diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 656e47d0..a6ad9274 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: 3.9 diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 04d2b6b4..660b9385 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -25,6 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - uses: pascalgn/size-label-action@bbbaa0d5ccce8e2e76254560df5c64b82dac2e12 # v0.5.2 + - uses: pascalgn/size-label-action@be08a2d5f857dc99c5b9426cdb5a8ea1aa7f0399 # v0.5.4 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index a2bdbb74..0bb3233e 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1.10.3 + uses: actions/create-github-app-token@3378cda945da322a8db4b193e19d46352ebe2de5 # v1.10.4 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} @@ -26,11 +26,11 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@b266b24b144602ed4f512f0773009d026722f4cc # v40.2.6 + uses: renovatebot/github-action@630a255a1f2f56c8d8ce160bed3e3ca577ca53e2 # v40.2.7 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 38.18.0 + renovate-version: 38.59.2 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 76284816..8c948600 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 with: sarif_file: results.sarif diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index bc11a715..309790fc 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.26.1 -digest: sha256:d72c308ab0eef4233e25bfc3f8fc97cf9b02a9c5d0186ea89e2f8fb332cb9c41 -generated: "2024-02-18T19:42:53.135599+02:00" + version: 4.27.6 +digest: sha256:69c6b20682f0a2a8044b71731b7c656a57118088a7b3611f59217b537167af2e +generated: "2024-08-28T13:02:33.763307+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 88a73792..febb1e67 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.12.1 +appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.4.4 +version: 7.5.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,7 +18,7 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.26.1 + version: 4.27.6 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.12.1 + - kind: fixed + description: Certificate template was wrong leading to null diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 39baf405..8b0cb174 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -315,7 +315,7 @@ Upstream steps in the [FAQ] are not enough, since we chose a different approach. Steps to roteate the secret when using the helm chart (bold step is additional to upstream): * Delete `argocd-redis` secret in the namespace where Argo CD is installed. ```bash - kubectl delete secret argocd-redis -n + kubectl delete secret argocd-redis -n ``` * **Perform a helm upgrade** ```bash diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 8ee73e93..ef75ddfe 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -315,7 +315,7 @@ Upstream steps in the [FAQ] are not enough, since we chose a different approach. Steps to roteate the secret when using the helm chart (bold step is additional to upstream): * Delete `argocd-redis` secret in the namespace where Argo CD is installed. ```bash - kubectl delete secret argocd-redis -n + kubectl delete secret argocd-redis -n ``` * **Perform a helm upgrade** ```bash diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index eb3f7a2a..1ef054b1 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -183,7 +183,7 @@ Argo Configuration Preset Values (Influenced by Values configuration) {{- define "argo-cd.config.cm.presets" -}} {{- $presets := dict -}} {{- $_ := set $presets "url" (printf "https://%s" .Values.global.domain) -}} -{{- if index .Values.configs.cm "statusbadge.enabled" | eq true -}} +{{- if eq (toString (index .Values.configs.cm "statusbadge.enabled")) "true" -}} {{- $_ := set $presets "statusbadge.url" (printf "https://%s/" .Values.global.domain) -}} {{- end -}} {{- if .Values.configs.styles -}} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 803452f6..a9862139 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -13,13 +13,13 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: + {{- with .Values.server.certificate.secretTemplateAnnotations }} secretTemplate: - {{- with .Values.server.certificate.secretTemplateAnnotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} - {{- end }} + {{- end }} secretName: argocd-server-tls commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }} dnsNames: diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index da2ffcb0..39dd385a 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.5 +version: 2.37.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-rollouts to v1.7.2 + description: add loadBalancerClass field for Service resources diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index b6a6f44d..724a6b82 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -182,6 +182,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.service.annotations | object | `{}` | Service annotations | | dashboard.service.externalIPs | list | `[]` | Dashboard service external IPs | | dashboard.service.labels | object | `{}` | Service labels | +| dashboard.service.loadBalancerClass | string | `""` | The class of the load balancer implementation | | dashboard.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | | dashboard.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | | dashboard.service.nodePort | int | `nil` | Service nodePort | diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml index 6a304b82..b7e553d7 100644 --- a/charts/argo-rollouts/templates/dashboard/service.yaml +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -22,6 +22,9 @@ spec: externalIPs: {{- toYaml . | nindent 4 }} {{- end }} {{- if eq .Values.dashboard.service.type "LoadBalancer" }} + {{- with .Values.dashboard.service.loadBalancerClass }} + loadBalancerClass: {{ . }} + {{- end }} {{- with .Values.dashboard.service.loadBalancerIP }} loadBalancerIP: {{ . | quote }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index a4d313e0..e78aa2bb 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -356,6 +356,8 @@ dashboard: service: # -- Sets the type of the Service type: ClusterIP + # -- The class of the load balancer implementation + loadBalancerClass: "" # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 1ed66b76..8b242c4f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.14 +version: 0.42.1 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Avoid empty namespace in role binding when singleNamespace is true + - kind: changed + description: add loadBalancerClass field for Service resources diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 662b63fd..deec1649 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -149,6 +149,7 @@ Fields to note: | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | | controller.clusterWorkflowTemplates.serviceAccounts | list | `[]` | Extra service accounts to be added to the ClusterRoleBinding | | controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | +| controller.configMap.annotations | object | `{}` | ConfigMap annotations | | controller.configMap.create | bool | `true` | Create a ConfigMap for the controller | | controller.configMap.name | string | `""` | ConfigMap name | | controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ | @@ -167,6 +168,7 @@ Fields to note: | controller.kubeConfig | object | `{}` (See [values.yaml]) | Configure when workflow controller runs in a different k8s cluster with the workflow workloads, or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. | | controller.links | list | `[]` | Configure Argo Server to show custom [links] | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | +| controller.loadBalancerClass | string | `""` | The class of the load balancer implementation | | controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | | controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | | controller.logging.globallevel | string | `"0"` | Set the glog logging level | @@ -301,6 +303,7 @@ Fields to note: | server.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | | server.ingress.paths | list | `["/"]` | List of ingress paths | | server.ingress.tls | list | `[]` | Ingress TLS configuration | +| server.loadBalancerClass | string | `""` | The class of the load balancer implementation | | server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` | | server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | | server.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 1997d9d3..d93a910e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -6,6 +6,10 @@ metadata: namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} + {{- with .Values.controller.configMap.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} data: config: | {{- if .Values.controller.instanceID.enabled }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 0cd8a75b..4a1290ba 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -35,8 +35,13 @@ spec: {{- if and (eq .Values.controller.serviceType "ClusterIP") .Values.controller.metricsConfig.headlessService }} clusterIP: None {{- end }} - {{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }} + {{- if eq .Values.controller.serviceType "LoadBalancer" }} + {{- with .Values.controller.loadBalancerClass }} + loadBalancerClass: {{ . }} + {{- end }} + {{- if .Values.controller.loadBalancerSourceRanges }} loadBalancerSourceRanges: {{- toYaml .Values.controller.loadBalancerSourceRanges | nindent 4 }} {{- end }} + {{- end }} {{- end -}} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 7517d659..39c37792 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -28,11 +28,16 @@ spec: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None type: {{ .Values.server.serviceType }} - {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerIP }} - loadBalancerIP: {{ .Values.server.loadBalancerIP | quote }} + {{- if eq .Values.server.serviceType "LoadBalancer" }} + {{- with .Values.controller.loadBalancerClass }} + loadBalancerClass: {{ . }} {{- end }} - {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerSourceRanges }} + {{- with .Values.server.loadBalancerIP }} + loadBalancerIP: {{ . | quote }} + {{- end }} + {{- if .Values.server.loadBalancerSourceRanges }} loadBalancerSourceRanges: {{- toYaml .Values.server.loadBalancerSourceRanges | nindent 4 }} {{- end }} + {{- end }} {{- end -}} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 15a42ec4..5c2a674d 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -106,6 +106,8 @@ controller: create: true # -- ConfigMap name name: "" + # -- ConfigMap annotations + annotations: {} # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: @@ -295,6 +297,8 @@ controller: serviceAnnotations: {} # -- Optional labels to add to the controller Service serviceLabels: {} + # -- The class of the load balancer implementation + loadBalancerClass: "" # -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer` loadBalancerSourceRanges: [] @@ -506,6 +510,8 @@ server: serviceAnnotations: {} # -- Optional labels to add to the UI Service serviceLabels: {} + # -- The class of the load balancer implementation + loadBalancerClass: "" # -- Static IP address to assign to loadBalancer service type `LoadBalancer` loadBalancerIP: "" # -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer`