ -34,10 +39,30 @@ spec:
          {{- toYaml $extraPaths | nindent 10 }}
          {{- end }}
          {{- range $p := $paths }}
          {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: Prefix
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ template "argo-cd.server.fullname" $ }}-grpc
                port:
                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
                  {{- else }}
                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc
              servicePort: {{ $servicePort }}
              {{- end }}
            {{- end }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: {{ $pathType }}
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
@ -63,7 +88,7 @@ spec:
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
-            pathType: Prefix
+            pathType: {{ $pathType }}
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
--- a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml
@ -0,0 +1,16 @@
 {{- if .Values.global.networkPolicy.create }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
  name: {{ template "argo-cd.server.fullname" . }}
 spec:
  ingress:
  - {}
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/crds.yaml
+++ b/charts/argo-cd/templates/crds.yaml
@ -1,6 +0,0 @@
 {{- if .Values.installCRDs }}
 {{- range $path, $_ := .Files.Glob "crds/*.yaml" }}
 {{ $.Files.Get $path }}
 ---
 {{- end }}
 {{- end }}
--- a/charts/argo-cd/templates/dex/networkpolicy.yaml
+++ b/charts/argo-cd/templates/dex/networkpolicy.yaml
@ -0,0 +1,31 @@
 {{- if and .Values.global.networkPolicy.create .Values.dex.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }}
  name: {{ template "argo-cd.dex.fullname" . }}
 spec:
  ingress:
  - from:
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }}
    ports:
    - port: http
      protocol: TCP
    - port: grpc
      protocol: TCP
  {{- if .Values.dex.metrics.enabled }}
  - from:
    - namespaceSelector: {}
    ports:
    - port: metrics
      protocol: TCP
  {{- end }}
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/networkpolicy-default-deny.yaml
+++ b/charts/argo-cd/templates/networkpolicy-default-deny.yaml
@ -0,0 +1,12 @@
 {{- if and .Values.global.networkPolicy.create .Values.global.networkPolicy.defaultDenyIngress }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }}
  name: {{ template "argo-cd.fullname" . }}-default-deny
 spec:
  podSelector: {}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/redis/deployment.yaml
+++ b/charts/argo-cd/templates/redis/deployment.yaml
@ -30,7 +30,8 @@ spec:
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
-      automountServiceAccountToken: false
+      automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }}
      serviceAccountName: {{ template "argo-cd.redisServiceAccountName" . }}
      {{- if .Values.redis.securityContext }}
      securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }}
      {{- end }}
@ -58,8 +59,8 @@ spec:
        {{- end }}
        ports:
        - containerPort: {{ .Values.redis.containerPort }}
          name: redis
 {{- if .Values.redis.volumeMounts }}
        volumeMounts:
 {{- toYaml .Values.redis.volumeMounts | nindent 10 }}
 {{- end }}
--- a/charts/argo-cd/templates/redis/networkpolicy.yaml
+++ b/charts/argo-cd/templates/redis/networkpolicy.yaml
@ -0,0 +1,29 @@
 {{- $redisHa := (index .Values "redis-ha") -}}
 {{- if and .Values.global.networkPolicy.create .Values.redis.enabled (not $redisHa.enabled) }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }}
  name: {{ template "argo-cd.redis.fullname" . }}
 spec:
  ingress:
  - from:
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }}
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 10 }}
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }}
    ports:
    - port: redis
      protocol: TCP
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/redis/serviceaccount.yaml
+++ b/charts/argo-cd/templates/redis/serviceaccount.yaml
@ -0,0 +1,15 @@
 {{- if and .Values.redis.enabled .Values.redis.serviceAccount.create }}
 apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }}
 metadata:
  name: {{ template "argo-cd.redisServiceAccountName" . }}
 {{- if .Values.redis.serviceAccount.annotations }}
  annotations:
  {{- range $key, $value := .Values.redis.serviceAccount.annotations }}
    {{ $key }}: {{ $value | quote }}
  {{- end }}
 {{- end }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }}
 {{- end }}
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@ -5,13 +5,10 @@ nameOverride: argocd
 fullnameOverride: ""
 kubeVersionOverride: ""
 # Optional CRD installation for those without Helm hooks
 installCRDs: true
 global:
  image:
    repository: quay.io/argoproj/argocd
-    tag: v2.0.3
+    tag: v2.0.5
    imagePullPolicy: IfNotPresent
  securityContext: {}
  #  runAsUser: 999
@ -23,6 +20,17 @@ global:
  #   hostnames:
  #   - git.myhostname
  networkPolicy:
    create: false
    defaultDenyIngress: false
 # Override APIVersions
 # If you want to template helm charts but cannot access k8s API server
 # you can set api versions here
 apiVersionOverrides:
  certmanager: "" # cert-manager.io/v1
  ingress: "" # networking.k8s.io/v1beta1
 ## Controller
 controller:
  name: application-controller
@ -214,6 +222,10 @@ dex:
    serviceMonitor:
      enabled: false
      interval: 30s
      # selector:
      #   prometheus: kube-prometheus
      # namespace: monitoring
      # additionalLabels: {}
  image:
    repository: ghcr.io/dexidp/dex
@ -357,6 +369,14 @@ redis:
    fsGroup: 1000
    runAsNonRoot: true
  serviceAccount:
    create: false
    name: ""
    ## Annotations applied to created service account
    annotations: {}
    ## Automount API credentials for the Service Account
    automountServiceAccountToken: false
  resources: {}
  #  limits:
  #    cpu: 200m
@ -494,8 +514,11 @@ server:
  certificate:
    enabled: false
    domain: argocd.example.com
-    issuer: {}
+    issuer:
      kind: # ClusterIssuer
      name: # letsencrypt
    additionalHosts: []
    secretName: argocd-server-tls
  ## Server service configuration
  service:
@ -553,6 +576,7 @@ server:
      # - argocd.example.com
    paths:
      - /
    pathType: Prefix
    extraPaths:
      []
      # - path: /*
@ -563,7 +587,7 @@ server:
      # - path: /*
      #   pathType: Prefix
      #   backend:
-      #     service
+      #     service:
      #       name: ssl-redirect
      #       port:
      #         name: use-annotation
@ -577,6 +601,7 @@ server:
  # https://argoproj.github.io/argo-cd/operator-manual/ingress/
  ingressGrpc:
    enabled: false
    isAWSALB: false
    annotations: {}
    labels: {}
    ingressClassName: ""
@ -590,6 +615,7 @@ server:
      # - argocd.example.com
    paths:
      - /
    pathType: Prefix
    extraPaths:
      []
      # - path: /*
@ -600,7 +626,7 @@ server:
      # - path: /*
      #   pathType: Prefix
      #   backend:
-      #     service
+      #     service:
      #       name: ssl-redirect
      #       port:
      #         name: use-annotation
@ -973,6 +999,27 @@ configs:
    #       insecure: false
    #       caData: "<base64 encoded certificate>"
  gpgKeysAnnotations: {}
  gpgKeys: {}
    # 4AEE18F83AFDEB23: |
    #     -----BEGIN PGP PUBLIC KEY BLOCK-----
    #
    #     mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta
    #     x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT
    #     SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ
    #     7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa
    #     buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v
    #     yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs
    #     b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW
    #     BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf
    #     DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6
    #     9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws
    #     +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5
    #     4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O
    #     j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48=
    #     =Bvzs
    #     -----END PGP PUBLIC KEY BLOCK-----
  knownHostsAnnotations: {}
  knownHosts:
    data:
--- a/charts/argo-events/.helmignore
+++ b/charts/argo-events/.helmignore
@ -19,3 +19,4 @@
 .project
 .idea/
 *.tmproj
 ci/
--- a/charts/argo-events/Chart.yaml
+++ b/charts/argo-events/Chart.yaml
@ -1,7 +1,7 @@
 apiVersion: v2
 description: A Helm chart to install Argo-Events in k8s Cluster
 name: argo-events
-version: 1.6.2
+version: 1.7.0
 keywords:
  - argo-events
  - sensor-controller
@ -15,3 +15,6 @@ maintainers:
 appVersion: 1.3.1
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 home: https://github.com/argoproj/argo-helm
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Ability to specify additional/custom environment variables"
--- a/charts/argo-events/README.md
+++ b/charts/argo-events/README.md
@ -15,6 +15,6 @@ This is a **community maintained** chart. It installs the [argo-events](https://
 ## Notes on CRD Installation
-Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart.
+Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart.
 You can install the CRDs manually from `crds` folder.
--- a/charts/argo-events/templates/argo-events-cluster-roles.yaml
+++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml
@ -1,5 +1,4 @@
 {{- if not .Values.singleNamespace }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
@ -26,9 +25,9 @@ kind: ClusterRole
 metadata:
  name: argo-events-role
 rules:
-{{- if .Values.additionalServiceAccountRules }}
+  {{- with .Values.additionalServiceAccountRules }}
-{{ .Values.additionalServiceAccountRules | toYaml | nindent 2}}
+    {{- toYaml . | nindent 2 }}
-{{- end }}
+  {{- end }}
  - apiGroups:
      - argoproj.io
    verbs:
--- a/charts/argo-events/templates/argo-events-roles.yaml
+++ b/charts/argo-events/templates/argo-events-roles.yaml
@ -1,5 +1,4 @@
 {{- if .Values.singleNamespace }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
@ -28,8 +27,8 @@ metadata:
  name: argo-events-role
  namespace: {{ .Release.Namespace }}
 rules:
-  {{- if .Values.additionalServiceAccountRules }}
+  {{- with .Values.additionalServiceAccountRules }}
-  {{ .Values.additionalServiceAccountRules | toYaml | nindent 2}}
+    {{- toYaml . | nindent 2 }}
  {{- end }}
  - apiGroups:
      - argoproj.io
--- a/charts/argo-events/templates/eventbus-crd.yaml
+++ b/charts/argo-events/templates/eventbus-crd.yaml
@ -1,44 +0,0 @@
 {{- if .Values.installCRD }}
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  name: eventbus.argoproj.io
  annotations:
    helm.sh/hook: crd-install
    helm.sh/hook-delete-policy: before-hook-creation
 spec:
  group: argoproj.io
  names:
    kind: EventBus
    listKind: EventBusList
    plural: eventbus
    shortNames:
      - eb
    singular: eventbus
  scope: Namespaced
  versions:
    - name: v1alpha1
      served: true
      storage: true
      schema:
        openAPIV3Schema:
          properties:
            apiVersion:
              type: string
            kind:
              type: string
            metadata:
              type: object
            spec:
              type: object
              x-kubernetes-preserve-unknown-fields: true
            status:
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
          - metadata
          - spec
          type: object
      subresources:
        status: {}
 {{- end }}
--- a/charts/argo-events/templates/eventsource-crd.yaml
+++ b/charts/argo-events/templates/eventsource-crd.yaml
@ -1,44 +0,0 @@
 {{- if .Values.installCRD }}
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  name: eventsources.argoproj.io
  annotations:
    helm.sh/hook: crd-install
    helm.sh/hook-delete-policy: before-hook-creation
 spec:
  group: argoproj.io
  scope: Namespaced
  names:
    kind: EventSource
    plural: eventsources
    singular: eventsource
    listKind: EventSourceList
    shortNames:
      - es
  versions:
    - name: v1alpha1
      served: true
      storage: true
      schema:
        openAPIV3Schema:
          properties:
            apiVersion:
              type: string
            kind:
              type: string
            metadata:
              type: object
            spec:
              type: object
              x-kubernetes-preserve-unknown-fields: true
            status:
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
          - metadata
          - spec
          type: object
      subresources:
        status: {}
 {{- end }}
--- a/charts/argo-events/templates/sensor-crd.yaml
+++ b/charts/argo-events/templates/sensor-crd.yaml
@ -1,45 +0,0 @@
 {{- if .Values.installCRD }}
 # Define a "sensor" custom resource definition
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  name: sensors.argoproj.io
  annotations:
    helm.sh/hook: crd-install
    helm.sh/hook-delete-policy: before-hook-creation
 spec:
  group: argoproj.io
  names:
    kind: Sensor
    listKind: SensorList
    plural: sensors
    singular: sensor
    shortNames:
      - sn
  scope: Namespaced
  versions:
    - name: v1alpha1
      served: true
      storage: true
      schema:
        openAPIV3Schema:
          properties:
            apiVersion:
              type: string
            kind:
              type: string
            metadata:
              type: object
            spec:
              type: object
              x-kubernetes-preserve-unknown-fields: true
            status:
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
          - metadata
          - spec
          type: object
      subresources:
        status: {}
 {{- end }}
--- a/charts/argo-events/values.yaml
+++ b/charts/argo-events/values.yaml
@ -8,9 +8,6 @@ imagePullPolicy: Always
 imagePullSecrets: []
 # - name: argo-pull-secret
 # If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation.
 installCRD: true
 # ServiceAccount to use for running controller.
 serviceAccount: argo-events-sa
--- a/charts/argo-rollouts/Chart.yaml
+++ b/charts/argo-rollouts/Chart.yaml
@ -1,11 +1,14 @@
 apiVersion: v2
-appVersion: "v1.0.1"
+appVersion: "v1.0.2"
 description: A Helm chart for Argo Rollouts
 name: argo-rollouts
-version: 1.0.1
+version: 1.0.3
 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
 home: https://github.com/argoproj/argo-helm
 maintainers:
  - name: alexmt
  - name: dthomson25
  - name: jessesuen
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Initialize Changelog"
--- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml
@ -77,10 +77,12 @@ rules:
  - watch
  - patch
 # secret read access to run analysis templates which reference secrets
 # configmap access to read notification-engine configuration
 - apiGroups:
  - ""
  resources:
  - secrets
  - configmaps
  verbs:
  - get
  - list
--- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml
@ -67,10 +67,12 @@ rules:
  - watch
  - patch
 # secret read access to run analysis templates which reference secrets
 # configmap access to read notification-engine configuration
 - apiGroups:
  - ""
  resources:
  - secrets
  - configmaps
  verbs:
  - get
  - list
--- a/charts/argo-workflows/.helmignore
+++ b/charts/argo-workflows/.helmignore
@ -19,3 +19,4 @@
 .project
 .idea/
 *.tmproj
 ci/
--- a/charts/argo-workflows/Chart.yaml
+++ b/charts/argo-workflows/Chart.yaml
@ -2,8 +2,8 @@ apiVersion: v2
 name: argo-workflows
 description: A Helm chart for Argo Workflows
 type: application
-version: 0.2.2
+version: 0.2.12
-appVersion: "v3.0.2"
+appVersion: "v3.0.7"
 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png
 home: https://github.com/argoproj/argo-helm
 sources:
@ -13,3 +13,6 @@ maintainers:
  - name: alexmt
  - name: jessesuen
  - name: benjaminws
 annotations:
  artifacthub.io/changes: |
    - "[Changed]: Argo workflows values file no longer has examples referencing ArgoCD"
--- a/charts/argo-workflows/README.md
+++ b/charts/argo-workflows/README.md
@ -10,7 +10,7 @@ This chart uses an install hook to configure the CRD definition. Installation of
 A few options are:
- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute
+- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec
 - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
 ## Usage Notes
--- a/charts/argo-workflows/crds/argoproj.io_workflows.yaml
+++ b/charts/argo-workflows/crds/argoproj.io_workflows.yaml
@ -36,9 +36,11 @@ spec:
          spec:
            type: object
            x-kubernetes-preserve-unknown-fields: true
            x-kubernetes-map-type: atomic
          status:
            type: object
            x-kubernetes-preserve-unknown-fields: true
            x-kubernetes-map-type: atomic
        required:
        - metadata
        - spec
--- a/charts/argo-workflows/templates/_helpers.tpl
+++ b/charts/argo-workflows/templates/_helpers.tpl
@ -94,11 +94,18 @@ Create the name of the controller service account to use
 Return the appropriate apiVersion for ingress
 */}}
 {{- define "argo-workflows.ingress.apiVersion" -}}
-{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}}
+{{- if semverCompare "<1.14-0" (include "argo-workflows.kubeVersion" $) -}}
 {{- print "extensions/v1beta1" -}}
-{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.Version -}}
+{{- else if semverCompare "<1.19-0" (include "argo-workflows.kubeVersion" $) -}}
 {{- print "networking.k8s.io/v1beta1" -}}
 {{- else -}}
 {{- print "networking.k8s.io/v1" -}}
 {{- end -}}
 {{- end -}}
 {{/*
 Return the target Kubernetes version
 */}}
 {{- define "argo-workflows.kubeVersion" -}}
  {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }}
 {{- end -}}
--- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
@ -121,8 +121,18 @@ rules:
  resources:
  - leases
  resourceNames:
  {{- if .Values.controller.instanceID.enabled }}
    {{- if .Values.controller.instanceID.useReleaseName }}
  - workflow-controller-{{ .Release.Name }}
  - workflow-controller-lease-{{ .Release.Name }}
    {{- else }}
  - workflow-controller-{{ .Values.controller.instanceID.explicitID }}
  - workflow-controller-lease-{{ .Values.controller.instanceID.explicitID }}
    {{- end }}
  {{- else }}
  - workflow-controller
  - workflow-controller-lease
  {{- end }}
  verbs:
  - get
  - watch
--- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
@ -7,11 +7,11 @@ metadata:
 data:
  config: |
    {{- if .Values.controller.instanceID.enabled }}
-    {{- if .Values.controller.instanceID.useReleaseName }}
+      {{- if .Values.controller.instanceID.useReleaseName }}
    instanceID: {{ .Release.Name }}
-    {{- else }}
+      {{- else }}
    instanceID: {{ .Values.controller.instanceID.explicitID }}
-    {{- end }}
+      {{- end }}
    {{- end }}
    containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }}
    {{- if .Values.controller.parallelism }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml
@ -77,12 +77,8 @@ spec:
          ports:
            - name: metrics
              containerPort: {{ .Values.controller.metricsConfig.port }}
-          livenessProbe:
+            - containerPort: 6060
-            httpGet:
+          livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }}
              port: metrics
              path: {{ .Values.controller.metricsConfig.path }}
            initialDelaySeconds: 30
            periodSeconds: 30
      {{- with .Values.images.pullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
@ -1,3 +1,4 @@
 {{- if .Values.controller.serviceAccount.create }}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@ -6,3 +7,4 @@ metadata:
  annotations:
    {{- toYaml .| nindent 4 }}
  {{- end }}
 {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-rb.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml
@ -1,19 +1,20 @@
 {{- if .Values.workflow.rbac.create -}}
  {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq)  }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ template "argo-workflows.fullname" . }}-workflow
+  name: {{ template "argo-workflows.fullname" $ }}-workflow
-  {{- with .Values.workflow.namespace }}
+  namespace: {{ $namespace }}
  namespace: {{ . }} 
  {{- end }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
-  name: {{ template "argo-workflows.fullname" . }}-workflow
+  name: {{ template "argo-workflows.fullname" $ }}-workflow
 subjects:
- kind: ServiceAccount
+  - kind: ServiceAccount
-  name: {{ .Values.workflow.serviceAccount.name }}
+    name: {{ $.Values.workflow.serviceAccount.name }}
-  {{- with .Values.workflow.namespace }}
+    {{- with $namespace }}
-  namespace: {{ . }}
+    namespace: {{ . }}
    {{- end }}
  {{- end }}
 {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-role.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-role.yaml
@ -1,25 +1,29 @@
 {{- if .Values.workflow.rbac.create -}}
  {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq)  }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: {{ template "argo-workflows.fullname" . }}-workflow
+  name: {{ template "argo-workflows.fullname" $ }}-workflow
-  {{- with .Values.workflow.namespace }}
+    {{- with $namespace }}
  namespace: {{ . }}
-  {{- end }}
+    {{- end }}
 rules:
- apiGroups:
+  - apiGroups:
-  - ""
+      - ""
-  resources:
+    resources:
-  - pods
+      - pods
-  verbs:
+    verbs:
-  - get
+      - get
-  - watch
+      - watch
-  - patch
+      - patch
- apiGroups:
+  - apiGroups:
-  - ""
+      - ""
-  resources:
+    resources:
-  - pods/log
+      - pods/log
-  verbs:
+    verbs:
-  - get
+      - get
-  - watch
+      - watch
  {{- end }}
 {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-sa.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml
@ -1,13 +1,16 @@
 {{- if .Values.workflow.serviceAccount.create -}}
  {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq)  }}
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ .Values.workflow.serviceAccount.name }}
+  name: {{ $.Values.workflow.serviceAccount.name }}
-  {{- with .Values.workflow.namespace }}
+    {{- with $namespace }}
  namespace: {{ . }}
-  {{- end }}
+    {{- end }}
-  {{- with .Values.workflow.serviceAccount.annotations }}
+    {{- with $.Values.workflow.serviceAccount.annotations }}
  annotations:
-    {{- toYaml . | nindent 4 }}
+      {{- toYaml . | nindent 4 }}
    {{- end }}
  {{- end }}
 {{- end }}
--- a/charts/argo-workflows/templates/server/server-ingress.yaml
+++ b/charts/argo-workflows/templates/server/server-ingress.yaml
@ -19,7 +19,7 @@ metadata:
    {{- toYaml .Values.server.ingress.labels | nindent 4 }}
    {{- end }}
 spec:
-  {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+  {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
  {{- with .Values.server.ingress.ingressClassName }}
  ingressClassName: {{ . }}
  {{- end }}
@ -35,11 +35,11 @@ spec:
          {{- end }}
          {{- range $p := $paths }}
          - path: {{ $p }}
-            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: Prefix
            {{- end }}
            backend:
-              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ $serviceName }}
                port:
@ -62,11 +62,11 @@ spec:
          {{- end }}
          {{- range $p := $paths }}
          - path: {{ $p }}
-            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: Prefix
            {{- end }}
            backend:
-              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ $serviceName }}
                port:
--- a/charts/argo-workflows/values.yaml
+++ b/charts/argo-workflows/values.yaml
@ -5,25 +5,34 @@ images:
  pullSecrets: []
  # - name: argo-pull-secret
 init:
  # By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is
  # being deployed to.  In RBAC clusters, that will almost certainly fail.  See the NOTES: section of the readme for more info.
  serviceAccount: ""
 createAggregateRoles: true
 ## String to partially override "argo-workflows.fullname" template
 ##
 nameOverride:
 ## String to fully override "argo-workflows.fullname" template
 ##
 fullnameOverride:
 ## Override the Kubernetes version, which is used to evaluate certain manifests
 ##
 kubeVersionOverride: ""
 # Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents,
 # and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy.
 singleNamespace: false
 workflow:
-  namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created.
+  namespace: # Deprecated, for backwards compatibility: specify a single namespace to run workflows in
  serviceAccount:
    create: false # Specifies whether a service account should be created
    annotations: {}
    name: "argo-workflow" # Service account which is used to run workflows
  rbac:
-    create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows
+    # Adds Role and RoleBinding for the above specified service account to be able to run workflows
    # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below)
    create: true
 controller:
  image:
@ -97,6 +106,8 @@ controller:
    # Annotations applied to created service account
    annotations: {}
  name: workflow-controller
  # Specify all namespaces to run worksflows need to be able to run in. This controls where the service
  # account and RBAC resources will be created. If unspecified, will run in the default namespace.
  workflowNamespaces:
    - default
  containerRuntimeExecutor: docker
@ -120,6 +131,15 @@ controller:
  # service type `LoadBalancer`
  loadBalancerSourceRanges: []
  resources: {}
  livenessProbe:
    httpGet:
      port: 6060
      path: /healthz
    # Require three failures to tolerate transient errors.
    failureThreshold: 3
    initialDelaySeconds: 90
    periodSeconds: 60
    timeoutSeconds: 30
  ## Extra environment variables to provide to the controller container
  ## extraEnv:
@ -258,7 +278,7 @@ server:
    ##
    hosts:
      []
-      # - argocd.example.com
+      # - argoworkflows.example.com
    paths:
      - /
    extraPaths:
@ -277,9 +297,9 @@ server:
      #         name: use-annotation
    tls:
      []
-      # - secretName: argocd-example-tls
+      # - secretName: argoworkflows-example-tls
      #   hosts:
-      #     - argocd.example.com
+      #     - argoworkflows.example.com
    https: false
  clusterWorkflowTemplates:
--- a/charts/argocd-applicationset/.helmignore
+++ b/charts/argocd-applicationset/.helmignore
@ -21,3 +21,4 @@
 .idea/
 *.tmproj
 .vscode/
 ci/
--- a/charts/argocd-applicationset/Chart.yaml
+++ b/charts/argocd-applicationset/Chart.yaml
@ -2,13 +2,18 @@ apiVersion: v2
 name: argocd-applicationset
 description: A Helm chart for installing ArgoCD ApplicationSet
 type: application
-version: 0.1.5
+version: 1.0.0
 appVersion: "v0.1.0"
 home: https://github.com/argoproj/argo-helm
-icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
+icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png
 keywords:
  - argoproj
  - appset
  - gitops
 maintainers:
  - name: maruina
 annotations:
  artifacthub.io/changes: |
    - "[Removed]: CRD installation via templates folder. CRDs are now only handled via the '/crds' folder in the same way like the ArgoCD chart."
    - "[Removed]: Exclude '/ci' folder from being packaged into the final chart archive."
    - "[Changed]: Fix icon url"
--- a/charts/argocd-applicationset/README.md
+++ b/charts/argocd-applicationset/README.md
@ -10,6 +10,11 @@ This is a **community maintained** chart. This chart installs the [applicationse
 This chart currently installs the non-HA version of Argo CD ApplicationSet.
 ## Prerequisites
 - Helm v3.0.0+
 - The ApplicationSet controller **must** be installed into the same namespace as the Argo CD it is targetting.
 ## Installing the Chart
 To install the chart with the release name `my-release`:
@ -23,10 +28,6 @@ NAME: my-release
 ...
 ```
 ### Helm v3 Compatibility
 Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks.
 ### Testing
 Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing).
@ -38,6 +39,19 @@ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/st
 ct install --namespace argocd
 ```
 ## Notes on CRD Installation
 Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart.
 You then can install the CRDs manually from `crds` folder or via the manifests from the upstream project repo:
 ```console
 kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=<appVersion>
 # Eg. version v0.1.0
 kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=v0.1.0
 ```
 ## Values
 | Key | Type | Default | Description |
@ -56,7 +70,6 @@ ct install --namespace argocd
 | image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. |
 | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
 | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. |
 | installCRDs | bool | `true` | Install Custom Resource Definition |
 | mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume |
 | mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume |
 | mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume |
--- a/charts/argocd-applicationset/ci/default-values.yaml
+++ b/charts/argocd-applicationset/ci/default-values.yaml
@ -4,8 +4,6 @@
 replicaCount: 1
 installCRDs: false # this needs to be false with ct
 image:
  # The image repository
  repository: quay.io/argocdapplicationset/argocd-applicationset
--- a/charts/argocd-applicationset/ci/leader-election-values.yaml
+++ b/charts/argocd-applicationset/ci/leader-election-values.yaml
@ -2,5 +2,3 @@ args:
  enableLeaderElection: true
 replicaCount: 3
 installCRDs: false
--- a/charts/argocd-applicationset/templates/crds.yaml
+++ b/charts/argocd-applicationset/templates/crds.yaml
@ -1,6 +0,0 @@
 {{- if .Values.installCRDs }}
 {{- range $path, $_ := .Files.Glob "crds/*.yaml" }}
 {{ $.Files.Get $path }}
 ---
 {{- end }}
 {{- end }}
--- a/charts/argocd-applicationset/templates/deployment.yaml
+++ b/charts/argocd-applicationset/templates/deployment.yaml
@ -98,3 +98,6 @@ spec:
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.priorityClassName }}
      priorityClassName: {{ . }}
      {{- end }}
--- a/charts/argocd-applicationset/values.yaml
+++ b/charts/argocd-applicationset/values.yaml
@ -4,8 +4,6 @@
 replicaCount: 1
 installCRDs: true
 image:
  # The image repository
  repository: quay.io/argocdapplicationset/argocd-applicationset
@ -71,6 +69,8 @@ tolerations: []
 affinity: {}
 priorityClassName: ""
 mountSSHKnownHostsVolume: true
 mountTLSCertsVolume: true
 mountGPGKeysVolume: false
--- a/charts/argocd-notifications/Chart.yaml
+++ b/charts/argocd-notifications/Chart.yaml
@ -3,7 +3,7 @@ appVersion: 1.1.1
 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD.
 name: argocd-notifications
 type: application
-version: 1.3.2
+version: 1.4.1
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 keywords:
@ -13,3 +13,6 @@ keywords:
 maintainers:
  - name: alexmt
  - name: andyfeller
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Initialize Changelog"
--- a/charts/argocd-notifications/templates/service-metrics.yaml
+++ b/charts/argocd-notifications/templates/service-metrics.yaml
@ -5,6 +5,13 @@ metadata:
  name: {{ include "argocd-notifications.name" . }}-metrics
  labels:
    {{- include "argocd-notifications.metrics.labels" . | nindent 4 }}
    {{- with .Values.metrics.service.labels }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
  {{- with .Values.metrics.service.annotations  }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 spec:
  selector:
    {{- include "argocd-notifications.selectorLabels" . | nindent 4 }}
--- a/charts/argocd-notifications/values.yaml
+++ b/charts/argocd-notifications/values.yaml
@ -52,6 +52,9 @@ extraArgs: []
 metrics:
  enabled: false
  port: 9001
  service:
    annotations: {}
    labels: {}
  serviceMonitor:
    enabled: false
    additionalLabels: {}