From 87855a4caa34e6a9c0e3286bee6c652c24ec7a2e Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sat, 29 May 2021 16:37:17 +0200 Subject: [PATCH 01/53] fix(argo-cd): Update dex to v2.27.0 (#772) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e8f58a65..d2334076 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.3 +version: 3.6.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 97b14fd0..1b6b1505 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -216,8 +216,8 @@ dex: interval: 30s image: - repository: quay.io/dexidp/dex - tag: v2.26.0 + repository: ghcr.io/dexidp/dex + tag: v2.27.0 imagePullPolicy: IfNotPresent initImage: repository: From 8deaa0a119b65b5cd4320ceb74387d3642f7f572 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:06:26 +0200 Subject: [PATCH 02/53] feat(argo-rollouts): Update manifests for v1.0.1 (#752) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-rollouts): Update manifests for v1.0.1 Signed-off-by: Marco Kilchhofer * fix: add template function for labels Signed-off-by: Marco Kilchhofer * fix: Apply changes from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-rollouts/Chart.yaml | 6 +- charts/argo-rollouts/README.md | 65 ++++++++++++------- charts/argo-rollouts/templates/_helpers.tpl | 32 +++++++++ .../argo-rollouts-aggregate-roles.yaml | 21 +++--- .../templates/argo-rollouts-clusterrole.yaml | 27 +++++++- .../argo-rollouts-clusterrolebinding.yaml | 9 ++- .../templates/argo-rollouts-deployment.yaml | 38 ++++++----- .../argo-rollouts-metrics-service.yaml | 13 ++-- .../templates/argo-rollouts-role.yaml | 7 +- .../templates/argo-rollouts-rolebinding.yaml | 11 ++-- .../templates/argo-rollouts-sa.yaml | 11 +++- .../argo-rollouts-service-monitor.yaml | 16 ++--- .../templates/crds/analysis-run-crd.yaml | 9 ++- .../templates/crds/analysis-template-crd.yaml | 9 ++- .../crds/cluster-analysis-template-crd.yaml | 9 ++- .../templates/crds/experiment-crd.yaml | 4 +- .../templates/crds/rollout-crd.yaml | 41 ++++++++++-- charts/argo-rollouts/values.yaml | 27 +++++++- 18 files changed, 248 insertions(+), 107 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index d7fd46ac..65f30638 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ -apiVersion: v1 -appVersion: "0.10.2" +apiVersion: v2 +appVersion: "v1.0.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.5.5 +version: 1.0.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 91d7b9ad..47da9c14 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -1,12 +1,11 @@ -Argo Rollouts Chart -============= -A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. +# Argo Rollouts Chart -Current chart version is `0.5.4` +A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. Source code can be found [here](https://github.com/argoproj/argo-rollouts) ## Additional Information + This is a **community maintained** chart. This chart installs [argo-rollouts](https://argoproj.github.io/argo-rollouts/), progressive delivery for Kubernetes. The default installation is intended to be similar to the provided Argo Rollouts [releases](https://github.com/argoproj/argo-rollouts/releases). @@ -14,6 +13,7 @@ The default installation is intended to be similar to the provided Argo Rollouts ## Prerequisites - Kubernetes 1.7+ +- Helm v3.0.0+ ## Installing the Chart @@ -22,27 +22,48 @@ To install the chart with the release name `my-release`: ```console $ helm repo add argo https://argoproj.github.io/argo-helm -$ helm install --name my-release argo/argo-rollouts +$ helm install my-release argo/argo-rollouts ``` ## Chart Values | Key | Type | Default | Description | |-----|------|---------|-------------| -| clusterInstall | bool | `true` | | -| controller.component | string | `"rollouts-controller"` | | -| controller.image.pullPolicy | string | `"IfNotPresent"` | | -| controller.image.repository | string | `"argoproj/argo-rollouts"` | | -| controller.image.tag | string | `"v0.10.2"` | | -| controller.name | string | `"argo-rollouts"` | | -| controller.resources | Resource limits and requests for the controller pods. | `{}` | -| controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | -| controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | -| controller.metrics.serviceMonitor.enabled | bool | `false` | | -| imagePullSecrets | list | `[]` | | -| installCRDs | bool | `true` | | -| crdAnnotations | object | `{}` | | -| podAnnotations | object | `{}` | | -| podLabels | object | `{}` | | -| serviceAccount.name | string | `"argo-rollouts"` | | +| clusterInstall | bool | `true` | `false` runs controller in namespaced mode (does not require cluster RBAC) | +| controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | +| controller.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| controller.image.registry | string | `quay.io` | Registry to use | +| controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | +| controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | +| controller.resources | object | `{}` | Resource limits and requests for the controller pods. | +| controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | +| controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | +| controller.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | +| controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | +| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | +| imagePullSecrets | list | `[]` | Registry secret names as an array | +| installCRDs | bool | `true` | Install and upgrade CRDs | +| crdAnnotations | object | `{}` | Annotations to be added to all CRDs | +| podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | +| podLabels | object | `{}` | Labels to be added to the Rollout pods | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | +| containerSecurityContext | object | `{}` | Security Context to set on container level | + +## Upgrading + +### To 1.0.0 + +* This is a breaking change which only supports Helm v3.0.0+ now. If you still use Helm v2, please consider upgrading because v2 is EOL since November 2020. + To migrate to Helm v3 please have a look at the [Helm 2to3 Plugin](https://github.com/helm/helm-2to3). This tool will convert the existing ConfigMap used for Tiller to a Secret of type `helm.sh/release.v1`. +* `quay.io` is the default registry now +* We introduce a template function for the labels here to reduce code duplication. This also affects the Deployment `matchLabels` selector. + To upgrade an existing installation, please **add the `--force` parameter** to the `helm upgrade` command or **delete the Deployment resource** before you upgrade. This is necessary because Deployment's label selector is immutable. +* All resources are now prefixed with the template `"argo-rollouts.fullname"`. + This enables the users to override resource names via the `nameOverride` and `fullnameOverride` parameters. +* Breaking parameters update + * `securityContext` was renamed to `containerSecurityContext` + * Added `controller.image.registry`. Prior to this chart version you had to override the registry via `controller.image.repository` diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 48744885..2e5153b5 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -30,3 +30,35 @@ Create chart name and version as used by the chart label. {{- define "argo-rollouts.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} + +{{/* +Common labels +*/}} +{{- define "argo-rollouts.labels" -}} +helm.sh/chart: {{ include "argo-rollouts.chart" . }} +{{ include "argo-rollouts.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/part-of: argo-rollouts +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "argo-rollouts.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argo-rollouts.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "argo-rollouts.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "argo-rollouts.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml b/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml index 715aa001..ab3ac6dd 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml @@ -2,12 +2,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-aggregate-to-view + name: {{ include "argo-rollouts.fullname" . }}-aggregate-to-view labels: rbac.authorization.k8s.io/aggregate-to-view: "true" - app.kubernetes.io/component: aggregate-cluster-role - app.kubernetes.io/name: {{ .Release.Name }}-aggregate-to-view - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io @@ -27,12 +26,11 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-aggregate-to-edit + name: {{ include "argo-rollouts.fullname" . }}-aggregate-to-edit labels: rbac.authorization.k8s.io/aggregate-to-edit: "true" - app.kubernetes.io/component: aggregate-cluster-role - app.kubernetes.io/name: {{ .Release.Name }}-aggregate-to-edit - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io @@ -58,12 +56,11 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-aggregate-to-admin + name: {{ include "argo-rollouts.fullname" . }}-aggregate-to-admin labels: rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/component: aggregate-cluster-role - app.kubernetes.io/name: {{ .Release.Name }}-aggregate-to-admin - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index c3fb9f0c..5872d59d 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -2,11 +2,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-clusterrole + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }}-clusterrole - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io @@ -57,6 +56,16 @@ rules: - update - patch - delete +- apiGroups: + - "" + - apps + resources: + - deployments + - podtemplates + verbs: + - get + - list + - watch # services patch needed to update selector of canary/stable/active/preview services - apiGroups: - "" @@ -135,6 +144,7 @@ rules: - watch - get - update + - patch - list # trafficsplit access needed for using the SMI provider - apiGroups: @@ -147,4 +157,15 @@ rules: - get - update - patch +- apiGroups: + - getambassador.io + resources: + - mappings + verbs: + - create + - watch + - get + - update + - list + - delete {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml index 1d446845..b48ce5b5 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml @@ -2,17 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ .Release.Name }}-clusterrolebinding + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }}-clusterrolebinding - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ .Release.Name }}-clusterrole + name: {{ include "argo-rollouts.fullname" . }} subjects: - kind: ServiceAccount - name: {{ .Values.serviceAccount.name }} + name: {{ include "argo-rollouts.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index 87c84929..fb632312 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -1,50 +1,54 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ .Release.Name }} + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} - {{- if .Values.podLabels }} -{{- toYaml .Values.podLabels | nindent 4 }} - {{- end }} + {{- include "argo-rollouts.labels" . | nindent 4 }} spec: selector: matchLabels: - app.kubernetes.io/name: {{ .Release.Name }} + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + strategy: + type: Recreate template: metadata: - {{- if .Values.podAnnotations }} + {{- with .Values.podAnnotations }} annotations: - {{- range $key, $value := .Values.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: - app.kubernetes.io/name: {{ .Release.Name }} + {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} + {{- range $key, $value := .Values.podLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ .Values.serviceAccount.name }} + serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . }} containers: - - image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" + - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default .Chart.AppVersion .Values.controller.image.tag }}" {{- if not .Values.clusterInstall }} args: - --namespaced {{- end }} imagePullPolicy: {{ .Values.controller.image.pullPolicy }} - name: {{ .Values.controller.name }} + name: argo-rollouts + ports: + - containerPort: 8090 + name: metrics securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} + {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} {{- if .Values.controller.nodeSelector }} nodeSelector: {{- toYaml .Values.controller.nodeSelector | nindent 8 }} {{- end }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} {{- if .Values.controller.tolerations }} tolerations: {{- toYaml .Values.controller.tolerations | nindent 8 }} @@ -53,5 +57,3 @@ spec: affinity: {{- toYaml .Values.controller.affinity | nindent 8 }} {{- end }} - strategy: - type: Recreate diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index 4301b7c8..df6d1291 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -1,14 +1,14 @@ +{{- if .Values.controller.metrics.serviceMonitor.enabled }} apiVersion: v1 kind: Service metadata: - name: {{ .Release.Name }}-metrics + name: {{ include "argo-rollouts.fullname" . }}-metrics labels: app.kubernetes.io/component: server - app.kubernetes.io/name: {{ .Release.Name }}-metrics - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.serviceAnnotations }} annotations: - {{- range $key, $value := .Values.serviceAnnotations }} - {{ $key }}: {{ $value | quote }} + {{- toYaml . | nindent 4 }} {{- end }} spec: ports: @@ -17,4 +17,5 @@ spec: port: 8090 targetPort: 8090 selector: - app.kubernetes.io/name: {{ .Release.Name }} + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-role.yaml b/charts/argo-rollouts/templates/argo-rollouts-role.yaml index 4c80d507..a981d95d 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml @@ -1,11 +1,11 @@ +{{- if not .Values.clusterInstall }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ .Release.Name }}-role + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }}-role - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io @@ -145,3 +145,4 @@ rules: - get - update - patch +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml b/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml index ddc0e27d..128df3ab 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml @@ -1,15 +1,16 @@ +{{- if not .Values.clusterInstall }} apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ .Release.Name }}-role-binding + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }}-role-binding - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ .Release.Name }}-role + name: {{ include "argo-rollouts.fullname" . }} subjects: - kind: ServiceAccount - name: {{ .Values.serviceAccount.name }} + name: {{ include "argo-rollouts.serviceAccountName" . }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-sa.yaml b/charts/argo-rollouts/templates/argo-rollouts-sa.yaml index dca70793..327eb6a5 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-sa.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-sa.yaml @@ -1,8 +1,13 @@ +{{- if .