diff --git a/.gitignore b/.gitignore index 2529e3b1..2786867c 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ output .DS_Store .idea **/*.tgz +**/charts/*/charts diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 71e62126..6414551e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "1.6.1" +appVersion: "1.6.2" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.5.0 +version: 2.6.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 0318e13d..44a907a0 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -68,6 +68,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | installCRDs | Install CRDs if you are using Helm2. | `true` | +| configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | | configs.secret.annotations | Annotations for argocd-secret | `{}` | | configs.secret.argocdServerAdminPassword | Bcrypt hashed admin password | `null` | @@ -76,6 +77,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | configs.secret.createSecret | Create the argocd-secret. | `true` | | configs.secret.githubSecret | GitHub incoming webhook secret | `""` | | configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` | +| configs.tlsCertsAnnotations | TLS certificate configmap annotations | `{}` | | configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) | | configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` | | openshift.enabled | enables using arbitrary uid for argo repo server | `false` | @@ -86,6 +88,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i |-----|---------|-------------| | controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | | controller.args.operationProcessors | define the controller `--operation-processors` | `"10"` | +| controller.args.appResyncPeriod | define the controller `--app-resync` | `"180"` | | controller.args.statusProcessors | define the controller `--status-processors` | `"20"` | | controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | | controller.containerPort | Controller listening port. | `8082` | @@ -194,6 +197,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | server.certificate.enabled | Enables a certificate manager certificate. | `false` | | server.certificate.issuer | Certificate manager issuer | `{}` | | server.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | +| server.configAnnotations | ArgoCD configuration configmap annotations | `{}` | | server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | @@ -231,6 +235,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | server.podAnnotations | Annotations for the server pods | `{}` | | server.podLabels | Labels for the server pods | `{}` | | server.priorityClassName | Priority class for the server | `""` | +| server.rbacConfigAnnotations | RBAC configmap annotations | `{}` | | server.rbacConfig | [Argo CD RBAC policy](https://argoproj.github.io/argo-cd/operator-manual/rbac/) | `{}` | | server.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | | server.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | @@ -306,6 +311,7 @@ through `xxx.extraArgs` | redis.podLabels | Labels for the Redis server pods | `{}` | | redis.priorityClassName | Priority class for redis | `""` | | redis.resources | Resource limits and requests for redis | `{}` | +| redis.securityContext | Redis Pod Security Context | See [values.yaml](values.yaml) | | redis.servicePort | Redis service port | `6379` | | redis.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | redis-ha | Configures [Redis HA subchart](https://github.com/helm/charts/tree/master/stable/redis-ha) The properties below have been changed from the subchart defaults | | diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index e51c04bb..b18d2058 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -23,14 +23,10 @@ spec: description: Application is a definition of Application resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -50,33 +46,50 @@ spec: type: object type: array initiatedBy: - description: OperationInitiator holds information about the operation - initiator + description: OperationInitiator holds information about the operation initiator properties: automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. + description: Automated is set to true if operation was initiated automatically by the application controller. type: boolean username: description: Name of a user who started operation. type: string type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object sync: description: SyncOperation contains sync operation details. properties: dryRun: - description: DryRun will perform a `kubectl apply --dry-run` without - actually performing the sync + description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync type: boolean manifests: - description: Manifests is an optional field that overrides sync - source with a local directory for development + description: Manifests is an optional field that overrides sync source with a local directory for development items: type: string type: array prune: - description: Prune deletes resources that are no longer tracked - in git + description: Prune deletes resources that are no longer tracked in git type: boolean resources: description: Resources describes which resources to sync @@ -89,19 +102,18 @@ spec: type: string name: type: string + namespace: + type: string required: - kind - name type: object type: array revision: - description: Revision is the revision in which to sync the application - to. If omitted, will use the revision specified in app spec. + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. type: string source: - description: Source overrides the source definition set in the application. - This is typically set in a Rollback operation and nil during a - Sync operation + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation properties: chart: description: Chart is a Helm chart name @@ -110,8 +122,7 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific - options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: description: ExtVars is a list of Jsonnet External Variables @@ -129,6 +140,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -153,11 +169,9 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm - template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to - a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter @@ -173,8 +187,7 @@ spec: description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -185,30 +198,25 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will use - the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined as - a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: description: KsonnetParameter is a ksonnet component parameter properties: @@ -238,12 +246,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -253,8 +259,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -274,13 +279,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch - in which to sync the application to. If omitted, will sync - to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -294,55 +296,42 @@ spec: description: SyncStrategy describes how to perform the sync properties: apply: - description: Apply wil perform a `kubectl apply` to perform - the sync. + description: Apply wil perform a `kubectl apply` to perform the sync. properties: force: - description: Force indicates whether or not to supply the - --force flag to `kubectl apply`. The --force flag deletes - and re-create the resource, when PATCH encounters conflict - and has retried for 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object hook: - description: Hook will submit any referenced resources to perform - the sync. This is the default strategy + description: Hook will submit any referenced resources to perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to supply the - --force flag to `kubectl apply`. The --force flag deletes - and re-create the resource, when PATCH encounters conflict - and has retried for 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object type: object type: object type: object spec: - description: ApplicationSpec represents desired application state. Contains - link to repository with application definition and additional parameters - link definition revision. + description: ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. properties: destination: - description: Destination overrides the kubernetes server and namespace - defined in the environment ksonnet app.yaml + description: Destination overrides the kubernetes server and namespace defined in the environment ksonnet app.yaml properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string namespace: - description: Namespace overrides the environment namespace value - in the ksonnet app.yaml + description: Namespace overrides the environment namespace value in the ksonnet app.yaml type: string server: - description: Server overrides the environment server value in the - ksonnet app.yaml + description: Server overrides the environment server value in the ksonnet app.yaml type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources fields which should - be ignored during comparison + description: IgnoreDifferences controls resources fields which should be ignored during comparison items: - description: ResourceIgnoreDifferences contains resource filter and - list of json paths which should be ignored during comparison with - live state. + description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. properties: group: type: string @@ -362,8 +351,7 @@ spec: type: object type: array info: - description: Infos contains a list of useful information (URLs, email - addresses, and plain text) that relates to the application + description: Infos contains a list of useful information (URLs, email addresses, and plain text) that relates to the application items: properties: name: @@ -376,20 +364,14 @@ spec: type: object type: array project: - description: Project is a application project name. Empty name means - that application belongs to 'default' project. + description: Project is a application project name. Empty name means that application belongs to 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept in the apps revision - history. This should only be changed in exceptional circumstances. - Setting to zero will store no history. This will reduce storage used. - Increasing will increase the space used to store the history, so we - do not recommend increasing it. Default is 10. + description: This limits this number of items kept in the apps revision history. This should only be changed in exceptional circumstances. Setting to zero will store no history. This will reduce storage used. Increasing will increase the space used to store the history, so we do not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location ksonnet application - definition + description: Source is a reference to the location ksonnet application definition properties: chart: description: Chart is a Helm chart name @@ -398,8 +380,7 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific - options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: description: ExtVars is a list of Jsonnet External Variables @@ -417,6 +398,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -441,11 +427,9 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm - template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to a helm - template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter @@ -461,8 +445,7 @@ spec: description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to tell Helm - to interpret booleans and numbers as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -473,12 +456,10 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will use the - application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to use - when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array @@ -490,12 +471,10 @@ spec: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component parameter - override values + description: Parameters are a list of ksonnet component parameter override values items: description: KsonnetParameter is a ksonnet component parameter properties: @@ -525,12 +504,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for - kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for - kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -540,8 +517,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management plugin - specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -564,8 +540,7 @@ spec: description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch in - which to sync the application to. If omitted, will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -574,17 +549,37 @@ spec: description: SyncPolicy controls when a sync will be performed properties: automated: - description: Automated will keep an application synced to the target - revision + description: Automated will keep an application synced to the target revision properties: prune: - description: 'Prune will prune resources automatically as part - of automated sync (default: false)' + description: 'Prune will prune resources automatically as part of automated sync (default: false)' type: boolean selfHeal: description: 'SelfHeal enables auto-syncing if (default: false)' type: boolean type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object syncOptions: description: Options allow you to specify whole app sync-options items: @@ -597,22 +592,18 @@ spec: - source type: object status: - description: ApplicationStatus contains information about application sync, - health status + description: ApplicationStatus contains information about application sync, health status properties: conditions: items: - description: ApplicationCondition contains details about current application - condition + description: ApplicationCondition contains details about current application condition properties: lastTransitionTime: - description: LastTransitionTime is the time the condition was - first observed. + description: LastTransitionTime is the time the condition was first observed. format: date-time type: string message: - description: Message contains human-readable message indicating - details about condition + description: Message contains human-readable message indicating details about condition type: string type: description: Type is an application condition type @@ -631,23 +622,27 @@ spec: type: string type: object history: - description: RevisionHistories is a array of history, oldest first and - newest last + description: RevisionHistories is a array of history, oldest first and newest last items: - description: RevisionHistory contains information relevant to an application - deployment + description: RevisionHistory contains information relevant to an application deployment properties: + deployStartedAt: + description: DeployStartedAt holds the time the deployment started + format: date-time + type: string deployedAt: + description: DeployedAt holds the time the deployment completed format: date-time type: string id: + description: ID is an auto incrementing identifier of the RevisionHistory format: int64 type: integer revision: + description: Revision holds the revision of the sync type: string source: - description: ApplicationSource contains information about github - repository, path within repository and target application environment. + description: ApplicationSource contains information about github repository, path within repository and target application environment. properties: chart: description: Chart is a Helm chart name @@ -656,12 +651,10 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific - options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -676,6 +669,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -700,30 +698,25 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the - helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to - a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the helm - parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -734,33 +727,27 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will - use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -788,12 +775,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -803,8 +788,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -824,13 +808,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch - in which to sync the application to. If omitted, will sync - to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -842,21 +823,18 @@ spec: type: object type: array observedAt: - description: ObservedAt indicates when the application state was updated - without querying latest git state + description: ObservedAt indicates when the application state was updated without querying latest git state format: date-time type: string operationState: - description: OperationState contains information about state of currently - performing operation on application. + description: OperationState contains information about state of currently performing operation on application. properties: finishedAt: description: FinishedAt contains time of operation completion format: date-time type: string message: - description: Message hold any pertinent messages when attempting - to perform operation (typically errors). + description: Message hold any pertinent messages when attempting to perform operation (typically errors). type: string operation: description: Operation is the original requested operation @@ -874,39 +852,55 @@ spec: type: object type: array initiatedBy: - description: OperationInitiator holds information about the - operation initiator + description: OperationInitiator holds information about the operation initiator properties: automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. + description: Automated is set to true if operation was initiated automatically by the application controller. type: boolean username: description: Name of a user who started operation. type: string type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object sync: description: SyncOperation contains sync operation details. properties: dryRun: - description: DryRun will perform a `kubectl apply --dry-run` - without actually performing the sync + description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync type: boolean manifests: - description: Manifests is an optional field that overrides - sync source with a local directory for development + description: Manifests is an optional field that overrides sync source with a local directory for development items: type: string type: array prune: - description: Prune deletes resources that are no longer - tracked in git + description: Prune deletes resources that are no longer tracked in git type: boolean resources: description: Resources describes which resources to sync items: - description: SyncOperationResource contains resources - to sync. + description: SyncOperationResource contains resources to sync. properties: group: type: string @@ -914,35 +908,30 @@ spec: type: string name: type: string + namespace: + type: string required: - kind - name type: object type: array revision: - description: Revision is the revision in which to sync the - application to. If omitted, will use the revision specified - in app spec. + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. type: string source: - description: Source overrides the source definition set - in the application. This is typically set in a Rollback - operation and nil during a Sync operation + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation properties: chart: description: Chart is a Helm chart name type: string directory: - description: Directory holds path/directory specific - options + description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -957,9 +946,13 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments + description: TLAS is a list of Jsonnet Top-level Arguments items: description: JsonnetVar is a jsonnet variable properties: @@ -982,72 +975,56 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters - to the helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter - to a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: - description: Name is the name of the helm - parameter + description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the - helm parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm - template + description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a - helm template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: - description: Name is the name of the helm - parameter + description: Name is the name of the helm parameter type: string value: - description: Value is the value for the helm - parameter + description: Value is the value for the helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it - will use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application - environment name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -1067,8 +1044,7 @@ spec: commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels adds additional kustomize commonLabels type: object images: description: Images are kustomize image overrides @@ -1076,25 +1052,20 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to - resources for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to - resources for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: - description: Version contains optional Kustomize - version + description: Version contains optional Kustomize version type: string type: object path: - description: Path is a directory path within the Git - repository + description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -1114,20 +1085,16 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, - or branch in which to sync the application to. If - omitted, will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL type: object syncOptions: - description: SyncOptions provide per-sync sync-options, - e.g. Validate=false + description: SyncOptions provide per-sync sync-options, e.g. Validate=false items: type: string type: array @@ -1135,27 +1102,17 @@ spec: description: SyncStrategy describes how to perform the sync properties: apply: - description: Apply wil perform a `kubectl apply` to - perform the sync. + description: Apply wil perform a `kubectl apply` to perform the sync. properties: force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force - flag deletes and re-create the resource, when - PATCH encounters conflict and has retried for - 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object hook: - description: Hook will submit any referenced resources - to perform the sync. This is the default strategy + description: Hook will submit any referenced resources to perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force - flag deletes and re-create the resource, when - PATCH encounters conflict and has retried for - 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object type: object @@ -1164,6 +1121,10 @@ spec: phase: description: Phase is the current phase of the operation type: string + retryCount: + description: RetryCount contains time of operation retries + format: int64 + type: integer startedAt: description: StartedAt contains time of operation start format: date-time @@ -1172,22 +1133,17 @@ spec: description: SyncResult is the result of a Sync operation properties: resources: - description: Resources holds the sync result of each individual - resource + description: Resources holds the sync result of each individual resource items: - description: ResourceResult holds the operation result details - of a specific resource + description: ResourceResult holds the operation result details of a specific resource properties: group: type: string hookPhase: - description: 'the state of any operation associated with - this resource OR hook note: can contain values for non-hook - resources' + description: 'the state of any operation associated with this resource OR hook note: can contain values for non-hook resources' type: string hookType: - description: the type of the hook, empty for non-hook - resources + description: the type of the hook, empty for non-hook resources type: string kind: type: string @@ -1199,13 +1155,10 @@ spec: namespace: type: string status: - description: the final result of the sync, this is be - empty if the resources is yet to be applied/pruned and - is always zero-value for hooks + description: the final result of the sync, this is be empty if the resources is yet to be applied/pruned and is always zero-value for hooks type: string syncPhase: - description: indicates the particular phase of the sync - that this is for + description: indicates the particular phase of the sync that this is for type: string version: type: string @@ -1221,8 +1174,7 @@ spec: description: Revision holds the revision of the sync type: string source: - description: Source records the application source information - of the sync, used for comparing auto-sync + description: Source records the application source information of the sync, used for comparing auto-sync properties: chart: description: Chart is a Helm chart name @@ -1231,12 +1183,10 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -1251,9 +1201,13 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments + description: TLAS is a list of Jsonnet Top-level Arguments items: description: JsonnetVar is a jsonnet variable properties: @@ -1276,31 +1230,25 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the - helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter - to a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the helm - parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -1311,33 +1259,27 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will - use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -1357,8 +1299,7 @@ spec: commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels adds additional kustomize commonLabels type: object images: description: Images are kustomize image overrides @@ -1366,12 +1307,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -1381,8 +1320,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -1402,13 +1340,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or - branch in which to sync the application to. If omitted, - will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -1422,14 +1357,12 @@ spec: - startedAt type: object reconciledAt: - description: ReconciledAt indicates when the application state was reconciled - using the latest git version + description: ReconciledAt indicates when the application state was reconciled using the latest git version format: date-time type: string resources: items: - description: ResourceStatus holds the current sync and health status - of a resource + description: ResourceStatus holds the current sync and health status of a resource properties: group: type: string @@ -1452,8 +1385,7 @@ spec: requiresPruning: type: boolean status: - description: SyncStatusCode is a type which represents possible - comparison results + description: SyncStatusCode is a type which represents possible comparison results type: string version: type: string @@ -1464,8 +1396,7 @@ spec: summary: properties: externalURLs: - description: ExternalURLs holds all external URLs of application - child resources. + description: ExternalURLs holds all external URLs of application child resources. items: type: string type: array @@ -1476,30 +1407,26 @@ spec: type: array type: object sync: - description: SyncStatus is a comparison result of application spec and - deployed application. + description: SyncStatus is a comparison result of application spec and deployed application. properties: comparedTo: - description: ComparedTo contains application source and target which - was used for resources comparison + description: ComparedTo contains application source and target which was used for resources comparison properties: destination: - description: ApplicationDestination contains deployment destination - information + description: ApplicationDestination contains deployment destination information properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string namespace: - description: Namespace overrides the environment namespace - value in the ksonnet app.yaml + description: Namespace overrides the environment namespace value in the ksonnet app.yaml type: string server: - description: Server overrides the environment server value - in the ksonnet app.yaml + description: Server overrides the environment server value in the ksonnet app.yaml type: string type: object source: - description: ApplicationSource contains information about github - repository, path within repository and target application - environment. + description: ApplicationSource contains information about github repository, path within repository and target application environment. properties: chart: description: Chart is a Helm chart name @@ -1508,12 +1435,10 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -1528,9 +1453,13 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments + description: TLAS is a list of Jsonnet Top-level Arguments items: description: JsonnetVar is a jsonnet variable properties: @@ -1553,31 +1482,25 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the - helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter - to a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the helm - parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -1588,33 +1511,27 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will - use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -1634,8 +1551,7 @@ spec: commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels adds additional kustomize commonLabels type: object images: description: Images are kustomize image overrides @@ -1643,12 +1559,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -1658,8 +1572,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -1679,13 +1592,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or - branch in which to sync the application to. If omitted, - will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -1697,8 +1607,7 @@ spec: revision: type: string status: - description: SyncStatusCode is a type which represents possible - comparison results + description: SyncStatusCode is a type which represents possible comparison results type: string required: - status @@ -1712,4 +1621,4 @@ spec: versions: - name: v1alpha1 served: true - storage: true + storage: true \ No newline at end of file diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 386dcb83..5ac16fa2 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -20,34 +20,37 @@ spec: scope: Namespaced validation: openAPIV3Schema: - description: 'AppProject provides a logical grouping of applications, providing - controls for: * where the apps may deploy to (cluster whitelist) * what may - be deployed (repository whitelist, resource whitelist/blacklist) * who can - access these applications (roles, OIDC group claims bindings) * and what they - can do (RBAC policies) * automation access to these roles (JWT tokens)' + description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)' properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: AppProjectSpec is the specification of an AppProject properties: - clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted cluster - level resources + clusterResourceBlacklist: + description: ClusterResourceBlacklist contains list of blacklisted cluster level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + clusterResourceWhitelist: + description: ClusterResourceWhitelist contains list of whitelisted cluster level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types properties: group: type: string @@ -62,29 +65,25 @@ spec: description: Description contains optional project description type: string destinations: - description: Destinations contains list of destinations available for - deployment + description: Destinations contains list of destinations available for deployment items: - description: ApplicationDestination contains deployment destination - information + description: ApplicationDestination contains deployment destination information properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string namespace: - description: Namespace overrides the environment namespace value - in the ksonnet app.yaml + description: Namespace overrides the environment namespace value in the ksonnet app.yaml type: string server: - description: Server overrides the environment server value in - the ksonnet app.yaml + description: Server overrides the environment server value in the ksonnet app.yaml type: string type: object type: array namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted - namespace level resources + description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types properties: group: type: string @@ -96,12 +95,9 @@ spec: type: object type: array namespaceResourceWhitelist: - description: NamespaceResourceWhitelist contains list of whitelisted - namespace level resources + description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types properties: group: type: string @@ -113,17 +109,25 @@ spec: type: object type: array orphanedResources: - description: OrphanedResources specifies if controller should monitor - orphaned resources of apps in this project + description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project properties: + ignore: + items: + properties: + group: + type: string + kind: + type: string + name: + type: string + type: object + type: array warn: - description: Warn indicates if warning condition should be created - for apps which have orphaned resources + description: Warn indicates if warning condition should be created for apps which have orphaned resources type: boolean type: object roles: - description: Roles are user defined RBAC roles associated with this - project + description: Roles are user defined RBAC roles associated with this project items: description: ProjectRole represents a role that has access to a project properties: @@ -131,17 +135,14 @@ spec: description: Description is a description of the role type: string groups: - description: Groups are a list of OIDC group claims bound to this - role + description: Groups are a list of OIDC group claims bound to this role items: type: string type: array jwtTokens: - description: JWTTokens are a list of generated JWT tokens bound - to this role + description: JWTTokens are a list of generated JWT tokens bound to this role items: - description: JWTToken holds the issuedAt and expiresAt values - of a token + description: JWTToken holds the issuedAt and expiresAt values of a token properties: exp: format: int64 @@ -159,8 +160,7 @@ spec: description: Name is a name for this role type: string policies: - description: Policies Stores a list of casbin formated strings - that define access policies for the role in the project + description: Policies Stores a list of casbin formated strings that define access policies for the role in the project items: type: string type: array @@ -168,55 +168,83 @@ spec: - name type: object type: array + signatureKeys: + description: List of PGP key IDs that commits to be synced to must be signed with + items: + description: SignatureKey is the specification of a key required to verify commit signatures with + properties: + keyID: + description: The ID of the key in hexadecimal notation + type: string + required: + - keyID + type: object + type: array sourceRepos: - description: SourceRepos contains list of repository URLs which can - be used for deployment + description: SourceRepos contains list of repository URLs which can be used for deployment items: type: string type: array syncWindows: - description: SyncWindows controls when syncs can be run for apps in - this project + description: SyncWindows controls when syncs can be run for apps in this project items: - description: SyncWindow contains the kind, time, duration and attributes - that are used to assign the syncWindows to apps + description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps properties: applications: - description: Applications contains a list of applications that - the window will apply to + description: Applications contains a list of applications that the window will apply to items: type: string type: array clusters: - description: Clusters contains a list of clusters that the window - will apply to + description: Clusters contains a list of clusters that the window will apply to items: type: string type: array duration: - description: Duration is the amount of time the sync window will - be open + description: Duration is the amount of time the sync window will be open type: string kind: description: Kind defines if the window allows or blocks syncs type: string manualSync: - description: ManualSync enables manual syncs when they would otherwise - be blocked + description: ManualSync enables manual syncs when they would otherwise be blocked type: boolean namespaces: - description: Namespaces contains a list of namespaces that the - window will apply to + description: Namespaces contains a list of namespaces that the window will apply to items: type: string type: array schedule: - description: Schedule is the time the window will begin, specified - in cron format + description: Schedule is the time the window will begin, specified in cron format type: string type: object type: array type: object + status: + description: AppProjectStatus contains information about appproj + properties: + jwtTokensByRole: + additionalProperties: + properties: + items: + items: + description: JWTToken holds the issuedAt and expiresAt values of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + type: object + type: object + type: object required: - metadata - spec @@ -225,4 +253,4 @@ spec: versions: - name: v1alpha1 served: true - storage: true + storage: true \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 97119083..c9f45142 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -52,6 +52,8 @@ spec: - {{ .Values.controller.args.statusProcessors | quote }} - --operation-processors - {{ .Values.controller.args.operationProcessors | quote }} + - --app-resync + - {{ .Values.controller.args.appResyncPeriod | quote }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - --loglevel @@ -121,3 +123,6 @@ spec: volumes: {{- toYaml .Values.controller.volumes | nindent 8 }} {{- end }} +{{- if .Values.controller.priorityClassName }} + priorityClassName: {{ .Values.controller.priorityClassName }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 8f83fd6b..0ce489bc 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -9,5 +9,11 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.server.configAnnotations }} + annotations: + {{- range $key, $value := .Values.server.configAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} data: {{- toYaml .Values.server.config | nindent 4 }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index a4b8e92f..8bbb7a93 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -9,6 +9,12 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.server.rbacConfigAnnotations }} + annotations: + {{- range $key, $value := .Values.server.rbacConfigAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} {{- if .Values.server.rbacConfig }} data: {{- toYaml .Values.server.rbacConfig | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index cf424661..6a8f6dee 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -9,4 +9,10 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.configs.knownHostsAnnotations }} + annotations: + {{- range $key, $value := .Values.configs.knownHostsAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: argocd-ssh-known-hosts-cm \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index e36fab55..a12ce59e 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -11,4 +11,10 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.configs.tlsCertsAnnotations }} + annotations: + {{- range $key, $value := .Values.configs.tlsCertsAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: argocd-tls-certs-cm \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 9268cc65..8aed308e 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -152,3 +152,6 @@ spec: initContainers: {{- toYaml .Values.repoServer.initContainers | nindent 6 }} {{- end }} +{{- if .Values.repoServer.priorityClassName }} + priorityClassName: {{ .Values.repoServer.priorityClassName }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index d73e3df4..ca7c9ba4 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -151,3 +151,6 @@ spec: name: argocd-tls-certs-cm name: tls-certs {{- end }} +{{- if .Values.server.priorityClassName }} + priorityClassName: {{ .Values.server.priorityClassName }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 42538d61..d2894273 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -2,6 +2,7 @@ {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} +{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} apiVersion: networking.k8s.io/v1beta1 {{ else }} @@ -33,6 +34,9 @@ spec: - host: {{ $host }} http: paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end -}} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -43,6 +47,9 @@ spec: {{- else }} - http: paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end -}} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -54,4 +61,4 @@ spec: tls: {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 056776a4..4be764a3 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -2,6 +2,7 @@ {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} +{{- $extraPaths := .Values.server.ingress.extraPaths -}} {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} apiVersion: networking.k8s.io/v1beta1 {{ else }} @@ -33,6 +34,9 @@ spec: - host: {{ $host }} http: paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -43,6 +47,9 @@ spec: {{- else }} - http: paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -54,4 +61,4 @@ spec: tls: {{- toYaml .Values.server.ingress.tls | nindent 4 }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/projects.yaml b/charts/argo-cd/templates/argocd-server/projects.yaml index 3f768bf0..6b85889d 100644 --- a/charts/argo-cd/templates/argocd-server/projects.yaml +++ b/charts/argo-cd/templates/argocd-server/projects.yaml @@ -46,5 +46,9 @@ items: roles: {{- toYaml .roles | nindent 8 }} {{- end }} + {{- if .syncWindows }} + syncWindows: +{{- toYaml .syncWindows | nindent 8 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index d2fde3e3..5bae8b18 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -103,4 +103,7 @@ spec: volumes: {{- toYaml .Values.dex.volumes | nindent 8}} {{- end }} +{{- if .Values.dex.priorityClassName }} + priorityClassName: {{ .Values.dex.priorityClassName }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 7531f6d2..58934683 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -41,8 +41,8 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} automountServiceAccountToken: false - {{- if .Values.global.securityContext }} - securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- if .Values.redis.securityContext }} + securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }} {{- end }} containers: - name: {{ template "argo-cd.redis.fullname" . }} @@ -85,4 +85,7 @@ spec: volumes: {{- toYaml .Values.redis.volumes | nindent 8}} {{- end }} +{{- if .Values.redis.priorityClassName }} + priorityClassName: {{ .Values.redis.priorityClassName }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3eee07d1..5a8abb51 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.6.1 + tag: v1.6.2 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -28,13 +28,14 @@ controller: image: repository: # argoproj/argocd - tag: # v1.6.1 + tag: # v1.6.2 imagePullPolicy: # IfNotPresent ## Argo controller commandline flags args: statusProcessors: "20" operationProcessors: "10" + appResyncPeriod: "180" ## Argo controller log level logLevel: info @@ -276,6 +277,12 @@ redis: # drop: # - all + ## Redis Pod specific security context + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + runAsNonRoot: true resources: {} # limits: @@ -447,6 +454,12 @@ server: # - argocd.example.com paths: - / + extraPaths: + [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation tls: [] # - secretName: argocd-example-tls @@ -469,6 +482,12 @@ server: # - argocd.example.com paths: - / + extraPaths: + [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation tls: [] # - secretName: argocd-example-tls @@ -515,6 +534,9 @@ server: # - profile # - email + ## Annotations to be added to ArgoCD ConfigMap + configAnnotations: {} + ## ArgoCD rbac config ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbacConfig: @@ -538,6 +560,9 @@ server: # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. # scopes: '[cognito:groups, email]' + ## Annotations to be added to ArgoCD rbac ConfigMap + rbacConfigAnnotations: {} + ## Not well tested and not well supported on release v1.0.0. ## Applications ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ @@ -591,6 +616,13 @@ server: # kind: StatefulSet # orphanedResources: {} # roles: [] + # syncWindows: + # - kind: allow + # schedule: '10 1 * * *' + # duration: 1h + # applications: + # - '*-prod' + # manualSync: true ## Enable Admin ClusterRole resources. ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. @@ -756,6 +788,7 @@ repoServer: ## Argo Configs configs: + knownHostsAnnotations: {} knownHosts: data: ssh_known_hosts: | @@ -766,6 +799,7 @@ configs: gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + tlsCertsAnnotations: {} tlsCerts: {} # data: diff --git a/charts/argo-ci/Chart.yaml b/charts/argo-ci/Chart.yaml index 337de899..b658915d 100644 --- a/charts/argo-ci/Chart.yaml +++ b/charts/argo-ci/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart for Argo-CI name: argo-ci -version: 0.1.6 +version: 0.1.7 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png appVersion: v1.0.0-alpha2 home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-ci/templates/ci-deployment.yaml b/charts/argo-ci/templates/ci-deployment.yaml index 1995f29c..bf2e4121 100644 --- a/charts/argo-ci/templates/ci-deployment.yaml +++ b/charts/argo-ci/templates/ci-deployment.yaml @@ -33,3 +33,7 @@ spec: ports: - containerPort: 8001 - containerPort: 8002 + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-ci/values.yaml b/charts/argo-ci/values.yaml index cccff91b..86dadf98 100644 --- a/charts/argo-ci/values.yaml +++ b/charts/argo-ci/values.yaml @@ -2,6 +2,9 @@ imageNamespace: argoproj ciImage: argoci imageTag: v1.0.0-alpha2 imagePullPolicy: Always +# Secrets with credentials to pull images from a private registry +imagePullSecrets: [] +# - name: argo-pull-secret workflowNamespace: default argo: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 4d953bcf..9da7eea6 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,15 +1,17 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.14.0 +version: 0.17.1 keywords: - argo-events - sensor-controller - - gateway-controller + - eventsource-controller + - eventbus-controller sources: - https://github.com/argoproj/argo-events maintainers: - name: VaibhavPage -appVersion: 0.14.0 + - name: whynowy +appVersion: 0.17.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 5dd63adb..3c375c3a 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -2,13 +2,14 @@ This is a **community maintained** chart. It installs the [argo-events](https://github.com/argoproj/argo-events) application. This application comes packaged with: - Sensor Custom Resource Definition (See CRD Notes) -- Gateway Custom Resource Definition (See CRD Notes) - EventSource Custom Resource Definition (See CRD Notes) +- EventBus Custom Resource Definition (See CRD Notes) - Sensor Controller Deployment -- Sensor Controller ConfigMap -- Gateway Controller Deployment -- Gateway Controller ConfigMap +- EventSource Controller Deployment +- EventBus Controller Deployment - Service Account +- Roles +- Role Bindings - Cluster Roles - Cluster Role Bindings @@ -16,10 +17,4 @@ This is a **community maintained** chart. It installs the [argo-events](https:// Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart. -You can install the CRDs manually like so: - -``` -kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.14.0/hack/k8s/manifests/sensor-crd.yaml -kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.14.0/hack/k8s/manifests/gateway-crd.yaml -kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.14.0/hack/k8s/manifests/event-source-crd.yaml -``` +You can install the CRDs manually from `crds` folder. \ No newline at end of file diff --git a/charts/argo-events/crds/gateway-crd.yml b/charts/argo-events/crds/eventbus-crd.yml similarity index 50% rename from charts/argo-events/crds/gateway-crd.yml rename to charts/argo-events/crds/eventbus-crd.yml index 7b9178f4..340d4989 100644 --- a/charts/argo-events/crds/gateway-crd.yml +++ b/charts/argo-events/crds/eventbus-crd.yml @@ -1,16 +1,15 @@ ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: gateways.argoproj.io + name: eventbus.argoproj.io spec: group: argoproj.io names: - kind: Gateway - listKind: GatewayList - plural: gateways - singular: gateway + kind: EventBus + listKind: EventBusList + plural: eventbus shortNames: - - gw + - eb + singular: eventbus scope: Namespaced - version: "v1alpha1" + version: v1alpha1 diff --git a/charts/argo-events/crds/event-source-crd.yml b/charts/argo-events/crds/eventsource-crd.yml similarity index 100% rename from charts/argo-events/crds/event-source-crd.yml rename to charts/argo-events/crds/eventsource-crd.yml diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index a0b79f78..16f55e46 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -1,3 +1,5 @@ +{{- if not .Values.singleNamespace }} + apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -43,12 +45,12 @@ rules: - workflows/finalizers - workflowtemplates - workflowtemplates/finalizers - - gateways - - gateways/finalizers - sensors - sensors/finalizers - eventsources - eventsources/finalizers + - eventbus + - eventbus/finalizers - apiGroups: - "" resources: @@ -83,6 +85,7 @@ rules: - "apps" resources: - deployments + - statefulsets verbs: - create - get @@ -92,3 +95,4 @@ rules: - patch - delete +{{- end }} diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml new file mode 100644 index 00000000..d6de39d2 --- /dev/null +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -0,0 +1,100 @@ +{{- if .Values.singleNamespace }} + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argo-events-binding + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argo-events-role +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount }} + namespace: {{ .Release.Namespace }} + {{- if .Values.additionalSaNamespaces }} + {{ $sa := .Values.serviceAccount }} + {{- range $namespace := .Values.additionalSaNamespaces }} + - kind: ServiceAccount + name: {{ $sa }} + namespace: {{ $namespace }} + {{- end }} + {{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argo-events-role + namespace: {{ .Release.Namespace }} +rules: + {{- if .Values.additionalServiceAccountRules }} + {{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} + {{- end }} + - apiGroups: + - argoproj.io + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + resources: + - workflows + - workflows/finalizers + - workflowtemplates + - workflowtemplates/finalizers + - sensors + - sensors/finalizers + - eventsources + - eventsources/finalizers + - eventbus + - eventbus/finalizers + - apiGroups: + - "" + resources: + - pods + - pods/exec + - configmaps + - secrets + - services + - events + - persistentvolumeclaims + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - "batch" + resources: + - jobs + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - "apps" + resources: + - deployments + - statefulsets + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + +{{- end }} diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml new file mode 100644 index 00000000..dc698b1b --- /dev/null +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-{{ .Values.eventbusController.name }} + labels: + app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.eventbusController.replicaCount }} + selector: + matchLabels: + app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ .Values.serviceAccount }} + containers: + - name: {{ .Values.eventbusController.name }} + image: "{{ .Values.registry }}/{{ .Values.eventbusController.image }}:{{ .Values.eventbusController.tag }}" + imagePullPolicy: {{ .Values.imagePullPolicy }} + {{- if .Values.singleNamespace }} + args: + - --namespaced + {{- end }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NATS_STREAMING_IMAGE + value: {{ .Values.eventbusController.natsStreamingImage }} + - name: NATS_METRICS_EXPORTER_IMAGE + value: {{ .Values.eventbusController.natsMetricsExporterImage }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/eventbus-crd.yaml b/charts/argo-events/templates/eventbus-crd.yaml new file mode 100644 index 00000000..175e2e60 --- /dev/null +++ b/charts/argo-events/templates/eventbus-crd.yaml @@ -0,0 +1,24 @@ +{{- if .Values.installCRD }} +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: eventbus.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation +spec: + group: argoproj.io + names: + kind: EventBus + listKind: EventBusList + plural: eventbus + shortNames: + - eb + singular: eventbus + scope: Namespaced + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +{{- end }} diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml new file mode 100644 index 00000000..99947ade --- /dev/null +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -0,0 +1,41 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} + labels: + app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.eventsourceController.replicaCount }} + selector: + matchLabels: + app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ .Values.serviceAccount }} + containers: + - name: {{ .Values.eventsourceController.name }} + image: "{{ .Values.registry }}/{{ .Values.eventsourceController.image }}:{{ .Values.eventsourceController.tag }}" + imagePullPolicy: {{ .Values.imagePullPolicy }} + {{- if .Values.singleNamespace }} + args: + - --namespaced + {{- end }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: EVENTSOURCE_IMAGE + value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag }}" + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/eventsource-crd.yaml b/charts/argo-events/templates/eventsource-crd.yaml index c174ae56..e791608b 100644 --- a/charts/argo-events/templates/eventsource-crd.yaml +++ b/charts/argo-events/templates/eventsource-crd.yaml @@ -3,6 +3,9 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: eventsources.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation spec: group: argoproj.io scope: Namespaced diff --git a/charts/argo-events/templates/gateway-controller-configmap.yaml b/charts/argo-events/templates/gateway-controller-configmap.yaml deleted file mode 100644 index 5e01b9b8..00000000 --- a/charts/argo-events/templates/gateway-controller-configmap.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-{{ .Values.gatewayController.name }}-configmap - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - config: | - instanceID: {{ .Values.instanceID }} -{{- if .Values.singleNamespace }} - namespace: {{ .Values.namespace }} -{{- end }} diff --git a/charts/argo-events/templates/gateway-controller-deployment.yaml b/charts/argo-events/templates/gateway-controller-deployment.yaml deleted file mode 100644 index 63350fbf..00000000 --- a/charts/argo-events/templates/gateway-controller-deployment.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-{{ .Values.gatewayController.name }} - labels: - app: {{ .Release.Name }}-{{ .Values.gatewayController.name }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.gatewayController.replicaCount }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.gatewayController.name }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-{{ .Values.gatewayController.name }} - release: {{ .Release.Name }} - spec: - serviceAccountName: {{ .Values.serviceAccount }} - containers: - - name: {{ .Values.gatewayController.name }} - image: "{{ .Values.registry }}/{{ .Values.gatewayController.image }}:{{ .Values.gatewayController.tag }}" - imagePullPolicy: {{ .Values.imagePullPolicy }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONTROLLER_CONFIG_MAP - value: {{ .Release.Name }}-{{ .Values.gatewayController.name }}-configmap diff --git a/charts/argo-events/templates/gateway-crd.yaml b/charts/argo-events/templates/gateway-crd.yaml deleted file mode 100644 index fd6e1d26..00000000 --- a/charts/argo-events/templates/gateway-crd.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.installCRD }} -# Define a "gateway" custom resource definition -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: gateways.argoproj.io -spec: - group: argoproj.io - names: - kind: Gateway - listKind: GatewayList - plural: gateways - singular: gateway - shortNames: - - gw - scope: Namespaced - version: "v1alpha1" -{{- end }} diff --git a/charts/argo-events/templates/sensor-controller-configmap.yaml b/charts/argo-events/templates/sensor-controller-configmap.yaml deleted file mode 100644 index 17735823..00000000 --- a/charts/argo-events/templates/sensor-controller-configmap.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-{{ .Values.sensorController.name }}-configmap - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - config: | - instanceID: {{ .Values.instanceID }} -{{- if .Values.singleNamespace }} - namespace: {{ .Values.namespace }} -{{- end }} diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 2dd9602e..425fd66b 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -24,10 +24,18 @@ spec: - name: {{ .Values.sensorController.name }} image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag }}" imagePullPolicy: {{ .Values.imagePullPolicy }} + {{- if .Values.singleNamespace }} + args: + - --namespaced + {{- end }} env: - name: NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - - name: CONTROLLER_CONFIG_MAP - value: {{ .Release.Name }}-{{ .Values.sensorController.name }}-configmap + - name: SENSOR_IMAGE + value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag }}" + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/sensor-crd.yaml b/charts/argo-events/templates/sensor-crd.yaml index 12e19e0f..cf3793c4 100644 --- a/charts/argo-events/templates/sensor-crd.yaml +++ b/charts/argo-events/templates/sensor-crd.yaml @@ -4,6 +4,9 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sensors.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation spec: group: argoproj.io names: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 4ac26da1..d963d9db 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -4,6 +4,10 @@ registry: argoproj # The image pull policy imagePullPolicy: Always +# Secrets with credentials to pull images from a private registry +imagePullSecrets: [] +# - name: argo-pull-secret + # If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation. installCRD: true @@ -42,11 +46,21 @@ singleNamespace: true sensorController: name: sensor-controller image: sensor-controller - tag: v0.14.0 + tag: v0.17.0 replicaCount: 1 + sensorImage: sensor -gatewayController: - name: gateway-controller - image: gateway-controller - tag: v0.14.0 +eventsourceController: + name: eventsource-controller + image: eventsource-controller + tag: v0.17.0 replicaCount: 1 + eventsourceImage: eventsource + +eventbusController: + name: eventbus-controller + image: eventbus-controller + tag: v0.17.0 + replicaCount: 1 + natsStreamingImage: nats-streaming:0.17.0 + natsMetricsExporterImage: synadia/prometheus-nats-exporter:0.6.2 diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 94fa7062..418dd589 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "0.8.0" +appVersion: "0.8.3" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.1 +version: 0.3.6 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 86292c74..6a775bba 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -35,6 +35,10 @@ $ helm install --name my-release argo/argo-rollouts | controller.image.repository | string | `"argoproj/argo-rollouts"` | | | controller.image.tag | string | `"v0.8.0"` | | | controller.name | string | `"argo-rollouts"` | | +| controller.resources | Resource limits and requests for the controller pods. | `{}` | +| controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | +| controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | +| controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | imagePullSecrets | list | `[]` | | | installCRDs | bool | `true` | | | podAnnotations | object | `{}` | | diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index 43526d58..f670104b 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -106,4 +106,11 @@ rules: - watch - get - update +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index f1c23a50..595fe120 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -39,7 +39,19 @@ spec: - name: tmp mountPath: /tmp resources: -{{- toYaml .Values.controller.resources | nindent 10 }} + {{- toYaml .Values.controller.resources | nindent 10 }} + {{- if .Values.controller.nodeSelector }} + nodeSelector: + {{- toYaml .Values.controller.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.controller.tolerations }} + tolerations: + {{- toYaml .Values.controller.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.controller.affinity }} + affinity: + {{- toYaml .Values.controller.affinity | nindent 8 }} + {{- end }} volumes: - name: tmp emptyDir: {} diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index cb673301..4301b7c8 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -6,6 +6,10 @@ metadata: app.kubernetes.io/component: server app.kubernetes.io/name: {{ .Release.Name }}-metrics app.kubernetes.io/part-of: {{ .Release.Name }} + annotations: + {{- range $key, $value := .Values.serviceAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: ports: - name: metrics diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 01bb547a..9e2011d2 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -5,9 +5,15 @@ clusterInstall: true controller: name: argo-rollouts component: rollouts-controller + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} image: repository: argoproj/argo-rollouts - tag: v0.8.0 + tag: v0.8.3 pullPolicy: IfNotPresent resources: {} @@ -22,12 +28,18 @@ controller: serviceAccount: name: argo-rollouts -## Annotations to be added to the Redis server pods +## Annotations to be added to the Rollout pods ## podAnnotations: {} -## Labels to be added to the Redis server pods +## Annotations to be added to the Rollout service +## +serviceAnnotations: {} + +## Labels to be added to the Rollout pods ## podLabels: {} +# Secrets with credentials to pull images from a private registry imagePullSecrets: [] +# - name: argo-pull-secret diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 995b5481..7ec638e1 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.10.8 +version: 0.10.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index 52acbc79..0d5c8af5 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -26,6 +26,10 @@ spec: {{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }} spec: serviceAccountName: {{ .Values.server.serviceAccount | quote }} + {{- if .Values.server.podSecurityContext }} + securityContext: + {{- toYaml .Values.server.podSecurityContext | nindent 8 }} + {{- end }} containers: - name: argo-server args: @@ -67,6 +71,10 @@ spec: volumeMounts: {{- toYaml . | nindent 12}} {{- end }} + {{- with .Values.images.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.server.volumes }} volumes: {{- toYaml . | nindent 8}} diff --git a/charts/argo/templates/workflow-controller-cluster-roles.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml index 1bee0b17..976d49f8 100644 --- a/charts/argo/templates/workflow-controller-cluster-roles.yaml +++ b/charts/argo/templates/workflow-controller-cluster-roles.yaml @@ -73,6 +73,7 @@ rules: - events verbs: - create + - patch - apiGroups: - "" resources: @@ -80,6 +81,14 @@ rules: verbs: - get - list +- apiGroups: + - "policy" + resources: + - poddisruptionbudgets + verbs: + - create + - get + - delete {{- if .Values.controller.persistence }} - apiGroups: - "" diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 5dde9ff3..54ba076e 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -16,7 +16,7 @@ data: {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} - {{- if or .Values.executor.resources .Values.executor.env }} + {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: {{- with .Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} @@ -24,6 +24,9 @@ data: {{- with .Values.executor.env }} env: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.executor.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} artifactRepository: diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml index 852bad52..ca80c816 100644 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ b/charts/argo/templates/workflow-controller-deployment.yaml @@ -26,6 +26,10 @@ spec: {{ toYaml .Values.controller.podAnnotations | indent 8}}{{- end }} spec: serviceAccountName: {{ .Values.controller.serviceAccount | quote }} + {{- if .Values.controller.podSecurityContext }} + securityContext: + {{- toYaml .Values.controller.podSecurityContext | nindent 8 }} + {{- end }} containers: - name: controller image: "{{ .Values.images.namespace }}/{{ .Values.images.controller }}:{{ default .Values.images.tag .Values.controller.image.tag }}" @@ -63,6 +67,10 @@ spec: ports: - containerPort: 8080 {{- end }} + {{- with .Values.images.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 5c7f9173..b156a018 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -4,6 +4,9 @@ images: server: argocli executor: argoexec pullPolicy: Always + # Secrets with credentials to pull images from a private registry + pullSecrets: [] + # - name: argo-pull-secret tag: v2.7.6 crdVersion: v1alpha1 @@ -37,6 +40,8 @@ controller: podAnnotations: {} # Optional labels to add to the controller pods podLabels: {} + # SecurityContext to set on the controller pods + podSecurityContext: {} # podPortName: http metricsConfig: enabled: false @@ -114,7 +119,8 @@ controller: ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux tolerations: [] affinity: {} @@ -126,6 +132,8 @@ executor: resources: {} # Adds environment variables for the executor. env: {} + # sets security context for the executor container + securityContext: {} server: enabled: true @@ -140,6 +148,8 @@ server: podAnnotations: {} # Optional labels to add to the UI pods podLabels: {} + # SecurityContext to set on the server pods + podSecurityContext: {} name: server serviceType: ClusterIP servicePort: 2746 @@ -166,7 +176,8 @@ server: ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux tolerations: [] affinity: {} diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 64d77c9a..9d73681c 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 0.7.0 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.0.7 +version: 1.0.11 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/_helpers.tpl b/charts/argocd-notifications/templates/_helpers.tpl index 18235d26..373c5495 100644 --- a/charts/argocd-notifications/templates/_helpers.tpl +++ b/charts/argocd-notifications/templates/_helpers.tpl @@ -43,6 +43,19 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end -}} +{{/* +Common metrics labels +*/}} +{{- define "argocd-notifications.metrics.labels" -}} +helm.sh/chart: {{ include "argocd-notifications.chart" . }} +{{ include "argocd-notifications.metrics.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + + {{/* Common slack bot labels */}} @@ -63,6 +76,14 @@ app.kubernetes.io/name: {{ include "argocd-notifications.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} +{{/* +Selector metrics labels +*/}} +{{- define "argocd-notifications.metrics.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argocd-notifications.name" . }}-metrics +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + {{/* Selector slack bot labels */}} diff --git a/charts/argocd-notifications/templates/bots/slack/deployment.yaml b/charts/argocd-notifications/templates/bots/slack/deployment.yaml index 284d3c10..75883073 100644 --- a/charts/argocd-notifications/templates/bots/slack/deployment.yaml +++ b/charts/argocd-notifications/templates/bots/slack/deployment.yaml @@ -30,6 +30,9 @@ spec: command: - /app/argocd-notifications - bot + ports: + - containerPort: 8080 + name: http {{- with .Values.bots.slack.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argocd-notifications/templates/bots/slack/service.yaml b/charts/argocd-notifications/templates/bots/slack/service.yaml index 1878fe9d..c31ad935 100644 --- a/charts/argocd-notifications/templates/bots/slack/service.yaml +++ b/charts/argocd-notifications/templates/bots/slack/service.yaml @@ -3,12 +3,16 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argocd-notifications.name" . }}-bot + {{- if .Values.bots.slack.service.annotations }} + annotations: + {{- toYaml .Values.bots.slack.service.annotations | nindent 4 }} + {{- end }} spec: ports: - - name: server - port: 80 + - name: http + port: {{ .Values.bots.slack.service.port }} protocol: TCP - targetPort: 8080 + targetPort: http selector: {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 4 }} type: {{ .Values.bots.slack.service.type }} diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml index cbe71ca7..239c6eb7 100644 --- a/charts/argocd-notifications/templates/deployment.yaml +++ b/charts/argocd-notifications/templates/deployment.yaml @@ -12,6 +12,12 @@ spec: {{- include "argocd-notifications.selectorLabels" . | nindent 6 }} template: metadata: + {{- if .Values.podAnnotations }} + annotations: + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} labels: {{- include "argocd-notifications.selectorLabels" . | nindent 8 }} spec: @@ -29,6 +35,19 @@ spec: command: - /app/argocd-notifications - controller + - --loglevel={{ .Values.logLevel }} + {{- if .Values.metrics.enabled }} + - --metrics-port={{ .Values.metrics.port }} + {{- end }} + {{- range .Values.extraArgs }} + - {{ . | squote }} + {{- end }} + ports: + {{- if .Values.metrics.enabled }} + - containerPort: {{ .Values.metrics.port }} + name: metrics + protocol: TCP + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argocd-notifications/templates/service-metrics.yaml b/charts/argocd-notifications/templates/service-metrics.yaml new file mode 100644 index 00000000..5645a4d3 --- /dev/null +++ b/charts/argocd-notifications/templates/service-metrics.yaml @@ -0,0 +1,15 @@ +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argocd-notifications.name" . }}-metrics + labels: + {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} +spec: + selector: + {{- include "argocd-notifications.selectorLabels" . | nindent 4 }} + ports: + - name: metrics + port: {{ .Values.metrics.port }} + targetPort: {{ .Values.metrics.port }} +{{- end }} diff --git a/charts/argocd-notifications/templates/servicemonitor.yaml b/charts/argocd-notifications/templates/servicemonitor.yaml new file mode 100644 index 00000000..b04851f3 --- /dev/null +++ b/charts/argocd-notifications/templates/servicemonitor.yaml @@ -0,0 +1,30 @@ +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "argocd-notifications.name" . }}-metrics + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} + {{- if .Values.metrics.serviceMonitor.additionalLabels }} + {{- toYaml .Values.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + path: /metrics + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argocd-notifications.metrics.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index fe732362..93ce5390 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -87,6 +87,22 @@ secret: # email address in from field from: +logLevel: info + +extraArgs: [] + +metrics: + enabled: false + port: 9001 + serviceMonitor: + enabled: false + additionalLabels: {} + # namespace: monitoring + # interval: 30s + # scrapeTimeout: 10s + +podAnnotations: {} + resources: {} # limits: # cpu: 100m @@ -194,6 +210,8 @@ bots: imagePullSecrets: [] service: + annotations: {} + port: 80 type: LoadBalancer serviceAccount: