Merge branch 'master' into bugfix/issue_417

2021-08-12 10:44:48 +02:00 · 2021-08-12 10:44:48 +02:00 · 52bb67e86c
commit 52bb67e86c
parent 7cff1d8f31 607caac246
91 changed files with 1028 additions and 521 deletions
--- a/.argo/argo-checkout.yaml
+++ b/.argo/argo-checkout.yaml
@ -1,21 +0,0 @@
 ---
 type: container
 version: 1
 name: argo-checkout
 description: Checks out a source repository to /src
 resources:
  mem_mib: 500
  cpu_cores: 0.1
 image: argoproj/argoscm:v2.0
 command: ["axscm"]
 args: ["clone", "%%inputs.parameters.REPO%%", "/src", "--commit", "%%inputs.parameters.COMMIT%%"]
 inputs:
  parameters:
    COMMIT:
      default: "%%session.commit%%"
    REPO:
      default: "%%session.repo%%"
 outputs:
  artifacts:
    CODE:
      path: /src
--- a/.argo/publish.yaml
+++ b/.argo/publish.yaml
@ -1,58 +0,0 @@
 ---
 type: workflow
 version: 1
 name: Publish Charts
 inputs:
  parameters:
    COMMIT:
      default: "%%session.commit%%"
    REPO:
      default: "%%session.repo%%"
 steps:
 - CHECKOUT:
    template: argo-checkout
 - PREPARE:
    image: hypnoglow/kubernetes-helm:v2.6.1
    resources:
      mem_mib: 500
      cpu_cores: 0.1
    command: ["sh", "-c"]
    args: [cd /src && helm init --client-only && ./scripts/publish.sh]
    inputs:
      artifacts:
        CODE:
          from: "%%steps.CHECKOUT.outputs.artifacts.CODE%%"
          path: /src
    outputs:
      artifacts:
        CODE:
          path: /src/output
 - PUBLISH:
    image: argoproj/argoscm:v2.0
    command: ["sh", "-c"]
    args: [
      axscm clone %%inputs.parameters.REPO%% --commit gh-pages /src && cd /src && cp -r /output/* . &&
      git add . && git commit -m "Build on `date`" &&
      axscm clone %%inputs.parameters.REPO%% /src --commit gh-pages --merge=gh-pages --push]
    resources:
      mem_mib: 500
      cpu_cores: 0.1
    inputs:
      artifacts:
        CODE:
          from: "%%steps.PREPARE.outputs.artifacts.CODE%%"
          path: /output
 ---
 type: policy
 version: 1
 name: Publish Charts Policy
 template: Publish Charts
 notifications:
 - when:
  - on_failure
  whom:
  - committer
  - author
 when:
 - event: on_push
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -1,22 +0,0 @@
 version: 2.1
 jobs:
  lint:
    docker:
      - image: quay.io/helmpack/chart-testing:v3.3.1
    steps:
      - checkout
      - run: ct lint --config .github/configs/ct-lint.yaml --lint-conf .github/configs/lintconf.yaml
  publish:
    docker:
      - image: bash
    steps:
      - run: echo "Replaced by Github Workflow - https://github.com/argoproj/argo-helm/actions/workflows/publish.yml"
 workflows:
  version: 2
  workflow:
    jobs:
      - lint
      - publish:
          requires:
            - lint
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@ -4,9 +4,9 @@ If the DCO action in the integration test fails, one or more of your commits are
 Checklist:
-* [ ] I have updated the chart version in `Chart.yaml` following Semantic Versioning.
+* [ ] I have bumped the chart version according to [versioning](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#versioning)
 * [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#changelog).
 * [ ] Any new values are backwards compatible and/or have sensible default.
 * [ ] I have followed the testing instructions in the [contributing guide](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md).
 * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/tree/master/community#contributing-to-argo).
 * [ ] My build is green ([troubleshooting builds](https://argoproj.github.io/argo-cd/developer-guide/ci/)).
--- a/.github/semantic.yml
+++ b/.github/semantic.yml
@ -0,0 +1,3 @@
 ## Reference: https://github.com/zeke/semantic-pull-requests
 # Always validate the PR title, and ignore the commits
 titleOnly: true
--- a/.github/workflows/lint-and-test.yml
+++ b/.github/workflows/lint-and-test.yml
@ -21,7 +21,7 @@ jobs:
      - name: Setup Chart Linting
        id: lint
-        uses: helm/chart-testing-action@v2.0.1
+        uses: helm/chart-testing-action@v2.1.0
      - name: List changed charts
        id: list-changed
@ -37,7 +37,7 @@ jobs:
        run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml
      - name: Create kind cluster
-        uses: helm/kind-action@v1.1.0
+        uses: helm/kind-action@v1.2.0
        if: steps.list-changed.outputs.changed == 'true'
      - name: Run chart-testing (install)
--- a/8
+++ b/8
@ -7,13 +7,13 @@
 /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler
 # Argo CD
-/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler
+/charts/argo-cd/ @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1
 # Argo Events
-/charts/argo-events @jbehling @VaibhavPage @oliverbaehler
+/charts/argo-events/ @jbehling @VaibhavPage @oliverbaehler
 # Argo Rollouts
-/charts/argo-rollouts @oliverbaehler
+/charts/argo-rollouts/ @oliverbaehler
 # Argo CD Notifications
-/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler
+/charts/argocd-notifications/ @alexmt @andyfeller @oliverbaehler @mbevc1
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -2,12 +2,60 @@
 Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently.
 # Pull Requests
 All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project.
 ## Versioning
 Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease).
 Any breaking changes to a chart (backwards incompatible) require:
  * Bump of the current Major version of the chart
  * State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades))
 ### Immutability
 Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error.
 ### Artifact Hub Annotations
 Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub.
  * [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/)
 #### Changelog
 We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release.
 Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template:
 ```
 name: argo-cd
 version: 3.4.1
 ...
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Something New was added"
    - "[Changed]: Changed Something within this chart"
    - "[Changed]: Changed Something else within this chart"
    - "[Deprecated]: Something deprecated"
    - "[Removed]: Something was removed"
    - "[Fixed]: Something was fixed"
    - "[Security]": Some Security Patch was included"
 ```
 # Testing
 ## Testing Argo Workflows Changes
 Minimally:
 ```
-helm install charts/argo -n argo
+helm install charts/argo-workflows -n argo
 argo version
 ```
@ -96,4 +144,4 @@ The linting can be invoked manually with the following command:
 ## Publishing Changes
-Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`).
+Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`).
--- a/README.md
+++ b/README.md
@ -1,5 +1,6 @@
 # Argo Helm Charts
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=master)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml)
 Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. The charts can be added using following command:
@ -7,3 +8,7 @@ Argo Helm is a collection of **community maintained** charts for http://argoproj
 ```
 helm repo add argo https://argoproj.github.io/argo-helm
 ```
 ## Contributing
 We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details.
--- a/charts/argo-cd/Chart.lock
+++ b/charts/argo-cd/Chart.lock
@ -1,6 +1,6 @@
 dependencies:
 - name: redis-ha
  repository: https://dandydeveloper.github.io/charts/
-  version: 4.12.14
+  version: 4.12.17
-digest: sha256:34275a4f4df92c570d07b0553da5d1fa200b6f057f7091746c853fd7399ee30a
+digest: sha256:ad1833436031e3578165d48646c90323040fa1bc00d9235fe7ba7c67b20094ec
-generated: "2021-05-03T16:02:41.4356045-04:00"
+generated: "2021-07-27T16:35:27.2509236-04:00"
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@ -1,10 +1,10 @@
 apiVersion: v2
-appVersion: 2.0.3
+appVersion: 2.0.5
 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 3.7.0
+version: 3.12.0
 home: https://github.com/argoproj/argo-helm
-icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
+icon: https://argoproj.github.io/argo-cd/assets/logo.png
 keywords:
  - argoproj
  - argocd
@ -16,6 +16,9 @@ maintainers:
  - name: seanson
 dependencies:
  - name: redis-ha
-    version: 4.12.14
+    version: 4.12.17
    repository: https://dandydeveloper.github.io/charts/
    condition: redis-ha.enabled
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Ability to use image digest for all components"
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@ -34,6 +34,39 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop
 ## Upgrading
 ### 3.10.2
 ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default
 It can be re-enabled by setting `server.staticAssets.enabled` to true
 ### 3.8.1
 This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization:
 ```yaml
 # Case 1) - only happens when you do not specify a custom name (repoServer.serviceAccount.name)
 repoServer:
  serviceAccount:
    create: true
 # Case 2)
 controller:
  serviceAccount:
    name: "" # or <nil>
 # Case 3)
 dex:
  serviceAccount:
    name: "" # or <nil>
 # Case 4)
 server:
  serviceAccount:
    name: "" # or <nil>
 ```
 Please check if you are affected by one of these cases **before you upgrade**, especially when you use **cloud IAM roles for service accounts.** (eg. IRSA on AWS or Workload Identity for GKE)
 ### 3.2.* 
 With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637).
@ -83,6 +116,7 @@ server:
 ## Prerequisites
 - Kubernetes 1.7+
 - Helm v3.0.0+
 ## Installing the Chart
@ -97,27 +131,26 @@ NAME: my-release
 ...
 ```
 ### Helm v3 Compatibility
 Requires chart version 1.5.2 or newer.
 Helm v3 has removed the `install-crds` hook so CRDs are now populated by files in the [crds](./crds) directory. Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks.
 ## Chart Values
 | Parameter | Description | Default |
 |-----|------|---------|
 | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` |
 | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` |
-| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.8.4"` |
+| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` |
 | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) |
 | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` |
 | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` |
 | global.networkPolicy.create | Create NetworkPolicy objects for all components | `false` |
 | global.networkPolicy.defaultDenyIngress | Default deny all ingress traffic | `false` |
 | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` |
 | nameOverride | Provide a name in place of `argocd` | `"argocd"` |
 | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` |
-| installCRDs | Install CRDs if you are using Helm2. | `true` |
+| apiVersionOverrides.certmanager | String to override apiVersion of certmanager resources rendered by this helm chart | `""` |
 | apiVersionOverrides.ingress | String to override apiVersion of ingresses rendered by this helm chart | `""` |
 | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) |
 | configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` |
 | configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) |
 | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` |
 | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) |
 | configs.secret.annotations | Annotations for argocd-secret | `{}` |
@ -259,6 +292,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i
 | server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) |
 | server.containerPort | Server container port. | `8080` |
 | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` |
 | server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` |
 | server.env | Environment variables for the server. | `[]` |
 | server.envFrom | `envFrom` to pass to the server. | `[]` (See [values.yaml](values.yaml)) |
 | server.image.repository | Repository to use for the server | `global.image.repository` |
@ -277,6 +311,8 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i
 | server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` |
 | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` |
 | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` |
 | server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` |
 | server.ingressGrpc.awsALB.serviceType | Service type for the AWS ALB GRPC service | `NodePort` |
 | server.route.enabled | Enable a OpenShift route for the server | `false` |
 | server.route.hostname | Hostname of OpenShift route | `""` |
 | server.lifecycle | PostStart and PreStop hooks configuration | `{}` |
@ -401,3 +437,25 @@ through `xxx.extraArgs`
 | redis-ha.image.tag | Redis tag | `"6.2.1-alpine"` |
 [gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/
 ### Using AWS ALB Ingress Controller With GRPC
 If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. 