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.serviceAccount.name }} + name: {{ include "argo-rollouts.serviceAccountName" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml index ea67f356..bf6fae81 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml @@ -2,17 +2,16 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: - name: {{ .Release.Name }} + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: server - app.kubernetes.io/name: {{ .Release.Name }}-metrics - app.kubernetes.io/part-of: {{ .Release.Name }} - {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} -{{ toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- range $key, $value := .Values.controller.metrics.serviceMonitor.additionalLabels }} + {{ $key }}: {{ $value | quote }} {{- end }} - {{- if .Values.controller.metrics.serviceMonitor.additionalAnnotations }} + {{- with .Values.controller.metrics.serviceMonitor.additionalAnnotations }} annotations: -{{ toYaml .Values.controller.metrics.serviceMonitor.additionalAnnotations | indent 4 }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: @@ -23,6 +22,5 @@ spec: selector: matchLabels: app.kubernetes.io/component: server - app.kubernetes.io/name: {{ .Release.Name }}-metrics - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index bd717905..08786ca0 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts @@ -2308,6 +2308,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2327,6 +2328,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2348,8 +2350,10 @@ spec: threshold: properties: marginal: + format: int64 type: integer pass: + format: int64 type: integer required: - marginal @@ -2407,6 +2411,7 @@ spec: jsonPath: type: string timeoutSeconds: + format: int64 type: integer url: type: string diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index b1484066..12fc5340 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts @@ -2303,6 +2303,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2322,6 +2323,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2343,8 +2345,10 @@ spec: threshold: properties: marginal: + format: int64 type: integer pass: + format: int64 type: integer required: - marginal @@ -2402,6 +2406,7 @@ spec: jsonPath: type: string timeoutSeconds: + format: int64 type: integer url: type: string diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 0dbc04aa..e357b4d2 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts @@ -2303,6 +2303,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2322,6 +2323,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2343,8 +2345,10 @@ spec: threshold: properties: marginal: + format: int64 type: integer pass: + format: int64 type: integer required: - marginal @@ -2402,6 +2406,7 @@ spec: jsonPath: type: string timeoutSeconds: + format: int64 type: integer url: type: string diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index b78f5cb4..5f9f8cfc 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 772a1a59..10d0a8e1 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts @@ -32,11 +32,13 @@ spec: jsonPath: .status.replicas name: Current type: integer - - description: Total number of non-terminated pods targeted by this rollout that have the desired template spec + - description: Total number of non-terminated pods targeted by this rollout that + have the desired template spec jsonPath: .status.updatedReplicas name: Up-to-date type: integer - - description: Total number of available pods (ready for at least minReadySeconds) targeted by this rollout + - description: Total number of available pods (ready for at least minReadySeconds) + targeted by this rollout jsonPath: .status.availableReplicas name: Available type: integer @@ -303,6 +305,12 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + scaleDownDelayRevisionLimit: + format: int32 + type: integer + scaleDownDelaySeconds: + format: int32 + type: integer stableMetadata: properties: annotations: @@ -490,6 +498,15 @@ spec: - ingress - servicePort type: object + ambassador: + properties: + mappings: + items: + type: string + type: array + required: + - mappings + type: object istio: properties: destinationRule: @@ -2651,9 +2668,15 @@ spec: - containers type: object type: object - required: - - selector - - template + workloadRef: + properties: + apiVersion: + type: string + kind: + type: string + name: + type: string + type: object type: object status: properties: @@ -2768,6 +2791,8 @@ spec: currentStepIndex: format: int32 type: integer + message: + type: string observedGeneration: type: string pauseConditions: @@ -2783,6 +2808,8 @@ spec: - startTime type: object type: array + phase: + type: string promoteFull: type: boolean readyReplicas: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index a3200728..3e2a4769 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -3,7 +3,6 @@ installCRDs: true clusterInstall: true controller: - name: argo-rollouts component: rollouts-controller ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ @@ -12,8 +11,9 @@ controller: tolerations: [] affinity: {} image: + registry: quay.io repository: argoproj/argo-rollouts - tag: v0.10.2 + tag: "" pullPolicy: IfNotPresent resources: {} @@ -31,7 +31,13 @@ controller: additionalAnnotations: {} serviceAccount: - name: argo-rollouts + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" ## Annotations to be added to all CRDs ## @@ -41,6 +47,21 @@ crdAnnotations: {} ## podAnnotations: {} +## Security Context to set on pod level +## +podSecurityContext: + runAsNonRoot: true + +## Security Context to set on container level +## +containerSecurityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + ## Annotations to be added to the Rollout service ## serviceAnnotations: {} From 8f523cbed09ac95ee230a858425d22d1898881a5 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:09:33 +0200 Subject: [PATCH 03/53] chore(argo-events): Use container images from quay.io (#771) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-events/Chart.yaml | 2 +- charts/argo-events/values.yaml | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 4731f882..6a7b1b7e 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.0 +version: 1.6.1 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index df7d4a1a..55dd6643 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -1,5 +1,5 @@ # docker registry -registry: argoproj +registry: quay.io # The image pull policy imagePullPolicy: Always @@ -47,10 +47,10 @@ singleNamespace: true # sensor controller sensorController: name: sensor-controller - image: sensor-controller + image: argoproj/sensor-controller tag: v1.3.1 replicaCount: 1 - sensorImage: sensor + sensorImage: argoproj/sensor podAnnotations: {} nodeSelector: {} podLabels: {} @@ -61,10 +61,10 @@ sensorController: eventsourceController: name: eventsource-controller - image: eventsource-controller + image: argoproj/eventsource-controller tag: v1.3.1 replicaCount: 1 - eventsourceImage: eventsource + eventsourceImage: argoproj/eventsource podAnnotations: {} nodeSelector: {} podLabels: {} @@ -75,7 +75,7 @@ eventsourceController: eventbusController: name: eventbus-controller - image: eventbus-controller + image: argoproj/eventbus-controller tag: v1.3.1 replicaCount: 1 podAnnotations: {} From 8ff9fe551b22b0315b80afca8aea64832ea20c2c Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:10:30 +0200 Subject: [PATCH 04/53] chore: Remove old workflow in '.argo' directory (#770) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- .argo/argo-checkout.yaml | 21 --------------- .argo/publish.yaml | 58 ---------------------------------------- 2 files changed, 79 deletions(-) delete mode 100644 .argo/argo-checkout.yaml delete mode 100644 .argo/publish.yaml diff --git a/.argo/argo-checkout.yaml b/.argo/argo-checkout.yaml deleted file mode 100644 index d7280c3b..00000000 --- a/.argo/argo-checkout.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -type: container -version: 1 -name: argo-checkout -description: Checks out a source repository to /src -resources: - mem_mib: 500 - cpu_cores: 0.1 -image: argoproj/argoscm:v2.0 -command: ["axscm"] -args: ["clone", "%%inputs.parameters.REPO%%", "/src", "--commit", "%%inputs.parameters.COMMIT%%"] -inputs: - parameters: - COMMIT: - default: "%%session.commit%%" - REPO: - default: "%%session.repo%%" -outputs: - artifacts: - CODE: - path: /src diff --git a/.argo/publish.yaml b/.argo/publish.yaml deleted file mode 100644 index 7f15760c..00000000 --- a/.argo/publish.yaml +++ /dev/null @@ -1,58 +0,0 @@ ---- -type: workflow -version: 1 -name: Publish Charts -inputs: - parameters: - COMMIT: - default: "%%session.commit%%" - REPO: - default: "%%session.repo%%" -steps: -- CHECKOUT: - template: argo-checkout -- PREPARE: - image: hypnoglow/kubernetes-helm:v2.6.1 - resources: - mem_mib: 500 - cpu_cores: 0.1 - command: ["sh", "-c"] - args: [cd /src && helm init --client-only && ./scripts/publish.sh] - inputs: - artifacts: - CODE: - from: "%%steps.CHECKOUT.outputs.artifacts.CODE%%" - path: /src - outputs: - artifacts: - CODE: - path: /src/output -- PUBLISH: - image: argoproj/argoscm:v2.0 - command: ["sh", "-c"] - args: [ - axscm clone %%inputs.parameters.REPO%% --commit gh-pages /src && cd /src && cp -r /output/* . && - git add . && git commit -m "Build on `date`" && - axscm clone %%inputs.parameters.REPO%% /src --commit gh-pages --merge=gh-pages --push] - resources: - mem_mib: 500 - cpu_cores: 0.1 - inputs: - artifacts: - CODE: - from: "%%steps.PREPARE.outputs.artifacts.CODE%%" - path: /output - ---- -type: policy -version: 1 -name: Publish Charts Policy -template: Publish Charts -notifications: -- when: - - on_failure - whom: - - committer - - author -when: -- event: on_push From b3b6a38c861d497baa618cdac123c4404d01984b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:18:09 +0200 Subject: [PATCH 05/53] feat(argo-workflows): Add support for fullnameOverride (#769) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/templates/_helpers.tpl | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 094fc999..a3c8442a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.1.5 +version: 0.2.0 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 00173131..a72c148f 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -26,9 +26,17 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). */}} {{- define "argo-workflows.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} {{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- end -}} +{{- end -}} {{/* Create chart name and version as used by the chart label. From f2e530ea7ea93620fa304970a0fe93549323a9e2 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:31:44 +0200 Subject: [PATCH 06/53] fix(argo-workflows): Fix indentation when using extraEnv (#773) Signed-off-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 2 +- .../workflow-controller-deployment.yaml | 2 +- .../templates/server/server-deployment.yaml | 21 +++++++++++-------- charts/argo-workflows/values.yaml | 14 +++++++++++-- 4 files changed, 26 insertions(+), 13 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a3c8442a..e45ed5c5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.0 +version: 0.2.1 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index c35894ec..9f80ea7f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -70,7 +70,7 @@ spec: apiVersion: v1 fieldPath: metadata.name {{- with .Values.controller.extraEnv }} - {{ toYaml . | nindent 10 }} + {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.controller.resources | nindent 12 }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 3a97a7fb..5effabf6 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -60,15 +60,18 @@ spec: initialDelaySeconds: 10 periodSeconds: 20 env: - - name: IN_CLUSTER - value: "true" - - name: ARGO_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: BASE_HREF - value: {{ .Values.server.baseHref | quote }} + - name: IN_CLUSTER + value: "true" + - name: ARGO_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: BASE_HREF + value: {{ .Values.server.baseHref | quote }} + {{- with .Values.server.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} resources: {{- toYaml .Values.server.resources | nindent 12 }} volumeMounts: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 684fe6cb..b78666a7 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -120,9 +120,13 @@ controller: # service type `LoadBalancer` loadBalancerSourceRanges: [] resources: {} - # The list of environment variable definitions to be added to the controller - # manages container verbatim. + + ## Extra environment variables to provide to the controller container + ## extraEnv: + ## - name: FOO + ## value: "bar" extraEnv: [] + # Extra arguments to be added to the controller extraArgs: [] replicas: 1 @@ -226,6 +230,12 @@ server: # https://argoproj.github.io/argo-workflows/tls/ secure: false + ## Extra environment variables to provide to the argo-server container + ## extraEnv: + ## - name: FOO + ## value: "bar" + extraEnv: [] + # Extra arguments to provide to the Argo server binary. extraArgs: [] From 4a905d573650bcf1039c18bacfaefe6eea82ddc1 Mon Sep 17 00:00:00 2001 From: Roman <4456572+sturman@users.noreply.github.com> Date: Mon, 31 May 2021 23:15:09 +0300 Subject: [PATCH 07/53] docs: Update ingress extraPaths examples (#774) * Update example for extraPaths for usage with k8s>=1.19 with "networking.k8s.io/v1" Signed-off-by: sturman <4456572+sturman@users.noreply.github.com> * Fix typos in values.yaml Signed-off-by: sturman <4456572+sturman@users.noreply.github.com> * Bump charts version Signed-off-by: sturman <4456572+sturman@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 20 ++++++++++++++++++-- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/values.yaml | 8 ++++++++ 4 files changed, 28 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d2334076..74db87f5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.4 +version: 3.6.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1b6b1505..63e6d75d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -559,13 +559,21 @@ server: # backend: # serviceName: ssl-redirect # servicePort: use-annotation + ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + # - path: /* + # pathType: Prefix + # backend: + # service + # name: ssl-redirect + # port: + # name: use-annotation tls: [] # - secretName: argocd-tls-certificate # hosts: # - argocd.example.com https: false - # dedicated ingess for gRPC as documented at + # dedicated ingress for gRPC as documented at # https://argoproj.github.io/argo-cd/operator-manual/ingress/ ingressGrpc: enabled: false @@ -588,6 +596,14 @@ server: # backend: # serviceName: ssl-redirect # servicePort: use-annotation + ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + # - path: /* + # pathType: Prefix + # backend: + # service + # name: ssl-redirect + # port: + # name: use-annotation tls: [] # - secretName: argocd-tls-certificate @@ -664,7 +680,7 @@ server: ## Annotations to be added to ArgoCD rbac ConfigMap rbacConfigAnnotations: {} - # Boolean determining whether or not to create the configmap. If false, it is expected tthe configmap will be created + # Boolean determining whether or not to create the configmap. If false, it is expected the configmap will be created # by something else. ArgoCD will not work if there is no configMap created with the name above. rbacConfigCreate: true diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index e45ed5c5..6a33bfe4 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.1 +version: 0.2.2 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index b78666a7..e2ce2e71 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -267,6 +267,14 @@ server: # backend: # serviceName: ssl-redirect # servicePort: use-annotation + ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + # - path: /* + # pathType: Prefix + # backend: + # service + # name: ssl-redirect + # port: + # name: use-annotation tls: [] # - secretName: argocd-example-tls From b58209845580cfcef3a7eee2c9769eee44f1f654 Mon Sep 17 00:00:00 2001 From: Pedro Arvela Date: Mon, 31 May 2021 22:23:05 +0100 Subject: [PATCH 08/53] fix: Allow metrics service without CoreOS Service Monitor (#775) Signed-off-by: Pedro Arvela --- charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-rollouts/README.md | 1 + .../argo-rollouts/templates/argo-rollouts-metrics-service.yaml | 2 +- .../argo-rollouts/templates/argo-rollouts-service-monitor.yaml | 2 +- charts/argo-rollouts/values.yaml | 1 + 5 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 65f30638..d053ac6e 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.0 +version: 1.0.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 47da9c14..8916a86c 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -39,6 +39,7 @@ $ helm install my-release argo/argo-rollouts | controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | | controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | | controller.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | +| controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index df6d1291..6f2c975f 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -1,4 +1,4 @@ -{{- if .Values.controller.metrics.serviceMonitor.enabled }} +{{- if .Values.controller.metrics.enabled }} apiVersion: v1 kind: Service metadata: diff --git a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml index bf6fae81..f94a25b8 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml @@ -1,4 +1,4 @@ -{{- if .Values.controller.metrics.serviceMonitor.enabled }} +{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 3e2a4769..e778377f 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -25,6 +25,7 @@ controller: # memory: 64Mi metrics: + enabled: false serviceMonitor: enabled: false additionalLabels: {} From 71eaaea9cbfe5f3e0cb67df612c2fc3143345eb2 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 1 Jun 2021 17:53:07 +0200 Subject: [PATCH 09/53] chore: Complete migration CircleCI -> GitHub Actions (#780) Signed-off-by: Marco Kilchhofer --- .circleci/config.yml | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 79e8d1dc..