From 60a42675cbd3064e9836d0217266f0ec169beb5a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Fri, 21 May 2021 18:39:07 +0200 Subject: [PATCH] fix: Remove Argo Chart (#748) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Oliver Bähler --- charts/argo/.helmignore | 21 -- charts/argo/Chart.lock | 6 - charts/argo/Chart.yaml | 13 - charts/argo/README.md | 29 -- .../crds/cluster-workflow-template-crd.yaml | 23 -- charts/argo/crds/cron-workflow-crd.yaml | 23 -- charts/argo/crds/workflow-crd.yaml | 33 -- .../argo/crds/workflow-eventbinding-crd.yaml | 19 - charts/argo/crds/workflow-template-crd.yaml | 22 -- charts/argo/templates/NOTES.txt | 16 - charts/argo/templates/_helpers.tpl | 16 - .../cluster-workflow-template-crd.yaml | 19 - charts/argo/templates/cron-workflow-crd.yaml | 19 - .../argo/templates/server-cluster-roles.yaml | 134 ------- charts/argo/templates/server-crb.yaml | 35 -- .../argo/templates/server-deployment-pdb.yaml | 25 -- charts/argo/templates/server-deployment.yaml | 108 ------ charts/argo/templates/server-ingress.yaml | 46 --- charts/argo/templates/server-sa.yaml | 8 - charts/argo/templates/server-service.yaml | 33 -- .../worfkflow-controller-secrets-access.yaml | 18 - .../templates/workflow-aggregate-roles.yaml | 89 ----- .../workflow-controller-cluster-roles.yaml | 146 -------- .../workflow-controller-config-map.yaml | 89 ----- .../templates/workflow-controller-crb.yaml | 44 --- .../workflow-controller-deployment-pdb.yaml | 23 -- .../workflow-controller-deployment.yaml | 94 ----- .../workflow-controller-minio-secret-crb.yaml | 25 -- .../templates/workflow-controller-sa.yaml | 6 - .../workflow-controller-service.yaml | 38 -- .../workflow-controller-servicemonitor.yaml | 33 -- charts/argo/templates/workflow-crd.yaml | 28 -- charts/argo/templates/workflow-rb.yaml | 19 - charts/argo/templates/workflow-role.yaml | 25 -- charts/argo/templates/workflow-sa.yaml | 13 - .../argo/templates/workflow-template-crd.yaml | 18 - charts/argo/values.yaml | 330 ------------------ 37 files changed, 1686 deletions(-) delete mode 100644 charts/argo/.helmignore delete mode 100644 charts/argo/Chart.lock delete mode 100644 charts/argo/Chart.yaml delete mode 100644 charts/argo/README.md delete mode 100644 charts/argo/crds/cluster-workflow-template-crd.yaml delete mode 100644 charts/argo/crds/cron-workflow-crd.yaml delete mode 100644 charts/argo/crds/workflow-crd.yaml delete mode 100644 charts/argo/crds/workflow-eventbinding-crd.yaml delete mode 100644 charts/argo/crds/workflow-template-crd.yaml delete mode 100644 charts/argo/templates/NOTES.txt delete mode 100644 charts/argo/templates/_helpers.tpl delete mode 100644 charts/argo/templates/cluster-workflow-template-crd.yaml delete mode 100644 charts/argo/templates/cron-workflow-crd.yaml delete mode 100644 charts/argo/templates/server-cluster-roles.yaml delete mode 100644 charts/argo/templates/server-crb.yaml delete mode 100644 charts/argo/templates/server-deployment-pdb.yaml delete mode 100644 charts/argo/templates/server-deployment.yaml delete mode 100644 charts/argo/templates/server-ingress.yaml delete mode 100644 charts/argo/templates/server-sa.yaml delete mode 100644 charts/argo/templates/server-service.yaml delete mode 100644 charts/argo/templates/worfkflow-controller-secrets-access.yaml delete mode 100644 charts/argo/templates/workflow-aggregate-roles.yaml delete mode 100644 charts/argo/templates/workflow-controller-cluster-roles.yaml delete mode 100644 charts/argo/templates/workflow-controller-config-map.yaml delete mode 100644 charts/argo/templates/workflow-controller-crb.yaml delete mode 100644 charts/argo/templates/workflow-controller-deployment-pdb.yaml delete mode 100755 charts/argo/templates/workflow-controller-deployment.yaml delete mode 100644 charts/argo/templates/workflow-controller-minio-secret-crb.yaml delete mode 100644 charts/argo/templates/workflow-controller-sa.yaml delete mode 100644 charts/argo/templates/workflow-controller-service.yaml delete mode 100644 charts/argo/templates/workflow-controller-servicemonitor.yaml delete mode 100644 charts/argo/templates/workflow-crd.yaml delete mode 100644 charts/argo/templates/workflow-rb.yaml delete mode 100644 charts/argo/templates/workflow-role.yaml delete mode 100644 charts/argo/templates/workflow-sa.yaml delete mode 100644 charts/argo/templates/workflow-template-crd.yaml delete mode 100644 charts/argo/values.yaml diff --git a/charts/argo/.helmignore b/charts/argo/.helmignore deleted file mode 100644 index f0c13194..00000000 --- a/charts/argo/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/charts/argo/Chart.lock b/charts/argo/Chart.lock deleted file mode 100644 index 4b57ae05..00000000 --- a/charts/argo/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: minio - repository: https://helm.min.io/ - version: 8.0.9 -digest: sha256:0f43ad0a4b4e9af47615ef3da85054712eb28f154418d96b7b974a095cc19260 -generated: "2021-01-13T15:31:40.823086-08:00" diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml deleted file mode 100644 index 8e82de87..00000000 --- a/charts/argo/Chart.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v2 -appVersion: v2.12.5 -description: A Helm chart for Argo Workflows -name: argo -version: 1.0.0 -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png -home: https://github.com/argoproj/argo-helm -dependencies: -- name: minio - version: 8.0.9 - repository: https://helm.min.io/ - condition: minio.install -deprecated: true diff --git a/charts/argo/README.md b/charts/argo/README.md deleted file mode 100644 index 024f0077..00000000 --- a/charts/argo/README.md +++ /dev/null @@ -1,29 +0,0 @@ -## Argo Workflows Chart - -> ⚠ DEPRECATION WARNING: this chart is for v2 of Argo Workflows. For v3, a new chart is available at - -This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). - -If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo-workflows), you should deploy it in the `kube-system` namespace. - -## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to do create these. - -A few options are: -- Setup the CRD yourself manually and use `--set installCRD=false` when installing the helm chart. Find the CRDs in the [argo codebase](https://github.com/argoproj/argo-workflows/tree/master/manifests/base/crds/full) -- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute -- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions - -## Usage Notes: -This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. - -## Values - -The `values.yaml` contains items used to tweak a deployment of this chart. -Fields to note: -* `controller.instanceID.enabled`: If set to true, the Argo Controller will **ONLY** monitor Workflow submissions with a `--instanceid` attribute -* `controller.instanceID.useReleaseName`: If set to true then chart set controller instance id to release name -* `controller.instanceID.explicitID`: Allows customization of an instance id for the workflow controller to monitor -* `controller.workflowNamespaces`: This is a list of namespaces where workflows will be ran -* `minio.install`: If this is true, we'll install [minio](https://github.com/kubernetes/charts/tree/master/stable/minio) and build out the artifactRepository section in workflow controller config map. -* `artifactRepository.s3.accessKeySecret` and `artifactRepository.s3.secretKeySecret` These by default link to minio default credentials stored in the secret deployed by the minio chart. diff --git a/charts/argo/crds/cluster-workflow-template-crd.yaml b/charts/argo/crds/cluster-workflow-template-crd.yaml deleted file mode 100644 index a189f17c..00000000 --- a/charts/argo/crds/cluster-workflow-template-crd.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: clusterworkflowtemplates.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - version: v1alpha1 - scope: Cluster - names: - kind: ClusterWorkflowTemplate - listKind: ClusterWorkflowTemplateList - plural: clusterworkflowtemplates - shortNames: - - clusterwftmpl - - cwft - singular: clusterworkflowtemplate - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/crds/cron-workflow-crd.yaml b/charts/argo/crds/cron-workflow-crd.yaml deleted file mode 100644 index abd50b30..00000000 --- a/charts/argo/crds/cron-workflow-crd.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: cronworkflows.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: CronWorkflow - listKind: CronWorkflowList - plural: cronworkflows - shortNames: - - cwf - - cronwf - singular: cronworkflow - scope: Namespaced - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/crds/workflow-crd.yaml b/charts/argo/crds/workflow-crd.yaml deleted file mode 100644 index 24f6abc2..00000000 --- a/charts/argo/crds/workflow-crd.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: workflows.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - additionalPrinterColumns: - - JSONPath: .status.phase - description: Status of the workflow - name: Status - type: string - - JSONPath: .status.startedAt - description: When the workflow was started - format: date-time - name: Age - type: date - group: argoproj.io - names: - kind: Workflow - listKind: WorkflowList - plural: workflows - shortNames: - - wf - singular: workflow - scope: Namespaced - subresources: {} - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/crds/workflow-eventbinding-crd.yaml b/charts/argo/crds/workflow-eventbinding-crd.yaml deleted file mode 100644 index a58de8e7..00000000 --- a/charts/argo/crds/workflow-eventbinding-crd.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: workfloweventbindings.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowEventBinding - listKind: WorkflowEventBindingList - plural: workfloweventbindings - shortNames: - - wfeb - singular: workfloweventbinding - scope: Namespaced - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/crds/workflow-template-crd.yaml b/charts/argo/crds/workflow-template-crd.yaml deleted file mode 100644 index 0be13451..00000000 --- a/charts/argo/crds/workflow-template-crd.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: workflowtemplates.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - version: v1alpha1 - scope: Namespaced - names: - kind: WorkflowTemplate - listKind: WorkflowTemplateList - plural: workflowtemplates - shortNames: - - wftmpl - singular: workflowtemplate - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/templates/NOTES.txt b/charts/argo/templates/NOTES.txt deleted file mode 100644 index 7b4c02f0..00000000 --- a/charts/argo/templates/NOTES.txt +++ /dev/null @@ -1,16 +0,0 @@ -1. Get Argo Server external IP/domain by running: - -kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-{{ .Values.server.name }} - -2. Submit the hello-world workflow by running: - -argo submit https://raw.githubusercontent.com/argoproj/argo/master/examples/hello-world.yaml --watch - -{{ if .Values.minio.install }} - -3. Access Minio UI and create bucket '{{ .Values.minio.defaultBucket.name }}'. Minio UI is available on port 9000 and available via external URL. URL might be retrieved using following -command: - -kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-minio - -{{ end }} diff --git a/charts/argo/templates/_helpers.tpl b/charts/argo/templates/_helpers.tpl deleted file mode 100644 index f0d83d2e..00000000 --- a/charts/argo/templates/_helpers.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/charts/argo/templates/cluster-workflow-template-crd.yaml b/charts/argo/templates/cluster-workflow-template-crd.yaml deleted file mode 100644 index be688da3..00000000 --- a/charts/argo/templates/cluster-workflow-template-crd.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterworkflowtemplates.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - version: v1alpha1 - scope: Cluster - names: - kind: ClusterWorkflowTemplate - plural: clusterworkflowtemplates - shortNames: - - clusterwftmpl - - cwft -{{- end }} diff --git a/charts/argo/templates/cron-workflow-crd.yaml b/charts/argo/templates/cron-workflow-crd.yaml deleted file mode 100644 index 923abdf2..00000000 --- a/charts/argo/templates/cron-workflow-crd.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: cronworkflows.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: CronWorkflow - plural: cronworkflows - shortNames: - - cronwf - - cwf - scope: Namespaced - version: v1alpha1 -{{- end }} diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml deleted file mode 100644 index b6d47c09..00000000 --- a/charts/argo/templates/server-cluster-roles.yaml +++ /dev/null @@ -1,134 +0,0 @@ -{{- if .Values.server.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -{{- else }} -kind: ClusterRole -{{- end }} -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }} -rules: -- apiGroups: - - "" - resources: - - configmaps - - events - verbs: - - get - - watch - - list -- apiGroups: - - "" - resources: - - pods - - pods/exec - - pods/log - verbs: - - get - - list - - watch - - delete -{{- if .Values.server.sso }} -- apiGroups: - - "" - resources: - - secrets - resourceNames: - - sso - verbs: - - get - - update -- apiGroups: - - "" - resources: - - secrets - verbs: - - create -{{- end}} -{{- if .Values.server.sso }} - {{- if .Values.server.sso.rbac }} -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list - {{- end }} -{{- end }} -- apiGroups: - - "" - resources: - - secrets - verbs: - - get -{{- if .Values.server.sso }} - {{- if .Values.server.sso.rbac }} - {{- with .Values.server.sso.rbac.secretWhitelist }} - resourceNames: {{- toYaml . | nindent 4 }} - {{- end }} - {{- end }} -{{- end }} -- apiGroups: - - "" - resources: - - events - verbs: - - watch - - create - - patch -{{- if .Values.controller.persistence }} -- apiGroups: - - "" - resources: - - secrets - resourceNames: - {{- with .Values.controller.persistence.postgresql }} - - {{ .userNameSecret.name }} - - {{ .passwordSecret.name }} - {{- end}} - {{- with .Values.controller.persistence.mysql }} - - {{ .userNameSecret.name }} - - {{ .passwordSecret.name }} - {{- end}} - verbs: - - get -{{- end}} -- apiGroups: - - argoproj.io - resources: - - workflows - - workfloweventbindings - - workflowtemplates - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }}-cluster-template -rules: -- apiGroups: - - argoproj.io - resources: - - clusterworkflowtemplates - verbs: - - get - - list - - watch - {{- if .Values.server.clusterWorkflowTemplates.enableEditing }} - - create - - update - - patch - - delete - {{- end }} -{{- end }} diff --git a/charts/argo/templates/server-crb.yaml b/charts/argo/templates/server-crb.yaml deleted file mode 100644 index ad4cfeda..00000000 --- a/charts/argo/templates/server-crb.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if and .Values.server.enabled .Values.server.createServiceAccount -}} -apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: RoleBinding -{{ else }} -kind: ClusterRoleBinding -{{- end }} -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}} -roleRef: - apiGroup: rbac.authorization.k8s.io - {{- if .Values.singleNamespace }} - kind: Role - {{ else }} - kind: ClusterRole - {{- end }} - name: {{ .Release.Name }}-{{ .Values.server.name}} -subjects: -- kind: ServiceAccount - name: {{ .Values.server.serviceAccount }} - namespace: {{ .Release.Namespace }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template -subjects: -- kind: ServiceAccount - name: {{ .Values.server.serviceAccount }} - namespace: {{ .Release.Namespace }} -{{- end -}} diff --git a/charts/argo/templates/server-deployment-pdb.yaml b/charts/argo/templates/server-deployment-pdb.yaml deleted file mode 100644 index 31f1d4f8..00000000 --- a/charts/argo/templates/server-deployment-pdb.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.server.enabled -}} -{{- if .Values.server.pdb.enabled -}} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}} - labels: - app: {{ .Release.Name }}-{{ .Values.server.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - {{- if .Values.server.pdb.minAvailable }} - minAvailable: {{ .Values.server.pdb.minAvailable }} - {{- else if .Values.server.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.server.pdb.maxUnavailable }} - {{- else }} - minAvailable: 0 - {{- end }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.server.name}} - release: {{ .Release.Name }} -{{- end -}} -{{- end -}} diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml deleted file mode 100644 index 832fd37d..00000000 --- a/charts/argo/templates/server-deployment.yaml +++ /dev/null @@ -1,108 +0,0 @@ -{{- if .Values.server.enabled -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}} - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.server.replicas }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.server.name}} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-{{ .Values.server.name}} - release: {{ .Release.Name }} - {{- if .Values.server.podLabels }} - {{- toYaml .Values.server.podLabels | nindent 8 }} - {{- end }} - {{- if .Values.server.podAnnotations }} - annotations: -{{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }} - spec: - serviceAccountName: {{ .Values.server.serviceAccount | quote }} - {{- if .Values.server.podSecurityContext }} - securityContext: - {{- toYaml .Values.server.podSecurityContext | nindent 8 }} - {{- end }} - containers: - - name: argo-server - args: - - server - - --configmap={{ .Release.Name }}-{{ .Values.controller.name }}-configmap - {{- if .Values.server.extraArgs }} - {{- toYaml .Values.server.extraArgs | nindent 10 }} - {{- end }} - {{- if .Values.server.secure }} - - "--secure" - {{- end }} - {{- if .Values.singleNamespace }} - - "--namespaced" - {{- end }} - image: "{{ .Values.images.namespace }}/{{ .Values.images.server }}:{{ default .Values.images.tag .Values.server.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} - {{- if .Values.server.podPortName }} - ports: - - name: {{ .Values.server.podPortName }} - containerPort: 2746 - {{- end }} - readinessProbe: - httpGet: - path: / - port: 2746 - {{- if .Values.server.secure }} - scheme: HTTPS - {{- else }} - scheme: HTTP - {{- end }} - initialDelaySeconds: 10 - periodSeconds: 20 - env: - - name: IN_CLUSTER - value: "true" - - name: ARGO_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: BASE_HREF - value: {{ .Values.server.baseHref | quote }} - resources: - {{- toYaml .Values.server.resources | nindent 12 }} - volumeMounts: - - name: tmp - mountPath: /tmp - {{- with .Values.server.volumeMounts }} - {{- toYaml . | nindent 10}} - {{- end }} - {{- with .Values.images.pullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: tmp - emptyDir: {} - {{- with .Values.server.volumes }} - {{- toYaml . | nindent 6}} - {{- end }} - {{- with .Values.server.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.server.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.server.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.server.priorityClassName }} - priorityClassName: {{ .Values.server.priorityClassName }} - {{- end }} -{{- end -}} diff --git a/charts/argo/templates/server-ingress.yaml b/charts/argo/templates/server-ingress.yaml deleted file mode 100644 index 6eab3f50..00000000 --- a/charts/argo/templates/server-ingress.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{- if .Values.server.enabled -}} -{{- if .Values.server.ingress.enabled -}} -{{- $serviceName := printf "%s-%s" .Release.Name .Values.server.name -}} -{{- $servicePort := .Values.server.servicePort -}} -{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} -apiVersion: networking.k8s.io/v1beta1 -{{ else }} -apiVersion: extensions/v1beta1 -{{ end -}} -kind: Ingress -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }} - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- range $key, $value := .Values.server.ingress.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - annotations: - {{- range $key, $value := .Values.server.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -spec: - rules: - {{- range .Values.server.ingress.hosts }} - - host: {{ . }} - http: - paths: - {{- if $.Values.server.ingress.paths }} - {{- range $.Values.server.ingress.paths }} - - backend: - serviceName: {{ .serviceName }} - servicePort: {{ .servicePort }} - {{- end }} - {{- end }} - - backend: - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end -}} - {{- if .Values.server.ingress.tls }} - tls: -{{ toYaml .Values.server.ingress.tls | indent 4 }} - {{- end -}} -{{- end -}} -{{- end -}} diff --git a/charts/argo/templates/server-sa.yaml b/charts/argo/templates/server-sa.yaml deleted file mode 100644 index 5b419a65..00000000 --- a/charts/argo/templates/server-sa.yaml +++ /dev/null @@ -1,8 +0,0 @@ -{{- if and .Values.server.enabled .Values.server.createServiceAccount -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.server.serviceAccount }} - annotations: -{{ toYaml .Values.server.serviceAccountAnnotations | indent 4 }} -{{- end -}} diff --git a/charts/argo/templates/server-service.yaml b/charts/argo/templates/server-service.yaml deleted file mode 100644 index ba4d74f6..00000000 --- a/charts/argo/templates/server-service.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if .Values.server.enabled -}} -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }} - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- if .Values.server.serviceLabels }} - {{- toYaml .Values.server.serviceLabels | nindent 4 }} - {{- end }} - {{- if .Values.server.serviceAnnotations }} - annotations: -{{ toYaml .Values.server.serviceAnnotations | indent 4}}{{- end }} -spec: - ports: - - port: {{ .Values.server.servicePort }} - {{- if .Values.server.servicePortName }} - name: {{ .Values.server.servicePortName }} - {{- end }} - targetPort: 2746 - selector: - app: {{ .Release.Name }}-{{ .Values.server.name }} - sessionAffinity: None - type: {{ .Values.server.serviceType }} - {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerIP }} - loadBalancerIP: {{ .Values.server.loadBalancerIP | quote }} - {{- end }} - {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.server.loadBalancerSourceRanges | indent 4 }}{{- end }} -{{- end -}} diff --git a/charts/argo/templates/worfkflow-controller-secrets-access.yaml b/charts/argo/templates/worfkflow-controller-secrets-access.yaml deleted file mode 100644 index f0d48519..00000000 --- a/charts/argo/templates/worfkflow-controller-secrets-access.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{ if .Values.minio.install }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name}}-minio-secret -rules: -- apiGroups: - - "" - resources: - - secrets - resourceNames: - - {{ .Values.artifactRepository.s3.accessKeySecret.name | default (printf "%s-%s" .Release.Name "minio") | quote }} - - {{ .Values.artifactRepository.s3.secretKeySecret.name | default (printf "%s-%s" .Release.Name "minio") | quote }} - verbs: - - get - - watch - - list -{{- end }} \ No newline at end of file diff --git a/charts/argo/templates/workflow-aggregate-roles.yaml b/charts/argo/templates/workflow-aggregate-roles.yaml deleted file mode 100644 index b89e7b13..00000000 --- a/charts/argo/templates/workflow-aggregate-roles.yaml +++ /dev/null @@ -1,89 +0,0 @@ -{{- if .Values.createAggregateRoles }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: before-hook-creation - name: argo-aggregate-to-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" -rules: -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtemplates - - workflowtemplates/finalizers - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: before-hook-creation - name: argo-aggregate-to-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" -rules: -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtemplates - - workflowtemplates/finalizers - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: before-hook-creation - name: argo-aggregate-to-admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtemplates - - workflowtemplates/finalizers - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch -{{- end }} diff --git a/charts/argo/templates/workflow-controller-cluster-roles.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml deleted file mode 100644 index 4d596b1c..00000000 --- a/charts/argo/templates/workflow-controller-cluster-roles.yaml +++ /dev/null @@ -1,146 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -{{- else }} -kind: ClusterRole -{{- end }} -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }} -rules: -- apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list -- apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - create - - delete -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete - - create -- apiGroups: - - argoproj.io - resources: - - workflowtemplates - - workflowtemplates/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - cronworkflows - - cronworkflows/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - "policy" - resources: - - poddisruptionbudgets - verbs: - - create - - get - - delete -{{- if .Values.controller.persistence }} -- apiGroups: - - "" - resources: - - secrets - resourceNames: - {{- if .Values.controller.persistence.postgresql }} - - {{ .Values.controller.persistence.postgresql.userNameSecret.name }} - - {{ .Values.controller.persistence.postgresql.passwordSecret.name }} - {{- end}} - {{- if .Values.controller.persistence.mysql }} - - {{ .Values.controller.persistence.mysql.userNameSecret.name }} - - {{ .Values.controller.persistence.mysql.passwordSecret.name }} - {{- end}} - verbs: - - get -{{- end}} -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create -- apiGroups: - - coordination.k8s.io - resources: - - leases - resourceNames: - - workflow-controller - - workflow-controller-lease - verbs: - - get - - watch - - update - - patch - - delete ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template -rules: -- apiGroups: - - argoproj.io - resources: - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - get - - list - - watch diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml deleted file mode 100644 index 26fe2cd8..00000000 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-configmap - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - config: | - {{- if .Values.controller.instanceID.enabled }} - {{- if .Values.controller.instanceID.useReleaseName }} - instanceID: {{ .Release.Name }} - {{- else }} - instanceID: {{ .Values.controller.instanceID.explicitID }} - {{- end }} - {{- end }} - containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} - {{- if .Values.controller.parallelism }} - parallelism: {{ .Values.controller.parallelism }} - {{- end }} - {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} - executor: - {{- with .Values.executor.resources }} - resources: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.executor.env }} - env: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.executor.securityContext }} - securityContext: {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} - artifactRepository: - {{- if .Values.artifactRepository.archiveLogs }} - archiveLogs: {{ .Values.artifactRepository.archiveLogs }} - {{- end }} - {{- if .Values.artifactRepository.gcs }} - gcs: -{{ toYaml .Values.artifactRepository.gcs | indent 8}} - {{- else }} - s3: - {{- if .Values.useStaticCredentials }} - accessKeySecret: - key: {{ .Values.artifactRepository.s3.accessKeySecret.key }} - name: {{ .Values.artifactRepository.s3.accessKeySecret.name | default (printf "%s-%s" .Release.Name "minio") }} - secretKeySecret: - key: {{ .Values.artifactRepository.s3.secretKeySecret.key }} - name: {{ .Values.artifactRepository.s3.secretKeySecret.name | default (printf "%s-%s" .Release.Name "minio") }} - {{- end }} - bucket: {{ .Values.artifactRepository.s3.bucket | default .Values.minio.defaultBucket.name }} - endpoint: {{ .Values.artifactRepository.s3.endpoint | default (printf "%s-%s" .Release.Name "minio:9000") }} - insecure: {{ .Values.artifactRepository.s3.insecure }} - {{- if .Values.artifactRepository.s3.keyFormat }} - keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }} - {{- end }} - {{- if .Values.artifactRepository.s3.region }} - region: {{ .Values.artifactRepository.s3.region }} - {{- end }} - {{- if .Values.artifactRepository.s3.roleARN }} - roleARN: {{ .Values.artifactRepository.s3.roleARN }} - {{- end }} - {{- if .Values.artifactRepository.s3.useSDKCreds }} - useSDKCreds: {{ .Values.artifactRepository.s3.useSDKCreds }} - {{- end }} - {{- end }} - {{- end}} - {{- if .Values.controller.metricsConfig.enabled }} - metricsConfig: -{{ toYaml .Values.controller.metricsConfig | indent 6}}{{- end }} - {{- if .Values.controller.telemetryConfig.enabled }} - telemetryConfig: -{{ toYaml .Values.controller.telemetryConfig | indent 6}}{{- end }} - {{- if .Values.controller.persistence }} - persistence: -{{ toYaml .Values.controller.persistence | indent 6 }}{{- end }} - {{- if .Values.controller.workflowDefaults }} - workflowDefaults: -{{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} - {{- with .Values.server.sso }} - sso: {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.controller.workflowRestrictions }} - workflowRestrictions: {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.controller.links }} - links: {{- toYaml . | nindent 6 }} - {{- end }} diff --git a/charts/argo/templates/workflow-controller-crb.yaml b/charts/argo/templates/workflow-controller-crb.yaml deleted file mode 100644 index 66cca4d0..00000000 --- a/charts/argo/templates/workflow-controller-crb.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: RoleBinding -{{ else }} -kind: ClusterRoleBinding -{{- end }} -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }} -roleRef: - apiGroup: rbac.authorization.k8s.io - {{- if .Values.singleNamespace }} - kind: Role - {{ else }} - kind: ClusterRole - {{- end }} - name: {{ .Release.Name }}-{{ .Values.controller.name }} -subjects: - - kind: ServiceAccount - name: {{ .Values.controller.serviceAccount }} - namespace: {{ .Release.Namespace }} -{{- if .Values.controller.workflowNamespaces }} -{{- $uiServiceAccount := .Values.controller.serviceAccount }} -{{- $namespace := .Release.Namespace }} -{{- range $key := .Values.controller.workflowNamespaces }} - {{- if not (eq $key $namespace) }} - - kind: ServiceAccount - name: {{ $uiServiceAccount }} - namespace: {{ $key }} - {{- end }} -{{- end }} -{{- end }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template -subjects: - - kind: ServiceAccount - name: {{ .Values.controller.serviceAccount }} - namespace: {{ .Release.Namespace }} diff --git a/charts/argo/templates/workflow-controller-deployment-pdb.yaml b/charts/argo/templates/workflow-controller-deployment-pdb.yaml deleted file mode 100644 index a7352a04..00000000 --- a/charts/argo/templates/workflow-controller-deployment-pdb.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if .Values.controller.pdb.enabled }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name}} - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - {{- if .Values.controller.pdb.minAvailable }} - minAvailable: {{ .Values.controller.pdb.minAvailable }} - {{- else if .Values.controller.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} - {{- else }} - minAvailable: 0 - {{- end }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - release: {{ .Release.Name }} -{{- end }} diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml deleted file mode 100755 index 9ad509d0..00000000 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ /dev/null @@ -1,94 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name}} - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.controller.replicas }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - release: {{ .Release.Name }} - {{- if .Values.controller.podLabels }} - {{ toYaml .Values.controller.podLabels | nindent 8}} - {{- end }} - {{- if .Values.controller.podAnnotations }} - annotations: -{{ toYaml .Values.controller.podAnnotations | indent 8}}{{- end }} - spec: - serviceAccountName: {{ .Values.controller.serviceAccount | quote }} - {{- if .Values.controller.podSecurityContext }} - securityContext: - {{- toYaml .Values.controller.podSecurityContext | nindent 8 }} - {{- end }} - containers: - - name: controller - image: "{{ .Values.images.namespace }}/{{ .Values.images.controller }}:{{ default .Values.images.tag .Values.controller.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} - command: [ "workflow-controller" ] - args: - - "--configmap" - - "{{ .Release.Name }}-{{ .Values.controller.name}}-configmap" - - "--executor-image" - - "{{ .Values.images.namespace }}/{{ .Values.images.executor }}:{{ default .Values.images.tag .Values.executor.image.tag }}" - - "--loglevel" - - "{{ .Values.controller.logging.level }}" - - "--gloglevel" - - "{{ .Values.controller.logging.globallevel }}" - {{- if .Values.singleNamespace }} - - "--namespaced" - {{- end }} - {{- with .Values.controller.workflowWorkers }} - - "--workflow-workers" - - {{ . | quote }} - {{- end }} - {{- with .Values.controller.podWorkers }} - - "--pod-workers" - - {{ . | quote }} - {{- end }} - {{- if .Values.controller.extraArgs }} - {{- toYaml .Values.controller.extraArgs | nindent 10 }} - {{- end }} - env: - - name: ARGO_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - {{- with .Values.controller.extraEnv }} - {{ toYaml . | nindent 10 }} - {{- end }} - resources: - {{- toYaml .Values.controller.resources | nindent 12 }} - {{- if .Values.controller.metricsConfig.enabled }} - ports: - - containerPort: 8080 - {{- end }} - {{- with .Values.images.pullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.controller.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.controller.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.controller.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.controller.priorityClassName }} - priorityClassName: {{ .Values.controller.priorityClassName }} - {{- end }} diff --git a/charts/argo/templates/workflow-controller-minio-secret-crb.yaml b/charts/argo/templates/workflow-controller-minio-secret-crb.yaml deleted file mode 100644 index 722776a4..00000000 --- a/charts/argo/templates/workflow-controller-minio-secret-crb.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{ if .Values.minio.install }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name}}-minio-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ .Release.Name }}-{{ .Values.controller.name}}-minio-secret -subjects: - - kind: ServiceAccount - name: {{ .Values.controller.serviceAccount }} - namespace: {{ .Release.Namespace }} -{{- if .Values.controller.workflowNamespaces }} -{{- $uiServiceAccount := .Values.controller.serviceAccount }} -{{- $namespace := .Release.Namespace }} -{{- range $key := .Values.controller.workflowNamespaces }} - {{- if not (eq $key $namespace) }} - - kind: ServiceAccount - name: {{ $uiServiceAccount }} - namespace: {{ $key }} - {{- end }} -{{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/argo/templates/workflow-controller-sa.yaml b/charts/argo/templates/workflow-controller-sa.yaml deleted file mode 100644 index 02d274da..00000000 --- a/charts/argo/templates/workflow-controller-sa.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.controller.serviceAccount }} - annotations: -{{ toYaml .Values.controller.serviceAccountAnnotations | indent 4 }} diff --git a/charts/argo/templates/workflow-controller-service.yaml b/charts/argo/templates/workflow-controller-service.yaml deleted file mode 100644 index 7985a54c..00000000 --- a/charts/argo/templates/workflow-controller-service.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }} - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- if .Values.controller.serviceLabels }} - {{ toYaml .Values.controller.serviceLabels | nindent 4}} - {{- end }} - {{- if .Values.controller.serviceAnnotations }} - annotations: -{{ toYaml .Values.controller.serviceAnnotations | indent 4}}{{- end }} -spec: - ports: - {{- if .Values.controller.metricsConfig.enabled }} - - name: {{ .Values.controller.metricsServicePortName }} - port: {{ .Values.controller.metricsServicePort }} - protocol: TCP - targetPort: {{ .Values.controller.metricsConfig.port }} - {{- end }} - {{- if .Values.controller.telemetryConfig.enabled }} - - name: {{ .Values.controller.telemetryServicePortName }} - port: {{ .Values.controller.telemetryServicePort }} - protocol: TCP - targetPort: {{ .Values.controller.telemetryConfig.port }} - {{- end }} - selector: - app: {{ .Release.Name }}-{{ .Values.controller.name }} - sessionAffinity: None - type: {{ .Values.controller.serviceType }} - {{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.controller.loadBalancerSourceRanges | indent 4 }}{{- end }} -{{- end -}} diff --git a/charts/argo/templates/workflow-controller-servicemonitor.yaml b/charts/argo/templates/workflow-controller-servicemonitor.yaml deleted file mode 100644 index 425fedac..00000000 --- a/charts/argo/templates/workflow-controller-servicemonitor.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if and (or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled) .Values.controller.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }} - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- if .Values.controller.serviceMonitor.additionalLabels }} -{{ toYaml .Values.controller.serviceMonitor.additionalLabels | indent 4 }} - {{- end }} -spec: - endpoints: - {{- if .Values.controller.metricsConfig.enabled }} - - port: metrics - path: {{ .Values.controller.metricsConfig.path }} - interval: 30s - {{- end }} - {{- if .Values.controller.telemetryConfig.enabled }} - - port: telemetry - path: {{ .Values.controller.telemetryConfig.path }} - interval: 30s - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - release: {{ .Release.Name }} -{{- end }} diff --git a/charts/argo/templates/workflow-crd.yaml b/charts/argo/templates/workflow-crd.yaml deleted file mode 100644 index 44a6fa98..00000000 --- a/charts/argo/templates/workflow-crd.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflows.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - additionalPrinterColumns: - - JSONPath: .status.phase - description: Status of the workflow - name: Status - type: string - - JSONPath: .status.startedAt - description: When the workflow was started - format: date-time - name: Age - type: date - group: argoproj.io - names: - kind: Workflow - plural: workflows - shortNames: - - wf - scope: Namespaced - version: v1alpha1 -{{- end }} diff --git a/charts/argo/templates/workflow-rb.yaml b/charts/argo/templates/workflow-rb.yaml deleted file mode 100644 index 17785257..00000000 --- a/charts/argo/templates/workflow-rb.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.workflow.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ .Release.Name }}-workflow -{{- if .Values.workflow.namespace }} - namespace: {{ .Values.workflow.namespace }} -{{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ .Release.Name }}-workflow -subjects: -- kind: ServiceAccount - name: {{ .Values.workflow.serviceAccount.name }} - {{- if .Values.workflow.namespace }} - namespace: {{ .Values.workflow.namespace }} - {{- end }} -{{- end }} diff --git a/charts/argo/templates/workflow-role.yaml b/charts/argo/templates/workflow-role.yaml deleted file mode 100644 index 37365f21..00000000 --- a/charts/argo/templates/workflow-role.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.workflow.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ .Release.Name }}-workflow - {{- if .Values.workflow.namespace }} - namespace: {{ .Values.workflow.namespace }} - {{- end }} -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - watch - - patch -- apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - watch -{{- end }} diff --git a/charts/argo/templates/workflow-sa.yaml b/charts/argo/templates/workflow-sa.yaml deleted file mode 100644 index 45d97cf0..00000000 --- a/charts/argo/templates/workflow-sa.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.workflow.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.workflow.serviceAccount.name }} - {{- if .Values.workflow.namespace }} - namespace: {{ .Values.workflow.namespace }} - {{- end }} - {{- with .Values.workflow.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/argo/templates/workflow-template-crd.yaml b/charts/argo/templates/workflow-template-crd.yaml deleted file mode 100644 index 757fa098..00000000 --- a/charts/argo/templates/workflow-template-crd.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtemplates.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - version: v1alpha1 - scope: Namespaced - names: - kind: WorkflowTemplate - plural: workflowtemplates - shortNames: - - wftmpl -{{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml deleted file mode 100644 index 31a36041..00000000 --- a/charts/argo/values.yaml +++ /dev/null @@ -1,330 +0,0 @@ -images: - namespace: argoproj - controller: workflow-controller - server: argocli - executor: argoexec - pullPolicy: Always - # Secrets with credentials to pull images from a private registry - pullSecrets: [] - # - name: argo-pull-secret - tag: v2.12.5 - -crdVersion: v1alpha1 -installCRD: true - -init: - # By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is - # being deployed to. In RBAC clusters, that will almost certainly fail. See the NOTES: section of the readme for more info. - serviceAccount: "" - -createAggregateRoles: true - -# Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents, -# and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. -singleNamespace: false - -workflow: - namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. - serviceAccount: - create: false # Specifies whether a service account should be created - annotations: {} - name: "argo-workflow" # Service account which is used to run workflows - rbac: - create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows - -controller: - image: - # Overrides .images.tag if defined. - tag: "" - # parallelism dictates how many workflows can be running at the same time - parallelism: - # podAnnotations is an optional map of annotations to be applied to the controller Pods - podAnnotations: {} - # Optional labels to add to the controller pods - podLabels: {} - # SecurityContext to set on the controller pods - podSecurityContext: {} - # podPortName: http - metricsConfig: - enabled: false - path: /metrics - port: 8080 - persistence: {} - # connectionPool: - # maxIdleConns: 100 - # maxOpenConns: 0 - # # save the entire workflow into etcd and DB - # nodeStatusOffLoad: false - # # enable archiving of old workflows - # archive: false - # postgresql: - # host: localhost - # port: 5432 - # database: postgres - # tableName: argo_workflows - # # the database secrets must be in the same namespace of the controller - # userNameSecret: - # name: argo-postgres-config - # key: username - # passwordSecret: - # name: argo-postgres-config - # key: password - workflowDefaults: {} # Only valid for 2.7+ - # spec: - # ttlStrategy: - # secondsAfterCompletion: 84600 - # workflowWorkers: 32 - # podWorkers: 32 - workflowRestrictions: {} # Only valid for 2.9+ - # templateReferencing: Strict|Secure - telemetryConfig: - enabled: false - path: /telemetry - port: 8081 - serviceMonitor: - enabled: false - additionalLabels: {} - serviceAccount: argo - # Service account annotations - serviceAccountAnnotations: {} - name: workflow-controller - workflowNamespaces: - - default - containerRuntimeExecutor: docker - instanceID: - # `instanceID.enabled` configures the controller to filter workflow submissions - # to only those which have a matching instanceID attribute. - enabled: false - # NOTE: If `instanceID.enabled` is set to `true` then either `instanceID.userReleaseName` - # or `instanceID.explicitID` must be defined. - # useReleaseName: true - # explicitID: unique-argo-controller-identifier - logging: - level: info - globallevel: "0" - serviceType: ClusterIP - metricsServicePort: 8080 - metricsServicePortName: metrics - telemetryServicePort: 8081 - telemetryServicePortName: telemetry - # Annotations to be applied to the controller Service - serviceAnnotations: {} - # Optional labels to add to the controller Service - serviceLabels: {} - # Source ranges to allow access to service from. Only applies to - # service type `LoadBalancer` - loadBalancerSourceRanges: [] - resources: {} - # The list of environment variable definitions to be added to the controller - # manages container verbatim. - extraEnv: [] - # Extra arguments to be added to the controller - extraArgs: [] - replicas: 1 - pdb: - enabled: false - # minAvailable: 1 - # maxUnavailable: 1 - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## - nodeSelector: - kubernetes.io/os: linux - tolerations: [] - affinity: {} - # Leverage a PriorityClass to ensure your pods survive resource shortages - # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ - # PriorityClass: system-cluster-critical - priorityClassName: "" - # https://argoproj.github.io/argo-workflows/links/ - links: [] - -# executor controls how the init and wait container should be customized -executor: - image: - # Overrides .images.tag if defined. - tag: "" - resources: {} - # Adds environment variables for the executor. - env: {} - # sets security context for the executor container - securityContext: {} - -server: - enabled: true - # only updates base url of resources on client side, - # it's expected that a proxy server rewrites the request URL and gets rid of this prefix - # https://github.com/argoproj/argo/issues/716#issuecomment-433213190 - baseHref: / - image: - # Overrides .images.tag if defined. - tag: "" - # optional map of annotations to be applied to the ui Pods - podAnnotations: {} - # Optional labels to add to the UI pods - podLabels: {} - # SecurityContext to set on the server pods - podSecurityContext: {} - name: server - serviceType: ClusterIP - servicePort: 2746 - # servicePortName: http - serviceAccount: argo-server - # Whether to create the service account with the name specified in - # server.serviceAccount and bind it to the server role. - createServiceAccount: true - # Service account annotations - serviceAccountAnnotations: {} - # Annotations to be applied to the UI Service - serviceAnnotations: {} - # Optional labels to add to the UI Service - serviceLabels: {} - # Static IP address to assign to loadBalancer - # service type `LoadBalancer` - loadBalancerIP: "" - # Source ranges to allow access to service from. Only applies to - # service type `LoadBalancer` - loadBalancerSourceRanges: [] - resources: {} - replicas: 1 - pdb: - enabled: false - # minAvailable: 1 - # maxUnavailable: 1 - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## - nodeSelector: - kubernetes.io/os: linux - tolerations: [] - affinity: {} - # Leverage a PriorityClass to ensure your pods survive resource shortages - # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ - # PriorityClass: system-cluster-critical - priorityClassName: "" - - # Run the argo server in "secure" mode. Configure this value instead of - # "--secure" in extraArgs. See the following documentation for more details - # on secure mode: - # https://argoproj.github.io/argo-workflows/tls/#encrypted - secure: false - - # Extra arguments to provide to the Argo server binary. - extraArgs: [] - - ## Additional volumes to the server main container. - volumeMounts: [] - volumes: [] - - ## Ingress configuration. - ## ref: https://kubernetes.io/docs/user-guide/ingress/ - ## - ingress: - enabled: false - - ## Annotations to be added to the web ingress. - ## - # annotations: - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - - ## Labels to be added to the web ingress. - ## - # labels: - # use-cloudflare-solver: "true" - - ## Hostnames. - ## Must be provided if Ingress is enabled. - ## - # hosts: - # - argo.domain.com - - ## Additional Paths for each host - # paths: - # - serviceName: "ssl-redirect" - # servicePort: "use-annotation" - - ## TLS configuration. - ## Secrets must be manually created in the namespace. - ## - # tls: - # - secretName: argo-ui-tls - # hosts: - # - argo.domain.com - clusterWorkflowTemplates: - # Give the server permissions to edit ClusterWorkflowTemplates. - enableEditing: true - sso: - ## SSO configuration when SSO is specified as a server auth mode. - ## All the values are required. SSO is activated by adding --auth-mode=sso - ## to the server command line. - # - ## The root URL of the OIDC identity provider. - # issuer: https://accounts.google.com - ## Name of a secret and a key in it to retrieve the app OIDC client ID from. - # clientId: - # name: argo-server-sso - # key: client-id - ## Name of a secret and a key in it to retrieve the app OIDC client secret from. - # clientSecret: - # name: argo-server-sso - # key: client-secret - ## The OIDC redirect URL. Should be in the form /oauth2/callback. - # redirectUrl: https://argo/oauth2/callback - # rbac: - # enabled: true - ## When present, restricts secrets the server can read to a given list. - ## You can use it to restrict the server to only be able to access the - ## service account token secrets that are associated with service accounts - ## used for authorization. - # secretWhitelist: [] - ## Scopes requested from the SSO ID provider. The 'groups' scope requests - ## group membership information, which is usually used for authorization - ## decisions. - # scopes: - # - groups - -# Influences the creation of the ConfigMap for the workflow-controller itself. -useDefaultArtifactRepo: false -useStaticCredentials: true -artifactRepository: - # archiveLogs will archive the main container logs as an artifact - archiveLogs: false - s3: - # Note the `key` attribute is not the actual secret, it's the PATH to - # the contents in the associated secret, as defined by the `name` attribute. - accessKeySecret: - # name: -minio (default) - key: accesskey - secretKeySecret: - # name: -minio - key: secretkey - insecure: true - # bucket: - # endpoint: - # region: - # roleARN: - # useSDKCreds: true - # gcs: - # bucket: -argo - # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/" - # serviceAccountKeySecret is a secret selector. - # It references the k8s secret named 'my-gcs-credentials'. - # This secret is expected to have have the key 'serviceAccountKey', - # containing the base64 encoded credentials - # to the bucket. - # - # If it's running on GKE and Workload Identity is used, - # serviceAccountKeySecret is not needed. - # serviceAccountKeySecret: - # name: my-gcs-credentials - # key: serviceAccountKey - - -# NOTE: These are setting attributes for the `minio` optional dependency -minio: - # If set to true then chart installs minio and generate according artifactRepository section in workflow controller config map - install: false - defaultBucket: - enabled: true - name: argo-artifacts