DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into master

Browse source
This commit is contained in:
Marco Kilchhofer 2021-08-24 17:09:52 +02:00 committed by GitHub
commit 4f37711cd3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 85 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
charts/argo-cd/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
appVersion: 2.1.0
description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 3.14.0
version: 3.15.1
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-cd/assets/logo.png
keywords:

28
charts/argo-cd/README.md
View file

@ -36,7 +36,7 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop
### 3.13.0
This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field
This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field
### 3.10.2
@ -71,7 +71,7 @@ server:
Please check if you are affected by one of these cases **before you upgrade**, especially when you use **cloud IAM roles for service accounts.** (eg. IRSA on AWS or Workload Identity for GKE)
### 3.2.*
### 3.2.*
With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637).
[Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an ArgoCD instance**,
@ -81,7 +81,7 @@ If you are running a cluster version prior to `1.19` you can avoid this issue by
```yaml
kubeVersionOverride: "1.18.0"
```
```
Then you should no longer encounter this issue.
@ -142,6 +142,8 @@ NAME: my-release
| global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` |
| global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` |
| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` |
| global.podAnnotations | Annotations for the all deployed pods |
| global.podLabels | Labels for the all deployed pods |
| global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) |
| global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` |
| global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` |
@ -395,13 +397,27 @@ NAME: my-release
| dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
| dex.podAnnotations | Annotations for the Dex server pods | `{}` |
| dex.podLabels | Labels for the Dex server pods | `{}` |
| dex.livenessProbe.enabled | Enable Kubernetes liveness probe for Dex >= 2.28.0 | `false` |
| dex.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
| dex.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` |
| dex.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
| dex.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
| dex.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
| dex.readinessProbe.enabled | Enable Kubernetes readiness probe for Dex >= 2.28.0 | `false` |
| dex.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
| dex.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` |
| dex.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
| dex.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
| dex.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
| dex.priorityClassName | Priority class for dex | `""` |
| dex.resources | Resource limits and requests for dex | `{}` |
| dex.serviceAccount.automountServiceAccountToken | Automount API credentials for the Service Account | `true` |
| dex.serviceAccount.create | Create dex service account | `true` |
| dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` |
| dex.servicePortGrpc | Server GRPC port | `5557` |
| dex.servicePortGrpcName | Server GRPC port name | `grpc` |
| dex.servicePortHttp | Server HTTP port | `5556` |
| dex.servicePortHttpName | Server GRPC port name | `http` |
| dex.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
| dex.volumeMounts | Dex volume mounts | `"/shared"` |
| dex.volumes | Dex volumes | `{}` |
@ -449,14 +465,14 @@ through `xxx.extraArgs`
### Using AWS ALB Ingress Controller With GRPC
If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service.
If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service.
Example:
```yaml
server:
ingress:
enabled: true
annotations:
annotations:
alb.ingress.kubernetes.io/backend-protocol: HTTPS
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
alb.ingress.kubernetes.io/scheme: internal
@ -466,5 +482,5 @@ server:
isAWSALB: true
awsALB:
serviceType: ClusterIP
```

10
charts/argo-cd/templates/argocd-application-controller/deployment.yaml
View file

@ -17,17 +17,15 @@ spec:
replicas: {{ .Values.controller.replicas }}
template:
metadata:
{{- if .Values.controller.podAnnotations }}
{{- with (mergeOverwrite .Values.global.podAnnotations .Values.controller.podAnnotations) }}
annotations:
{{- range $key, $value := .Values.controller.podAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }}
app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }}
{{- if .Values.controller.podLabels }}
{{- toYaml .Values.controller.podLabels | nindent 8 }}
{{- with (mergeOverwrite .Values.global.podLabels .Values.controller.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.global.imagePullSecrets }}

10
charts/argo-cd/templates/argocd-repo-server/deployment.yaml
View file

@ -16,17 +16,15 @@ spec:
{{- end }}
template:
metadata:
{{- if .Values.repoServer.podAnnotations }}
{{- with (mergeOverwrite .Values.global.podAnnotations .Values.repoServer.podAnnotations) }}
annotations:
{{- range $key, $value := .Values.repoServer.podAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }}
app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }}
{{- if .Values.repoServer.podLabels }}
{{- toYaml .Values.repoServer.podLabels | nindent 8 }}
{{- with (mergeOverwrite .Values.global.podLabels .Values.repoServer.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.global.imagePullSecrets }}

10
charts/argo-cd/templates/argocd-server/deployment.yaml
View file

@ -16,17 +16,15 @@ spec:
{{- end }}
template:
metadata:
{{- if .Values.server.podAnnotations }}
{{- with (mergeOverwrite .Values.global.podAnnotations .Values.server.podAnnotations) }}
annotations:
{{- range $key, $value := .Values.server.podAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }}
app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }}
{{- if .Values.server.podLabels }}
{{- toYaml .Values.server.podLabels | nindent 8 }}
{{- with (mergeOverwrite .Values.global.podLabels .Values.server.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.global.imagePullSecrets }}

28
charts/argo-cd/templates/dex/deployment.yaml
View file

@ -12,17 +12,15 @@ spec:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }}
template:
metadata:
{{- if .Values.dex.podAnnotations }}
{{- with (mergeOverwrite .Values.global.podAnnotations .Values.dex.podAnnotations) }}
annotations:
{{- range $key, $value := .Values.dex.podAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 8 }}
app.kubernetes.io/version: {{ .Values.dex.image.tag | quote }}
{{- if .Values.dex.podLabels }}
{{- toYaml .Values.dex.podLabels | nindent 8 }}
{{- with (mergeOverwrite .Values.global.podLabels .Values.dex.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.global.imagePullSecrets }}
@ -73,10 +71,26 @@ spec:
- name: grpc
containerPort: {{ .Values.dex.containerPortGrpc }}
protocol: TCP
{{- if .Values.dex.metrics.enabled }}
- name: metrics
containerPort: {{ .Values.dex.containerPortMetrics }}
protocol: TCP
{{- if .Values.dex.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /healthz/live
port: metrics
{{- with .Values.dex.livenessProbe }}
{{- omit . "enabled" | toYaml | nindent 10 }}
{{- end }}
{{- end }}
{{- if .Values.dex.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /healthz/ready
port: metrics
{{- with .Values.dex.readinessProbe }}
{{- omit . "enabled" | toYaml | nindent 10 }}
{{- end }}
{{- end }}
volumeMounts:
- mountPath: /tmp

4
charts/argo-cd/templates/dex/service.yaml
View file

@ -16,11 +16,11 @@ metadata:
{{- end }}
spec:
ports:
- name: http
- name: {{ .Values.dex.servicePortHttpName }}
protocol: TCP
port: {{ .Values.dex.servicePortHttp }}
targetPort: http
- name: grpc
- name: {{ .Values.dex.servicePortGrpcName }}
protocol: TCP
port: {{ .Values.dex.servicePortGrpc }}
targetPort: grpc

10
charts/argo-cd/templates/redis/deployment.yaml
View file

@ -13,17 +13,15 @@ spec:
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
template:
metadata:
{{- if .Values.redis.podAnnotations }}
{{- with (mergeOverwrite .Values.global.podAnnotations .Values.redis.podAnnotations) }}
annotations:
{{- range $key, $value := .Values.redis.podAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 8 }}
app.kubernetes.io/version: {{ .Values.redis.image.tag | quote }}
{{- if .Values.redis.podLabels }}
{{- toYaml .Values.redis.podLabels | nindent 8 }}
{{- with (mergeOverwrite .Values.global.podLabels .Values.redis.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.global.imagePullSecrets }}

23
charts/argo-cd/values.yaml
View file

@ -10,6 +10,10 @@ global:
repository: quay.io/argoproj/argocd
tag: v2.1.0
imagePullPolicy: IfNotPresent
## Annotations applied to all pods
podAnnotations: {}
## Labels applied to all pods
podLabels: {}
securityContext: {}
# runAsUser: 999
# runAsGroup: 999
@ -261,6 +265,23 @@ dex:
##
podLabels: {}
## Probes for Dex server
## Supported from Dex >= 2.28.0
livenessProbe:
enabled: false
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
enabled: false
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
serviceAccount:
create: true
name: argocd-dex-server
@ -282,8 +303,10 @@ dex:
## Dex deployment container ports
containerPortHttp: 5556
servicePortHttp: 5556
servicePortHttpName: http
containerPortGrpc: 5557
servicePortGrpc: 5557
servicePortGrpcName: grpc
containerPortMetrics: 5558
servicePortMetrics: 5558