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,22 +0,0 @@ -version: 2.1 -jobs: - lint: - docker: - - image: quay.io/helmpack/chart-testing:v3.3.1 - steps: - - checkout - - run: ct lint --config .github/configs/ct-lint.yaml --lint-conf .github/configs/lintconf.yaml - publish: - docker: - - image: bash - steps: - - run: echo "Replaced by Github Workflow - https://github.com/argoproj/argo-helm/actions/workflows/publish.yml" - -workflows: - version: 2 - workflow: - jobs: - - lint - - publish: - requires: - - lint \ No newline at end of file From 818cf41bc409a4c84c7aa0bfe026cb9c877adbeb Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Tue, 1 Jun 2021 21:25:34 +0100 Subject: [PATCH 10/53] chore: Nominate mbevc1 as an approver (#767) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Oliver Bähler Co-authored-by: Marco Kilchhofer --- CODEOWNERS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index dbba7a58..016e7842 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,7 +7,7 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler # Argo CD -/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler +/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 # Argo Events /charts/argo-events @jbehling @VaibhavPage @oliverbaehler @@ -16,4 +16,4 @@ /charts/argo-rollouts @oliverbaehler # Argo CD Notifications -/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler +/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler @mbevc1 From 44aa7ed71028d1dda5f7fe82f3515250bd9c70f7 Mon Sep 17 00:00:00 2001 From: Nicolas Lamirault Date: Wed, 2 Jun 2021 19:54:48 +0200 Subject: [PATCH 11/53] docs(argo-cd): Dex ServiceMonitor labels, namespace and selector (#726) * Add: serviceMonitor labels and selector Signed-off-by: Nicolas Lamirault * Update: bump chart version Signed-off-by: Nicolas Lamirault * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 74db87f5..465ad6e0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.5 +version: 3.6.6 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 63e6d75d..fdd50b36 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -214,6 +214,10 @@ dex: serviceMonitor: enabled: false interval: 30s + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} image: repository: ghcr.io/dexidp/dex From 03140b36fcef6e0268b72fc73345edd9c642e85f Mon Sep 17 00:00:00 2001 From: Sergey Shaykhullin <46970457+sergeyshaykhullin@users.noreply.github.com> Date: Thu, 3 Jun 2021 13:07:47 +0300 Subject: [PATCH 12/53] feat(argocd-notifications): Add metrics service labels and annotations (#783) * feat(argocd-notifications): Add metrics service labels and annotations Signed-off-by: Sergey Shaykhullin * Update charts/argocd-notifications/templates/service-metrics.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Sergey Shaykhullin * Update charts/argocd-notifications/templates/service-metrics.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Sergey Shaykhullin * Update _helpers.tpl Signed-off-by: Sergey Shaykhullin * Update _helpers.tpl Signed-off-by: Sergey Shaykhullin * Delete templated.yaml Signed-off-by: Sergey Shaykhullin Co-authored-by: Marco Kilchhofer --- charts/argocd-notifications/Chart.yaml | 2 +- charts/argocd-notifications/templates/service-metrics.yaml | 7 +++++++ charts/argocd-notifications/values.yaml | 3 +++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 9be1b26b..cf33a5d9 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.3.2 +version: 1.4.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/service-metrics.yaml b/charts/argocd-notifications/templates/service-metrics.yaml index 5645a4d3..aea5d90e 100644 --- a/charts/argocd-notifications/templates/service-metrics.yaml +++ b/charts/argocd-notifications/templates/service-metrics.yaml @@ -5,6 +5,13 @@ metadata: name: {{ include "argocd-notifications.name" . }}-metrics labels: {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} + {{- with .Values.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.metrics.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: selector: {{- include "argocd-notifications.selectorLabels" . | nindent 4 }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index f258401f..ff5ca14d 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -52,6 +52,9 @@ extraArgs: [] metrics: enabled: false port: 9001 + service: + annotations: {} + labels: {} serviceMonitor: enabled: false additionalLabels: {} From 603f2aa8ef2488fdf0ed40181b8d96826e03bda9 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 3 Jun 2021 20:08:12 +0900 Subject: [PATCH 13/53] docs(argo-workflows): Add missing value on values.yaml (#782) * chore(argo-workflows): Add missing value Signed-off-by: yu-croco * reflect review: make it shorter and clearer. Signed-off-by: yu-croco * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/values.yaml | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6a33bfe4..cc7f7c86 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.2 +version: 0.2.3 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index e2ce2e71..7de0dfea 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -12,6 +12,14 @@ init: createAggregateRoles: true +## String to partially override "argo-workflows.fullname" template +## +nameOverride: + +## String to fully override "argo-workflows.fullname" template +## +fullnameOverride: + # Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents, # and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. singleNamespace: false From afe72167fb4f74021a5b47b05626d38404989fe4 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 3 Jun 2021 19:10:55 +0200 Subject: [PATCH 14/53] fix(argo-workflows): Observe 'controller.serviceAccount.create' (#787) * fix(argo-workflows): Observe 'controller.serviceAccount.create' Signed-off-by: Marco Kilchhofer * chore: Ignore ci/ directory in final package Signed-off-by: Marco Kilchhofer --- charts/argo-workflows/.helmignore | 1 + charts/argo-workflows/Chart.yaml | 2 +- .../templates/controller/workflow-controller-sa.yaml | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/charts/argo-workflows/.helmignore b/charts/argo-workflows/.helmignore index f0c13194..b4af6c20 100644 --- a/charts/argo-workflows/.helmignore +++ b/charts/argo-workflows/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +ci/ diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index cc7f7c86..078b42b2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.3 +version: 0.2.4 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index e917bb41..f5e10857 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -1,3 +1,4 @@ +{{- if .Values.controller.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount metadata: @@ -6,3 +7,4 @@ metadata: annotations: {{- toYaml .| nindent 4 }} {{- end }} +{{- end }} From be8f33c8722c512d438d61166f6ee73213415240 Mon Sep 17 00:00:00 2001 From: Josh Hudson <382062+itmustbejj@users.noreply.github.com> Date: Thu, 3 Jun 2021 10:50:20 -0700 Subject: [PATCH 15/53] feat(argocd-applicationset): Add priorityClass for argocd-applicationset (#788) Signed-off-by: Josh Hudson <382062+itmustbejj@users.noreply.github.com> --- charts/argocd-applicationset/Chart.yaml | 2 +- charts/argocd-applicationset/templates/deployment.yaml | 3 +++ charts/argocd-applicationset/values.yaml | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 936734b0..2596addb 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.5 +version: 0.1.6 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index d2cd345c..4840bd65 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -98,3 +98,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index f7be897d..1be0c0ff 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -71,6 +71,8 @@ tolerations: [] affinity: {} +priorityClassName: "" + mountSSHKnownHostsVolume: true mountTLSCertsVolume: true mountGPGKeysVolume: false From 01c78a82b5cc3d65feaa9be2e4cbd0c6652bde57 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 7 Jun 2021 10:35:39 +0200 Subject: [PATCH 16/53] chore(argo-events): Cleanup old CRD hooks (#778) * Drop old CRDs with hooks containing helm hooks Signed-off-by: Marco Kilchhofer * Bump chart version Signed-off-by: Marco Kilchhofer * Drop empty newlines inside manifests Signed-off-by: Marco Kilchhofer * chore: trigger CI Signed-off-by: Marco Kilchhofer * chore: Ignore 'ci/' directory in final package Signed-off-by: Marco Kilchhofer * Apply changes from code review Signed-off-by: Marco Kilchhofer --- charts/argo-events/.helmignore | 1 + charts/argo-events/Chart.yaml | 2 +- charts/argo-events/README.md | 2 +- .../templates/argo-events-cluster-roles.yaml | 7 ++- .../templates/argo-events-roles.yaml | 5 +-- .../argo-events/templates/eventbus-crd.yaml | 44 ------------------ .../templates/eventsource-crd.yaml | 44 ------------------ charts/argo-events/templates/sensor-crd.yaml | 45 ------------------- charts/argo-events/values.yaml | 3 -- 9 files changed, 8 insertions(+), 145 deletions(-) delete mode 100644 charts/argo-events/templates/eventbus-crd.yaml delete mode 100644 charts/argo-events/templates/eventsource-crd.yaml delete mode 100644 charts/argo-events/templates/sensor-crd.yaml diff --git a/charts/argo-events/.helmignore b/charts/argo-events/.helmignore index f0c13194..b4af6c20 100644 --- a/charts/argo-events/.helmignore +++ b/charts/argo-events/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +ci/ diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 6a7b1b7e..2df3b1c7 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.1 +version: 1.6.2 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 3c375c3a..2bece9b9 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -15,6 +15,6 @@ This is a **community maintained** chart. It installs the [argo-events](https:// ## Notes on CRD Installation -Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart. +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. You can install the CRDs manually from `crds` folder. \ No newline at end of file diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index bfd2d021..c3904980 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -1,5 +1,4 @@ {{- if not .Values.singleNamespace }} - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -26,9 +25,9 @@ kind: ClusterRole metadata: name: argo-events-role rules: -{{- if .Values.additionalServiceAccountRules }} -{{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} -{{- end }} + {{- with .Values.additionalServiceAccountRules }} + {{- toYaml . | nindent 2 }} + {{- end }} - apiGroups: - argoproj.io verbs: diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml index 56721159..1371f6a6 100644 --- a/charts/argo-events/templates/argo-events-roles.yaml +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -1,5 +1,4 @@ {{- if .Values.singleNamespace }} - apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: @@ -28,8 +27,8 @@ metadata: name: argo-events-role namespace: {{ .Release.Namespace }} rules: - {{- if .Values.additionalServiceAccountRules }} - {{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} + {{- with .Values.additionalServiceAccountRules }} + {{- toYaml . | nindent 2 }} {{- end }} - apiGroups: - argoproj.io diff --git a/charts/argo-events/templates/eventbus-crd.yaml b/charts/argo-events/templates/eventbus-crd.yaml deleted file mode 100644 index 4a67294e..00000000 --- a/charts/argo-events/templates/eventbus-crd.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventbus.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: EventBus - listKind: EventBusList - plural: eventbus - shortNames: - - eb - singular: eventbus - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} -{{- end }} diff --git a/charts/argo-events/templates/eventsource-crd.yaml b/charts/argo-events/templates/eventsource-crd.yaml deleted file mode 100644 index 5c6a0b6b..00000000 --- a/charts/argo-events/templates/eventsource-crd.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventsources.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - scope: Namespaced - names: - kind: EventSource - plural: eventsources - singular: eventsource - listKind: EventSourceList - shortNames: - - es - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} -{{- end }} diff --git a/charts/argo-events/templates/sensor-crd.yaml b/charts/argo-events/templates/sensor-crd.yaml deleted file mode 100644 index d121019e..00000000 --- a/charts/argo-events/templates/sensor-crd.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{- if .Values.installCRD }} -# Define a "sensor" custom resource definition -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sensors.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: Sensor - listKind: SensorList - plural: sensors - singular: sensor - shortNames: - - sn - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} -{{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 55dd6643..11827406 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -8,9 +8,6 @@ imagePullPolicy: Always imagePullSecrets: [] # - name: argo-pull-secret -# If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation. -installCRD: true - # ServiceAccount to use for running controller. serviceAccount: argo-events-sa From 99ae115455fe1595a8260bf7ebdc697041f40486 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 7 Jun 2021 10:51:52 +0200 Subject: [PATCH 17/53] chore(argo-cd): Cleanup old CRD hooks (#777) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore: Cleanup old CRD hooks Signed-off-by: Marco Kilchhofer * Bump chart version Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 8 +------- charts/argo-cd/crds/crd-application.yaml | 2 -- charts/argo-cd/crds/crd-project.yaml | 2 -- charts/argo-cd/templates/crds.yaml | 6 ------ charts/argo-cd/values.yaml | 3 --- 6 files changed, 2 insertions(+), 21 deletions(-) delete mode 100644 charts/argo-cd/templates/crds.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 465ad6e0..68a2ed62 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.6 +version: 3.6.7 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1c5f8c17..f17addb7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -83,6 +83,7 @@ server: ## Prerequisites - Kubernetes 1.7+ +- Helm v3.0.0+ ## Installing the Chart @@ -97,12 +98,6 @@ NAME: my-release ... ``` -### Helm v3 Compatibility - -Requires chart version 1.5.2 or newer. - -Helm v3 has removed the `install-crds` hook so CRDs are now populated by files in the [crds](./crds) directory. Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks. - ## Chart Values | Parameter | Description | Default | @@ -116,7 +111,6 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | -| installCRDs | Install CRDs if you are using Helm2. | `true` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index c62189e8..74364ae4 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -5,8 +5,6 @@ metadata: app.kubernetes.io/name: applications.argoproj.io app.kubernetes.io/part-of: argocd name: applications.argoproj.io - annotations: - helm.sh/hook: crd-install spec: group: argoproj.io names: diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 40182848..7bb09652 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -5,8 +5,6 @@ metadata: app.kubernetes.io/name: appprojects.argoproj.io app.kubernetes.io/part-of: argocd name: appprojects.argoproj.io - annotations: - helm.sh/hook: crd-install spec: group: argoproj.io names: diff --git a/charts/argo-cd/templates/crds.yaml b/charts/argo-cd/templates/crds.yaml deleted file mode 100644 index 45ab72d4..00000000 --- a/charts/argo-cd/templates/crds.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if .Values.installCRDs }} -{{- range $path, $_ := .Files.Glob "crds/*.yaml" }} -{{ $.Files.Get $path }} ---- -{{- end }} -{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fdd50b36..df964dee 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -5,9 +5,6 @@ nameOverride: argocd fullnameOverride: "" kubeVersionOverride: "" -# Optional CRD installation for those without Helm hooks -installCRDs: true - global: image: repository: quay.io/argoproj/argocd From 87af20fd06f87b8a05b14ad33738244067102d21 Mon Sep 17 00:00:00 2001 From: Rich Date: Mon, 7 Jun 2021 10:39:41 +0100 Subject: [PATCH 18/53] fix(argo-cd): Server cert-manager certificate secretName to match documentation (#793) * fix(argo-cd): Set ArgoCD server certificate manager certificate secret name to match the documentation by default. Signed-off-by: Rich * fix(argo-cd): Add server certificate issuer subvalues to values.yaml and a relevant comment. Signed-off-by: Rich * Bump chart version again Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/certificate.yaml | 2 +- charts/argo-cd/values.yaml | 5 ++++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 68a2ed62..9bb09636 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.7 +version: 3.6.8 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index edaea3b5..753dc8bc 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -23,5 +23,5 @@ spec: issuerRef: kind: {{ .Values.server.certificate.issuer.kind | quote }} name: {{ .Values.server.certificate.issuer.name | quote }} - secretName: argocd-tls-certificate + secretName: {{ .Values.server.certificate.secretName | quote }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index df964dee..466fc7c3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -495,8 +495,11 @@ server: certificate: enabled: false domain: argocd.example.com - issuer: {} + issuer: + kind: # ClusterIssuer + name: # letsencrypt additionalHosts: [] + secretName: argocd-server-tls ## Server service configuration service: From eecc88fbd7147cd540440ca9d8e0c43db6a919bc Mon Sep 17 00:00:00 2001 From: Sevan Date: Tue, 8 Jun 2021 15:14:55 +0200 Subject: [PATCH 19/53] fix(argo-workflows): use template for ingress .Capabilities (#795) * fix(argo-workflows): use argo-workflows.ingress.apiVersion for ingress (#794) Signed-off-by: Sevan Murriguian-Watrin * feat(argo-workflows): Add option to override kubeVersion Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/templates/_helpers.tpl | 11 +++++++++-- .../templates/server/server-ingress.yaml | 10 +++++----- charts/argo-workflows/values.yaml | 4 ++++ 4 files changed, 19 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 078b42b2..fb23a3a8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.4 +version: 0.2.5 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index a72c148f..18eae994 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -94,11 +94,18 @@ Create the name of the controller service account to use Return the appropriate apiVersion for ingress */}} {{- define "argo-workflows.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} +{{- if semverCompare "<1.14-0" (include "argo-workflows.kubeVersion" $) -}} {{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.Version -}} +{{- else if semverCompare "<1.19-0" (include "argo-workflows.kubeVersion" $) -}} {{- print "networking.k8s.io/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1" -}} {{- end -}} {{- end -}} + +{{/* +Return the target Kubernetes version +*/}} +{{- define "argo-workflows.kubeVersion" -}} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index f0488031..6072c9d7 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -19,7 +19,7 @@ metadata: {{- toYaml .Values.server.ingress.labels | nindent 4 }} {{- end }} spec: - {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} @@ -35,11 +35,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: Prefix {{- end }} backend: - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: @@ -62,11 +62,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: Prefix {{- end }} backend: - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 7de0dfea..c6af6902 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -20,6 +20,10 @@ nameOverride: ## fullnameOverride: +## Override the Kubernetes version, which is used to evaluate certain manifests +## +kubeVersionOverride: "" + # Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents, # and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. singleNamespace: false From ca0a53d6ebd86bfe46ba5018410b2be08dce2bb3 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 10 Jun 2021 10:30:57 +0200 Subject: [PATCH 20/53] chore: Relax 'Semantic Pull Requests' check (#796) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- .github/semantic.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .github/semantic.yml diff --git a/.github/semantic.yml b/.github/semantic.yml new file mode 100644 index 00000000..d93cf9cc --- /dev/null +++ b/.github/semantic.yml @@ -0,0 +1,3 @@ +## Reference: https://github.com/zeke/semantic-pull-requests +# Always validate the PR title, and ignore the commits +titleOnly: true From 7e381436f98fdad7b21b607193f8bb8d27c74776 Mon Sep 17 00:00:00 2001 From: Alex Andrews Date: Fri, 25 Jun 2021 07:06:59 +0100 Subject: [PATCH 21/53] fix(argo-cd): fix missing colon in example service definitions (#810) * fix(argo-cd): fix missing colon in example service definitions Signed-off-by: Alex Andrews * build(argo-cd): Bump chart patch version Signed-off-by: Alex Andrews --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9bb09636..ac5ca980 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.8 +version: 3.6.9 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 466fc7c3..ad6d1b23 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -567,7 +567,7 @@ server: # - path: /* # pathType: Prefix # backend: - # service + # service: # name: ssl-redirect # port: # name: use-annotation @@ -604,7 +604,7 @@ server: # - path: /* # pathType: Prefix # backend: - # service + # service: # name: ssl-redirect # port: # name: use-annotation From 0180e943ff1a9b676893eeac40d306a71c8e2967 Mon Sep 17 00:00:00 2001 From: Alex Sears Date: Fri, 25 Jun 2021 02:15:43 -0400 Subject: [PATCH 22/53] chore(argo-workflows): update workflows version to most 3.0.7 (#811) * chore(argo-workflows): update workflows version to most 3.0.7 Signed-off-by: Alex Sears * chore(argo-worflows): update controller liveness probe Signed-off-by: Alex Sears * chore(argo-workflows): templatize controller liveness probe Signed-off-by: Alex Sears Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-deployment.yaml | 8 ++------ charts/argo-workflows/values.yaml | 9 +++++++++ 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index fb23a3a8..f3dd5219 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.5 -appVersion: "v3.0.2" +version: 0.2.6 +appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 9f80ea7f..e085b899 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -77,12 +77,8 @@ spec: ports: - name: metrics containerPort: {{ .Values.controller.metricsConfig.port }} - livenessProbe: - httpGet: - port: metrics - path: {{ .Values.controller.metricsConfig.path }} - initialDelaySeconds: 30 - periodSeconds: 30 + - containerPort: 6060 + livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index c6af6902..864c9931 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -132,6 +132,15 @@ controller: # service type `LoadBalancer` loadBalancerSourceRanges: [] resources: {} + livenessProbe: + httpGet: + port: 6060 + path: /healthz + # Require three failures to tolerate transient errors. + failureThreshold: 3 + initialDelaySeconds: 90 + periodSeconds: 60 + timeoutSeconds: 30 ## Extra environment variables to provide to the controller container ## extraEnv: From f17cc62250bd5e049e86aeb3c1308e3b635da355 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81ngel=20Cabrera=20Mi=C3=B1agorri?= Date: Sat, 26 Jun 2021 17:04:59 +0200 Subject: [PATCH 23/53] fix(argo-cd): Typo in repo server service monitor (#815) --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac5ca980..63d5fbd1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.9 +version: 3.6.10 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 05b38acc..027cdb5f 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -17,7 +17,7 @@ metadata: spec: endpoints: - port: metrics - {{- with .Values.controller.metrics.serviceMonitor.interval }} + {{- with .Values.repoServer.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} path: /metrics From 34e606f012ee81034037ce321dbba989c9c06b16 Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Mon, 28 Jun 2021 11:32:54 +0100 Subject: [PATCH 24/53] chore: Fix CODEOWNERS syntax (#817) Signed-off-by: Marko Bevc --- CODEOWNERS | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 016e7842..012ac7f7 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,13 +7,13 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler # Argo CD -/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 +/charts/argo-cd/ @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 # Argo Events -/charts/argo-events @jbehling @VaibhavPage @oliverbaehler +/charts/argo-events/ @jbehling @VaibhavPage @oliverbaehler # Argo Rollouts -/charts/argo-rollouts @oliverbaehler +/charts/argo-rollouts/ @oliverbaehler # Argo CD Notifications -/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler @mbevc1 +/charts/argocd-notifications/ @alexmt @andyfeller @oliverbaehler @mbevc1 From 7f16fc4213a45bf2df1cb8366ba397a97fe920c5 Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Tue, 29 Jun 2021 09:48:48 +0100 Subject: [PATCH 25/53] feat(argo-cd): Bump default version to v2.0.4 (#816) * feat(argo-cd): Bump default version to v2.0.4 Signed-off-by: Marko Bevc * Update README Signed-off-by: Marko Bevc * Bump Chart version Signed-off-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 63d5fbd1..9062f659 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.3 +appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.10 +version: 3.6.11 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f17addb7..b8159f89 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -104,7 +104,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.8.4"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.4"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ad6d1b23..ac96ad11 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.0.3 + tag: v2.0.4 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 From 8a39a9d1ba1c067068e8062804c8a4c0a9ee509f Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 5 Jul 2021 11:35:51 +0200 Subject: [PATCH 26/53] chore(chart-testing-action): Update components (#823) Signed-off-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 1056a239..2de22a8b 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -21,7 +21,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.0.1 + uses: helm/chart-testing-action@v2.1.0 - name: List changed charts id: list-changed @@ -37,7 +37,7 @@ jobs: run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml - name: Create kind cluster - uses: helm/kind-action@v1.1.0 + uses: helm/kind-action@v1.2.0 if: steps.list-changed.outputs.changed == 'true' - name: Run chart-testing (install) From d860a04452bb09e1ebfea4388b79e22bb4f0b672 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 5 Jul 2021 11:41:55 +0200 Subject: [PATCH 27/53] feat(argo-cd): Add ability to manage gpgKeys (#797) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 2 ++ .../argocd-configs/argocd-gpg-keys-cm.yaml | 16 ++++++++++++++ .../argocd-repo-server/deployment.yaml | 9 ++++++-- .../templates/argocd-server/deployment.yaml | 4 ++++ charts/argo-cd/values.yaml | 21 +++++++++++++++++++ 6 files changed, 51 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9062f659..61179742 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.11 +version: 3.7.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b8159f89..c0322bad 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -112,6 +112,8 @@ NAME: my-release | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | +| configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` | +| configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) | | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | | configs.secret.annotations | Annotations for argocd-secret | `{}` | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml new file mode 100644 index 00000000..e96ef9aa --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + {{- if .Values.configs.gpgKeysAnnotations }} + annotations: + {{- range $key, $value := .Values.configs.gpgKeysAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} + name: argocd-gpg-keys-cm +{{- with .Values.configs.gpgKeys }} +data: + {{- toYaml . | nindent 2 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index bd924d4b..30082b2d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -72,8 +72,10 @@ spec: {{- end }} volumeMounts: {{- if .Values.repoServer.volumeMounts }} -{{- toYaml .Values.repoServer.volumeMounts | nindent 8}} + {{- toYaml .Values.repoServer.volumeMounts | nindent 8 }} {{- end }} + - mountPath: /app/config/gpg/source + name: gpg-keys - mountPath: /app/config/gpg/keys name: gpg-keyring {{- if .Values.configs.knownHosts }} @@ -134,8 +136,11 @@ spec: {{- end }} volumes: {{- if .Values.repoServer.volumes }} -{{- toYaml .Values.repoServer.volumes | nindent 6}} + {{- toYaml .Values.repoServer.volumes | nindent 6 }} {{- end }} + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm - emptyDir: {} name: gpg-keyring {{- if .Values.configs.knownHosts }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 44b89c0e..68c98845 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -90,6 +90,8 @@ spec: subPath: "custom.styles.css" name: custom-styles {{- end }} + - mountPath: /tmp + name: tmp-dir ports: - name: {{ .Values.server.name }} containerPort: {{ .Values.server.containerPort }} @@ -149,6 +151,8 @@ spec: {{- end }} - emptyDir: {} name: static-files + - emptyDir: {} + name: tmp-dir {{- if .Values.configs.styles }} - configMap: name: argocd-custom-styles diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ac96ad11..9f81bbe4 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -977,6 +977,27 @@ configs: # insecure: false # caData: "" + gpgKeysAnnotations: {} + gpgKeys: {} + # 4AEE18F83AFDEB23: | + # -----BEGIN PGP PUBLIC KEY BLOCK----- + # + # mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta + # x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT + # SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ + # 7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa + # buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v + # yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs + # b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW + # BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf + # DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6 + # 9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws + # +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5 + # 4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O + # j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48= + # =Bvzs + # -----END PGP PUBLIC KEY BLOCK----- + knownHostsAnnotations: {} knownHosts: data: From b78109c4f3d5990e1805cf61a32a2571264c9697 Mon Sep 17 00:00:00 2001 From: Mouhsen Ibrahim <78358035+mouhsen-ibrahim@users.noreply.github.com> Date: Mon, 5 Jul 2021 11:52:59 +0200 Subject: [PATCH 28/53] feat(argo-cd): Add pathType value to ingress (#822) Modern GKE versions only accept ImplementationSpecific as pathType for the ingress resource, so here we added a new value for the pathType which can be used to set pathType on demand, the default value is still Prefix for backward compatability Signed-off-by: Mouhsen Ibrahim --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 5 +++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 5 +++-- charts/argo-cd/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 61179742..77b0fc3d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.7.0 +version: 3.7.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 1f5fc4ea..1fb89979 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -3,6 +3,7 @@ {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} +{{- $pathType := .Values.server.ingressGrpc.pathType -}} apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} kind: Ingress metadata: @@ -36,7 +37,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} @@ -63,7 +64,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 1bd2c53c..aa7d49dc 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -3,6 +3,7 @@ {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} +{{- $pathType := .Values.server.ingress.pathType -}} apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} kind: Ingress metadata: @@ -36,7 +37,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} @@ -63,7 +64,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9f81bbe4..087a091d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -557,6 +557,7 @@ server: # - argocd.example.com paths: - / + pathType: Prefix extraPaths: [] # - path: /* @@ -594,6 +595,7 @@ server: # - argocd.example.com paths: - / + pathType: Prefix extraPaths: [] # - path: /* From a807d24c3b5c313c5e6adaad5c629fbdc6538fc7 Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Wed, 7 Jul 2021 17:17:35 +0200 Subject: [PATCH 29/53] fix(argo-rollouts): Add ConfigMap read access to support notification-engine (#812) * Add configmap read access Signed-off-by: Aditya Menon * Retrigger CI pipeline Signed-off-by: Aditya Menon * Match upstream manifest definition Follow the same pattern on argo-rollouts repo Signed-off-by: Aditya Menon --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml | 2 ++ charts/argo-rollouts/templates/argo-rollouts-role.yaml | 2 ++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index d053ac6e..f058d566 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "v1.0.1" +appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.1 +version: 1.0.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index 5872d59d..fdd0f2b0 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -77,10 +77,12 @@ rules: - watch - patch # secret read access to run analysis templates which reference secrets +# configmap access to read notification-engine configuration - apiGroups: - "" resources: - secrets + - configmaps verbs: - get - list diff --git a/charts/argo-rollouts/templates/argo-rollouts-role.yaml b/charts/argo-rollouts/templates/argo-rollouts-role.yaml index a981d95d..23794c34 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml @@ -67,10 +67,12 @@ rules: - watch - patch # secret read access to run analysis templates which reference secrets +# configmap access to read notification-engine configuration - apiGroups: - "" resources: - secrets + - configmaps verbs: - get - list From a70d156217f701350920abbf639b953c5c5d66c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Fri, 9 Jul 2021 13:08:43 +0200 Subject: [PATCH 30/53] feat!: Improve Pull Request Template & Contributing Guidelines (#750) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: improve documentation and require changelog Signed-off-by: Oliver Bähler * Bump Versions Signed-off-by: Oliver Bähler * Bump argo-rollouts Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Reword Artifacthub -> Artifact Hub Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- .github/pull_request_template.md | 4 +- CONTRIBUTING.md | 50 ++++++++++++++++++++++++- README.md | 5 +++ charts/argo-cd/Chart.yaml | 2 +- charts/argo-events/Chart.yaml | 5 ++- charts/argo-rollouts/Chart.yaml | 5 ++- charts/argo-workflows/Chart.yaml | 5 ++- charts/argocd-applicationset/Chart.yaml | 5 ++- charts/argocd-notifications/Chart.yaml | 5 ++- 9 files changed, 77 insertions(+), 9 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 67fe55f4..f614c199 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -4,9 +4,9 @@ If the DCO action in the integration test fails, one or more of your commits are Checklist: -* [ ] I have updated the chart version in `Chart.yaml` following Semantic Versioning. +* [ ] I have bumped the chart version according to [versioning](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#versioning) +* [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#changelog). * [ ] Any new values are backwards compatible and/or have sensible default. -* [ ] I have followed the testing instructions in the [contributing guide](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md). * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/tree/master/community#contributing-to-argo). * [ ] My build is green ([troubleshooting builds](https://argoproj.github.io/argo-cd/developer-guide/ci/)). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a4ad43dd..070b0981 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,6 +2,54 @@ Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently. + +# Pull Requests + +All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project. + +## Versioning + +Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease). + +Any breaking changes to a chart (backwards incompatible) require: + + * Bump of the current Major version of the chart + * State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades)) + +### Immutability + +Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error. + + +### Artifact Hub Annotations + +Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub. + + * [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/) + +#### Changelog + +We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release. + +Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: + +``` +name: argo-cd +version: 3.4.1 +... +annotations: + artifacthub.io/changes: | + - "[Added]: Something New was added" + - "[Changed]: Changed Something within this chart" + - "[Changed]: Changed Something else within this chart" + - "[Deprecated]: Something deprecated" + - "[Removed]: Something was removed" + - "[Fixed]: Something was fixed" + - "[Security]": Some Security Patch was included" +``` + +# Testing + ## Testing Argo Workflows Changes Minimally: @@ -96,4 +144,4 @@ The linting can be invoked manually with the following command: ## Publishing Changes -Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`). \ No newline at end of file +Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`). diff --git a/README.md b/README.md index 2db0e70a..6e1aaf2c 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ # Argo Helm Charts +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=master)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. The charts can be added using following command: @@ -7,3 +8,7 @@ Argo Helm is a collection of **community maintained** charts for http://argoproj ``` helm repo add argo https://argoproj.github.io/argo-helm ``` + +## Contributing + +We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details. \ No newline at end of file diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 77b0fc3d..9ea33e54 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.7.1 +version: 3.7.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 2df3b1c7..835705bf 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.2 +version: 1.6.4 keywords: - argo-events - sensor-controller @@ -15,3 +15,6 @@ maintainers: appVersion: 1.3.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index f058d566..6f904714 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,10 +2,13 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.2 +version: 1.0.3 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: - name: alexmt - name: dthomson25 - name: jessesuen +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f3dd5219..d966c9f8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.6 +version: 0.2.7 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -13,3 +13,6 @@ maintainers: - name: alexmt - name: jessesuen - name: benjaminws +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 2596addb..2facbad1 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.6 +version: 0.1.7 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png @@ -12,3 +12,6 @@ keywords: - gitops maintainers: - name: maruina +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index cf33a5d9..81fc8e5c 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.0 +version: 1.4.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -13,3 +13,6 @@ keywords: maintainers: - name: alexmt - name: andyfeller +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" From 783cb3e0290b1f8b5934f1dfb212dd1fbe16df02 Mon Sep 17 00:00:00 2001 From: Atze de Vries Date: Fri, 9 Jul 2021 14:34:09 +0200 Subject: [PATCH 31/53] feat(argo-cd): Add ability to override API versions (#760) * feat: Add ability to override api versions for argocd Signed-off-by: Atze de Vries * fix linting Signed-off-by: Atze de Vries * reimplement a bit and update chart version Signed-off-by: Atze de Vries * update to new minor Signed-off-by: Atze de Vries * fix spaces in comments Signed-off-by: Atze de Vries * Updated flow control and add documentation on apiVersionOverrides Signed-off-by: Atze de Vries * Add changelog annotation Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++++- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/_helpers.tpl | 4 +++- charts/argo-cd/templates/argocd-server/certificate.yaml | 4 +++- charts/argo-cd/values.yaml | 7 +++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9ea33e54..6be2a125 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.7.2 +version: 3.8.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -19,3 +19,6 @@ dependencies: version: 4.12.14 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled +annotations: + artifacthub.io/changes: | + - "[Added]: Ability to override API versions" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c0322bad..219e76ab 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -111,6 +111,8 @@ NAME: my-release | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | +| apiVersionOverrides.certmanager | String to override apiVersion of certmanager resources rendered by this helm chart | `""` | +| apiVersionOverrides.ingress | String to override apiVersion of ingresses rendered by this helm chart | `""` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` | | configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 65081951..177d1db8 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -144,7 +144,9 @@ app.kubernetes.io/component: {{ .component }} Return the appropriate apiVersion for ingress */}} {{- define "argo-cd.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}} +{{- if .Values.apiVersionOverrides.ingress -}} +{{- print .Values.apiVersionOverrides.ingress -}} +{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}} {{- print "extensions/v1beta1" -}} {{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" $) -}} {{- print "networking.k8s.io/v1beta1" -}} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 753dc8bc..64241bfe 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,5 +1,7 @@ {{- if .Values.server.certificate.enabled -}} -{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1" }} +{{- if .Values.apiVersionOverrides.certmanager -}} +apiVersion: {{ .Values.apiVersionOverrides.certmanager }} +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" }} apiVersion: cert-manager.io/v1 {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }} apiVersion: cert-manager.io/v1alpha3 diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 087a091d..6edc3e29 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,6 +20,13 @@ global: # hostnames: # - git.myhostname +# Override APIVersions +# If you want to template helm charts but cannot access k8s API server +# you can set api versions here +apiVersionOverrides: + certmanager: "" # cert-manager.io/v1 + ingress: "" # networking.k8s.io/v1beta1 + ## Controller controller: name: application-controller From 1416d5e082b97878ab9c8cbe99e299669ee747d9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 12 Jul 2021 12:54:17 +0200 Subject: [PATCH 32/53] fix(argocd-applicationset): Cleanup old CRD installation method (#827) Signed-off-by: Marco Kilchhofer --- charts/argocd-applicationset/.helmignore | 1 + charts/argocd-applicationset/Chart.yaml | 8 ++++--- charts/argocd-applicationset/README.md | 23 +++++++++++++++---- .../ci/default-values.yaml | 2 -- .../ci/leader-election-values.yaml | 2 -- .../argocd-applicationset/templates/crds.yaml | 6 ----- charts/argocd-applicationset/values.yaml | 2 -- 7 files changed, 24 insertions(+), 20 deletions(-) delete mode 100644 charts/argocd-applicationset/templates/crds.yaml diff --git a/charts/argocd-applicationset/.helmignore b/charts/argocd-applicationset/.helmignore index 0e8a0eb3..5bdaa3eb 100644 --- a/charts/argocd-applicationset/.helmignore +++ b/charts/argocd-applicationset/.helmignore @@ -21,3 +21,4 @@ .idea/ *.tmproj .vscode/ +ci/ diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 2facbad1..b91b1441 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,10 +2,10 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.7 +version: 1.0.0 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png keywords: - argoproj - appset @@ -14,4 +14,6 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Removed]: CRD installation via templates folder. CRDs are now only handled via the '/crds' folder in the same way like the ArgoCD chart." + - "[Removed]: Exclude '/ci' folder from being packaged into the final chart archive." + - "[Changed]: Fix icon url" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index b200d9cf..0b59414b 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -10,6 +10,11 @@ This is a **community maintained** chart. This chart installs the [applicationse This chart currently installs the non-HA version of Argo CD ApplicationSet. +## Prerequisites + +- Helm v3.0.0+ +- The ApplicationSet controller **must** be installed into the same namespace as the Argo CD it is targetting. + ## Installing the Chart To install the chart with the release name `my-release`: @@ -23,10 +28,6 @@ NAME: my-release ... ``` -### Helm v3 Compatibility - -Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks. - ### Testing Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing). @@ -38,6 +39,19 @@ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/st ct install --namespace argocd ``` +## Notes on CRD Installation + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. + +You then can install the CRDs manually from `crds` folder or via the manifests from the upstream project repo: + +```console +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref= + +# Eg. version v0.1.0 +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=v0.1.0 +``` + ## Values | Key | Type | Default | Description | @@ -56,7 +70,6 @@ ct install --namespace argocd | image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | -| installCRDs | bool | `true` | Install Custom Resource Definition | | mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume | | mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume | | mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | diff --git a/charts/argocd-applicationset/ci/default-values.yaml b/charts/argocd-applicationset/ci/default-values.yaml index eb1b7aae..233dd8e2 100644 --- a/charts/argocd-applicationset/ci/default-values.yaml +++ b/charts/argocd-applicationset/ci/default-values.yaml @@ -4,8 +4,6 @@ replicaCount: 1 -installCRDs: false # this needs to be false with ct - image: # The image repository repository: quay.io/argocdapplicationset/argocd-applicationset diff --git a/charts/argocd-applicationset/ci/leader-election-values.yaml b/charts/argocd-applicationset/ci/leader-election-values.yaml index e7201ac1..39ec3078 100644 --- a/charts/argocd-applicationset/ci/leader-election-values.yaml +++ b/charts/argocd-applicationset/ci/leader-election-values.yaml @@ -2,5 +2,3 @@ args: enableLeaderElection: true replicaCount: 3 - -installCRDs: false diff --git a/charts/argocd-applicationset/templates/crds.yaml b/charts/argocd-applicationset/templates/crds.yaml deleted file mode 100644 index 45ab72d4..00000000 --- a/charts/argocd-applicationset/templates/crds.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if .Values.installCRDs }} -{{- range $path, $_ := .Files.Glob "crds/*.yaml" }} -{{ $.Files.Get $path }} ---- -{{- end }} -{{- end }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index 1be0c0ff..ac4b3bd9 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -4,8 +4,6 @@ replicaCount: 1 -installCRDs: true - image: # The image repository repository: quay.io/argocdapplicationset/argocd-applicationset From 62699ffc827757b5ed5842c593e9e4bd19120226 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 12 Jul 2021 13:06:50 +0200 Subject: [PATCH 33/53] fix(argo-cd): Add ServiceAccount for redis (#828) * Add ability to create ServiceAccount for redis Signed-off-by: Marco Kilchhofer * Use correct default for ServiceAccounts in _helpers.tpl Signed-off-by: Marco Kilchhofer * Bump version and update changelog Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 19 +++++++++++++++---- .../argo-cd/templates/redis/deployment.yaml | 3 ++- .../templates/redis/serviceaccount.yaml | 15 +++++++++++++++ charts/argo-cd/values.yaml | 8 ++++++++ 5 files changed, 42 insertions(+), 7 deletions(-) create mode 100644 charts/argo-cd/templates/redis/serviceaccount.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6be2a125..3a503aca 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.8.0 +version: 3.8.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to override API versions" + - "[Fixed]: Cannot create a service account for redis" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 177d1db8..c5d2adab 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -71,7 +71,7 @@ Create the name of the controller service account to use */}} {{- define "argo-cd.controllerServiceAccountName" -}} {{- if .Values.controller.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }} + {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} {{- else -}} {{ default "default" .Values.controller.serviceAccount.name }} {{- end -}} @@ -82,18 +82,29 @@ Create the name of the dex service account to use */}} {{- define "argo-cd.dexServiceAccountName" -}} {{- if .Values.dex.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }} + {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} {{- else -}} {{ default "default" .Values.dex.serviceAccount.name }} {{- end -}} {{- end -}} +{{/* +Create the name of the redis service account to use +*/}} +{{- define "argo-cd.redisServiceAccountName" -}} +{{- if .Values.redis.serviceAccount.create -}} + {{ default (include "argo-cd.redis.fullname" .) .Values.redis.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.redis.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create the name of the ArgoCD server service account to use */}} {{- define "argo-cd.serverServiceAccountName" -}} {{- if .Values.server.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }} + {{ default (include "argo-cd.server.fullname" .) .Values.server.serviceAccount.name }} {{- else -}} {{ default "default" .Values.server.serviceAccount.name }} {{- end -}} @@ -104,7 +115,7 @@ Create the name of the repo-server service account to use */}} {{- define "argo-cd.repoServerServiceAccountName" -}} {{- if .Values.repoServer.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }} + {{ default (include "argo-cd.repoServer.fullname" .) .Values.repoServer.serviceAccount.name }} {{- else -}} {{ default "default" .Values.repoServer.serviceAccount.name }} {{- end -}} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index a6f0c46a..05500337 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -30,7 +30,8 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - automountServiceAccountToken: false + automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} + serviceAccountName: {{ template "argo-cd.redisServiceAccountName" . }} {{- if .Values.redis.securityContext }} securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/serviceaccount.yaml b/charts/argo-cd/templates/redis/serviceaccount.yaml new file mode 100644 index 00000000..ae67d3b2 --- /dev/null +++ b/charts/argo-cd/templates/redis/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.redis.enabled .Values.redis.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "argo-cd.redisServiceAccountName" . }} +{{- if .Values.redis.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.redis.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6edc3e29..3ecfd228 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -365,6 +365,14 @@ redis: fsGroup: 1000 runAsNonRoot: true + serviceAccount: + create: false + name: "" + ## Annotations applied to created service account + annotations: {} + ## Automount API credentials for the Service Account + automountServiceAccountToken: false + resources: {} # limits: # cpu: 200m From 9c69a87f6719446cde3e1f6cec10c8bd6f4c61a3 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 13 Jul 2021 08:25:41 +0200 Subject: [PATCH 34/53] docs(argo-cd): Upgrading notes for ServiceAccount change in 3.8.1 (#830) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 28 ++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3a503aca..ea3fbc45 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.8.1 +version: 3.8.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Cannot create a service account for redis" + - "[Changed]: Add important upgrading notes to README concerning potential ServiceAccount renamings introduced in chart version 3.8.1+." diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 219e76ab..1c12a617 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -34,6 +34,34 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 3.8.1 + +This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization: + +```yaml +# Case 1) - only happens when you do not specify a custom name (repoServer.serviceAccount.name) +repoServer: + serviceAccount: + create: true + +# Case 2) +controller: + serviceAccount: + name: "" # or + +# Case 3) +dex: + serviceAccount: + name: "" # or + +# Case 4) +server: + serviceAccount: + name: "" # or +``` + +Please check if you are affected by one of these cases **before you upgrade**, especially when you use **cloud IAM roles for service accounts.** (eg. IRSA on AWS or Workload Identity for GKE) + ### 3.2.* With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). From 922799081d6037d71971baf3fecf3519c35326e9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 13 Jul 2021 08:35:25 +0200 Subject: [PATCH 35/53] feat(argo-cd): Add ability to create network policies (#800) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +++-- charts/argo-cd/README.md | 2 ++ .../networkpolicy.yaml | 19 ++++++++++++ .../argocd-repo-server/networkpolicy.yaml | 31 +++++++++++++++++++ .../argocd-server/networkpolicy.yaml | 16 ++++++++++ .../argo-cd/templates/dex/networkpolicy.yaml | 31 +++++++++++++++++++ .../templates/networkpolicy-default-deny.yaml | 12 +++++++ .../argo-cd/templates/redis/deployment.yaml | 2 +- .../templates/redis/networkpolicy.yaml | 29 +++++++++++++++++ charts/argo-cd/values.yaml | 4 +++ 10 files changed, 149 insertions(+), 4 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/argocd-server/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/dex/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/networkpolicy-default-deny.yaml create mode 100644 charts/argo-cd/templates/redis/networkpolicy.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ea3fbc45..60ff890e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.8.2 +version: 3.9.0 home: https://github.com/argoproj/argo-helm -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: - argoproj - argocd @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Add important upgrading notes to README concerning potential ServiceAccount renamings introduced in chart version 3.8.1+." + - "[Added]: Ability to create network policies" + - "[Changed]: Fix icon url" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1c12a617..bb929e93 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -136,6 +136,8 @@ NAME: my-release | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | +| global.networkPolicy.create | Create NetworkPolicy objects for all components | `false` | +| global.networkPolicy.defaultDenyIngress | Default deny all ingress traffic | `false` | | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | diff --git a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml new file mode 100644 index 00000000..9116fbcf --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml @@ -0,0 +1,19 @@ +{{- if .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + name: {{ template "argo-cd.controller.fullname" . }} +spec: + ingress: + - from: + - namespaceSelector: {} + ports: + - port: controller + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml new file mode 100644 index 00000000..0d9274ed --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -0,0 +1,31 @@ +{{- if .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} + name: {{ template "argo-cd.repoServer.fullname" . }} +spec: + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }} + ports: + - port: repo-server + protocol: TCP + {{- if .Values.repoServer.metrics.enabled }} + - from: + - namespaceSelector: {} + ports: + - port: metrics + {{- end }} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml new file mode 100644 index 00000000..8300d696 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml @@ -0,0 +1,16 @@ +{{- if .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + name: {{ template "argo-cd.server.fullname" . }} +spec: + ingress: + - {} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/dex/networkpolicy.yaml b/charts/argo-cd/templates/dex/networkpolicy.yaml new file mode 100644 index 00000000..e79a2e3e --- /dev/null +++ b/charts/argo-cd/templates/dex/networkpolicy.yaml @@ -0,0 +1,31 @@ +{{- if and .Values.global.networkPolicy.create .Values.dex.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} + name: {{ template "argo-cd.dex.fullname" . }} +spec: + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }} + ports: + - port: http + protocol: TCP + - port: grpc + protocol: TCP + {{- if .Values.dex.metrics.enabled }} + - from: + - namespaceSelector: {} + ports: + - port: metrics + protocol: TCP + {{- end }} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/networkpolicy-default-deny.yaml b/charts/argo-cd/templates/networkpolicy-default-deny.yaml new file mode 100644 index 00000000..3d47a397 --- /dev/null +++ b/charts/argo-cd/templates/networkpolicy-default-deny.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.global.networkPolicy.create .Values.global.networkPolicy.defaultDenyIngress }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} + name: {{ template "argo-cd.fullname" . }}-default-deny +spec: + podSelector: {} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 05500337..5b5879a3 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -59,8 +59,8 @@ spec: {{- end }} ports: - containerPort: {{ .Values.redis.containerPort }} + name: redis {{- if .Values.redis.volumeMounts }} - volumeMounts: {{- toYaml .Values.redis.volumeMounts | nindent 10 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/networkpolicy.yaml b/charts/argo-cd/templates/redis/networkpolicy.yaml new file mode 100644 index 00000000..881e257c --- /dev/null +++ b/charts/argo-cd/templates/redis/networkpolicy.yaml @@ -0,0 +1,29 @@ +{{- $redisHa := (index .Values "redis-ha") -}} +{{- if and .Values.global.networkPolicy.create .Values.redis.enabled (not $redisHa.enabled) }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} + name: {{ template "argo-cd.redis.fullname" . }} +spec: + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 10 }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }} + ports: + - port: redis + protocol: TCP + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3ecfd228..452aba69 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,6 +20,10 @@ global: # hostnames: # - git.myhostname + networkPolicy: + create: false + defaultDenyIngress: false + # Override APIVersions # If you want to template helm charts but cannot access k8s API server # you can set api versions here From 1e3a4afd0583a4c35dba2b8783f9fded82667dfc Mon Sep 17 00:00:00 2001 From: Thomas O'Neill Date: Tue, 20 Jul 2021 07:40:54 -0400 Subject: [PATCH 36/53] feat(argo-cd): Support AWS ALB Ingress with gRPC (#806) * Support AWS ALB Ingress with GRPC Signed-off-by: Thomas O'Neill Signed-off-by: Thomas O'Neill * Bump chart version Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Use single if statement Signed-off-by: Thomas O'Neill * Append -grpc to the service labels for ALB GRPC service Signed-off-by: Thomas O'Neill Co-authored-by: Thomas O'Neill Co-authored-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++-- charts/argo-cd/README.md | 21 ++++++++++++++++ .../argocd-server/alb-grpc-service.yaml | 24 +++++++++++++++++++ .../templates/argocd-server/ingress-grpc.yaml | 2 +- .../templates/argocd-server/ingress.yaml | 24 +++++++++++++++++++ charts/argo-cd/values.yaml | 1 + 6 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 60ff890e..71320643 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.9.0 +version: 3.10.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to create network policies" - - "[Changed]: Fix icon url" + - "[Added]: Support AWS ALB Ingress with gRPC" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bb929e93..05623c59 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -305,6 +305,7 @@ NAME: my-release | server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` | | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` | | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | +| server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.lifecycle | PostStart and PreStop hooks configuration | `{}` | @@ -429,3 +430,23 @@ through `xxx.extraArgs` | redis-ha.image.tag | Redis tag | `"6.2.1-alpine"` | [gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ + + +### Using AWS ALB Ingress Controller With GRPC +If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. + +Example: +```yaml +server: + ingress: + enabled: true + annotations: + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + alb.ingress.kubernetes.io/scheme: internal + alb.ingress.kubernetes.io/target-type: ip + ingressGrpc: + enabled: true + isAWSALB: true + +``` \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml new file mode 100644 index 00000000..018bca3e --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.server.ingressGrpc.enabled .Values.server.ingressGrpc.isAWSALB -}} +apiVersion: v1 +kind: Service +metadata: + annotations: + alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + labels: + {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} + name: {{ template "argo-cd.server.fullname" . }}-grpc +spec: + ports: + - name: {{ .Values.server.service.servicePortHttpName }} + protocol: TCP + port: {{ .Values.server.service.servicePortHttp }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + - name: {{ .Values.server.service.servicePortHttpsName }} + protocol: TCP + port: {{ .Values.server.service.servicePortHttps }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} + sessionAffinity: None + type: ClusterIP +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 1fb89979..6a90445e 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.ingressGrpc.enabled -}} +{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}} {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index aa7d49dc..576b94df 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -12,6 +12,10 @@ metadata: {{- range $key, $value := .Values.server.ingress.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} + alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | + [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] + {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} labels: @@ -35,6 +39,26 @@ spec: {{- toYaml $extraPaths | nindent 10 }} {{- end }} {{- range $p := $paths }} + {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} + - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: Prefix + {{- end }} + backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ template "argo-cd.server.fullname" $ }}-grpc + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc + servicePort: {{ $servicePort }} + {{- end }} + {{- end }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 452aba69..b4d5a954 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -601,6 +601,7 @@ server: # https://argoproj.github.io/argo-cd/operator-manual/ingress/ ingressGrpc: enabled: false + isAWSALB: false annotations: {} labels: {} ingressClassName: "" From 186fe34b872813cf290209fb093ba7b211c64173 Mon Sep 17 00:00:00 2001 From: Jakub Bielawski <60479855+kobejn-jb@users.noreply.github.com> Date: Tue, 20 Jul 2021 20:10:29 +0200 Subject: [PATCH 37/53] Fix controller Role/ClusterRole to work with InstanceID (#833) Bumped Chart version Add indednt in controller ConfigMap flow control Signed-off-by: Jakub Bielawski --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-cluster-roles.yaml | 10 ++++++++++ .../controller/workflow-controller-config-map.yaml | 6 +++--- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index d966c9f8..736b131d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.7 +version: 0.2.8 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Fixed]: Controller Role/ClusterRole to work with InstanceID" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 34340d14..72e97f45 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -121,8 +121,18 @@ rules: resources: - leases resourceNames: + {{- if .Values.controller.instanceID.enabled }} + {{- if .Values.controller.instanceID.useReleaseName }} + - workflow-controller-{{ .Release.Name }} + - workflow-controller-lease-{{ .Release.Name }} + {{- else }} + - workflow-controller-{{ .Values.controller.instanceID.explicitID }} + - workflow-controller-lease-{{ .Values.controller.instanceID.explicitID }} + {{- end }} + {{- else }} - workflow-controller - workflow-controller-lease + {{- end }} verbs: - get - watch diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index afddb194..dd2af42e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -7,11 +7,11 @@ metadata: data: config: | {{- if .Values.controller.instanceID.enabled }} - {{- if .Values.controller.instanceID.useReleaseName }} + {{- if .Values.controller.instanceID.useReleaseName }} instanceID: {{ .Release.Name }} - {{- else }} + {{- else }} instanceID: {{ .Values.controller.instanceID.explicitID }} - {{- end }} + {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} {{- if .Values.controller.parallelism }} From 37277315ce669a12e9a5a66ce03ab2a6e08eb184 Mon Sep 17 00:00:00 2001 From: Rein van 't Veer Date: Tue, 20 Jul 2021 20:18:26 +0200 Subject: [PATCH 38/53] feat(argo-workflows): Multiple workflow namespaces (#824) * allow workflow to be run in multiple namespaces, bump chart version Signed-off-by: reinvantveer * update helm install instructions Signed-off-by: reinvantveer * fix indents Signed-off-by: reinvantveer * add newlines Signed-off-by: reinvantveer * bump chart version Signed-off-by: reinvantveer * default to "argo" namespace for workflow service account Signed-off-by: reinvantveer * simplify setting service account, fix syntactical error in defaulting to "argo" namespace Signed-off-by: reinvantveer * Bump only the chart version, revert bumping the controller version: 3.0.8 does not exist yet as a workflow-controller image version Signed-off-by: reinvantveer * don't set a namespace if there isn't one provided Signed-off-by: reinvantveer * bump version Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces, add additional inline comments on rbac.create effect Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * dro now-redundant branch for controller.workflowNamespaces Signed-off-by: reinvantveer * use template helper "argo-workflows.fullname" instead of release name in order to be able to override the service account name Signed-off-by: reinvantveer * add missing "template" keyword Signed-off-by: reinvantveer * drop redundant $namespace assignment that was already moved inside the "range" function Signed-off-by: reinvantveer * replace "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * drop redundant $namespace assignment that was already moved inside the "range" function Signed-off-by: reinvantveer * inline "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * inline "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * add missing "$" to denote target for templating the workflows fullname helper Signed-off-by: reinvantveer * restore `with` blocks for service account name and service account annotations Signed-off-by: reinvantveer * drop validations: considering cases of `workflowNamespaces`, `namespace` and `singleNamespace` Signed-off-by: reinvantveer * include case for single namespaces with default ("") namespace, otherwise (ternary) combine the workflow namespace and workflowNamespaces from the controller settings into a list to iterate over Signed-off-by: reinvantveer * wrap namespace configuration in `with` block to prevent setting it to "" Signed-off-by: reinvantveer * fix append vs. concat bug: append workflowNamespace to (possibly 0-lenght) list of controller.workflowNamespaces Signed-off-by: reinvantveer * fix namespace range with additional check for either single namespace being false, or append to the workflow namespaces: the first non-null (coalesce) from the workflow namespace or the namespace Argo is being deployed to. Signed-off-by: reinvantveer * add changelog entries Signed-off-by: reinvantveer * unwrap (inline) with-block for service account name Signed-off-by: reinvantveer Co-authored-by: Vlad Losev --- CONTRIBUTING.md | 2 +- charts/argo-workflows/Chart.yaml | 6 ++- .../templates/controller/workflow-rb.yaml | 19 ++++----- .../templates/controller/workflow-role.yaml | 40 ++++++++++--------- .../templates/controller/workflow-sa.yaml | 13 +++--- charts/argo-workflows/values.yaml | 8 +++- 6 files changed, 51 insertions(+), 37 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 070b0981..3d6e1782 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -55,7 +55,7 @@ annotations: Minimally: ``` -helm install charts/argo -n argo +helm install charts/argo-workflows -n argo argo version ``` diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 736b131d..70b9bf10 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.8 +version: 0.2.9 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,6 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Controller Role/ClusterRole to work with InstanceID" + - "[Changed]: Service accounts, roles and role bindings can now be auto-created for each workflow controller namespace" + - "[Fixed]: The contributer testing guidelines were updated to reflect the chart name change from 'argo' to + 'argo-workflows'" diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 9b27c045..004d40d0 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,19 +1,20 @@ {{- if .Values.workflow.rbac.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-workflows.fullname" . }}-workflow - {{- with .Values.workflow.namespace }} - namespace: {{ . }} - {{- end }} + name: {{ template "argo-workflows.fullname" $ }}-workflow + namespace: {{ $namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-workflows.fullname" . }}-workflow + name: {{ template "argo-workflows.fullname" $ }}-workflow subjects: -- kind: ServiceAccount - name: {{ .Values.workflow.serviceAccount.name }} - {{- with .Values.workflow.namespace }} - namespace: {{ . }} + - kind: ServiceAccount + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index bf8b3cff..4ca10e8e 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,25 +1,29 @@ {{- if .Values.workflow.rbac.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ template "argo-workflows.fullname" . }}-workflow - {{- with .Values.workflow.namespace }} + name: {{ template "argo-workflows.fullname" $ }}-workflow + {{- with $namespace }} namespace: {{ . }} - {{- end }} + {{- end }} rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - watch - - patch -- apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - patch + - apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - watch + {{- end }} + {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index dc84f2b1..2ea64771 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,13 +1,16 @@ {{- if .Values.workflow.serviceAccount.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.workflow.serviceAccount.name }} - {{- with .Values.workflow.namespace }} + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} namespace: {{ . }} - {{- end }} - {{- with .Values.workflow.serviceAccount.annotations }} + {{- end }} + {{- with $.Values.workflow.serviceAccount.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 864c9931..ebd7fc92 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -29,13 +29,15 @@ kubeVersionOverride: "" singleNamespace: false workflow: - namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. + namespace: # Deprecated, for backwards compatibility: specify a single namespace to run workflows in serviceAccount: create: false # Specifies whether a service account should be created annotations: {} name: "argo-workflow" # Service account which is used to run workflows rbac: - create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows + # Adds Role and RoleBinding for the above specified service account to be able to run workflows + # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) + create: true controller: image: @@ -109,6 +111,8 @@ controller: # Annotations applied to created service account annotations: {} name: workflow-controller + # Specify all namespaces to run worksflows need to be able to run in. This controls where the service + # account and RBAC resources will be created. If unspecified, will run in the default namespace. workflowNamespaces: - default containerRuntimeExecutor: docker From e393ef1ba2017973fc52208abcc5243e52b2443d Mon Sep 17 00:00:00 2001 From: Zadkiel Date: Tue, 20 Jul 2021 20:24:41 +0200 Subject: [PATCH 39/53] fix(argo-workflows): remove old default init service account (#834) * fix(argo-workflows): remove old default init service account Signed-off-by: GitHub * fix(argo-workflows): remove init.serviceAccount from README Signed-off-by: GitHub * chore(argo-workflows): update changelog Signed-off-by: GitHub * chore(argo-workflows): bump chart to 0.2.8 Signed-off-by: GitHub Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 6 ++---- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 5 ----- 3 files changed, 3 insertions(+), 10 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 70b9bf10..a342b248 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.9 +version: 0.2.10 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,6 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Service accounts, roles and role bindings can now be auto-created for each workflow controller namespace" - - "[Fixed]: The contributer testing guidelines were updated to reflect the chart name change from 'argo' to - 'argo-workflows'" + - "[Fixed]: Removed init.serviceAccount unused fields" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 7e1c9dd7..e25a3840 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -10,7 +10,7 @@ This chart uses an install hook to configure the CRD definition. Installation of A few options are: -- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute +- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions ## Usage Notes diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index ebd7fc92..68f6f459 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -5,11 +5,6 @@ images: pullSecrets: [] # - name: argo-pull-secret -init: - # By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is - # being deployed to. In RBAC clusters, that will almost certainly fail. See the NOTES: section of the readme for more info. - serviceAccount: "" - createAggregateRoles: true ## String to partially override "argo-workflows.fullname" template From 4e739561c0e2e9807e297905313710f95790522a Mon Sep 17 00:00:00 2001 From: kostas-theo <43744618+kostas-theo@users.noreply.github.com> Date: Tue, 20 Jul 2021 23:51:02 +0200 Subject: [PATCH 40/53] fix: pod status pending issue (#837) Signed-off-by: kostas-theo Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/crds/argoproj.io_workflows.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a342b248..60d4305d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.10 +version: 0.2.11 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Removed init.serviceAccount unused fields" + - "[Fixed]: Pods stuck in pending phase due to workflow update timeouts." diff --git a/charts/argo-workflows/crds/argoproj.io_workflows.yaml b/charts/argo-workflows/crds/argoproj.io_workflows.yaml index f3751e18..59d2fc3b 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflows.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workflows.yaml @@ -36,9 +36,11 @@ spec: spec: type: object x-kubernetes-preserve-unknown-fields: true + x-kubernetes-map-type: atomic status: type: object x-kubernetes-preserve-unknown-fields: true + x-kubernetes-map-type: atomic required: - metadata - spec From 3ca4a4eca08b7a35aa1e9ce9ad92dcb8cdf76fa3 Mon Sep 17 00:00:00 2001 From: Niels ten Boom Date: Wed, 21 Jul 2021 18:02:03 +0200 Subject: [PATCH 41/53] docs: Rename argocd references to argoworkflows in workflow chart (#842) * rename argocd to argoworkflows Signed-off-by: Niels ten Boom * bump patch version Signed-off-by: Niels ten Boom * bump patch version Signed-off-by: Niels ten Boom Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/values.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 60d4305d..768d2266 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.11 +version: 0.2.12 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Pods stuck in pending phase due to workflow update timeouts." + - "[Changed]: Argo workflows values file no longer has examples referencing ArgoCD" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 68f6f459..50085773 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -278,7 +278,7 @@ server: ## hosts: [] - # - argocd.example.com + # - argoworkflows.example.com paths: - / extraPaths: @@ -297,9 +297,9 @@ server: # name: use-annotation tls: [] - # - secretName: argocd-example-tls + # - secretName: argoworkflows-example-tls # hosts: - # - argocd.example.com + # - argoworkflows.example.com https: false clusterWorkflowTemplates: From 2358b152f9af125fcb608ead2d76fb81d18342fd Mon Sep 17 00:00:00 2001 From: smcavallo Date: Mon, 26 Jul 2021 21:32:56 -0400 Subject: [PATCH 42/53] feat(argo-cd): Bump default version to v2.0.5 (#844) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 71320643..60bc092a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.4 +appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.10.0 +version: 3.10.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 05623c59..4cd712b5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -132,7 +132,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.4"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b4d5a954..c6795bbc 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.0.4 + tag: v2.0.5 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 From 3374813feb15674af4430c3ba33f58244fda6c4d Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Tue, 27 Jul 2021 13:07:07 +0200 Subject: [PATCH 43/53] fix(argo-cd): Deprecate the static assets flag passed to argocd-server (#846) Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 3 ++- charts/argo-cd/README.md | 8 +++++++- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 60bc092a..b58fd1c2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.10.1 +version: 3.10.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -22,3 +22,4 @@ dependencies: annotations: artifacthub.io/changes: | - "[Added]: Support AWS ALB Ingress with gRPC" + - "[Deprecated]: Deprecate static assets flag passed to argocd-server" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4cd712b5..08025c94 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -34,6 +34,11 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 3.10.2 + +ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default +It can be re-enabled by setting `server.staticAssets.enabled` to true + ### 3.8.1 This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization: @@ -287,6 +292,7 @@ NAME: my-release | server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | +| server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` | | server.env | Environment variables for the server. | `[]` | | server.envFrom | `envFrom` to pass to the server. | `[]` (See [values.yaml](values.yaml)) | | server.image.repository | Repository to use for the server | `global.image.repository` | @@ -449,4 +455,4 @@ server: enabled: true isAWSALB: true -``` \ No newline at end of file +``` diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 68c98845..ff86f5ec 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -42,8 +42,10 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server + {{ if .Values.server.staticAssets.enabled }} - --staticassets - /shared/app + {{ end }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- if .Values.dex.enabled }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c6795bbc..d930fcd8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -431,6 +431,10 @@ server: extraArgs: [] # - --insecure + # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app + staticAssets: + enabled: false + ## Environment variables to pass to argocd-server ## env: [] From 5ed8dccc99f9a84e3f40458df79d7c4eba81b371 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Wed, 28 Jul 2021 10:36:56 -0400 Subject: [PATCH 44/53] argocd - update misc dependencies (#847) Signed-off-by: smcavallo --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 9 +++++---- charts/argo-cd/values.yaml | 6 +++--- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 52941728..fe323d72 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.12.14 -digest: sha256:34275a4f4df92c570d07b0553da5d1fa200b6f057f7091746c853fd7399ee30a -generated: "2021-05-03T16:02:41.4356045-04:00" + version: 4.12.17 +digest: sha256:ad1833436031e3578165d48646c90323040fa1bc00d9235fe7ba7c67b20094ec +generated: "2021-07-27T16:35:27.2509236-04:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b58fd1c2..dd68aab2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.10.2 +version: 3.11.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -16,10 +16,11 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.12.14 + version: 4.12.17 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support AWS ALB Ingress with gRPC" - - "[Deprecated]: Deprecate static assets flag passed to argocd-server" + - "[Updated]: Updated redis-ha chart dependency 4.12.14 -> 4.12.17" + - "[Updated]: Updated dex image 2.27.0 -> 2.28.1" + - "[Updated]: Updated redis alpine image 6.2.2 -> 6.2.4" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d930fcd8..8d5a092c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -229,7 +229,7 @@ dex: image: repository: ghcr.io/dexidp/dex - tag: v2.27.0 + tag: v2.28.1 imagePullPolicy: IfNotPresent initImage: repository: @@ -313,7 +313,7 @@ redis: image: repository: redis - tag: 6.2.2-alpine + tag: 6.2.4-alpine imagePullPolicy: IfNotPresent ## Additional command line arguments to pass to redis-server @@ -406,7 +406,7 @@ redis-ha: metrics: enabled: true image: - tag: 6.2.2-alpine + tag: 6.2.4-alpine ## Server server: From f20e070de1b1570987bc265de3a07c81d5156c49 Mon Sep 17 00:00:00 2001 From: Lucas Bickel Date: Wed, 28 Jul 2021 17:42:12 +0200 Subject: [PATCH 45/53] fix(argo-cd): re-enable not yet deprecated staticassets flag (#849) Signed-off-by: Lucas Bickel --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dd68aab2..87e252a8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.0 +version: 3.11.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,6 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Updated]: Updated redis-ha chart dependency 4.12.14 -> 4.12.17" - - "[Updated]: Updated dex image 2.27.0 -> 2.28.1" - - "[Updated]: Updated redis alpine image 6.2.2 -> 6.2.4" + - "[Changed]: Set server.staticAssets.enabled=true since Argo CD 2.0.5 still needs it" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8d5a092c..06232342 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -433,7 +433,7 @@ server: # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app staticAssets: - enabled: false + enabled: true ## Environment variables to pass to argocd-server ## From c043eb2d292d49a0b1403a2539a846354bcca7d0 Mon Sep 17 00:00:00 2001 From: Rafael Tovar Date: Sat, 7 Aug 2021 15:07:41 +0200 Subject: [PATCH 46/53] feat(argo-cd): Add sessionAffinity to server service (#859) * feat(argo-cd):Add sessionAffinity to server Signed-off-by: Rafael Tovar * feat(argo-cd): update changelog new chart Signed-off-by: Rafael Tovar --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/service.yaml | 3 +++ charts/argo-cd/values.yaml | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 87e252a8..a1d6cd5e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.1 +version: 3.11.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Set server.staticAssets.enabled=true since Argo CD 2.0.5 still needs it" + - "[Added]: Add server.service.sessionAffinity setting of the Service into account when deciding which backend Pod to use" diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 87877d92..1dc04116 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -47,3 +47,6 @@ spec: {{- with .Values.server.service.externalTrafficPolicy }} externalTrafficPolicy: {{ . }} {{- end }} +{{- with .Values.server.service.sessionAffinity }} + sessionAffinity: {{ . }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 06232342..8ffcdaea 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -541,6 +541,7 @@ server: loadBalancerSourceRanges: [] externalIPs: [] externalTrafficPolicy: "" + sessionAffinity: "" ## Server metrics service configuration metrics: From b862c6239fa9a6df2f67cdd6a8162001fda42b79 Mon Sep 17 00:00:00 2001 From: Calum MacRae Date: Sat, 7 Aug 2021 23:43:28 +0100 Subject: [PATCH 47/53] feat(argo-events): Ability to specify custom env variables (#516) * feat(argo-events): Add debugLogging value for controller components Signed-off-by: Calum MacRae * fix: quote strings Signed-off-by: Marco Kilchhofer * Rework to generic extraEnv Signed-off-by: Marco Kilchhofer * Fix chart icon url Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 7 ++++--- .../templates/eventbus-controller-deployment.yaml | 3 +++ .../templates/eventsource-controller-deployment.yaml | 3 +++ .../templates/sensor-controller-deployment.yaml | 3 +++ charts/argo-events/values.yaml | 9 +++++++++ 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 835705bf..c29777c7 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.4 +version: 1.7.0 keywords: - argo-events - sensor-controller @@ -13,8 +13,9 @@ maintainers: - name: VaibhavPage - name: whynowy appVersion: 1.3.1 -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Added]: Ability to specify additional/custom environment variables" + - "[Fixed]: Charts icon url" diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index 591d8da3..747bfc11 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -36,6 +36,9 @@ spec: - --namespaced {{- end }} env: + {{- with .Values.eventbusController.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 62fe150e..651ff39b 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -36,6 +36,9 @@ spec: - --namespaced {{- end }} env: + {{- with .Values.eventsourceController.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 0b51d1de..6c2f6a04 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -36,6 +36,9 @@ spec: - --namespaced {{- end }} env: + {{- with .Values.sensorController.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 11827406..db6f679d 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -47,6 +47,9 @@ sensorController: image: argoproj/sensor-controller tag: v1.3.1 replicaCount: 1 + extraEnv: [] + # - name: DEBUG_LOG + # value: "true" sensorImage: argoproj/sensor podAnnotations: {} nodeSelector: {} @@ -61,6 +64,9 @@ eventsourceController: image: argoproj/eventsource-controller tag: v1.3.1 replicaCount: 1 + extraEnv: [] + # - name: DEBUG_LOG + # value: "true" eventsourceImage: argoproj/eventsource podAnnotations: {} nodeSelector: {} @@ -75,6 +81,9 @@ eventbusController: image: argoproj/eventbus-controller tag: v1.3.1 replicaCount: 1 + extraEnv: [] + # - name: DEBUG_LOG + # value: "true" podAnnotations: {} nodeSelector: {} podLabels: {} From 6bbcd833d4398745b3bd133cea233ebda40e4c98 Mon Sep 17 00:00:00 2001 From: Emanuel Oliveira Date: Mon, 9 Aug 2021 05:58:02 -0300 Subject: [PATCH 48/53] fix(argo-cd): Set type of service for gRPC as NodePort. (#861) * fix: set service-grpc type as NodePort Signed-off-by: Emanuel Oliveira Signed-off-by: Emanuel Oliveira * docs: Adds changelog Signed-off-by: Emanuel Oliveira Signed-off-by: Emanuel Oliveira * chore: remove old changelog comment Signed-off-by: Emanuel Oliveira Signed-off-by: Emanuel Oliveira --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a1d6cd5e..2859057a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.2 +version: 3.11.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add server.service.sessionAffinity setting of the Service into account when deciding which backend Pod to use" + - "[Fix]: Set type of service for grpc as NodePort because this is the default of ALB ingress Controller" diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml index 018bca3e..acc9dd60 100644 --- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -20,5 +20,5 @@ spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None - type: ClusterIP + type: NodePort {{- end -}} From 046635d69b140ec075731a196d9864caf9484232 Mon Sep 17 00:00:00 2001 From: cskh Date: Tue, 10 Aug 2021 02:39:38 -0400 Subject: [PATCH 49/53] fix(argo-rollouts): Add missing liveness and readiness probe (#860) * fix(argo-rollouts): missing liveness and readiness probe Signed-off-by: Hui Kang * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Update changelog annotation Signed-off-by: Marco Kilchhofer * Fix icon url Signed-off-by: Marco Kilchhofer Co-authored-by: Hui Kang Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 7 ++++--- .../templates/argo-rollouts-deployment.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 20 +++++++++++++++++++ 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6f904714..c92e4c62 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.3 -icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +version: 1.0.4 +icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: - name: alexmt @@ -11,4 +11,5 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Fixed]: Add missing liveness and readiness probes" + - "[Changed]: Fix icon url" diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index fb632312..4acb0cee 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -39,6 +39,10 @@ spec: ports: - containerPort: 8090 name: metrics + livenessProbe: + {{- toYaml .Values.controller.livenessProbe | nindent 10 }} + readinessProbe: + {{- toYaml .Values.controller.readinessProbe | nindent 10 }} securityContext: {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e778377f..e52e8902 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -31,6 +31,26 @@ controller: additionalLabels: {} additionalAnnotations: {} + ## Readiness and liveness probes for rollouts controller + livenessProbe: + httpGet: + path: /metrics + port: 8090 + initialDelaySeconds: 30 + periodSeconds: 20 + failureThreshold: 3 + successThreshold: 1 + timeoutSeconds: 10 + readinessProbe: + httpGet: + path: /metrics + port: 8090 + initialDelaySeconds: 15 + periodSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + timeoutSeconds: 4 + serviceAccount: # Specifies whether a service account should be created create: true From 8125f928ea00cef542f0e5b482aedec2c0d46043 Mon Sep 17 00:00:00 2001 From: Thom Date: Tue, 10 Aug 2021 15:45:09 +0200 Subject: [PATCH 50/53] feat(argo-workflow): Add pathType value to ingress (#854) Signed-off-by: thomascjohnson --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/server/server-ingress.yaml | 5 +++-- charts/argo-workflows/values.yaml | 1 + 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 768d2266..df0aea74 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.12 +version: 0.2.13 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Argo workflows values file no longer has examples referencing ArgoCD" + - "[Added]: pathType variable now available for ingress template" diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index 6072c9d7..969676e1 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -3,6 +3,7 @@ {{- $servicePort := .Values.server.servicePort -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} +{{- $pathType := .Values.server.ingress.pathType -}} apiVersion: {{ include "argo-workflows.ingress.apiVersion" . }} kind: Ingress metadata: @@ -36,7 +37,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} @@ -63,7 +64,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 50085773..76ed9479 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -281,6 +281,7 @@ server: # - argoworkflows.example.com paths: - / + pathType: Prefix extraPaths: [] # - path: /* From 4e4c28a4dcec2cac7eefadc8518ce83404b0246b Mon Sep 17 00:00:00 2001 From: c1_zh <5362164+cezhang@users.noreply.github.com> Date: Wed, 11 Aug 2021 15:14:27 +0800 Subject: [PATCH 51/53] fix(argo-cd): Respect timezone during password mtime generation (#864) Signed-off-by: cezhang --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2859057a..6ce42aec 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.3 +version: 3.11.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fix]: Set type of service for grpc as NodePort because this is the default of ALB ingress Controller" + - "[Fixed]: Can't login when using configs.secret.argocdServerAdminPassword" diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index d84d2649..62cf6be4 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -36,7 +36,7 @@ data: {{- end }} {{- if .Values.configs.secret.argocdServerAdminPassword }} admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }} - admin.passwordMtime: {{ default (date "2006-01-02T15:04:05Z" now) .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }} + admin.passwordMtime: {{ default (dateInZone "2006-01-02T15:04:05Z" (now) "UTC") .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }} {{- end }} {{- range $key, $value := .Values.configs.secret.extra }} {{ $key }}: {{ $value | b64enc }} From 07c1cf092c0f267ceb548512132e55fe75548207 Mon Sep 17 00:00:00 2001 From: Mike Bryant Date: Wed, 11 Aug 2021 08:32:11 +0100 Subject: [PATCH 52/53] feat(argo-workflows): Add support for extra containers in server & controller deployment (#841) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: Add support for extra containers in server & controller deployment Signed-off-by: Mike Bryant * Update charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: Mike Bryant * Update charts/argo-workflows/templates/server/server-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: Mike Bryant Co-authored-by: Oliver Bähler --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-deployment.yaml | 3 +++ charts/argo-workflows/templates/server/server-deployment.yaml | 3 +++ charts/argo-workflows/values.yaml | 4 ++++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index df0aea74..6534fbe8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.13 +version: 0.3.0 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: pathType variable now available for ingress template" + - "[Added]: Support for extraContainers in controller/server" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index e085b899..7dee67e5 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -79,6 +79,9 @@ spec: containerPort: {{ .Values.controller.metricsConfig.port }} - containerPort: 6060 livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }} + {{- with .Values.controller.extraContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 5effabf6..21917c43 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -80,6 +80,9 @@ spec: {{- with .Values.server.volumeMounts }} {{- toYaml . | nindent 10}} {{- end }} + {{- with .Values.server.extraContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 76ed9479..c19562d0 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -170,6 +170,8 @@ controller: clusterWorkflowTemplates: # Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. enabled: true + # Extra containers to be added to the controller deployment + extraContainers: [] # executor controls how the init and wait container should be customized executor: @@ -337,6 +339,8 @@ server: ## decisions. # scopes: # - groups + # Extra containers to be added to the server deployment + extraContainers: [] # Influences the creation of the ConfigMap for the workflow-controller itself. useDefaultArtifactRepo: false From 607caac246b772e59a90ea69fb508d3fedd6b885 Mon Sep 17 00:00:00 2001 From: Thomas O'Neill Date: Wed, 11 Aug 2021 11:44:18 -0400 Subject: [PATCH 53/53] Fix service type for AWS GRPC (#862) Signed-off-by: Thomas O'Neill Co-authored-by: Thomas O'Neill --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 3 +++ .../templates/argocd-server/alb-grpc-service.yaml | 2 +- charts/argo-cd/values.yaml | 9 +++++++++ 4 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6ce42aec..90cde221 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.4 +version: 3.11.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 08025c94..5672d677 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -312,6 +312,7 @@ NAME: my-release | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` | | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | | server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | +| server.ingressGrpc.awsALB.serviceType | Service type for the AWS ALB GRPC service | `NodePort` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.lifecycle | PostStart and PreStop hooks configuration | `{}` | @@ -454,5 +455,7 @@ server: ingressGrpc: enabled: true isAWSALB: true + awsALB: + serviceType: ClusterIP ``` diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml index acc9dd60..dd725fef 100644 --- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -20,5 +20,5 @@ spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None - type: NodePort + type: {{ .Values.server.ingressGrpc.awsALB.serviceType }} {{- end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8ffcdaea..6edc9201 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -611,6 +611,15 @@ server: labels: {} ingressClassName: "" + ## Service Type if isAWSALB is set to true + ## Can be of type NodePort or ClusterIP depending on which mode you are + ## are running. Instance mode needs type NodePort, IP mode needs type + ## ClusterIP + ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic + ## + awsALB: + serviceType: NodePort + ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace