diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a8921ba4..b204ba59 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.5.4" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.3.1 +version: 2.3.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index 683d41d4..0d4f9651 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -233,6 +233,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository @@ -517,6 +520,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository @@ -776,6 +782,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository @@ -1049,6 +1058,10 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize + version + type: string type: object path: description: Path is a directory path within the Git @@ -1335,6 +1348,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository @@ -1608,6 +1624,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index e9244236..386dcb83 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -95,6 +95,23 @@ spec: - kind type: object type: array + namespaceResourceWhitelist: + description: NamespaceResourceWhitelist contains list of whitelisted + namespace level resources + items: + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array orphanedResources: description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project @@ -132,6 +149,8 @@ spec: iat: format: int64 type: integer + id: + type: string required: - iat type: object diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index da1af048..19d7745e 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "v2.7.6" +appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.8.6 +version: 0.9.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/crds/cluster-workflow-template-crd.yaml b/charts/argo/crds/cluster-workflow-template-crd.yaml new file mode 100644 index 00000000..df26a0ae --- /dev/null +++ b/charts/argo/crds/cluster-workflow-template-crd.yaml @@ -0,0 +1,17 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterworkflowtemplates.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation +spec: + group: argoproj.io + version: v1alpha1 + scope: Cluster + names: + kind: ClusterWorkflowTemplate + plural: clusterworkflowtemplates + shortNames: + - clusterwftmpl + - cwft diff --git a/charts/argo/templates/cluster-workflow-template-crd.yaml b/charts/argo/templates/cluster-workflow-template-crd.yaml new file mode 100644 index 00000000..c9c1cb52 --- /dev/null +++ b/charts/argo/templates/cluster-workflow-template-crd.yaml @@ -0,0 +1,19 @@ +{{- if .Values.installCRD }} +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterworkflowtemplates.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation +spec: + group: argoproj.io + version: v1alpha1 + scope: Cluster + names: + kind: ClusterWorkflowTemplate + plural: clusterworkflowtemplates + shortNames: + - clusterwftmpl + - cwft +{{- end }} diff --git a/charts/argo/templates/server-cluster-role.yaml b/charts/argo/templates/server-cluster-roles.yaml similarity index 72% rename from charts/argo/templates/server-cluster-role.yaml rename to charts/argo/templates/server-cluster-roles.yaml index efb9d564..8da10df2 100644 --- a/charts/argo/templates/server-cluster-role.yaml +++ b/charts/argo/templates/server-cluster-roles.yaml @@ -1,14 +1,8 @@ {{- if .Values.server.enabled }} apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }}-role -{{ else }} kind: ClusterRole metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }}-cluster-role -{{- end }} + name: {{ .Release.Name }}-{{ .Values.server.name }} rules: - apiGroups: - "" @@ -66,4 +60,24 @@ rules: - update - patch - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ .Release.Name }}-{{ .Values.server.name }}-cluster-template +rules: +- apiGroups: + - argoproj.io + resources: + - clusterworkflowtemplates + verbs: + - get + - list + - watch + {{- if .Values.server.clusterWorkflowTemplates.enableEditing }} + - create + - update + - patch + - delete + {{- end }} {{- end }} diff --git a/charts/argo/templates/server-crb.yaml b/charts/argo/templates/server-crb.yaml index ed7d7982..a919e573 100644 --- a/charts/argo/templates/server-crb.yaml +++ b/charts/argo/templates/server-crb.yaml @@ -3,21 +3,29 @@ apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}}-rb + name: {{ .Release.Name }}-{{ .Values.server.name}} {{ else }} kind: ClusterRoleBinding metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}}-crb + name: {{ .Release.Name }}-{{ .Values.server.name}} {{- end }} roleRef: apiGroup: rbac.authorization.k8s.io - {{- if .Values.singleNamespace }} - kind: Role - name: {{ .Release.Name }}-{{ .Values.server.name}}-role - {{ else }} kind: ClusterRole - name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-role - {{- end }} + name: {{ .Release.Name }}-{{ .Values.server.name}} +subjects: +- kind: ServiceAccount + name: {{ .Values.server.serviceAccount }} + namespace: {{ .Release.Namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template subjects: - kind: ServiceAccount name: {{ .Values.server.serviceAccount }} diff --git a/charts/argo/templates/workflow-aggregate-roles.yaml b/charts/argo/templates/workflow-aggregate-roles.yaml index d817ead7..b89e7b13 100644 --- a/charts/argo/templates/workflow-aggregate-roles.yaml +++ b/charts/argo/templates/workflow-aggregate-roles.yaml @@ -18,6 +18,8 @@ rules: - workflowtemplates/finalizers - cronworkflows - cronworkflows/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers verbs: - get - list @@ -42,6 +44,8 @@ rules: - workflowtemplates/finalizers - cronworkflows - cronworkflows/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers verbs: - create - delete @@ -71,6 +75,8 @@ rules: - workflowtemplates/finalizers - cronworkflows - cronworkflows/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers verbs: - create - delete diff --git a/charts/argo/templates/workflow-controller-clusterrole.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml similarity index 81% rename from charts/argo/templates/workflow-controller-clusterrole.yaml rename to charts/argo/templates/workflow-controller-cluster-roles.yaml index 20515321..1bee0b17 100644 --- a/charts/argo/templates/workflow-controller-clusterrole.yaml +++ b/charts/argo/templates/workflow-controller-cluster-roles.yaml @@ -1,13 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-role -{{ else }} kind: ClusterRole metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-role -{{- end }} + name: {{ .Release.Name }}-{{ .Values.controller.name }} rules: - apiGroups: - "" @@ -55,6 +49,8 @@ rules: resources: - workflowtemplates - workflowtemplates/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers verbs: - get - list @@ -101,5 +97,18 @@ rules: verbs: - get {{- end}} - - +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template +rules: +- apiGroups: + - argoproj.io + resources: + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers + verbs: + - get + - list + - watch diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 98e6d0f5..a5845681 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -16,10 +16,14 @@ data: {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} - {{- with .Values.executor.resources }} + {{- if or .Values.executor.resources .Values.executor.env }} executor: - resources: - {{- toYaml . | nindent 8 }} + {{- with .Values.executor.resources }} + resources: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.executor.env }} + env: {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} artifactRepository: {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} diff --git a/charts/argo/templates/workflow-controller-crb.yaml b/charts/argo/templates/workflow-controller-crb.yaml index 3eba3cf2..459a3c67 100644 --- a/charts/argo/templates/workflow-controller-crb.yaml +++ b/charts/argo/templates/workflow-controller-crb.yaml @@ -5,16 +5,11 @@ kind: RoleBinding kind: ClusterRoleBinding {{- end }} metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-binding + name: {{ .Release.Name }}-{{ .Values.controller.name }} roleRef: apiGroup: rbac.authorization.k8s.io - {{- if .Values.singleNamespace }} - kind: Role - name: {{ .Release.Name }}-{{ .Values.controller.name }}-role - {{ else }} kind: ClusterRole - name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-role - {{- end }} + name: {{ .Release.Name }}-{{ .Values.controller.name }} subjects: - kind: ServiceAccount name: {{ .Values.controller.serviceAccount }} @@ -30,3 +25,16 @@ subjects: {{- end }} {{- end }} {{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template +subjects: + - kind: ServiceAccount + name: {{ .Values.controller.serviceAccount }} + namespace: {{ .Release.Namespace }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 156f9926..7f0eead3 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -111,6 +111,8 @@ executor: # Overrides .images.tag if defined. tag: "" resources: {} + # Adds environment variables for the executor. + env: {} server: enabled: true @@ -188,6 +190,9 @@ server: # - secretName: argo-ui-tls # hosts: # - argo.domain.com + clusterWorkflowTemplates: + # Give the server permissions to edit ClusterWorkflowTemplates. + enableEditing: true # Influences the creation of the ConfigMap for the workflow-controller itself. useDefaultArtifactRepo: false