 Example:
 ```yaml
 server:
  ingress:
    enabled: true
    annotations: 
      alb.ingress.kubernetes.io/backend-protocol: HTTPS
      alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
      alb.ingress.kubernetes.io/scheme: internal
      alb.ingress.kubernetes.io/target-type: ip
  ingressGrpc:
    enabled: true
    isAWSALB: true
    awsALB:
      serviceType: ClusterIP
 ```
--- a/charts/argo-cd/crds/crd-application.yaml
+++ b/charts/argo-cd/crds/crd-application.yaml
@ -5,8 +5,6 @@ metadata:
    app.kubernetes.io/name: applications.argoproj.io
    app.kubernetes.io/part-of: argocd
  name: applications.argoproj.io
  annotations:
    helm.sh/hook: crd-install
 spec:
  group: argoproj.io
  names:
--- a/charts/argo-cd/crds/crd-project.yaml
+++ b/charts/argo-cd/crds/crd-project.yaml
@ -5,8 +5,6 @@ metadata:
    app.kubernetes.io/name: appprojects.argoproj.io
    app.kubernetes.io/part-of: argocd
  name: appprojects.argoproj.io
  annotations:
    helm.sh/hook: crd-install
 spec:
  group: argoproj.io
  names:
--- a/charts/argo-cd/templates/_helpers.tpl
+++ b/charts/argo-cd/templates/_helpers.tpl
@ -71,7 +71,7 @@ Create the name of the controller service account to use
 */}}
 {{- define "argo-cd.controllerServiceAccountName" -}}
 {{- if .Values.controller.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }}
+    {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.controller.serviceAccount.name }}
 {{- end -}}
@ -82,18 +82,29 @@ Create the name of the dex service account to use
 */}}
 {{- define "argo-cd.dexServiceAccountName" -}}
 {{- if .Values.dex.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }}
+    {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.dex.serviceAccount.name }}
 {{- end -}}
 {{- end -}}
 {{/*
 Create the name of the redis service account to use
 */}}
 {{- define "argo-cd.redisServiceAccountName" -}}
 {{- if .Values.redis.serviceAccount.create -}}
    {{ default (include "argo-cd.redis.fullname" .) .Values.redis.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.redis.serviceAccount.name }}
 {{- end -}}
 {{- end -}}
 {{/*
 Create the name of the ArgoCD server service account to use
 */}}
 {{- define "argo-cd.serverServiceAccountName" -}}
 {{- if .Values.server.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }}
+    {{ default (include "argo-cd.server.fullname" .) .Values.server.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.server.serviceAccount.name }}
 {{- end -}}
@ -104,7 +115,7 @@ Create the name of the repo-server service account to use
 */}}
 {{- define "argo-cd.repoServerServiceAccountName" -}}
 {{- if .Values.repoServer.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }}
+    {{ default (include "argo-cd.repoServer.fullname" .) .Values.repoServer.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.repoServer.serviceAccount.name }}
 {{- end -}}
@ -144,7 +155,9 @@ app.kubernetes.io/component: {{ .component }}
 Return the appropriate apiVersion for ingress
 */}}
 {{- define "argo-cd.ingress.apiVersion" -}}
-{{- if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}}
+{{- if .Values.apiVersionOverrides.ingress -}}
 {{- print .Values.apiVersionOverrides.ingress -}}
 {{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}}
 {{- print "extensions/v1beta1" -}}
 {{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" $) -}}
 {{- print "networking.k8s.io/v1beta1" -}}
--- a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml
@ -0,0 +1,19 @@
 {{- if .Values.global.networkPolicy.create }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
  name: {{ template "argo-cd.controller.fullname" . }}
 spec:
  ingress:
  - from:
    - namespaceSelector: {}
    ports:
    - port: controller
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml
+++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml
@ -0,0 +1,16 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  {{- if .Values.configs.gpgKeysAnnotations }}
  annotations:
    {{- range $key, $value := .Values.configs.gpgKeysAnnotations }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }}
  name: argocd-gpg-keys-cm
 {{- with .Values.configs.gpgKeys }}
 data:
  {{- toYaml . | nindent 2 }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml
+++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml
@ -36,7 +36,7 @@ data:
  {{- end }}
  {{- if .Values.configs.secret.argocdServerAdminPassword }}
  admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }}
-  admin.passwordMtime: {{ default (date "2006-01-02T15:04:05Z" now) .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }}
+  admin.passwordMtime: {{ default (dateInZone "2006-01-02T15:04:05Z" (now) "UTC") .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }}
  {{- end }}
  {{- range $key, $value := .Values.configs.secret.extra }}
  {{ $key }}: {{ $value | b64enc }}
--- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml
@ -80,8 +80,10 @@ spec:
        {{- end }}
        volumeMounts:
        {{- if .Values.repoServer.volumeMounts }}
-{{- toYaml .Values.repoServer.volumeMounts | nindent 8}}
+          {{- toYaml .Values.repoServer.volumeMounts | nindent 8 }}
        {{- end }}
        - mountPath: /app/config/gpg/source
          name: gpg-keys
        - mountPath: /app/config/gpg/keys
          name: gpg-keyring
        {{- if .Values.configs.knownHosts }}
@ -142,8 +144,11 @@ spec:
 {{- end }}
      volumes:
      {{- if .Values.repoServer.volumes }}
-{{- toYaml .Values.repoServer.volumes | nindent 6}}
+        {{- toYaml .Values.repoServer.volumes | nindent 6 }}
      {{- end }}
      - name: gpg-keys
        configMap:
          name: argocd-gpg-keys-cm
      - emptyDir: {}
        name: gpg-keyring
      {{- if .Values.configs.knownHosts }}
--- a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml
@ -0,0 +1,31 @@
 {{- if .Values.global.networkPolicy.create }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
  name: {{ template "argo-cd.repoServer.fullname" . }}
 spec:
  ingress:
  - from:
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }}
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }}
    ports:
    - port: repo-server
      protocol: TCP
  {{- if .Values.repoServer.metrics.enabled }}
  - from:
    - namespaceSelector: {}
    ports:
    - port: metrics
  {{- end }}
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml
@ -17,7 +17,7 @@ metadata:
 spec:
  endpoints:
    - port: metrics
-      {{- with .Values.controller.metrics.serviceMonitor.interval }}
+      {{- with .Values.repoServer.metrics.serviceMonitor.interval }}
      interval: {{ . }}
      {{- end }}
      path: /metrics
--- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml
+++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml
@ -0,0 +1,24 @@
 {{- if and .Values.server.ingressGrpc.enabled .Values.server.ingressGrpc.isAWSALB -}}
 apiVersion: v1
 kind: Service
 metadata:
  annotations:
    alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }}
  name: {{ template "argo-cd.server.fullname" . }}-grpc
 spec:
  ports:
  - name: {{ .Values.server.service.servicePortHttpName }}
    protocol: TCP
    port: {{ .Values.server.service.servicePortHttp }}
    targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
  - name: {{ .Values.server.service.servicePortHttpsName }}
    protocol: TCP
    port: {{ .Values.server.service.servicePortHttps }}
    targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
  selector:
    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }}
  sessionAffinity: None
  type: {{ .Values.server.ingressGrpc.awsALB.serviceType }}
 {{- end -}}
--- a/charts/argo-cd/templates/argocd-server/certificate.yaml
+++ b/charts/argo-cd/templates/argocd-server/certificate.yaml
@ -1,5 +1,7 @@
 {{- if .Values.server.certificate.enabled -}}
-{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1" }}
+{{- if .Values.apiVersionOverrides.certmanager -}}
 apiVersion: {{ .Values.apiVersionOverrides.certmanager }}
 {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" }}
 apiVersion: cert-manager.io/v1
 {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }}
 apiVersion: cert-manager.io/v1alpha3
@ -23,5 +25,5 @@ spec:
  issuerRef:
    kind: {{ .Values.server.certificate.issuer.kind | quote }}
    name: {{ .Values.server.certificate.issuer.name | quote }}
-  secretName: argocd-tls-certificate
+  secretName: {{ .Values.server.certificate.secretName | quote }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-server/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-server/deployment.yaml
@ -50,8 +50,10 @@ spec:
        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
        command:
        - argocd-server
        {{ if .Values.server.staticAssets.enabled }}
        - --staticassets
        - /shared/app
        {{ end }}
        - --repo-server
        - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
        {{- if .Values.dex.enabled }}
@ -98,6 +100,8 @@ spec:
          subPath: "custom.styles.css"
          name: custom-styles
        {{- end }}
        - mountPath: /tmp
          name: tmp-dir
        ports:
        - name: {{ .Values.server.name }}
          containerPort: {{ .Values.server.containerPort }}
@ -157,6 +161,8 @@ spec:
      {{- end }}
      - emptyDir: {}
        name: static-files
      - emptyDir: {}
        name: tmp-dir
      {{- if .Values.configs.styles }}
      - configMap:
          name: argocd-custom-styles
--- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
@ -1,8 +1,9 @@
-{{- if .Values.server.ingressGrpc.enabled -}}
+{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}}
 {{- $serviceName := include "argo-cd.server.fullname" . -}}
 {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
 {{- $paths := .Values.server.ingressGrpc.paths -}}
 {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}}
 {{- $pathType := .Values.server.ingressGrpc.pathType -}}
 apiVersion: {{ include "argo-cd.ingress.apiVersion" . }}
 kind: Ingress
 metadata:
@ -36,7 +37,7 @@ spec:
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
-            pathType: Prefix
+            pathType: {{ $pathType }}
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
@ -63,7 +64,7 @@ spec:
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
-            pathType: Prefix
+            pathType: {{ $pathType }}
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
--- a/charts/argo-cd/templates/argocd-server/ingress.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress.yaml
@ -3,6 +3,7 @@
 {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}}
 {{- $paths := .Values.server.ingress.paths -}}
 {{- $extraPaths := .Values.server.ingress.extraPaths -}}
 {{- $pathType := .Values.server.ingress.pathType -}}
 apiVersion: {{ include "argo-cd.ingress.apiVersion" . }}
 kind: Ingress
 metadata:
@ -11,6 +12,10 @@ metadata:
  {{- range $key, $value := .Values.server.ingress.annotations }}
    {{ $key }}: {{ $value | quote }}
  {{- end }}
  {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }}
    alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: |
      [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}]
  {{- end }}
 {{- end }}
  name: {{ template "argo-cd.server.fullname" . }}
  labels:
@ -34,10 +39,30 @@ spec:
          {{- toYaml $extraPaths | nindent 10 }}
          {{- end }}
          {{- range $p := $paths }}
          {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: Prefix
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ template "argo-cd.server.fullname" $ }}-grpc
                port:
                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
                  {{- else }}
                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc
              servicePort: {{ $servicePort }}
              {{- end }}
            {{- end }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: {{ $pathType }}
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
@ -63,7 +88,7 @@ spec:
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
-            pathType: Prefix
+            pathType: {{ $pathType }}
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
--- a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml
+++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml
@ -0,0 +1,16 @@
 {{- if .Values.global.networkPolicy.create }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
  name: {{ template "argo-cd.server.fullname" . }}
 spec:
  ingress:
  - {}
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/argocd-server/service.yaml
+++ b/charts/argo-cd/templates/argocd-server/service.yaml
@ -47,3 +47,6 @@ spec:
 {{- with .Values.server.service.externalTrafficPolicy }}
  externalTrafficPolicy: {{ . }}
 {{- end }}
 {{- with .Values.server.service.sessionAffinity }}
  sessionAffinity: {{ . }}
 {{- end }}
--- a/charts/argo-cd/templates/crds.yaml
+++ b/charts/argo-cd/templates/crds.yaml
@ -1,6 +0,0 @@
 {{- if .Values.installCRDs }}
 {{- range $path, $_ := .Files.Glob "crds/*.yaml" }}
 {{ $.Files.Get $path }}
 ---
 {{- end }}
 {{- end }}
--- a/charts/argo-cd/templates/dex/networkpolicy.yaml
+++ b/charts/argo-cd/templates/dex/networkpolicy.yaml
@ -0,0 +1,31 @@
 {{- if and .Values.global.networkPolicy.create .Values.dex.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }}
  name: {{ template "argo-cd.dex.fullname" . }}
 spec:
  ingress:
  - from:
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }}
    ports:
    - port: http
      protocol: TCP
    - port: grpc
      protocol: TCP
  {{- if .Values.dex.metrics.enabled }}
  - from:
    - namespaceSelector: {}
    ports:
    - port: metrics
      protocol: TCP
  {{- end }}
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/networkpolicy-default-deny.yaml
+++ b/charts/argo-cd/templates/networkpolicy-default-deny.yaml
@ -0,0 +1,12 @@
 {{- if and .Values.global.networkPolicy.create .Values.global.networkPolicy.defaultDenyIngress }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }}
  name: {{ template "argo-cd.fullname" . }}-default-deny
 spec:
  podSelector: {}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/redis/deployment.yaml
+++ b/charts/argo-cd/templates/redis/deployment.yaml
@ -31,7 +31,8 @@ spec:
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
-      automountServiceAccountToken: false
+      automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }}
      serviceAccountName: {{ template "argo-cd.redisServiceAccountName" . }}
      {{- if .Values.redis.securityContext }}
      securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }}
      {{- end }}
@ -63,8 +64,8 @@ spec:
        {{- end }}
        ports:
        - containerPort: {{ .Values.redis.containerPort }}
          name: redis
 {{- if .Values.redis.volumeMounts }}
        volumeMounts:
 {{- toYaml .Values.redis.volumeMounts | nindent 10 }}
 {{- end }}
--- a/charts/argo-cd/templates/redis/networkpolicy.yaml
+++ b/charts/argo-cd/templates/redis/networkpolicy.yaml
@ -0,0 +1,29 @@
 {{- $redisHa := (index .Values "redis-ha") -}}
 {{- if and .Values.global.networkPolicy.create .Values.redis.enabled (not $redisHa.enabled) }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }}
  name: {{ template "argo-cd.redis.fullname" . }}
 spec:
  ingress:
  - from:
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }}
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 10 }}
    - podSelector:
        matchLabels:
          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }}
    ports:
    - port: redis
      protocol: TCP
  podSelector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 6 }}
  policyTypes:
  - Ingress
 {{- end }}
--- a/charts/argo-cd/templates/redis/serviceaccount.yaml
+++ b/charts/argo-cd/templates/redis/serviceaccount.yaml
@ -0,0 +1,15 @@
 {{- if and .Values.redis.enabled .Values.redis.serviceAccount.create }}
 apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }}
 metadata:
  name: {{ template "argo-cd.redisServiceAccountName" . }}
 {{- if .Values.redis.serviceAccount.annotations }}
  annotations:
  {{- range $key, $value := .Values.redis.serviceAccount.annotations }}
    {{ $key }}: {{ $value | quote }}
  {{- end }}
 {{- end }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }}
 {{- end }}
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@ -5,14 +5,11 @@ nameOverride: argocd
 fullnameOverride: ""
 kubeVersionOverride: ""
 # Optional CRD installation for those without Helm hooks
 installCRDs: true
 global:
  image:
    repository: quay.io/argoproj/argocd
-    tag: v2.0.3
+    tag: v2.0.5
-    digest: # sha256:a2888d810d0741fe009b4ee4f4e7e76750be8e8732b05fe3f954e0ae319f7a61
+    digest: # sha256:<hash>
    imagePullPolicy: IfNotPresent
  securityContext: {}
  #  runAsUser: 999
@ -24,6 +21,17 @@ global:
  #   hostnames:
  #   - git.myhostname
  networkPolicy:
    create: false
    defaultDenyIngress: false
 # Override APIVersions
 # If you want to template helm charts but cannot access k8s API server
 # you can set api versions here
 apiVersionOverrides:
  certmanager: "" # cert-manager.io/v1
  ingress: "" # networking.k8s.io/v1beta1
 ## Controller
 controller:
  name: application-controller
@ -216,10 +224,14 @@ dex:
    serviceMonitor:
      enabled: false
      interval: 30s
      # selector:
      #   prometheus: kube-prometheus
      # namespace: monitoring
      # additionalLabels: {}
  image:
-    repository: quay.io/dexidp/dex
+    repository: ghcr.io/dexidp/dex
-    tag: v2.26.0
+    tag: v2.28.1
    digest:
    imagePullPolicy: IfNotPresent
  initImage:
@ -305,7 +317,7 @@ redis:
  image:
    repository: redis
-    tag: 6.2.2-alpine
+    tag: 6.2.4-alpine
    digest:
    imagePullPolicy: IfNotPresent
@ -362,6 +374,14 @@ redis:
    fsGroup: 1000
    runAsNonRoot: true
  serviceAccount:
    create: false
    name: ""
    ## Annotations applied to created service account
    annotations: {}
    ## Automount API credentials for the Service Account
    automountServiceAccountToken: false
  resources: {}
  #  limits:
  #    cpu: 200m
@ -391,7 +411,7 @@ redis-ha:
    metrics:
      enabled: true
  image:
-    tag: 6.2.2-alpine
+    tag: 6.2.4-alpine
 ## Server
 server:
@ -417,6 +437,10 @@ server:
  extraArgs: []
  #  - --insecure
  # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app
  staticAssets:
    enabled: true
  ## Environment variables to pass to argocd-server
  ##
  env: []
@ -500,8 +524,11 @@ server:
  certificate:
    enabled: false
    domain: argocd.example.com
-    issuer: {}
+    issuer:
      kind: # ClusterIssuer
      name: # letsencrypt
    additionalHosts: []
    secretName: argocd-server-tls
  ## Server service configuration
  service:
@ -520,6 +547,7 @@ server:
    loadBalancerSourceRanges: []
    externalIPs: []
    externalTrafficPolicy: ""
    sessionAffinity: ""
  ## Server metrics service configuration
  metrics:
@ -559,26 +587,45 @@ server:
      # - argocd.example.com
    paths:
      - /
    pathType: Prefix
    extraPaths:
      []
      # - path: /*
      #   backend:
      #     serviceName: ssl-redirect
      #     servicePort: use-annotation
      ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used)
      # - path: /*
      #   pathType: Prefix
      #   backend:
      #     service:
      #       name: ssl-redirect
      #       port:
      #         name: use-annotation
    tls:
      []
      # - secretName: argocd-tls-certificate
      #   hosts:
      #     - argocd.example.com
    https: false
-  # dedicated ingess for gRPC as documented at
+  # dedicated ingress for gRPC as documented at
  # https://argoproj.github.io/argo-cd/operator-manual/ingress/
  ingressGrpc:
    enabled: false
    isAWSALB: false
    annotations: {}
    labels: {}
    ingressClassName: ""
    ## Service Type if isAWSALB is set to true
    ## Can be of type NodePort or ClusterIP depending on which mode you are
    ## are running. Instance mode needs type NodePort, IP mode needs type
    ## ClusterIP
    ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic
    ##
    awsALB:
