DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into argocd-image-updater-limit-label-length

Browse source
This commit is contained in:
Marco Kilchhofer 2023-01-19 12:32:38 +01:00 committed by GitHub
commit 585f84b81d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
66 changed files with 860 additions and 785 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/lint-and-test.yml vendored
View file

@ -58,7 +58,7 @@ jobs:
fi
- name: Create kind cluster
uses: helm/kind-action@v1.4.0
uses: helm/kind-action@v1.5.0
if: steps.list-changed.outputs.changed == 'true'
with:
config: .github/configs/kind-config.yaml

2
.github/workflows/publish.yml vendored
View file

@ -39,7 +39,7 @@ jobs:
git checkout origin/gh-pages index.yaml
- name: Run chart-releaser
uses: helm/chart-releaser-action@v1.4.1
uses: helm/chart-releaser-action@v1.5.0
with:
config: "./.github/configs/cr.yaml"
env:

2
.github/workflows/stale.yml vendored
View file

@ -14,7 +14,7 @@ jobs:
pull-requests: write # for actions/stale to close stale PRs
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v6
- uses: actions/stale@v7
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
# Number of days of inactivity before an issue becomes stale

2
CODEOWNERS
View file

@ -7,7 +7,7 @@
/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco
# Argo CD
/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth
/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil
# Argo Events
/charts/argo-events/ @jbehling @VaibhavPage @pdrastil

6
charts/argo-cd/Chart.lock
View file

@ -1,6 +1,6 @@
dependencies:
- name: redis-ha
repository: https://dandydeveloper.github.io/charts/
version: 4.22.3
digest: sha256:ef6269e4e073dad10c230ccfb069fc013608111c895c5e7568450bb3967cf195
generated: "2022-11-03T12:04:33.673857+09:00"
version: 4.22.4
digest: sha256:5df60910862b364ebfb82cba2b2f0951c39ad36446647fb3f501bdeadc92fbd7
generated: "2022-12-26T22:58:11.561184+09:00"

8
charts/argo-cd/Chart.yaml
View file

@ -1,9 +1,9 @@
apiVersion: v2
appVersion: v2.5.4
appVersion: v2.5.7
kubeVersion: ">=1.22.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 5.16.2
version: 5.17.4
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources:
@ -18,9 +18,9 @@ maintainers:
url: https://argoproj.github.io/
dependencies:
- name: redis-ha
version: 4.22.3
version: 4.22.4
repository: https://dandydeveloper.github.io/charts/
condition: redis-ha.enabled
annotations:
artifacthub.io/changes: |
- "[Changed]: Update ArgoCD to v2.5.4"
- "[Changed]: Update Argo CD extensions to v0.2.1"

69
charts/argo-cd/README.md
View file

@ -359,12 +359,11 @@ NAME: my-release
| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart |
| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart |
| apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart |
| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart |
| apiVersionOverrides.pdb | string | `""` | String to override apiVersion of pod disruption budgets rendered by this helm chart |
| crds.annotations | object | `{}` | Annotations to be added to all CRDs |
| crds.install | bool | `true` | Install and upgrade CRDs |
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds |
| createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources |
| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. |
| extraObjects | list | `[]` | Array of extra K8s manifests to deploy |
| fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` |
| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests |
@ -401,7 +400,7 @@ NAME: my-release
| configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning |
| configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI |
| configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement |
| configs.cm."timeout.hard.reconciliation" | int | `0` | Timeout to refresh application data as well as target manifests cache |
| configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache |
| configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository |
| configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap |
| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] |
@ -453,7 +452,6 @@ NAME: my-release
|-----|------|---------|-------------|
| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| controller.args | object | `{}` | DEPRECATED - Application controller commandline flags |
| controller.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments |
| controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource |
| controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource |
| controller.containerPort | int | `8082` | Application controller listening port |
@ -531,7 +529,6 @@ NAME: my-release
| repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret |
| repoServer.certificateSecret.key | string | `""` | Certificate private key |
| repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret |
| repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments |
| repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource |
| repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource |
| repoServer.containerPort | int | `8081` | Configures the repo server port |
@ -633,7 +630,6 @@ NAME: my-release
| server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret |
| server.certificateSecret.key | string | `""` | Private Key of the certificate |
| server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret |
| server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments |
| server.containerPort | int | `8080` | Configures the server port |
| server.containerSecurityContext | object | See [values.yaml] | Server container-level security context |
| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment |
@ -641,9 +637,9 @@ NAME: my-release
| server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server |
| server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context |
| server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions |
| server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions |
| server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions |
| server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image |
| server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image |
| server.extensions.image.tag | string | `"v0.2.1"` | Tag to use for extensions image |
| server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container |
| server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server |
| server.extraContainers | list | `[]` | Additional containers to be added to the server pod |
@ -965,15 +961,16 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment |
| applicationSet.enabled | bool | `true` | Enable ApplicationSet controller |
| applicationSet.extraArgs | list | `[]` | List of extra cli args to add |
| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod |
| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the controller |
| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller |
| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod |
| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the ApplicationSet controller |
| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the ApplicationSet controller |
| applicationSet.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) |
| applicationSet.extraVolumes | list | `[]` | List of extra volumes to add |
| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application set controller |
| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application set controller |
| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application set controller |
| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the ApplicationSet controller |
| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller |
| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller |
| applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. |
| applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod |
| applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller |
| applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| applicationSet.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
@ -997,15 +994,15 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme |
| applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| applicationSet.name | string | `"applicationset-controller"` | Application Set controller name string |
| applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string |
| applicationSet.nodeSelector | object | `{}` | [Node selector] |
| applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb |
| applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller |
| applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb |
| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods |
| applicationSet.podLabels | object | `{}` | Labels for the controller pods |
| applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods |
| applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods |
| applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. |
| applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller |
| applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
@ -1014,11 +1011,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
| applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
| applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run |
| applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. |
| applicationSet.service.annotations | object | `{}` | Application set service annotations |
| applicationSet.service.labels | object | `{}` | Application set service labels |
| applicationSet.service.port | int | `7000` | Application set service port |
| applicationSet.service.portName | string | `"webhook"` | Application set service port name |
| applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. |
| applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations |
| applicationSet.service.labels | object | `{}` | ApplicationSet service labels |
| applicationSet.service.port | int | `7000` | ApplicationSet service port |
| applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name |
| applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
| applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
| applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account |
@ -1028,7 +1025,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks |
| applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths |
| applicationSet.webhook.ingress.hosts | list | `[]` | List of ingress hosts |
| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource |
| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource |
| applicationSet.webhook.ingress.labels | object | `{}` | Additional ingress labels |
| applicationSet.webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` |
| applicationSet.webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths |
@ -1061,22 +1058,24 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. |
| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints |
| notifications.cm.create | bool | `true` | Whether helm chart creates controller config map |
| notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map |
| notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context |
| notifications.context | object | `{}` | Define user-defined context |
| notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment |
| notifications.enabled | bool | `true` | Enable notifications controller |
| notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller |
| notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller |
| notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod |
| notifications.extraEnv | list | `[]` | Additional container environment variables |
| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller |
| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller |
| notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) |
| notifications.extraVolumes | list | `[]` | List of extra volumes to add |
| notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller |
| notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller |
| notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller |
| notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Application controller log format. Either `text` or `json` |
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Application controller log level. One of: `debug`, `info`, `warn`, `error` |
| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod |
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` |
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` |
| notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server |
| notifications.metrics.port | int | `9001` | Metrics port |
| notifications.metrics.service.annotations | object | `{}` | Metrics service annotations |
@ -1085,6 +1084,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
| notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
| notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
| notifications.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion |
| notifications.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping |
| notifications.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme |
| notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
@ -1096,12 +1097,12 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb |
| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods |
| notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods |
| notifications.priorityClassName | string | `""` | Priority class for the controller pods |
| notifications.resources | object | `{}` | Resource limits and requests for the controller |
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods |
| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods |
| notifications.priorityClassName | string | `""` | Priority class for the notifications controller pods |
| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller |
| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret |
| notifications.secret.create | bool | `true` | Whether helm chart creates controller secret |
| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret |
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret |
| notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
| notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |

12
charts/argo-cd/templates/NOTES.txt
View file

@ -52,6 +52,18 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys
{{- if .Values.configs.gpgKeysAnnotations }}
DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations
{{- end }}
{{- if hasKey .Values "createAggregateRoles" }}
DEPRECATED option createAggregateRoles - Use global.rbac.aggregatedRoles
{{- end }}
{{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }}
DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles
{{- end }}
{{- if hasKey (.Values.server.clusterAdminAccess | default dict) "enabled" }}
DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles
{{- end }}
{{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }}
DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles
{{- end }}
{{- if .Values.controller.service }}
REMOVED option controller.service - Use controller.metrics
{{- end }}

30
charts/argo-cd/templates/_versions.tpl
View file

@ -19,34 +19,6 @@ Return the appropriate apiVersion for autoscaling
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for ingress
*/}}
{{- define "argo-cd.apiVersion.ingress" -}}
{{- if .Values.apiVersionOverrides.ingress -}}
{{- print .Values.apiVersionOverrides.ingress -}}
{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" .) -}}
{{- print "extensions/v1beta1" -}}
{{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" .) -}}
{{- print "networking.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for pod disruption budget
*/}}
{{- define "argo-cd.apiVersion.pdb" -}}
{{- if .Values.apiVersionOverrides.pdb -}}
{{- print .Values.apiVersionOverrides.pdb -}}
{{- else if semverCompare "<1.21-0" (include "argo-cd.kubeVersion" .) -}}
{{- print "policy/v1beta1" -}}
{{- else -}}
{{- print "policy/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for cert-manager
*/}}
@ -55,6 +27,8 @@ Return the appropriate apiVersion for cert-manager
{{- print .Values.apiVersionOverrides.certmanager -}}
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}}
{{- print "cert-manager.io/v1" -}}
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}}
{{- print "cert-manager.io/v1beta1" -}}
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}}
{{- print "cert-manager.io/v1alpha3" -}}
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}}

27
charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml
View file

@ -1,23 +1,24 @@
{{- if .Values.controller.clusterAdminAccess.enabled }}
{{- $config := .Values.controller.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "argo-cd.controller.fullname" . }}
name: {{ include "argo-cd.controller.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
rules:
{{- if .Values.controller.clusterRoleRules.enabled }}
{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 0 }}
{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }}
{{- else }}
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
{{- end }}
{{- end }}

11
charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml
View file

@ -1,16 +1,17 @@
{{- if .Values.controller.clusterAdminAccess.enabled }}
{{- $config := .Values.controller.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "argo-cd.controller.fullname" . }}
name: {{ include "argo-cd.controller.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "argo-cd.controller.fullname" . }}
name: {{ include "argo-cd.controller.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "argo-cd.controllerServiceAccountName" . }}
name: {{ include "argo-cd.controllerServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}

2
charts/argo-cd/templates/argocd-application-controller/pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.controller.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.controller.fullname" . }}

4
charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml
View file

@ -14,6 +14,10 @@ metadata:
{{- if .Values.controller.metrics.rules.additionalLabels }}
{{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }}
{{- end }}
{{- with .Values.controller.metrics.rules.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
groups:
- name: argocd

10
charts/argo-cd/templates/argocd-application-controller/statefulset.yaml
View file

@ -257,7 +257,11 @@ spec:
- mountPath: /home/argocd
name: argocd-home
{{- with .Values.controller.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.controller.initContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.controller.nodeSelector }}
nodeSelector:
@ -304,10 +308,6 @@ spec:
path: tls.key
- key: ca.crt
path: ca.crt
{{- with .Values.controller.initContainers }}
initContainers:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.controller.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}

10
charts/argo-cd/templates/argocd-applicationset/deployment.yaml
View file

@ -40,6 +40,10 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
containers:
- name: {{ .Values.applicationSet.name }}
image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }}
@ -121,8 +125,12 @@ spec:
- mountPath: /tmp
name: tmp
{{- with .Values.applicationSet.extraContainers }}
{{- toYaml . | nindent 8 }}
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .Values.applicationSet.initContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.applicationSet.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

2
charts/argo-cd/templates/argocd-applicationset/pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if and .Values.applicationSet.enabled .Values.applicationSet.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.applicationSet.fullname" . }}

53
charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml
View file

@ -1,89 +1,72 @@
{{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}}
{{- $serviceName := include "argo-cd.applicationSet.fullname" . -}}
{{- $servicePort := .Values.applicationSet.service.portName -}}
{{- $paths := .Values.applicationSet.webhook.ingress.paths -}}
{{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}}
{{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}}
apiVersion: {{ include "argo-cd.apiVersion.ingress" . }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
{{- if .Values.applicationSet.webhook.ingress.annotations }}
annotations:
{{- range $key, $value := .Values.applicationSet.webhook.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ template "argo-cd.applicationSet.fullname" . }}
name: {{ include "argo-cd.applicationSet.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
{{- if .Values.applicationSet.webhook.ingress.labels }}
{{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }}
{{- with .Values.applicationSet.webhook.ingress.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.applicationSet.webhook.ingress.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
{{- with .Values.applicationSet.webhook.ingress.ingressClassName }}
ingressClassName: {{ . }}
{{- end }}
{{- end }}
rules:
{{- if .Values.applicationSet.webhook.ingress.hosts }}
{{- range $host := .Values.applicationSet.webhook.ingress.hosts }}
- host: {{ $host }}
http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.applicationSet.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.applicationSet.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- if .Values.applicationSet.webhook.ingress.tls }}
{{- with .Values.applicationSet.webhook.ingress.tls }}
tls:
{{- toYaml .Values.applicationSet.webhook.ingress.tls | nindent 4 }}
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- end -}}

2
charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml
View file

@ -1,4 +1,4 @@
{{- if and .Values.repoServer.enabled .Values.repoServer.certificateSecret.enabled }}
{{- if .Values.repoServer.certificateSecret.enabled }}
apiVersion: v1
kind: Secret
metadata:

2
charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.notifications.fullname" . }}-bot

51
charts/argo-cd/templates/argocd-notifications/deployment.yaml
View file

@ -81,12 +81,39 @@ spec:
{{- with .Values.notifications.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.notifications.extraContainers }}
{{- tpl (toYaml . ) $ | nindent 8 }}
{{- end }}
{{- with .Values.notifications.initContainers }}
initContainers:
{{- tpl (toYaml . ) $ | nindent 8 }}
{{- end }}
{{- with .Values.notifications.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
volumes:
- configMap:
{{- with .Values.notifications.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
- name: tls-certs
configMap:
name: argocd-tls-certs-cm
name: tls-certs
- name: argocd-repo-server-tls
secret:
secretName: argocd-repo-server-tls
optional: true
items:
- key: tls.crt
path: tls.crt
@ -94,24 +121,4 @@ spec:
path: tls.key
- key: ca.crt
path: ca.crt
optional: true
secretName: argocd-repo-server-tls
{{- with .Values.notifications.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
{{- end }}

2
charts/argo-cd/templates/argocd-notifications/pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if and .Values.notifications.enabled .Values.notifications.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.notifications.fullname" . }}

8
charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml
View file

@ -35,6 +35,14 @@ spec:
tlsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.metrics.serviceMonitor.relabelings }}
relabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.metrics.serviceMonitor.metricRelabelings }}
metricRelabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}

27
charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml
View file

@ -1,23 +1,24 @@
{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }}
{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "argo-cd.repoServer.fullname" . }}
name: {{ include "argo-cd.repoServer.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
rules:
{{- if .Values.repoServer.clusterRoleRules.enabled }}
{{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 0 }}
{{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 2 }}
{{- else }}
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
{{- end }}
{{- end }}

9
charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml
View file

@ -1,16 +1,17 @@
{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }}
{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "argo-cd.repoServer.fullname" . }}
name: {{ include "argo-cd.repoServer.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "argo-cd.repoServer.fullname" . }}
name: {{ include "argo-cd.repoServer.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "argo-cd.repoServerServiceAccountName" . }}
name: {{ include "argo-cd.repoServerServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}

48
charts/argo-cd/templates/argocd-repo-server/deployment.yaml
View file

@ -264,7 +264,30 @@ spec:
securityContext:
{{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }}
{{- with .Values.repoServer.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
initContainers:
- command:
- cp
- -n
- /usr/local/bin/argocd
- /var/run/argocd/argocd-cmp-server
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
name: copyutil
{{- with .Values.repoServer.resources }}
resources:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.repoServer.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 10 }}
{{- end }}
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
{{- with .Values.repoServer.initContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.repoServer.nodeSelector }}
nodeSelector:
@ -328,29 +351,6 @@ spec:
path: tls.key
- key: ca.crt
path: ca.crt
initContainers:
- command:
- cp
- -n
- /usr/local/bin/argocd
- /var/run/argocd/argocd-cmp-server
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
name: copyutil
{{- with .Values.repoServer.resources }}
resources:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.repoServer.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 10 }}
{{- end }}
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
{{- with .Values.repoServer.initContainers }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.repoServer.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}

2
charts/argo-cd/templates/argocd-repo-server/pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.repoServer.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.repoServer.fullname" . }}

3
charts/argo-cd/templates/argocd-server/clusterrole.yaml
View file

@ -1,4 +1,5 @@
{{- if .Values.server.clusterAdminAccess.enabled }}
{{- $config := .Values.server.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:

11
charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml
View file

@ -1,16 +1,17 @@
{{- if .Values.server.clusterAdminAccess.enabled }}
{{- $config := .Values.server.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "argo-cd.server.fullname" . }}
name: {{ include "argo-cd.server.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "argo-cd.server.fullname" . }}
name: {{ include "argo-cd.server.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "argo-cd.serverServiceAccountName" . }}
name: {{ include "argo-cd.serverServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}

14
charts/argo-cd/templates/argocd-server/deployment.yaml
View file

@ -319,9 +319,6 @@ spec:
lifecycle:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.server.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- if .Values.server.extensions.enabled }}
- name: argocd-extensions
image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }}
@ -336,6 +333,13 @@ spec:
- name: tmp
mountPath: /tmp
{{- end }}
{{- with .Values.server.extraContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.server.initContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.server.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@ -406,10 +410,6 @@ spec:
path: tls.crt
- key: ca.crt
path: ca.crt
{{- with .Values.server.initContainers }}
initContainers:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.server.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}

57
charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
View file

@ -1,89 +1,72 @@
{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}}
{{- $serviceName := include "argo-cd.server.fullname" . -}}
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
{{- $paths := .Values.server.ingressGrpc.paths -}}
{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}}
{{- $pathType := .Values.server.ingressGrpc.pathType -}}
apiVersion: {{ include "argo-cd.apiVersion.ingress" . }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
{{- if .Values.server.ingressGrpc.annotations }}
annotations:
{{- range $key, $value := .Values.server.ingressGrpc.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ template "argo-cd.server.fullname" . }}-grpc
name: {{ include "argo-cd.server.fullname" . }}-grpc
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
{{- if .Values.server.ingressGrpc.labels }}
{{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }}
{{- with .Values.server.ingressGrpc.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.server.ingressGrpc.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
{{- with .Values.server.ingressGrpc.ingressClassName }}
ingressClassName: {{ . }}
{{- end }}
{{- end }}
rules:
{{- if .Values.server.ingressGrpc.hosts }}
{{- range $host := .Values.server.ingressGrpc.hosts }}
- host: {{ $host }}
http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end -}}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end -}}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- if .Values.server.ingressGrpc.tls }}
{{- with .Values.server.ingressGrpc.tls }}
tls:
{{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }}
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- end -}}

68
charts/argo-cd/templates/argocd-server/ingress.yaml
View file

@ -1,51 +1,45 @@
{{- if .Values.server.ingress.enabled -}}
{{- $serviceName := include "argo-cd.server.fullname" . -}}
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}}
{{- $paths := .Values.server.ingress.paths -}}
{{- $extraPaths := .Values.server.ingress.extraPaths -}}
{{- $pathType := .Values.server.ingress.pathType -}}
apiVersion: {{ include "argo-cd.apiVersion.ingress" . }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
{{- if .Values.server.ingress.annotations }}
annotations:
{{- range $key, $value := .Values.server.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }}
alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: |
[{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}]
{{- end }}
{{- end }}
name: {{ template "argo-cd.server.fullname" . }}
name: {{ include "argo-cd.server.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
{{- if .Values.server.ingress.labels }}
{{- toYaml .Values.server.ingress.labels | nindent 4 }}
{{- with .Values.server.ingress.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if .Values.server.ingress.annotations }}
annotations:
{{- range $key, $value := .Values.server.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }}
alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: |
[{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}]
{{- end }}
{{- end }}
spec:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
{{- with .Values.server.ingress.ingressClassName }}
ingressClassName: {{ . }}
{{- end }}
{{- end }}
rules:
{{- if .Values.server.ingress.hosts }}
{{- range $host := .Values.server.ingress.hosts }}
- host: {{ $host }}
http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
{{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: Prefix
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ template "argo-cd.server.fullname" $ }}-grpc
port:
@ -54,60 +48,42 @@ spec:
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc
servicePort: {{ $servicePort }}
{{- end }}
{{- end }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- if .Values.server.ingress.tls }}
{{- with .Values.server.ingress.tls }}
tls:
{{- toYaml .Values.server.ingress.tls | nindent 4 }}
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- end -}}

2
charts/argo-cd/templates/argocd-server/pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.server.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.server.fullname" . }}

44
charts/argo-cd/templates/dex/deployment.yaml
View file

@ -43,27 +43,6 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
initContainers:
- name: copyutil
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
command:
- cp
- -n
- /usr/local/bin/argocd
- /shared/argocd-dex
volumeMounts:
- mountPath: /shared
name: static-files
- mountPath: /tmp
name: dexconfig
resources:
{{- toYaml .Values.dex.resources | nindent 10 }}
securityContext:
{{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
{{- with .Values.dex.initContainers }}
{{- toYaml . | nindent 6 }}
{{- end }}
containers:
- name: {{ .Values.dex.name }}
image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
@ -136,7 +115,28 @@ spec:
- name: argocd-dex-server-tls
mountPath: /tls
{{- with .Values.dex.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
initContainers:
- name: copyutil
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
command:
- cp
- -n
- /usr/local/bin/argocd
- /shared/argocd-dex
volumeMounts:
- mountPath: /shared
name: static-files
- mountPath: /tmp
name: dexconfig
resources:
{{- toYaml .Values.dex.resources | nindent 10 }}
securityContext:
{{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
{{- with .Values.dex.initContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.dex.nodeSelector }}
nodeSelector:

2
charts/argo-cd/templates/dex/pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if and .Values.dex.enabled .Values.dex.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.dex.fullname" . }}

10
charts/argo-cd/templates/redis/deployment.yaml
View file

@ -41,10 +41,6 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }}
{{- with .Values.redis.initContainers }}
initContainers:
{{- toYaml . | nindent 6 }}
{{- end }}
containers:
- name: {{ .Values.redis.name }}
image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
@ -96,7 +92,11 @@ spec:
{{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }}
{{- end }}
{{- with .Values.redis.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.redis.initContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.redis.nodeSelector }}
nodeSelector:

2
charts/argo-cd/templates/redis/pdb.yaml
View file

@ -1,6 +1,6 @@
{{- $redisHa := index .Values "redis-ha" -}}
{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.redis.fullname" . }}

793
charts/argo-cd/values.yaml
View file

File diff suppressed because it is too large Load diff

8
charts/argo-events/Chart.yaml
View file

@ -1,8 +1,8 @@
apiVersion: v2
appVersion: v1.7.3
appVersion: v1.7.4
description: A Helm chart for Argo Events, the event-driven workflow automation framework
name: argo-events
version: 2.0.7
version: 2.0.11
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-events/assets/logo.png
keywords:
@ -15,6 +15,4 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)
- "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller/webhook .image.tag with a SHA digest"
- "[Fixed]: webhook.image.tag value now overrides the tag in the webhook deployment"
- "[Fixed]: Added missing NATS version in values.yaml"

3
charts/argo-events/README.md
View file

@ -57,7 +57,7 @@ done
| configs.jetstream.versions[0].natsImage | string | `"nats:latest"` | |
| configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | |
| configs.jetstream.versions[0].version | string | `"latest"` | |
| configs.nats.versions | list | `[{"metricsExporterImage":"natsio/prometheus-nats-exporter:latest","natsStreamingImage":"nats-streaming:latest","version":"latest"}]` | Supported versions of NATS event bus |
| configs.nats.versions | list | See [values.yaml] | Supported versions of NATS event bus |
| crds.annotations | object | `{}` | Annotations to be added to all CRDs |
| crds.install | bool | `true` | Install and upgrade CRDs |
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
@ -155,6 +155,7 @@ done
| webhook.pdb.labels | object | `{}` | Labels to be added to admission webhook pdb |
| webhook.podAnnotations | object | `{}` | Annotations to be added to event controller pods |
| webhook.podLabels | object | `{}` | Labels to be added to event controller pods |
| webhook.port | int | `443` | Port to listen on |
| webhook.priorityClassName | string | `""` | Priority class for the event controller pods |
| webhook.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| webhook.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |

11
charts/argo-events/templates/_helpers.tpl
View file

@ -125,3 +125,14 @@ Return the default Argo Events app version
{{- define "argo-events.defaultTag" -}}
{{- default .Chart.AppVersion .Values.global.image.tag }}
{{- end -}}
{{/*
Define Pdb apiVersion
*/}}
{{- define "argo-events.pdb.apiVersion" -}}
{{- if .Capabilities.APIVersions.Has "policy/v1" }}
{{- printf "policy/v1" -}}
{{- else }}
{{- printf "policy/v1beta1" -}}
{{- end }}
{{- end }}

2
charts/argo-events/templates/argo-events-controller/pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.controller.pdb.enabled }}
apiVersion: policy/v1beta1
apiVersion: {{ template "argo-events.pdb.apiVersion" . }}
kind: PodDisruptionBudget
metadata:
name: {{ template "argo-events.controller.fullname" . }}

4
charts/argo-events/templates/argo-events-webhook/deployment.yaml
View file

@ -50,6 +50,8 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: PORT
value: "{{ .Values.webhook.port }}"
{{- with .Values.webhook.env }}
{{- toYaml . | nindent 8 }}
{{- end }}
@ -63,7 +65,7 @@ spec:
{{- end }}
ports:
- name: webhook
containerPort: 443
containerPort: {{ .Values.webhook.port }}
protocol: TCP
livenessProbe:
tcpSocket:

2
charts/argo-events/templates/argo-events-webhook/pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if and .Values.webhook.enabled .Values.webhook.pdb.enabled (not .Values.controller.rbac.namespaced) }}
apiVersion: policy/v1beta1
apiVersion: {{ template "argo-events.pdb.apiVersion" . }}
kind: PodDisruptionBudget
metadata:
name: {{ template "argo-events.webhook.fullname" . }}

7
charts/argo-events/values.yaml
View file

@ -62,10 +62,14 @@ configs:
## NATS event bus
nats:
# -- Supported versions of NATS event bus
# @default -- See [values.yaml]
versions:
- version: latest
natsStreamingImage: nats-streaming:latest
metricsExporterImage: natsio/prometheus-nats-exporter:latest
- version: 0.22.1
natsStreamingImage: nats-streaming:0.22.1
metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0
## JetStream event bus
jetstream:
@ -315,6 +319,9 @@ webhook:
# -- Labels to be added to event controller pods
podLabels: {}
# -- Port to listen on
port: 443
# -- Event controller container-level security context
containerSecurityContext: {}
# capabilities:

5
charts/argo-rollouts/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
appVersion: v1.3.1
description: A Helm chart for Argo Rollouts
name: argo-rollouts
version: 2.21.1
version: 2.21.3
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
keywords:
@ -15,4 +15,5 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- "[Changed]: Upgrade ArgoRollouts to v1.3.1"
- "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)"
- "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller.image.tag with a SHA digest"

3
charts/argo-rollouts/README.md
View file

@ -88,6 +88,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
| controller.replicas | int | `2` | The number of controller pods to run |
| controller.resources | object | `{}` | Resource limits and requests for the controller pods. |
| controller.tolerations | list | `[]` | [Tolerations] for use with node taints |
| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller |
| podAnnotations | object | `{}` | Annotations to be added to the Rollout pods |
| podLabels | object | `{}` | Labels to be added to the Rollout pods |
| podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level |
@ -145,6 +146,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
| dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created |
| dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
| dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints |
| dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server |
## Upgrading
@ -174,6 +176,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/
[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
[Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets
[values.yaml]: values.yaml

1
charts/argo-rollouts/README.md.gotmpl
View file

@ -96,6 +96,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/
[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
[Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets
[values.yaml]: values.yaml

16
charts/argo-rollouts/templates/_helpers.tpl
View file

@ -31,6 +31,20 @@ Create chart name and version as used by the chart label.
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create kubernetes friendly chart version label.
Examples:
image.tag = v1.3.1
output = v1.3.1
image.tag = v1.3.1@sha256:38828e693b02e6f858d89fa22a9d9811d3d7a2430a1d4c7d687b6f509775c6ce
output = v1.3.1
*/}}
{{- define "argo-rollouts.chart_version_label" -}}
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default .Chart.AppVersion $.Values.controller.image.tag) "") "" | trunc 63 | quote -}}
{{- end -}}
{{/*
Common labels
*/}}
@ -38,7 +52,7 @@ Common labels
helm.sh/chart: {{ include "argo-rollouts.chart" . }}
{{ include "argo-rollouts.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ default .Chart.AppVersion $.Values.controller.image.tag | quote }}
app.kubernetes.io/version: {{ include "argo-rollouts.chart_version_label" . }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argo-rollouts

12
charts/argo-rollouts/templates/controller/deployment.yaml
View file

@ -83,6 +83,18 @@ spec:
affinity:
{{- toYaml .Values.controller.affinity | nindent 8 }}
{{- end }}
{{- with .Values.controller.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
{{- if not $constraint.labelSelector }}
labelSelector:
matchLabels:
app.kubernetes.io/component: {{ $.Values.controller.component }}
{{- include "argo-rollouts.selectorLabels" $ | nindent 12 }}
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.controller.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}

12
charts/argo-rollouts/templates/dashboard/deployment.yaml
View file

@ -65,6 +65,18 @@ spec:
affinity:
{{- toYaml .Values.dashboard.affinity | nindent 8 }}
{{- end }}
{{- with .Values.dashboard.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
{{- if not $constraint.labelSelector }}
labelSelector:
matchLabels:
{{- include "argo-rollouts.selectorLabels" $ | nindent 12 }}
app.kubernetes.io/component: {{ $.Values.dashboard.component }}
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.dashboard.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}

18
charts/argo-rollouts/values.yaml
View file

@ -47,6 +47,15 @@ controller:
tolerations: []
# -- Assign custom [affinity] rules to the deployment
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the controller
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- [priorityClassName] for the controller
priorityClassName: ""
# -- The number of controller pods to run
@ -194,6 +203,15 @@ dashboard:
tolerations: []
# -- Assign custom [affinity] rules to the deployment
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the dashboard server
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- [priorityClassName] for the dashboard server
priorityClassName: ""

5
charts/argo-workflows/Chart.yaml
View file

@ -3,7 +3,7 @@ appVersion: v3.4.4
name: argo-workflows
description: A Helm chart for Argo Workflows
type: application
version: 0.22.1
version: 0.22.8
icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png
home: https://github.com/argoproj/argo-helm
sources:
@ -13,5 +13,4 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)
- "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller/server/executor.image.tag with a SHA digest"
- "[Added]: Helm helper function to allow image registry to be absent"

11
charts/argo-workflows/README.md
View file

@ -13,6 +13,10 @@ A few options are:
- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec
- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
## Changelog
For full list of changes, please check ArtifactHub [changelog].
## Usage Notes
### Workflow controller
@ -45,6 +49,7 @@ Fields to note:
| crds.install | bool | `true` | Install and upgrade CRDs |
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
| createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds |
| emissary.images | list | `[]` | The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. |
| extraObjects | list | `[]` | Array of extra K8s manifests to deploy |
| fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template |
| images.pullPolicy | string | `"Always"` | imagePullPolicy to apply to all containers |
@ -82,6 +87,7 @@ Fields to note:
| controller.instanceID.enabled | bool | `false` | Configures the controller to filter workflow submissions to only those which have a matching instanceID attribute. |
| controller.instanceID.explicitID | string | `""` | Use a custom instanceID |
| controller.instanceID.useReleaseName | bool | `false` | Use ReleaseName as instanceID |
| controller.kubeConfig | object | `{}` (See [values.yaml]) | Configure when workflow controller runs in a different k8s cluster with the workflow workloads, or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. |
| controller.links | list | `[]` | Configure Argo Server to show custom [links] |
| controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller |
| controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
@ -99,11 +105,14 @@ Fields to note:
| controller.name | string | `"workflow-controller"` | Workflow controller name string |
| controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace |
| controller.navColor | string | `""` | Set ui navigation bar background color |
| controller.nodeEvents.enabled | bool | `true` | Enable to emit events on node completion. |
| controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] |
| controller.parallelism | string | `nil` | parallelism dictates how many workflows can be running at the same time |
| controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods |
| controller.persistence | object | `{}` | enable persistence using postgres |
| controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods |
| controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. |
| controller.podGCGracePeriodSeconds | string | `30` seconds (Kubernetes default) | Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. |
| controller.podLabels | object | `{}` | Optional labels to add to the controller pods |
| controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods |
| controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. |
@ -146,6 +155,7 @@ Fields to note:
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| mainContainer.env | list | `[]` | Adds environment variables for the Workflow main container |
| mainContainer.envFrom | list | `[]` | Adds reference environment variables for the Workflow main container |
| mainContainer.imagePullPolicy | string | `""` | imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. |
| mainContainer.resources | object | `{}` | Resource limits and requests for the Workflow main container |
| mainContainer.securityContext | object | `{}` | sets security context for the Workflow main container |
@ -257,3 +267,4 @@ Fields to note:
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog

5
charts/argo-workflows/README.md.gotmpl
View file

@ -13,6 +13,10 @@ A few options are:
- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec
- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
## Changelog
For full list of changes, please check ArtifactHub [changelog].
## Usage Notes
### Workflow controller
@ -135,3 +139,4 @@ Fields to note:
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog

22
charts/argo-workflows/templates/_helpers.tpl
View file

@ -129,17 +129,6 @@ Return the appropriate apiVersion for ingress
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for pod disruption budget
*/}}
{{- define "argo-workflows.podDisruptionBudget.apiVersion" -}}
{{- if semverCompare "<1.21-0" (include "argo-workflows.kubeVersion" $) -}}
{{- print "policy/v1beta1" -}}
{{- else -}}
{{- print "policy/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the target Kubernetes version
*/}}
@ -153,3 +142,14 @@ Return the default Argo Workflows app version
{{- define "argo-workflows.defaultTag" -}}
{{- default .Chart.AppVersion .Values.images.tag }}
{{- end -}}
{{/*
Return full image name including or excluding registry based on existence
*/}}
{{- define "argo-workflows.image" -}}
{{- if and .image.registry .image.repository -}}
{{ .image.registry }}/{{ .image.repository }}
{{- else -}}
{{ .image.repository }}
{{- end -}}
{{- end -}}

19
charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
View file

@ -25,7 +25,7 @@ data:
{{- with .Values.controller.initialDelay }}
initialDelay: {{ . }}
{{- end }}
{{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.securityContext}}
{{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.envFrom .Values.mainContainer.securityContext}}
mainContainer:
imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.mainContainer.imagePullPolicy }}
{{- with .Values.mainContainer.resources }}
@ -34,6 +34,9 @@ data:
{{- with .Values.mainContainer.env }}
env: {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.mainContainer.envFrom }}
envFrom: {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.mainContainer.securityContext }}
securityContext: {{- toYaml . | nindent 8 }}
{{- end }}
@ -170,3 +173,17 @@ data:
{{- with .Values.controller.retentionPolicy }}
retentionPolicy: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.emissary.images }}
images: {{- toYaml . | nindent 6 }}
{{- end }}
nodeEvents:
enabled: {{ .Values.controller.nodeEvents.enabled }}
{{- with .Values.controller.kubeConfig }}
kubeConfig: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.controller.podGCGracePeriodSeconds }}
podGCGracePeriodSeconds: {{ . }}
{{- end }}
{{- with .Values.controller.podGCDeleteDelayDuration }}
podGCDeleteDelayDuration: {{ . }}
{{- end }}

2
charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.controller.pdb.enabled }}
apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ template "argo-workflows.controller.fullname" . }}

4
charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml
View file

@ -34,14 +34,14 @@ spec:
{{- end }}
containers:
- name: controller
image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}"
image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}"
imagePullPolicy: {{ .Values.images.pullPolicy }}
command: [ "workflow-controller" ]
args:
- "--configmap"
- "{{ template "argo-workflows.controller.fullname" . }}-configmap"
- "--executor-image"
- "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}"
- "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}"
- "--loglevel"
- "{{ .Values.controller.logging.level }}"
- "--gloglevel"

2
charts/argo-workflows/templates/server/server-deployment-pdb.yaml
View file

@ -1,5 +1,5 @@
{{- if and .Values.server.enabled .Values.server.pdb.enabled -}}
apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ template "argo-workflows.server.fullname" . }}

2
charts/argo-workflows/templates/server/server-deployment.yaml
View file

@ -35,7 +35,7 @@ spec:
{{- end }}
containers:
- name: argo-server
image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}"
image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.server.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}"
imagePullPolicy: {{ .Values.images.pullPolicy }}
securityContext:
{{- toYaml .Values.server.securityContext | nindent 12 }}

38
charts/argo-workflows/values.yaml
View file

@ -297,6 +297,33 @@ controller:
# failed: 3
# errored: 3
nodeEvents:
# -- Enable to emit events on node completion.
## This can take up a lot of space in k8s (typically etcd) resulting in errors when trying to create new events:
## "Unable to create audit event: etcdserver: mvcc: database space exceeded"
enabled: true
# -- Configure when workflow controller runs in a different k8s cluster with the workflow workloads,
# or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret.
# @default -- `{}` (See [values.yaml])
kubeConfig: {}
# # name of the kubeconfig secret, may not be empty when kubeConfig specified
# secretName: kubeconfig-secret
# # key of the kubeconfig secret, may not be empty when kubeConfig specified
# secretKey: kubeconfig
# # mounting path of the kubeconfig secret, default to /kube/config
# mountPath: /kubeconfig/mount/path
# # volume name when mounting the secret, default to kubeconfig
# volumeName: kube-config-volume
# -- Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately.
# @default -- `30` seconds (Kubernetes default)
podGCGracePeriodSeconds:
# -- The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately.
# @default -- `5s` (Argo Workflows default)
podGCDeleteDelayDuration: ""
# mainContainer adds default config for main container that could be overriden in workflows template
mainContainer:
# -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`.
@ -305,6 +332,8 @@ mainContainer:
resources: {}
# -- Adds environment variables for the Workflow main container
env: []
# -- Adds reference environment variables for the Workflow main container
envFrom: []
# -- sets security context for the Workflow main container
securityContext: {}
@ -630,3 +659,12 @@ customArtifactRepository: {}
# passwordSecret:
# name: artifactory-creds
# key: password
emissary:
# -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used.
## See more: https://argoproj.github.io/argo-workflows/workflow-executors/#emissary-emissary
images: []
# argoproj/argosay:v2:
# cmd: [/argosay]
# docker/whalesay:latest:
# cmd: [/bin/bash]

4
charts/argocd-apps/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
name: argocd-apps
description: A Helm chart for managing additional Argo CD Applications and Projects
type: application
version: 0.0.4
version: 0.0.6
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
keywords:
@ -14,4 +14,4 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- "[Changed]: Projects templates"
- "[Added]: Changelog link on README"

6
charts/argocd-apps/README.md
View file

@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late
- CRDs (Application and AppProject)
- You need to install them via [argo-cd Helm chart](../argo-cd) or upstream.
## Changelog
For full list of changes, please check ArtifactHub [changelog].
## Installation
```console
@ -31,3 +35,5 @@ $ helm install my-release argo/argocd-apps
----------------------------------------------
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog

6
charts/argocd-apps/README.md.gotmpl
View file

@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late
- CRDs (Application and AppProject)
- You need to install them via [argo-cd Helm chart](../argo-cd) or upstream.
## Changelog
For full list of changes, please check ArtifactHub [changelog].
## Installation
```console
@ -24,3 +28,5 @@ $ helm install my-release argo/argocd-apps
----------------------------------------------
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog

4
charts/argocd-apps/templates/projects.yaml
View file

@ -63,4 +63,8 @@ spec:
signatureKeys:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .sourceNamespaces }}
sourceNamespaces:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

2
charts/argocd-apps/values.yaml
View file

@ -74,6 +74,8 @@ projects: []
# manualSync: true
# signatureKeys:
# - keyID: ABCDEF1234567890
# sourceNamespaces:
# - argocd
# -- Deploy Argo CD ApplicationSets within this helm release
# @default -- `[]` (See [values.yaml])