      serviceType: NodePort
    ## Argo Ingress.
    ## Hostnames must be provided if Ingress is enabled.
    ## Secrets must be manually created in the namespace
@ -588,12 +635,21 @@ server:
      # - argocd.example.com
    paths:
      - /
    pathType: Prefix
    extraPaths:
      []
      # - path: /*
      #   backend:
      #     serviceName: ssl-redirect
      #     servicePort: use-annotation
      ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used)
      # - path: /*
      #   pathType: Prefix
      #   backend:
      #     service:
      #       name: ssl-redirect
      #       port:
      #         name: use-annotation
    tls:
      []
      # - secretName: argocd-tls-certificate
@ -670,7 +726,7 @@ server:
  ## Annotations to be added to ArgoCD rbac ConfigMap
  rbacConfigAnnotations: {}
-  # Boolean determining whether or not to create the configmap. If false, it is expected tthe configmap will be created
+  # Boolean determining whether or not to create the configmap. If false, it is expected the configmap will be created
  # by something else. ArgoCD will not work if there is no configMap created with the name above.
  rbacConfigCreate: true
@ -964,6 +1020,27 @@ configs:
    #       insecure: false
    #       caData: "<base64 encoded certificate>"
  gpgKeysAnnotations: {}
  gpgKeys: {}
    # 4AEE18F83AFDEB23: |
    #     -----BEGIN PGP PUBLIC KEY BLOCK-----
    #
    #     mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta
    #     x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT
    #     SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ
    #     7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa
    #     buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v
    #     yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs
    #     b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW
    #     BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf
    #     DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6
    #     9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws
    #     +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5
    #     4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O
    #     j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48=
    #     =Bvzs
    #     -----END PGP PUBLIC KEY BLOCK-----
  knownHostsAnnotations: {}
  knownHosts:
    data:
--- a/charts/argo-events/.helmignore
+++ b/charts/argo-events/.helmignore
@ -19,3 +19,4 @@
 .project
 .idea/
 *.tmproj
 ci/
--- a/charts/argo-events/Chart.yaml
+++ b/charts/argo-events/Chart.yaml
@ -1,7 +1,7 @@
 apiVersion: v2
 description: A Helm chart to install Argo-Events in k8s Cluster
 name: argo-events
-version: 1.6.0
+version: 1.7.0
 keywords:
  - argo-events
  - sensor-controller
@ -13,5 +13,9 @@ maintainers:
  - name: VaibhavPage
  - name: whynowy
 appVersion: 1.3.1
-icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
+icon: https://argoproj.github.io/argo-events/assets/logo.png
 home: https://github.com/argoproj/argo-helm
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Ability to specify additional/custom environment variables"
    - "[Fixed]: Charts icon url"
--- a/charts/argo-events/README.md
+++ b/charts/argo-events/README.md
@ -15,6 +15,6 @@ This is a **community maintained** chart. It installs the [argo-events](https://
 ## Notes on CRD Installation
-Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart.
+Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart.
 You can install the CRDs manually from `crds` folder.
--- a/charts/argo-events/templates/argo-events-cluster-roles.yaml
+++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml
@ -1,5 +1,4 @@
 {{- if not .Values.singleNamespace }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
@ -26,9 +25,9 @@ kind: ClusterRole
 metadata:
  name: argo-events-role
 rules:
-{{- if .Values.additionalServiceAccountRules }}
+  {{- with .Values.additionalServiceAccountRules }}
-{{ .Values.additionalServiceAccountRules | toYaml | nindent 2}}
+    {{- toYaml . | nindent 2 }}
-{{- end }}
+  {{- end }}
  - apiGroups:
      - argoproj.io
    verbs:
--- a/charts/argo-events/templates/argo-events-roles.yaml
+++ b/charts/argo-events/templates/argo-events-roles.yaml
@ -1,5 +1,4 @@
 {{- if .Values.singleNamespace }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
@ -28,8 +27,8 @@ metadata:
  name: argo-events-role
  namespace: {{ .Release.Namespace }}
 rules:
-  {{- if .Values.additionalServiceAccountRules }}
+  {{- with .Values.additionalServiceAccountRules }}
-  {{ .Values.additionalServiceAccountRules | toYaml | nindent 2}}
+    {{- toYaml . | nindent 2 }}
  {{- end }}
  - apiGroups:
      - argoproj.io
--- a/charts/argo-events/templates/eventbus-controller-deployment.yaml
+++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml
@ -36,6 +36,9 @@ spec:
            - --namespaced
          {{- end }}
          env:
          {{- with .Values.eventbusController.extraEnv }}
            {{- toYaml . | nindent 12 }}
          {{- end }}
            - name: NAMESPACE
              valueFrom:
                fieldRef:
--- a/charts/argo-events/templates/eventbus-crd.yaml
+++ b/charts/argo-events/templates/eventbus-crd.yaml
@ -1,44 +0,0 @@
 {{- if .Values.installCRD }}
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  name: eventbus.argoproj.io
  annotations:
    helm.sh/hook: crd-install
    helm.sh/hook-delete-policy: before-hook-creation
 spec:
  group: argoproj.io
  names:
    kind: EventBus
    listKind: EventBusList
    plural: eventbus
    shortNames:
      - eb
    singular: eventbus
  scope: Namespaced
  versions:
    - name: v1alpha1
      served: true
      storage: true
      schema:
        openAPIV3Schema:
          properties:
            apiVersion:
              type: string
            kind:
              type: string
            metadata:
              type: object
            spec:
              type: object
              x-kubernetes-preserve-unknown-fields: true
            status:
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
          - metadata
          - spec
          type: object
      subresources:
        status: {}
 {{- end }}
--- a/charts/argo-events/templates/eventsource-controller-deployment.yaml
+++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml
@ -36,6 +36,9 @@ spec:
            - --namespaced
          {{- end }}
          env:
          {{- with .Values.eventsourceController.extraEnv }}
            {{- toYaml . | nindent 12 }}
          {{- end }}
            - name: NAMESPACE
              valueFrom:
                fieldRef:
--- a/charts/argo-events/templates/eventsource-crd.yaml
+++ b/charts/argo-events/templates/eventsource-crd.yaml
@ -1,44 +0,0 @@
 {{- if .Values.installCRD }}
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  name: eventsources.argoproj.io
  annotations:
    helm.sh/hook: crd-install
    helm.sh/hook-delete-policy: before-hook-creation
 spec:
  group: argoproj.io
  scope: Namespaced
  names:
    kind: EventSource
    plural: eventsources
    singular: eventsource
    listKind: EventSourceList
    shortNames:
      - es
  versions:
    - name: v1alpha1
      served: true
      storage: true
      schema:
        openAPIV3Schema:
          properties:
            apiVersion:
              type: string
            kind:
              type: string
            metadata:
              type: object
            spec:
              type: object
              x-kubernetes-preserve-unknown-fields: true
            status:
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
          - metadata
          - spec
          type: object
      subresources:
        status: {}
 {{- end }}
--- a/charts/argo-events/templates/sensor-controller-deployment.yaml
+++ b/charts/argo-events/templates/sensor-controller-deployment.yaml
@ -36,6 +36,9 @@ spec:
            - --namespaced
          {{- end }}
          env:
          {{- with .Values.sensorController.extraEnv }}
            {{- toYaml . | nindent 12 }}
          {{- end }}
            - name: NAMESPACE
              valueFrom:
                fieldRef:
--- a/charts/argo-events/templates/sensor-crd.yaml
+++ b/charts/argo-events/templates/sensor-crd.yaml
@ -1,45 +0,0 @@
 {{- if .Values.installCRD }}
 # Define a "sensor" custom resource definition
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  name: sensors.argoproj.io
  annotations:
    helm.sh/hook: crd-install
    helm.sh/hook-delete-policy: before-hook-creation
 spec:
  group: argoproj.io
  names:
    kind: Sensor
    listKind: SensorList
    plural: sensors
    singular: sensor
    shortNames:
      - sn
  scope: Namespaced
  versions:
    - name: v1alpha1
      served: true
      storage: true
      schema:
        openAPIV3Schema:
          properties:
            apiVersion:
              type: string
            kind:
              type: string
            metadata:
              type: object
            spec:
              type: object
              x-kubernetes-preserve-unknown-fields: true
            status:
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
          - metadata
          - spec
          type: object
      subresources:
        status: {}
 {{- end }}
--- a/charts/argo-events/values.yaml
+++ b/charts/argo-events/values.yaml
@ -1,5 +1,5 @@
 # docker registry
-registry: argoproj
+registry: quay.io
 # The image pull policy
 imagePullPolicy: Always
@ -8,9 +8,6 @@ imagePullPolicy: Always
 imagePullSecrets: []
 # - name: argo-pull-secret
 # If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation.
 installCRD: true
 # ServiceAccount to use for running controller.
 serviceAccount: argo-events-sa
@ -47,10 +44,13 @@ singleNamespace: true
 # sensor controller
 sensorController:
  name: sensor-controller
-  image: sensor-controller
+  image: argoproj/sensor-controller
  tag: v1.3.1
  replicaCount: 1
-  sensorImage: sensor
+  extraEnv: []
    # - name: DEBUG_LOG
    #   value: "true"
  sensorImage: argoproj/sensor
  podAnnotations: {}
  nodeSelector: {}
  podLabels: {}
@ -61,10 +61,13 @@ sensorController:
 eventsourceController:
  name: eventsource-controller
-  image: eventsource-controller
+  image: argoproj/eventsource-controller
  tag: v1.3.1
  replicaCount: 1
-  eventsourceImage: eventsource
+  extraEnv: []
    # - name: DEBUG_LOG
    #   value: "true"
  eventsourceImage: argoproj/eventsource
  podAnnotations: {}
  nodeSelector: {}
  podLabels: {}
@ -75,9 +78,12 @@ eventsourceController:
 eventbusController:
  name: eventbus-controller
-  image: eventbus-controller
+  image: argoproj/eventbus-controller
  tag: v1.3.1
  replicaCount: 1
  extraEnv: []
    # - name: DEBUG_LOG
    #   value: "true"
  podAnnotations: {}
  nodeSelector: {}
  podLabels: {}
--- a/charts/argo-rollouts/Chart.yaml
+++ b/charts/argo-rollouts/Chart.yaml
@ -1,11 +1,15 @@
-apiVersion: v1
+apiVersion: v2
-appVersion: "0.10.2"
+appVersion: "v1.0.2"
 description: A Helm chart for Argo Rollouts
 name: argo-rollouts
-version: 0.5.5
+version: 1.0.4
-icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
+icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
 home: https://github.com/argoproj/argo-helm
 maintainers:
  - name: alexmt
  - name: dthomson25
  - name: jessesuen
 annotations:
  artifacthub.io/changes: |
    - "[Fixed]: Add missing liveness and readiness probes"
    - "[Changed]: Fix icon url"
--- a/charts/argo-rollouts/README.md
+++ b/charts/argo-rollouts/README.md
@ -1,12 +1,11 @@
-Argo Rollouts Chart
+# Argo Rollouts Chart
 =============
 A Helm chart for Argo Rollouts, progressive delivery for Kubernetes.
-Current chart version is `0.5.4`
+A Helm chart for Argo Rollouts, progressive delivery for Kubernetes.
 Source code can be found [here](https://github.com/argoproj/argo-rollouts)
 ## Additional Information
 This is a **community maintained** chart. This chart installs [argo-rollouts](https://argoproj.github.io/argo-rollouts/), progressive delivery for Kubernetes.
 The default installation is intended to be similar to the provided Argo Rollouts [releases](https://github.com/argoproj/argo-rollouts/releases).
@ -14,6 +13,7 @@ The default installation is intended to be similar to the provided Argo Rollouts
 ## Prerequisites
 - Kubernetes 1.7+
 - Helm v3.0.0+
 ## Installing the Chart
@ -22,27 +22,49 @@ To install the chart with the release name `my-release`:
 ```console
 $ helm repo add argo https://argoproj.github.io/argo-helm
-$ helm install --name my-release argo/argo-rollouts
+$ helm install my-release argo/argo-rollouts
 ```
 ## Chart Values
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| clusterInstall | bool | `true` |  |
+| clusterInstall | bool | `true` | `false` runs controller in namespaced mode (does not require cluster RBAC) |
-| controller.component | string | `"rollouts-controller"` |  |
+| controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` |
-| controller.image.pullPolicy | string | `"IfNotPresent"` |  |
+| controller.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy |
-| controller.image.repository | string | `"argoproj/argo-rollouts"` |  |
+| controller.image.registry | string | `quay.io` | Registry to use |
-| controller.image.tag | string | `"v0.10.2"` |  |
+| controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use |
-| controller.name | string | `"argo-rollouts"` |  |
+| controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) |
-| controller.resources | Resource limits and requests for the controller pods. | `{}` |
+| controller.resources | object | `{}` | Resource limits and requests for the controller pods. |
-| controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
+| controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) |
-| controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
+| controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) |
-| controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
+| controller.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) |
-| controller.metrics.serviceMonitor.enabled | bool | `false` |  |
+| controller.metrics.enabled | bool | `false` | Deploy metrics service |
-| imagePullSecrets | list | `[]` |  |
+| controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
-| installCRDs | bool | `true` |  |
+| controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor |
-| crdAnnotations | object | `{}` |  |
+| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor |
-| podAnnotations | object | `{}` |  |
+| imagePullSecrets | list | `[]` | Registry secret names as an array |
-| podLabels | object | `{}` |  |
+| installCRDs | bool | `true` | Install and upgrade CRDs |
-| serviceAccount.name | string | `"argo-rollouts"` |  |
+| crdAnnotations | object | `{}` | Annotations to be added to all CRDs |
 | podAnnotations | object | `{}` | Annotations to be added to the Rollout pods |
 | podLabels | object | `{}` | Labels to be added to the Rollout pods |
 | serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
 | serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
 | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
 | podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level |
 | containerSecurityContext | object | `{}` | Security Context to set on container level |
 ## Upgrading
 ### To 1.0.0
 * This is a breaking change which only supports Helm v3.0.0+ now. If you still use Helm v2, please consider upgrading because v2 is EOL since November 2020.  
  To migrate to Helm v3 please have a look at the [Helm 2to3 Plugin](https://github.com/helm/helm-2to3). This tool will convert the existing ConfigMap used for Tiller to a Secret of type `helm.sh/release.v1`.
 * `quay.io` is the default registry now
 * We introduce a template function for the labels here to reduce code duplication. This also affects the Deployment `matchLabels` selector.  
  To upgrade an existing installation, please **add the `--force` parameter** to the `helm upgrade` command or **delete the Deployment resource** before you upgrade. This is necessary because Deployment's label selector is immutable.
 * All resources are now prefixed with the template `"argo-rollouts.fullname"`.
  This enables the users to override resource names via the `nameOverride` and `fullnameOverride` parameters.
 * Breaking parameters update
  * `securityContext` was renamed to `containerSecurityContext`
  * Added `controller.image.registry`. Prior to this chart version you had to override the registry via `controller.image.repository`
--- a/charts/argo-rollouts/templates/_helpers.tpl
+++ b/charts/argo-rollouts/templates/_helpers.tpl
@ -30,3 +30,35 @@ Create chart name and version as used by the chart label.
 {{- define "argo-rollouts.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{/*
 Common labels
 */}}
 {{- define "argo-rollouts.labels" -}}
 helm.sh/chart: {{ include "argo-rollouts.chart" . }}
 {{ include "argo-rollouts.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 app.kubernetes.io/part-of: argo-rollouts
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "argo-rollouts.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "argo-rollouts.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "argo-rollouts.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "argo-rollouts.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml
@ -2,12 +2,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: {{ .Release.Name }}-aggregate-to-view
+  name: {{ include "argo-rollouts.fullname" . }}-aggregate-to-view
  labels:
    rbac.authorization.k8s.io/aggregate-to-view: "true"
-    app.kubernetes.io/component: aggregate-cluster-role
+    app.kubernetes.io/component: {{ .Values.controller.component }}
-    app.kubernetes.io/name:  {{ .Release.Name }}-aggregate-to-view
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
    app.kubernetes.io/part-of: {{ .Release.Name }}
 rules:
 - apiGroups:
  - argoproj.io
@ -27,12 +26,11 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: {{ .Release.Name }}-aggregate-to-edit
+  name: {{ include "argo-rollouts.fullname" . }}-aggregate-to-edit
  labels:
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
-    app.kubernetes.io/component: aggregate-cluster-role
+    app.kubernetes.io/component: {{ .Values.controller.component }}
-    app.kubernetes.io/name:  {{ .Release.Name }}-aggregate-to-edit
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
    app.kubernetes.io/part-of: {{ .Release.Name }}
 rules:
 - apiGroups:
  - argoproj.io
@ -58,12 +56,11 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: {{ .Release.Name }}-aggregate-to-admin
+  name: {{ include "argo-rollouts.fullname" . }}-aggregate-to-admin
  labels:
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
-    app.kubernetes.io/component: aggregate-cluster-role
+    app.kubernetes.io/component: {{ .Values.controller.component }}
-    app.kubernetes.io/name:  {{ .Release.Name }}-aggregate-to-admin
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
    app.kubernetes.io/part-of: {{ .Release.Name }}
 rules:
 - apiGroups:
  - argoproj.io
--- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml
@ -2,11 +2,10 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: {{ .Release.Name }}-clusterrole
+  name: {{ include "argo-rollouts.fullname" . }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
-    app.kubernetes.io/name: {{ .Release.Name }}-clusterrole
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
    app.kubernetes.io/part-of: {{ .Release.Name }}
 rules:
 - apiGroups:
  - argoproj.io
@ -57,6 +56,16 @@ rules:
  - update
  - patch
  - delete
 - apiGroups:
  - ""
  - apps
  resources:
  - deployments
  - podtemplates
  verbs:
  - get
  - list
  - watch
 # services patch needed to update selector of canary/stable/active/preview services
 - apiGroups:
  - ""
@ -68,10 +77,12 @@ rules:
  - watch
  - patch
 # secret read access to run analysis templates which reference secrets
 # configmap access to read notification-engine configuration
 - apiGroups:
  - ""
  resources:
  - secrets
  - configmaps
  verbs:
  - get
  - list
@ -135,6 +146,7 @@ rules:
  - watch
  - get
  - update
  - patch
  - list
 # trafficsplit access needed for using the SMI provider
 - apiGroups:
@ -147,4 +159,15 @@ rules:
  - get
  - update
  - patch
 - apiGroups:
  - getambassador.io
  resources:
  - mappings
  verbs:
  - create
  - watch
  - get
  - update
  - list
  - delete
 {{- end }}
--- a/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml
@ -2,17 +2,16 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: {{ .Release.Name }}-clusterrolebinding
+  name: {{ include "argo-rollouts.fullname" . }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
-    app.kubernetes.io/name: {{ .Release.Name }}-clusterrolebinding
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
    app.kubernetes.io/part-of: {{ .Release.Name }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
-  name: {{ .Release.Name }}-clusterrole
+  name: {{ include "argo-rollouts.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ .Values.serviceAccount.name }}
+  name: {{ include "argo-rollouts.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml
@ -1,50 +1,58 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ .Release.Name }}
+  name: {{ include "argo-rollouts.fullname" . }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
-    app.kubernetes.io/name: {{ .Release.Name }}
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
    app.kubernetes.io/part-of: {{ .Release.Name }}
    {{- if .Values.podLabels }}
 {{- toYaml .Values.podLabels | nindent 4 }}
    {{- end }}
 spec:
  selector:
    matchLabels:
-      app.kubernetes.io/name: {{ .Release.Name }}
+      {{- include "argo-rollouts.selectorLabels" . | nindent 6 }}
  strategy:
    type: Recreate
  template:
    metadata:
-      {{- if .Values.podAnnotations }}
+      {{- with .Values.podAnnotations }}
      annotations:
-      {{- range $key, $value := .Values.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
        {{ $key }}: {{ $value | quote }}
      {{- end }}
      {{- end }}
      labels:
-        app.kubernetes.io/name: {{ .Release.Name }}
+        {{- include "argo-rollouts.selectorLabels" . | nindent 8 }}
        {{- range $key, $value := .Values.podLabels }}
        {{ $key }}: {{ $value | quote }}
        {{- end }}
    spec:
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
-      serviceAccountName: {{ .Values.serviceAccount.name }}
+      serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . }}
      containers:
-      - image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}"
+      - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default .Chart.AppVersion .Values.controller.image.tag }}"
        {{- if not .Values.clusterInstall }}
        args:
        - --namespaced
        {{- end }}
        imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
-        name: {{ .Values.controller.name }}
+        name: argo-rollouts
        ports:
        - containerPort: 8090
          name: metrics
        livenessProbe:
          {{- toYaml .Values.controller.livenessProbe | nindent 10 }}
        readinessProbe:
          {{- toYaml .Values.controller.readinessProbe | nindent 10 }}
        securityContext:
-          {{- toYaml .Values.securityContext | nindent 12 }}
+          {{- toYaml .Values.containerSecurityContext | nindent 10 }}
        resources:
          {{- toYaml .Values.controller.resources | nindent 10 }}
      {{- if .Values.controller.nodeSelector }}
      nodeSelector:
        {{- toYaml .Values.controller.nodeSelector | nindent 8 }}
      {{- end }}
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      {{- if .Values.controller.tolerations }}
      tolerations:
        {{- toYaml .Values.controller.tolerations | nindent 8 }}
@ -53,5 +61,3 @@ spec:
      affinity:
        {{- toYaml .Values.controller.affinity | nindent 8 }}
      {{- end }}
  strategy:
    type: Recreate
--- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml
@ -1,14 +1,14 @@
 {{- if .Values.controller.metrics.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ .Release.Name }}-metrics
+  name: {{ include "argo-rollouts.fullname" . }}-metrics
  labels:
    app.kubernetes.io/component: server
-    app.kubernetes.io/name: {{ .Release.Name }}-metrics
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
+  {{- with .Values.serviceAnnotations }}
  annotations:
-  {{- range $key, $value := .Values.serviceAnnotations }}
+    {{- toYaml . | nindent 4 }}
    {{ $key }}: {{ $value | quote }}
  {{- end }}
 spec:
  ports:
@ -17,4 +17,5 @@ spec:
    port: 8090
    targetPort: 8090
  selector:
-    app.kubernetes.io/name: {{ .Release.Name }}
+    {{- include "argo-rollouts.selectorLabels" . | nindent 6 }}
 {{- end }}
--- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml
@ -1,11 +1,11 @@
 {{- if not .Values.clusterInstall }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: {{ .Release.Name }}-role
+  name: {{ include "argo-rollouts.fullname" . }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
-    app.kubernetes.io/name: {{ .Release.Name }}-role
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
    app.kubernetes.io/part-of: {{ .Release.Name }}
 rules:
 - apiGroups:
  - argoproj.io
@ -67,10 +67,12 @@ rules:
  - watch
  - patch
 # secret read access to run analysis templates which reference secrets
 # configmap access to read notification-engine configuration
 - apiGroups:
  - ""
  resources:
  - secrets
  - configmaps
  verbs:
  - get
  - list
@ -145,3 +147,4 @@ rules:
  - get
  - update
  - patch
 {{- end }}
--- a/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml
@ -1,15 +1,16 @@
 {{- if not .Values.clusterInstall }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ .Release.Name }}-role-binding
+  name: {{ include "argo-rollouts.fullname" . }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
-    app.kubernetes.io/name: {{ .Release.Name }}-role-binding
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
    app.kubernetes.io/part-of: {{ .Release.Name }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
-  name: {{ .Release.Name }}-role
+  name: {{ include "argo-rollouts.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ .Values.serviceAccount.name }}
+  name: {{ include "argo-rollouts.serviceAccountName" . }}
 {{- end }}
--- a/charts/argo-rollouts/templates/argo-rollouts-sa.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-sa.yaml
@ -1,8 +1,13 @@
 {{- if .Values.serviceAccount.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ .Values.serviceAccount.name }}
+  name: {{ include "argo-rollouts.serviceAccountName" . }}
  labels:
    app.kubernetes.io/component: {{ .Values.controller.component }}
-    app.kubernetes.io/name: {{ .Release.Name }}
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
+  {{- with .Values.serviceAccount.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 {{- end }}
--- a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml
+++ b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml
@ -1,18 +1,17 @@
-{{- if .Values.controller.metrics.serviceMonitor.enabled }}
+{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }}
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
-  name: {{ .Release.Name }}
+  name: {{ include "argo-rollouts.fullname" . }}
  labels:
    app.kubernetes.io/component: server
-    app.kubernetes.io/name: {{ .Release.Name }}-metrics
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
+    {{- range $key, $value := .Values.controller.metrics.serviceMonitor.additionalLabels }}
-    {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }}
+    {{ $key }}: {{ $value | quote }}
 {{ toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | indent 4 }}
    {{- end }}
-  {{- if .Values.controller.metrics.serviceMonitor.additionalAnnotations }}
+  {{- with .Values.controller.metrics.serviceMonitor.additionalAnnotations }}
  annotations:
-{{ toYaml .Values.controller.metrics.serviceMonitor.additionalAnnotations | indent 4 }}
+    {{- toYaml . | nindent 4 }}
  {{- end }}
 spec:
  endpoints:
@ -23,6 +22,5 @@ spec:
  selector:
    matchLabels:
      app.kubernetes.io/component: server
-      app.kubernetes.io/name: {{ .Release.Name }}-metrics
+      {{- include "argo-rollouts.selectorLabels" . | nindent 6 }}
      app.kubernetes.io/part-of: {{ .Release.Name }}
 {{- end }}
--- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml
@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.4.1
+    controller-gen.kubebuilder.io/version: v0.5.0
    {{- if .Values.crdAnnotations }}
-{{- toYaml .Values.crdAnnotations | nindent 4 }}
+    {{- toYaml .Values.crdAnnotations | nindent 4 }}
    {{- end }}
  labels:
    app.kubernetes.io/name: argo-rollouts
@ -2308,6 +2308,7 @@ spec:
                                      start:
                                        type: string
                                      step:
                                        format: int64
                                        type: integer
                                    required:
                                    - end
@ -2327,6 +2328,7 @@ spec:
                                      start:
                                        type: string
                                      step:
                                        format: int64
                                        type: integer
                                    required:
                                    - end
@ -2348,8 +2350,10 @@ spec:
                            threshold:
                              properties:
                                marginal:
                                  format: int64
                                  type: integer
                                pass:
                                  format: int64
                                  type: integer
                              required:
                              - marginal
@ -2407,6 +2411,7 @@ spec:
                            jsonPath:
                              type: string
                            timeoutSeconds:
                              format: int64
                              type: integer
                            url:
                              type: string
--- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml
@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.4.1
+    controller-gen.kubebuilder.io/version: v0.5.0
    {{- if .Values.crdAnnotations }}
-{{- toYaml .Values.crdAnnotations | nindent 4 }}
+    {{- toYaml .Values.crdAnnotations | nindent 4 }}
    {{- end }}
  labels:
    app.kubernetes.io/name: argo-rollouts
@ -2303,6 +2303,7 @@ spec:
                                      start:
                                        type: string
                                      step:
                                        format: int64
                                        type: integer
                                    required:
                                    - end
@ -2322,6 +2323,7 @@ spec:
                                      start:
                                        type: string
                                      step:
                                        format: int64
                                        type: integer
                                    required:
                                    - end
@ -2343,8 +2345,10 @@ spec:
                            threshold:
                              properties:
                                marginal:
                                  format: int64
                                  type: integer
                                pass:
                                  format: int64
                                  type: integer
                              required:
                              - marginal
@ -2402,6 +2406,7 @@ spec:
                            jsonPath:
                              type: string
                            timeoutSeconds:
                              format: int64
                              type: integer
                            url:
                              type: string
--- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml
@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.4.1
+    controller-gen.kubebuilder.io/version: v0.5.0
    {{- if .Values.crdAnnotations }}
-{{- toYaml .Values.crdAnnotations | nindent 4 }}
+    {{- toYaml .Values.crdAnnotations | nindent 4 }}
    {{- end }}
  labels:
    app.kubernetes.io/name: argo-rollouts
@ -2303,6 +2303,7 @@ spec:
                                      start:
                                        type: string
                                      step:
                                        format: int64
                                        type: integer
                                    required:
                                    - end
@ -2322,6 +2323,7 @@ spec:
                                      start:
                                        type: string
                                      step:
                                        format: int64
                                        type: integer
                                    required:
                                    - end
@ -2343,8 +2345,10 @@ spec:
                            threshold:
                              properties:
                                marginal:
                                  format: int64
                                  type: integer
                                pass:
                                  format: int64
                                  type: integer
                              required:
                              - marginal
@ -2402,6 +2406,7 @@ spec:
                            jsonPath:
                              type: string
                            timeoutSeconds:
                              format: int64
                              type: integer
                            url:
                              type: string
--- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml
@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.4.1
+    controller-gen.kubebuilder.io/version: v0.5.0
    {{- if .Values.crdAnnotations }}
-{{- toYaml .Values.crdAnnotations | nindent 4 }}
+    {{- toYaml .Values.crdAnnotations | nindent 4 }}
    {{- end }}
  labels:
    app.kubernetes.io/name: argo-rollouts
--- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml
+++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml
@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.4.1
+    controller-gen.kubebuilder.io/version: v0.5.0
    {{- if .Values.crdAnnotations }}
-{{- toYaml .Values.crdAnnotations | nindent 4 }}
+    {{- toYaml .Values.crdAnnotations | nindent 4 }}
    {{- end }}
  labels:
    app.kubernetes.io/name: argo-rollouts
@ -32,11 +32,13 @@ spec:
      jsonPath: .status.replicas
      name: Current
      type: integer
-    - description: Total number of non-terminated pods targeted by this rollout that have the desired template spec
+    - description: Total number of non-terminated pods targeted by this rollout that
        have the desired template spec
      jsonPath: .status.updatedReplicas
      name: Up-to-date
      type: integer
-    - description: Total number of available pods (ready for at least minReadySeconds) targeted by this rollout
+    - description: Total number of available pods (ready for at least minReadySeconds)
        targeted by this rollout
      jsonPath: .status.availableReplicas
      name: Available
      type: integer
@ -303,6 +305,12 @@ spec:
                        - type: integer
                        - type: string
                        x-kubernetes-int-or-string: true
                      scaleDownDelayRevisionLimit:
                        format: int32
                        type: integer
                      scaleDownDelaySeconds:
                        format: int32
                        type: integer
                      stableMetadata:
                        properties:
                          annotations:
@ -490,6 +498,15 @@ spec:
                            - ingress
                            - servicePort
                            type: object
                          ambassador:
                            properties:
                              mappings:
                                items:
                                  type: string
                                type: array
                            required:
                            - mappings
                            type: object
                          istio:
                            properties:
                              destinationRule:
@ -2651,9 +2668,15 @@ spec:
                    - containers
                    type: object
                type: object
-            required:
+              workloadRef:
-            - selector
+                properties:
-            - template
+                  apiVersion:
                    type: string
                  kind:
                    type: string
                  name:
                    type: string
                type: object
            type: object
          status:
            properties:
@ -2768,6 +2791,8 @@ spec:
              currentStepIndex:
                format: int32
                type: integer
              message:
                type: string
              observedGeneration:
                type: string
              pauseConditions:
@ -2783,6 +2808,8 @@ spec:
                  - startTime
                  type: object
                type: array
              phase:
                type: string
              promoteFull:
                type: boolean
              readyReplicas:
--- a/charts/argo-rollouts/values.yaml
+++ b/charts/argo-rollouts/values.yaml
@ -3,7 +3,6 @@ installCRDs: true
 clusterInstall: true
 controller:
  name: argo-rollouts
  component: rollouts-controller
  ## Node selectors and tolerations for server scheduling to nodes with taints
  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
@ -12,8 +11,9 @@ controller:
  tolerations: []
  affinity: {}
  image:
    registry: quay.io
    repository: argoproj/argo-rollouts
-    tag: v0.10.2
+    tag: ""
    pullPolicy: IfNotPresent
  resources: {}
@ -25,13 +25,40 @@ controller:
  #    memory: 64Mi
  metrics:
    enabled: false
    serviceMonitor:
      enabled: false
      additionalLabels: {}
      additionalAnnotations: {}
  ## Readiness and liveness probes for rollouts controller
  livenessProbe:
    httpGet:
      path: /metrics
      port: 8090
    initialDelaySeconds: 30
    periodSeconds: 20
    failureThreshold: 3
    successThreshold: 1
    timeoutSeconds: 10
  readinessProbe:
    httpGet:
      path: /metrics
      port: 8090
    initialDelaySeconds: 15
    periodSeconds: 5
    failureThreshold: 3
    successThreshold: 1
    timeoutSeconds: 4
 serviceAccount:
-  name: argo-rollouts
+  # Specifies whether a service account should be created
  create: true
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 ## Annotations to be added to all CRDs
 ##
@ -41,6 +68,21 @@ crdAnnotations: {}
 ##
 podAnnotations: {}
 ## Security Context to set on pod level
 ##
 podSecurityContext:
  runAsNonRoot: true
 ## Security Context to set on container level
 ##
 containerSecurityContext: {}
  # capabilities:
  #   drop:
  #   - ALL
  # readOnlyRootFilesystem: true
  # runAsNonRoot: true
  # runAsUser: 1000
 ## Annotations to be added to the Rollout service
 ##
 serviceAnnotations: {}
--- a/charts/argo-workflows/.helmignore
+++ b/charts/argo-workflows/.helmignore
@ -19,3 +19,4 @@
 .project
 .idea/
 *.tmproj
 ci/
--- a/charts/argo-workflows/Chart.yaml
+++ b/charts/argo-workflows/Chart.yaml
@ -2,8 +2,8 @@ apiVersion: v2
 name: argo-workflows
 description: A Helm chart for Argo Workflows
 type: application
-version: 0.1.5
+version: 0.3.0
-appVersion: "v3.0.2"
+appVersion: "v3.0.7"
 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png
 home: https://github.com/argoproj/argo-helm
 sources:
@ -13,3 +13,6 @@ maintainers:
  - name: alexmt
  - name: jessesuen
  - name: benjaminws
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Support for extraContainers in controller/server"
--- a/charts/argo-workflows/README.md
+++ b/charts/argo-workflows/README.md
@ -10,7 +10,7 @@ This chart uses an install hook to configure the CRD definition. Installation of
 A few options are:
- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute
+- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec
 - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
 ## Usage Notes
--- a/charts/argo-workflows/crds/argoproj.io_workflows.yaml
+++ b/charts/argo-workflows/crds/argoproj.io_workflows.yaml
@ -36,9 +36,11 @@ spec:
          spec:
            type: object
            x-kubernetes-preserve-unknown-fields: true
            x-kubernetes-map-type: atomic
          status:
            type: object
            x-kubernetes-preserve-unknown-fields: true
            x-kubernetes-map-type: atomic
        required:
        - metadata
        - spec
--- a/charts/argo-workflows/templates/_helpers.tpl
+++ b/charts/argo-workflows/templates/_helpers.tpl
@ -26,9 +26,17 @@ Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 */}}
 {{- define "argo-workflows.fullname" -}}
 {{- if .Values.fullnameOverride -}}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- $name := default .Chart.Name .Values.nameOverride -}}
 {{- if contains $name .Release.Name -}}
 {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{- end -}}
 {{- end -}}
 {{/*
 Create chart name and version as used by the chart label.
@ -86,11 +94,18 @@ Create the name of the controller service account to use
 Return the appropriate apiVersion for ingress
 */}}
 {{- define "argo-workflows.ingress.apiVersion" -}}
-{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}}
+{{- if semverCompare "<1.14-0" (include "argo-workflows.kubeVersion" $) -}}
 {{- print "extensions/v1beta1" -}}
-{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.Version -}}
+{{- else if semverCompare "<1.19-0" (include "argo-workflows.kubeVersion" $) -}}
 {{- print "networking.k8s.io/v1beta1" -}}
 {{- else -}}
 {{- print "networking.k8s.io/v1" -}}
 {{- end -}}
 {{- end -}}
 {{/*
 Return the target Kubernetes version
 */}}
 {{- define "argo-workflows.kubeVersion" -}}
  {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }}
 {{- end -}}
--- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
@ -121,8 +121,18 @@ rules:
  resources:
  - leases
  resourceNames:
  {{- if .Values.controller.instanceID.enabled }}
    {{- if .Values.controller.instanceID.useReleaseName }}
  - workflow-controller-{{ .Release.Name }}
  - workflow-controller-lease-{{ .Release.Name }}
    {{- else }}
  - workflow-controller-{{ .Values.controller.instanceID.explicitID }}
  - workflow-controller-lease-{{ .Values.controller.instanceID.explicitID }}
    {{- end }}
  {{- else }}
  - workflow-controller
  - workflow-controller-lease
  {{- end }}
  verbs:
  - get
  - watch
--- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
@ -7,11 +7,11 @@ metadata:
 data:
  config: |
    {{- if .Values.controller.instanceID.enabled }}
-    {{- if .Values.controller.instanceID.useReleaseName }}
+      {{- if .Values.controller.instanceID.useReleaseName }}
    instanceID: {{ .Release.Name }}
-    {{- else }}
+      {{- else }}
    instanceID: {{ .Values.controller.instanceID.explicitID }}
-    {{- end }}
+      {{- end }}
    {{- end }}
    containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }}
    {{- if .Values.controller.parallelism }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml
@ -70,19 +70,18 @@ spec:
                  apiVersion: v1
                  fieldPath: metadata.name
          {{- with .Values.controller.extraEnv }}
-            {{ toYaml . | nindent 10 }}
+            {{- toYaml . | nindent 12 }}
          {{- end }}
          resources:
            {{- toYaml .Values.controller.resources | nindent 12 }}
          ports:
            - name: metrics
              containerPort: {{ .Values.controller.metricsConfig.port }}
-          livenessProbe:
+            - containerPort: 6060
-            httpGet:
+          livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }}
-              port: metrics
+        {{- with .Values.controller.extraContainers }}
-              path: {{ .Values.controller.metricsConfig.path }}
+          {{- toYaml . | nindent 8 }}
-            initialDelaySeconds: 30
+        {{- end }}
            periodSeconds: 30
      {{- with .Values.images.pullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
@ -1,3 +1,4 @@
 {{- if .Values.controller.serviceAccount.create }}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@ -6,3 +7,4 @@ metadata:
  annotations:
    {{- toYaml .| nindent 4 }}
  {{- end }}
 {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-rb.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml
@ -1,19 +1,20 @@
 {{- if .Values.workflow.rbac.create -}}
  {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq)  }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ template "argo-workflows.fullname" . }}-workflow
+  name: {{ template "argo-workflows.fullname" $ }}-workflow
-  {{- with .Values.workflow.namespace }}
+  namespace: {{ $namespace }}
  namespace: {{ . }} 
  {{- end }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
-  name: {{ template "argo-workflows.fullname" . }}-workflow
+  name: {{ template "argo-workflows.fullname" $ }}-workflow
 subjects:
- kind: ServiceAccount
+  - kind: ServiceAccount
-  name: {{ .Values.workflow.serviceAccount.name }}
+    name: {{ $.Values.workflow.serviceAccount.name }}
-  {{- with .Values.workflow.namespace }}
+    {{- with $namespace }}
-  namespace: {{ . }}
+    namespace: {{ . }}
    {{- end }}
  {{- end }}
 {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-role.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-role.yaml
@ -1,25 +1,29 @@
 {{- if .Values.workflow.rbac.create -}}
  {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq)  }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: {{ template "argo-workflows.fullname" . }}-workflow
+  name: {{ template "argo-workflows.fullname" $ }}-workflow
-  {{- with .Values.workflow.namespace }}
+    {{- with $namespace }}
  namespace: {{ . }}
-  {{- end }}
+    {{- end }}
 rules:
- apiGroups:
+  - apiGroups:
-  - ""
+      - ""
-  resources:
+    resources:
-  - pods
+      - pods
-  verbs:
+    verbs:
-  - get
+      - get
-  - watch
+      - watch
-  - patch
+      - patch
- apiGroups:
+  - apiGroups:
-  - ""
+      - ""
-  resources:
+    resources:
-  - pods/log
+      - pods/log
-  verbs:
+    verbs:
-  - get
+      - get
-  - watch
+      - watch
  {{- end }}
 {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-sa.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml
@ -1,13 +1,16 @@
 {{- if .Values.workflow.serviceAccount.create -}}
  {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq)  }}
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ .Values.workflow.serviceAccount.name }}
+  name: {{ $.Values.workflow.serviceAccount.name }}
-  {{- with .Values.workflow.namespace }}
+    {{- with $namespace }}
  namespace: {{ . }}
-  {{- end }}
+    {{- end }}
-  {{- with .Values.workflow.serviceAccount.annotations }}
+    {{- with $.Values.workflow.serviceAccount.annotations }}
  annotations:
-    {{- toYaml . | nindent 4 }}
+      {{- toYaml . | nindent 4 }}
    {{- end }}
  {{- end }}
 {{- end }}
--- a/charts/argo-workflows/templates/server/server-deployment.yaml
+++ b/charts/argo-workflows/templates/server/server-deployment.yaml
@ -60,15 +60,18 @@ spec:
            initialDelaySeconds: 10
            periodSeconds: 20
          env:
-          - name: IN_CLUSTER
+            - name: IN_CLUSTER
-            value: "true"
+              value: "true"
-          - name: ARGO_NAMESPACE
+            - name: ARGO_NAMESPACE
-            valueFrom:
+              valueFrom:
-              fieldRef:
+                fieldRef:
-                apiVersion: v1
+                  apiVersion: v1
-                fieldPath: metadata.namespace
+                  fieldPath: metadata.namespace
-          - name: BASE_HREF
+            - name: BASE_HREF
-            value: {{ .Values.server.baseHref | quote }}
+              value: {{ .Values.server.baseHref | quote }}
          {{- with .Values.server.extraEnv }}
            {{- toYaml . | nindent 12 }}
          {{- end }}
          resources:
            {{- toYaml .Values.server.resources | nindent 12 }}
          volumeMounts:
@ -77,6 +80,9 @@ spec:
          {{- with .Values.server.volumeMounts }}
            {{- toYaml . | nindent 10}}
          {{- end }}
        {{- with .Values.server.extraContainers }}
          {{- toYaml . | nindent 8 }}
        {{- end }}
      {{- with .Values.images.pullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
--- a/charts/argo-workflows/templates/server/server-ingress.yaml
+++ b/charts/argo-workflows/templates/server/server-ingress.yaml
@ -3,6 +3,7 @@
 {{- $servicePort := .Values.server.servicePort -}}
 {{- $paths := .Values.server.ingress.paths -}}
 {{- $extraPaths := .Values.server.ingress.extraPaths -}}
 {{- $pathType := .Values.server.ingress.pathType -}}
 apiVersion: {{ include "argo-workflows.ingress.apiVersion" . }}
 kind: Ingress
 metadata:
@ -19,7 +20,7 @@ metadata:
    {{- toYaml .Values.server.ingress.labels | nindent 4 }}
    {{- end }}
 spec:
-  {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+  {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
  {{- with .Values.server.ingress.ingressClassName }}
  ingressClassName: {{ . }}
  {{- end }}
@ -35,11 +36,11 @@ spec:
          {{- end }}
          {{- range $p := $paths }}
          - path: {{ $p }}
-            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
-            pathType: Prefix
+            pathType: {{ $pathType }}
            {{- end }}
            backend:
-              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ $serviceName }}
                port:
@ -62,11 +63,11 @@ spec:
          {{- end }}
          {{- range $p := $paths }}
          - path: {{ $p }}
-            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
-            pathType: Prefix
+            pathType: {{ $pathType }}
            {{- end }}
            backend:
-              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ $serviceName }}
                port:
--- a/charts/argo-workflows/values.yaml
+++ b/charts/argo-workflows/values.yaml
@ -5,25 +5,34 @@ images:
  pullSecrets: []
  # - name: argo-pull-secret
 init:
  # By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is
  # being deployed to.  In RBAC clusters, that will almost certainly fail.  See the NOTES: section of the readme for more info.
  serviceAccount: ""
 createAggregateRoles: true
 ## String to partially override "argo-workflows.fullname" template
 ##
 nameOverride:
 ## String to fully override "argo-workflows.fullname" template
 ##
 fullnameOverride:
 ## Override the Kubernetes version, which is used to evaluate certain manifests
 ##
 kubeVersionOverride: ""
 # Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents,
 # and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy.
 singleNamespace: false
 workflow:
-  namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created.
+  namespace: # Deprecated, for backwards compatibility: specify a single namespace to run workflows in
  serviceAccount:
    create: false # Specifies whether a service account should be created
    annotations: {}
    name: "argo-workflow" # Service account which is used to run workflows
  rbac:
-    create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows
+    # Adds Role and RoleBinding for the above specified service account to be able to run workflows
    # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below)
    create: true
 controller:
  image:
@ -97,6 +106,8 @@ controller:
    # Annotations applied to created service account
    annotations: {}
  name: workflow-controller
  # Specify all namespaces to run worksflows need to be able to run in. This controls where the service
  # account and RBAC resources will be created. If unspecified, will run in the default namespace.
  workflowNamespaces:
    - default
  containerRuntimeExecutor: docker
@ -120,9 +131,22 @@ controller:
  # service type `LoadBalancer`
  loadBalancerSourceRanges: []
  resources: {}
-  # The list of environment variable definitions to be added to the controller
+  livenessProbe:
-  # manages container verbatim.
+    httpGet:
      port: 6060
      path: /healthz
    # Require three failures to tolerate transient errors.
    failureThreshold: 3
    initialDelaySeconds: 90
    periodSeconds: 60
    timeoutSeconds: 30
  ## Extra environment variables to provide to the controller container
  ## extraEnv:
  ##   - name: FOO
  ##     value: "bar"
  extraEnv: []
  # Extra arguments to be added to the controller
  extraArgs: []
  replicas: 1
@ -146,6 +170,8 @@ controller:
  clusterWorkflowTemplates:
    # Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates.
    enabled: true
  # Extra containers to be added to the controller deployment
  extraContainers: []
 # executor controls how the init and wait container should be customized
 executor:
@ -226,6 +252,12 @@ server:
  # https://argoproj.github.io/argo-workflows/tls/
  secure: false
  ## Extra environment variables to provide to the argo-server container
  ## extraEnv:
  ##   - name: FOO
  ##     value: "bar"
  extraEnv: []
  # Extra arguments to provide to the Argo server binary.
  extraArgs: []
@ -248,20 +280,29 @@ server:
    ##
    hosts:
      []
-      # - argocd.example.com
+      # - argoworkflows.example.com
    paths:
      - /
    pathType: Prefix
    extraPaths:
      []
      # - path: /*
      #   backend:
      #     serviceName: ssl-redirect
      #     servicePort: use-annotation
      ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used)
      # - path: /*
      #   pathType: Prefix
      #   backend:
      #     service
      #       name: ssl-redirect
      #       port:
      #         name: use-annotation
    tls:
      []
-      # - secretName: argocd-example-tls
+      # - secretName: argoworkflows-example-tls
      #   hosts:
-      #     - argocd.example.com
+      #     - argoworkflows.example.com
    https: false
  clusterWorkflowTemplates:
@ -298,6 +339,8 @@ server:
    ## decisions.
    # scopes:
    # - groups
  # Extra containers to be added to the server deployment
  extraContainers: []
 # Influences the creation of the ConfigMap for the workflow-controller itself.
 useDefaultArtifactRepo: false
--- a/charts/argocd-applicationset/.helmignore
+++ b/charts/argocd-applicationset/.helmignore
@ -21,3 +21,4 @@
 .idea/
 *.tmproj
 .vscode/
 ci/
--- a/charts/argocd-applicationset/Chart.yaml
+++ b/charts/argocd-applicationset/Chart.yaml
@ -2,13 +2,18 @@ apiVersion: v2
 name: argocd-applicationset
 description: A Helm chart for installing ArgoCD ApplicationSet
 type: application
-version: 0.1.5
+version: 1.0.0
 appVersion: "v0.1.0"
 home: https://github.com/argoproj/argo-helm
-icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
+icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png
 keywords:
  - argoproj
  - appset
  - gitops
 maintainers:
  - name: maruina
 annotations:
  artifacthub.io/changes: |
    - "[Removed]: CRD installation via templates folder. CRDs are now only handled via the '/crds' folder in the same way like the ArgoCD chart."
    - "[Removed]: Exclude '/ci' folder from being packaged into the final chart archive."
    - "[Changed]: Fix icon url"
--- a/charts/argocd-applicationset/README.md
+++ b/charts/argocd-applicationset/README.md
@ -10,6 +10,11 @@ This is a **community maintained** chart. This chart installs the [applicationse
 This chart currently installs the non-HA version of Argo CD ApplicationSet.
 ## Prerequisites
 - Helm v3.0.0+
 - The ApplicationSet controller **must** be installed into the same namespace as the Argo CD it is targetting.
 ## Installing the Chart
 To install the chart with the release name `my-release`:
@ -23,10 +28,6 @@ NAME: my-release
 ...
 ```
 ### Helm v3 Compatibility
 Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks.
 ### Testing
 Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing).
@ -38,6 +39,19 @@ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/st
 ct install --namespace argocd
 ```
 ## Notes on CRD Installation
 Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart.
 You then can install the CRDs manually from `crds` folder or via the manifests from the upstream project repo:
 ```console
 kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=<appVersion>
 # Eg. version v0.1.0
 kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=v0.1.0
 ```
 ## Values
 | Key | Type | Default | Description |
@ -56,7 +70,6 @@ ct install --namespace argocd
 | image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. |
 | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
 | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. |
 | installCRDs | bool | `true` | Install Custom Resource Definition |
 | mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume |
 | mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume |
 | mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume |
--- a/charts/argocd-applicationset/ci/default-values.yaml
+++ b/charts/argocd-applicationset/ci/default-values.yaml
@ -4,8 +4,6 @@
 replicaCount: 1
 installCRDs: false # this needs to be false with ct
 image:
  # The image repository
  repository: quay.io/argocdapplicationset/argocd-applicationset
--- a/charts/argocd-applicationset/ci/leader-election-values.yaml
+++ b/charts/argocd-applicationset/ci/leader-election-values.yaml
@ -2,5 +2,3 @@ args:
  enableLeaderElection: true
 replicaCount: 3
 installCRDs: false
--- a/charts/argocd-applicationset/templates/crds.yaml
+++ b/charts/argocd-applicationset/templates/crds.yaml
@ -1,6 +0,0 @@
 {{- if .Values.installCRDs }}
 {{- range $path, $_ := .Files.Glob "crds/*.yaml" }}
 {{ $.Files.Get $path }}
 ---
 {{- end }}
 {{- end }}
--- a/charts/argocd-applicationset/templates/deployment.yaml
+++ b/charts/argocd-applicationset/templates/deployment.yaml
@ -98,3 +98,6 @@ spec:
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.priorityClassName }}
      priorityClassName: {{ . }}
      {{- end }}
--- a/charts/argocd-applicationset/values.yaml
+++ b/charts/argocd-applicationset/values.yaml
@ -4,8 +4,6 @@
 replicaCount: 1
 installCRDs: true
 image:
  # The image repository
  repository: quay.io/argocdapplicationset/argocd-applicationset
@ -71,6 +69,8 @@ tolerations: []
 affinity: {}
 priorityClassName: ""
 mountSSHKnownHostsVolume: true
 mountTLSCertsVolume: true
 mountGPGKeysVolume: false
--- a/charts/argocd-notifications/Chart.yaml
+++ b/charts/argocd-notifications/Chart.yaml
@ -3,7 +3,7 @@ appVersion: 1.1.1
 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD.
 name: argocd-notifications
 type: application
-version: 1.3.2
+version: 1.4.1
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 keywords:
@ -13,3 +13,6 @@ keywords:
 maintainers:
  - name: alexmt
  - name: andyfeller
 annotations:
  artifacthub.io/changes: |
    - "[Added]: Initialize Changelog"
--- a/charts/argocd-notifications/templates/service-metrics.yaml
+++ b/charts/argocd-notifications/templates/service-metrics.yaml
@ -5,6 +5,13 @@ metadata:
  name: {{ include "argocd-notifications.name" . }}-metrics
  labels:
    {{- include "argocd-notifications.metrics.labels" . | nindent 4 }}
    {{- with .Values.metrics.service.labels }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
  {{- with .Values.metrics.service.annotations  }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 spec:
  selector:
    {{- include "argocd-notifications.selectorLabels" . | nindent 4 }}
--- a/charts/argocd-notifications/values.yaml
+++ b/charts/argocd-notifications/values.yaml
@ -52,6 +52,9 @@ extraArgs: []
 metrics:
  enabled: false
  port: 9001
  service:
    annotations: {}
    labels: {}
  serviceMonitor:
    enabled: false
    additionalLabels: {}