merge

CONTRIBUTING.md

@@ -19,7 +19,7 @@ Clean-up:
 
 ```
 helm delete argo-cd --purge
-kubectl delete crd -l app.kubernetes.io/part-of=argo-cd
+kubectl delete crd -l app.kubernetes.io/part-of=argocd
 ```
 
 Minimally:
@@ -32,7 +32,7 @@ kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443
 In a new terminal:
 
 ```
-argocd version
+argocd version --server localhost:8080 --insecure
 # reset password to 'Password1!'
 kubectl -n argocd patch secret argocd-secret \
   -p '{"stringData": {

charts/argo-cd/.helmignore

@@ -0,0 +1,2 @@
+*.tgz
+output

charts/argo-cd/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v1
-appVersion: "1.3.0-rc4"
+appVersion: "1.3.0"
 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 1.0.8
+version: 1.2.5
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
 keywords:

charts/argo-cd/README.md

@@ -2,8 +2,6 @@ Argo CD Chart
 ======
 A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 
-Current chart version is `1.0.4`
-
 Source code can be found [here](https://argoproj.github.io/argo-cd/)
 
 ## Additional Information
@@ -51,7 +49,7 @@ $ helm install --name my-release argo/argo-cd
 | controller.args.statusProcessors | define the controller `--status-processors` | `"20"` |
 | controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` |
 | controller.containerPort | Controller listening port. | `8082` |
-| controller.extraArgs | Additional arguments for the controller. | `[]` |
+| controller.extraArgs | Additional arguments for the controller. A list of key:value pairs | `[]` |
 | controller.image.repository | Repository to use for the controller | `global.image.repository` |
 | controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` |
 | controller.image.tag | Tag to use for the controller | `global.image.tag` |
@@ -93,7 +91,7 @@ $ helm install --name my-release argo/argo-cd
 |-----|------|---------|-------------|
 | repoServer.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
 | repoServer.containerPort | Repo server port | `8081` |
-| repoServer.extraArgs | Additional arguments for the repo server | `[]` |
+| repoServer.extraArgs | Additional arguments for the repo server. A  list of key:value pairs. | `[]` |
 | repoServer.image.repository | Repository to use for the repo server | `global.image.repository` |
 | repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` |
 | repoServer.image.tag | Tag to use for the repo server | `global.image.tag` |
@@ -138,7 +136,7 @@ $ helm install --name my-release argo/argo-cd
 | server.certificate.issuer | Certificate manager issuer | `{}` |
 | server.config | URL for Argo CD | `{}` |
 | server.containerPort | Server container port. | `8080` |
-| server.extraArgs | Additional arguments for the server | `[]` |
+| server.extraArgs | Additional arguments for the server. A list of key:value pairs. | `[]` |
 | server.image.repository | Repository to use for the server | `global.image.repository` |
 | server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` |
 | server.image.tag | Tag to use for the repo server | `global.image.tag` |
@@ -216,7 +214,7 @@ $ helm install --name my-release argo/argo-cd
 |-----|------|---------|-------------|
 | redis.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
 | redis.containerPort | Redis container port | `6379` |
-| redis.enabled | Enable redis | `false` |
+| redis.enabled | Enable redis | `true` |
 | redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` |
 | redis.image.repository | Redis repository | `"redis"` |
 | redis.image.tag | Redis tag | `"5.0.3"` |

charts/argo-cd/templates/NOTES.txt

@@ -1,6 +1,6 @@
 In order to access the server UI you have the following options:
 
-1. kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443
+1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443
 
     and then open the browser on http://localhost:8080 and accept the certificate
 
@@ -12,4 +12,4 @@ In order to access the server UI you have the following options:
 After reaching the UI the first time you can login with username: admin and the password will be the
 name of the server pod. You can get the pod name by running:
 
-kubectl get pods -n argocd -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2
+kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2

charts/argo-cd/templates/_helpers.tpl

@@ -92,6 +92,17 @@ Create the name of the ArgoCD server service account to use
 {{- end -}}
 {{- end -}}
 
+{{/*
+Create the name of the repo-server service account to use
+*/}}
+{{- define "argo-cd.repoServerServiceAccountName" -}}
+{{- if .Values.repoServer.serviceAccount.create -}}
+    {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.repoServer.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Create chart name and version as used by the chart label.
 */}}

charts/argo-cd/templates/argocd-configs/argocd-secret.yaml

@@ -25,7 +25,7 @@ data:
   {{- end }}
   {{- if .Values.configs.secret.argocdServerTlsConfig }}
   tls.key: {{ .Values.configs.secret.argocdServerTlsConfig.key | b64enc }}
-  tls.cert: {{ .Values.configs.secret.argocdServerTlsConfig.cert | b64enc }}
+  tls.crt: {{ .Values.configs.secret.argocdServerTlsConfig.crt | b64enc }}
   {{- end }}
 
   {{- if .Values.configs.secret.argocdServerAdminPassword }}

charts/argo-cd/templates/argocd-repo-server/deployment.yaml

@@ -105,6 +105,7 @@ spec:
       affinity:
 {{- toYaml .Values.repoServer.affinity | nindent 8 }}
     {{- end }}
+      serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }}
       volumes:
       {{- if .Values.repoServer.volumes }}
 {{- toYaml .Values.repoServer.volumes | nindent 8}}

charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml

@@ -0,0 +1,18 @@
+{{- if .Values.configs.repositoryCredentials }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: argocd-repository-credentials
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+type: Opaque
+data:
+{{- range $key, $value := .Values.configs.repositoryCredentials }}
+  {{ $key }}: {{ $value | b64enc }}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-repo-server/role.yaml

@@ -0,0 +1,17 @@
+{{- if .Values.repoServer.serviceAccount.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ template "argo-cd.repoServer.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+rules:
+{{- if .Values.repoServer.rbac }}
+{{toYaml .Values.repoServer.rbac }}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml

@@ -0,0 +1,21 @@
+{{- if .Values.repoServer.serviceAccount.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "argo-cd.repoServer.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "argo-cd.repoServer.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "argo-cd.repoServerServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end }}

charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml

@@ -0,0 +1,19 @@
+{{- if .Values.repoServer.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "argo-cd.repoServerServiceAccountName" . }}
+{{- if .Values.repoServer.serviceAccount.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+{{- end }}

charts/argo-cd/templates/argocd-server/ingress.yaml

@@ -1,6 +1,6 @@
 {{- if .Values.server.ingress.enabled -}}
 {{- $serviceName := include "argo-cd.server.fullname" . -}}
-{{- $servicePort := .Values.server.name -}}
+{{- $servicePort := .Values.server.service.servicePortHttp -}}
 {{- $paths := .Values.server.ingress.paths -}}
 apiVersion: extensions/v1beta1
 kind: Ingress

charts/argo-cd/templates/crds/application-crd.yaml

@@ -1,3 +1,4 @@
+{{- if .Values.installCRDs }}
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
@@ -416,7 +417,7 @@ spec:
                     type: object
                   type: array
                 revision:
-                  description: Revision is the git revision in which to sync the application
+                  description: Revision is the revision in which to sync the application
                     to. If omitted, will use the revision specified in app spec.
                   type: string
                 source:
@@ -424,6 +425,9 @@ spec:
                     This is typically set in a Rollback operation and nil during a
                     Sync operation
                   properties:
+                    chart:
+                      description: Chart is a Helm chart name
+                      type: string
                     directory:
                       description: Directory holds path/directory specific options
                       properties:
@@ -492,6 +496,10 @@ spec:
                           items:
                             type: string
                           type: array
+                        values:
+                          description: Values is Helm values, typically defined as
+                            a block
+                          type: string
                       type: object
                     ksonnet:
                       description: Ksonnet holds ksonnet specific options
@@ -536,8 +544,7 @@ spec:
                           type: string
                       type: object
                     path:
-                      description: Path is a directory path within the repository
+                      description: Path is a directory path within the Git repository
-                        containing a
                       type: string
                     plugin:
                       description: ConfigManagementPlugin holds config management
@@ -561,7 +568,7 @@ spec:
                           type: string
                       type: object
                     repoURL:
-                      description: RepoURL is the git repository URL of the application
+                      description: RepoURL is the repository URL of the application
                         manifests
                       type: string
                     targetRevision:
@@ -571,7 +578,6 @@ spec:
                       type: string
                   required:
                   - repoURL
-                  - path
                   type: object
                 syncStrategy:
                   description: SyncStrategy describes how to perform the sync
@@ -634,7 +640,6 @@ spec:
                   namespace:
                     type: string
                 required:
-                - group
                 - kind
                 - jsonPointers
                 type: object
@@ -661,6 +666,9 @@ spec:
               description: Source is a reference to the location ksonnet application
                 definition
               properties:
+                chart:
+                  description: Chart is a Helm chart name
+                  type: string
                 directory:
                   description: Directory holds path/directory specific options
                   properties:
@@ -729,6 +737,9 @@ spec:
                       items:
                         type: string
                       type: array
+                    values:
+                      description: Values is Helm values, typically defined as a block
+                      type: string
                   type: object
                 ksonnet:
                   description: Ksonnet holds ksonnet specific options
@@ -773,8 +784,7 @@ spec:
                       type: string
                   type: object
                 path:
-                  description: Path is a directory path within the repository containing
+                  description: Path is a directory path within the Git repository
-                    a
                   type: string
                 plugin:
                   description: ConfigManagementPlugin holds config management plugin
@@ -798,8 +808,7 @@ spec:
                       type: string
                   type: object
                 repoURL:
-                  description: RepoURL is the git repository URL of the application
+                  description: RepoURL is the repository URL of the application manifests
-                    manifests
                   type: string
                 targetRevision:
                   description: TargetRevision defines the commit, tag, or branch in
@@ -807,7 +816,6 @@ spec:
                   type: string
               required:
               - repoURL
-              - path
               type: object
             syncPolicy:
               description: SyncPolicy controls when a sync will be performed
@@ -867,6 +875,9 @@ spec:
                     type: string
                   source:
                     properties:
+                      chart:
+                        description: Chart is a Helm chart name
+                        type: string
                       directory:
                         description: Directory holds path/directory specific options
                         properties:
@@ -936,6 +947,10 @@ spec:
                             items:
                               type: string
                             type: array
+                          values:
+                            description: Values is Helm values, typically defined
+                              as a block
+                            type: string
                         type: object
                       ksonnet:
                         description: Ksonnet holds ksonnet specific options
@@ -980,8 +995,7 @@ spec:
                             type: string
                         type: object
                       path:
-                        description: Path is a directory path within the repository
+                        description: Path is a directory path within the Git repository
-                          containing a
                         type: string
                       plugin:
                         description: ConfigManagementPlugin holds config management
@@ -1005,7 +1019,7 @@ spec:
                             type: string
                         type: object
                       repoURL:
-                        description: RepoURL is the git repository URL of the application
+                        description: RepoURL is the repository URL of the application
                           manifests
                         type: string
                       targetRevision:
@@ -1015,7 +1029,6 @@ spec:
                         type: string
                     required:
                     - repoURL
-                    - path
                     type: object
                 required:
                 - revision
@@ -1024,6 +1037,8 @@ spec:
                 type: object
               type: array
             observedAt:
+              description: ObservedAt indicates when the application state was updated
+                without querying latest git state
               format: date-time
               type: string
             operationState:
@@ -1071,15 +1086,18 @@ spec:
                             type: object
                           type: array
                         revision:
-                          description: Revision is the git revision in which to sync
+                          description: Revision is the revision in which to sync the
-                            the application to. If omitted, will use the revision
+                            application to. If omitted, will use the revision specified
-                            specified in app spec.
+                            in app spec.
                           type: string
                         source:
                           description: Source overrides the source definition set
                             in the application. This is typically set in a Rollback
                             operation and nil during a Sync operation
                           properties:
+                            chart:
+                              description: Chart is a Helm chart name
+                              type: string
                             directory:
                               description: Directory holds path/directory specific
                                 options
@@ -1155,6 +1173,10 @@ spec:
                                   items:
                                     type: string
                                   type: array
+                                values:
+                                  description: Values is Helm values, typically defined
+                                    as a block
+                                  type: string
                               type: object
                             ksonnet:
                               description: Ksonnet holds ksonnet specific options
@@ -1200,8 +1222,8 @@ spec:
                                   type: string
                               type: object
                             path:
-                              description: Path is a directory path within the repository
+                              description: Path is a directory path within the Git
-                                containing a
+                                repository
                               type: string
                             plugin:
                               description: ConfigManagementPlugin holds config management
@@ -1225,8 +1247,8 @@ spec:
                                   type: string
                               type: object
                             repoURL:
-                              description: RepoURL is the git repository URL of the
+                              description: RepoURL is the repository URL of the application
-                                application manifests
+                                manifests
                               type: string
                             targetRevision:
                               description: TargetRevision defines the commit, tag,
@@ -1235,7 +1257,6 @@ spec:
                               type: string
                           required:
                           - repoURL
-                          - path
                           type: object
                         syncStrategy:
                           description: SyncStrategy describes how to perform the sync
@@ -1322,12 +1343,15 @@ spec:
                         type: object
                       type: array
                     revision:
-                      description: Revision holds the git commit SHA of the sync
+                      description: Revision holds the revision of the sync
                       type: string
                     source:
                       description: Source records the application source information
                         of the sync, used for comparing auto-sync
                       properties:
+                        chart:
+                          description: Chart is a Helm chart name
+                          type: string
                         directory:
                           description: Directory holds path/directory specific options
                           properties:
@@ -1399,6 +1423,10 @@ spec:
                               items:
                                 type: string
                               type: array
+                            values:
+                              description: Values is Helm values, typically defined
+                                as a block
+                              type: string
                           type: object
                         ksonnet:
                           description: Ksonnet holds ksonnet specific options
@@ -1444,8 +1472,7 @@ spec:
                               type: string
                           type: object
                         path:
-                          description: Path is a directory path within the repository
+                          description: Path is a directory path within the Git repository
-                            containing a
                           type: string
                         plugin:
                           description: ConfigManagementPlugin holds config management
@@ -1469,7 +1496,7 @@ spec:
                               type: string
                           type: object
                         repoURL:
-                          description: RepoURL is the git repository URL of the application
+                          description: RepoURL is the repository URL of the application
                             manifests
                           type: string
                         targetRevision:
@@ -1479,7 +1506,6 @@ spec:
                           type: string
                       required:
                       - repoURL
-                      - path
                       type: object
                   required:
                   - revision
@@ -1490,6 +1516,8 @@ spec:
               - startedAt
               type: object
             reconciledAt:
+              description: ReconciledAt indicates when the application state was reconciled
+                using the latest git version
               format: date-time
               type: string
             resources:
@@ -1553,6 +1581,9 @@ spec:
                       type: object
                     source:
                       properties:
+                        chart:
+                          description: Chart is a Helm chart name
+                          type: string
                         directory:
                           description: Directory holds path/directory specific options
                           properties:
@@ -1624,6 +1655,10 @@ spec:
                               items:
                                 type: string
                               type: array
+                            values:
+                              description: Values is Helm values, typically defined
+                                as a block
+                              type: string
                           type: object
                         ksonnet:
                           description: Ksonnet holds ksonnet specific options
@@ -1669,8 +1704,7 @@ spec:
                               type: string
                           type: object
                         path:
-                          description: Path is a directory path within the repository
+                          description: Path is a directory path within the Git repository
-                            containing a
                           type: string
                         plugin:
                           description: ConfigManagementPlugin holds config management
@@ -1694,7 +1728,7 @@ spec:
                               type: string
                           type: object
                         repoURL:
-                          description: RepoURL is the git repository URL of the application
+                          description: RepoURL is the repository URL of the application
                             manifests
                           type: string
                         targetRevision:
@@ -1704,7 +1738,6 @@ spec:
                           type: string
                       required:
                       - repoURL
-                      - path
                       type: object
                   required:
                   - source
@@ -1726,3 +1759,4 @@ spec:
   - name: v1alpha1
     served: true
     storage: true
+{{- end }}

charts/argo-cd/templates/crds/appproject-crd.yaml

@@ -1,3 +1,4 @@
+{{- if .Values.installCRDs }}
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
@@ -434,6 +435,15 @@ spec:
                 - kind
                 type: object
               type: array
+            orphanedResources:
+              description: OrphanedResources specifies if controller should monitor
+                orphaned resources of apps in this project
+              properties:
+                warn:
+                  description: Warn indicates if warning condition should be created
+                    for apps which have orphaned resources
+                  type: boolean
+              type: object
             roles:
               description: Roles are user defined RBAC roles associated with this
                 project
@@ -477,11 +487,51 @@ spec:
                 type: object
               type: array
             sourceRepos:
-              description: SourceRepos contains list of git repository URLs which
+              description: SourceRepos contains list of repository URLs which can
-                can be used for deployment
+                be used for deployment
               items:
                 type: string
               type: array
+            syncWindows:
+              description: SyncWindows controls when syncs can be run for apps in
+                this project
+              items:
+                properties:
+                  applications:
+                    description: Applications contains a list of applications that
+                      the window will apply to
+                    items:
+                      type: string
+                    type: array
+                  clusters:
+                    description: Clusters contains a list of clusters that the window
+                      will apply to
+                    items:
+                      type: string
+                    type: array
+                  duration:
+                    description: Duration is the amount of time the sync window will
+                      be open
+                    type: string
+                  kind:
+                    description: Kind defines if the window allows or blocks syncs
+                    type: string
+                  manualSync:
+                    description: ManualSync enables manual syncs when they would otherwise
+                      be blocked
+                    type: boolean
+                  namespaces:
+                    description: Namespaces contains a list of namespaces that the
+                      window will apply to
+                    items:
+                      type: string
+                    type: array
+                  schedule:
+                    description: Schedule is the time the window will begin, specified
+                      in cron format
+                    type: string
+                type: object
+              type: array
           type: object
       required:
       - metadata
@@ -491,3 +541,4 @@ spec:
   - name: v1alpha1
     served: true
     storage: true
+{{- end }}

charts/argo-cd/templates/dex/deployment.yaml

@@ -28,7 +28,7 @@ spec:
       initContainers:
       - name: copyutil
         image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }}
-        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.pullPolicy }}
+        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
         command:
         - cp
         - /usr/local/bin/argocd-util
@@ -73,4 +73,4 @@ spec:
       volumes:
 {{- toYaml .Values.dex.volumes | nindent 8}}
 {{- end }}
-{{- end }}
+{{- end }}

charts/argo-cd/values.yaml

@@ -2,21 +2,25 @@
 ## Ref: https://github.com/argoproj/argo-cd
 ##
 nameOverride: argocd
+fullnameOverride: ""
+
+# Optional CRD installation for those without Helm hooks
+installCRDs: true
 
 global:
   image:
     repository: argoproj/argocd
-    tag: v1.2.4
+    tag: v1.3.0
     imagePullPolicy: IfNotPresent
 
 ## Controller
 controller:
   name: application-controller
 
-  image: {}
+  image:
-  #  repository: argoproj/argocd
+    repository: # argoproj/argocd
-  #  tag: v1.2.1
+    tag: # v1.3.0
-  #  imagePullPolicy: IfNotPresent
+    imagePullPolicy: # IfNotPresent
 
   ## Argo controller commandline flags
   args:
@@ -27,6 +31,7 @@ controller:
   logLevel: info
 
   ## Additional command line arguments to pass to argocd-controller
+  ## key: value
   extraArgs: []
 
   ## Annotations to be added to controller pods
@@ -117,7 +122,10 @@ dex:
     repository: quay.io/dexidp/dex
     tag: v2.14.0
     imagePullPolicy: IfNotPresent
-  initImage: {}
+  initImage:
+    repository:
+    tag:
+    imagePullPolicy:
 
   serviceAccount:
     create: true
@@ -158,7 +166,7 @@ dex:
 
 ## Redis
 redis:
-  enabled: false
+  enabled: true
   name: redis
 
   image:
@@ -186,18 +194,22 @@ redis:
   #    cpu: 100m
   #    memory: 64Mi
 
+  volumeMounts: []
+  volumes: []
+
 ## Server
 server:
   name: server
 
-  image: {}
+  image:
-  #  repository: argoproj/argocd
+    repository: # argoproj/argocd
-  #  tag: v1.2.1
+    tag: # v1.3.0
-  #  imagePullPolicy: IfNotPresent
+    imagePullPolicy: # IfNotPresent
 
   ## Additional command line arguments to pass to argocd-server
+  ## key: value
   # extraArgs: []
-  #   - insecure
+  #   insecure: true
   extraArgs: []
 
   ## Argo server log level
@@ -295,11 +307,13 @@ server:
     ## Hostnames must be provided if Ingress is enabled.
     ## Secrets must be manually created in the namespace
     ##
-    hosts: []
+    hosts:
+      []
       # - argocd.example.com
     paths:
-    - /
+      - /
-    tls: []
+    tls:
+      []
       # - secretName: argocd-example-tls
       #   hosts:
       #     - argocd.example.com
@@ -319,10 +333,34 @@ server:
     url: https://argocd.example.com
     # Argo CD instance label key
     application.instanceLabelKey: argocd.argoproj.io/instance
+    # repositories: |
+    #   - url: git@github.com:group/repo.git
+    #     sshPrivateKeySecret:
+    #       name: secret-name
+    #       key: sshPrivateKey
+    #   - type: helm
+    #     url: https://kubernetes-charts.storage.googleapis.com
+    #     name: stable
+    #   - type: helm
+    #     url: https://argoproj.github.io/argo-helm
+    #     name: argo
+    # oidc.config: |
+    #   name: AzureAD
+    #   issuer: https://login.microsoftonline.com/TENANT_ID/v2.0
+    #   clientID: CLIENT_ID
+    #   clientSecret: $oidc.azuread.clientSecret
+    #   requestedIDTokenClaims:
+    #     groups:
+    #       essential: true
+    #   requestedScopes:
+    #     - openid
+    #     - profile
+    #     - email
 
   ## ArgoCD rbac config
   ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md
-  rbacConfig: {}
+  rbacConfig:
+    {}
     # policy.csv is an file containing user-defined RBAC policies and role definitions (optional).
     # Policy rules are in the form:
     #   p, subject, resource, action, object, effect
@@ -338,7 +376,6 @@ server:
     # authorizing API requests (optional). If omitted or empty, users may be still be able to login,
     # but will see no apps, projects, etc...
     # policy.default: role:readonly
-
     # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope).
     # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings.
     # scopes: '[cognito:groups, email]'
@@ -396,13 +433,13 @@ server:
 repoServer:
   name: repo-server
 
-  image: {}
+  image:
-  #  repository: argoproj/argocd
+    repository: # argoproj/argocd
-  #  tag: v1.2.1
+    tag: # v1.3.0
-  #  imagePullPolicy: IfNotPresent
+    imagePullPolicy: # IfNotPresent
 
   ## Additional command line arguments to pass to argocd-repo-server
-  ##
+  ## key: value
   extraArgs: []
 
   ## Argo repoServer log level
@@ -478,6 +515,25 @@ repoServer:
     #   namespace: monitoring
     #   additionalLabels: {}
 
+  ## Repo server service account
+  ## If create is set to true, make sure to uncomment the name and update the rbac section below
+  serviceAccount:
+    create: false
+  #  name: argocd-repo-server
+    ## Annotations applied to created service account
+    annotations: {}
+
+  ## Repo server rbac rules
+ # rbac:
+ #   - apiGroups:
+ #     - argoproj.io
+ #     resources:
+ #     - applications
+ #     verbs:
+ #     - get
+ #     - list
+ #     - watch
+
 ## Argo Configs
 configs:
   knownHosts:
@@ -490,7 +546,8 @@ configs:
         gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
         ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
         vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
-  tlsCerts: {}
+  tlsCerts:
+    {}
     # data:
     #   argocd.example.com: |
     #     -----BEGIN CERTIFICATE-----
@@ -527,6 +584,25 @@ configs:
     #     +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK
     #     XWyb96wrUlv+E8I=
     #     -----END CERTIFICATE-----
+  # Creates a secret with optional repository credentials
+  repositoryCredentials:
+    {}
+    # sample-ssh-key: |
+    # -----BEGIN RSA PRIVATE KEY-----
+    # MIICXAIBAAKBgQCcmiVJXGUvL8zqWmRRETbCKgFadtjJ9WDQpSwiZzMiktpYBo0N
+    # z0cThzGQfWqvdiJYEy72MrKCaSYssV3eHP5zTffk4VBDktNfdl1kgkOpqnh7tQO4
+    # nBONRLzcK6KEbKUsmiTbW8Jb4UFYDhyyyveby7y3vYePmaRQIrlEenVfKwIDAQAB
+    # AoGAbbg+WZjnt9jYzHWKhZX29LDzg8ty9oT6URT4yB3gIOAdJMFqQHuyg8cb/e0x
+    # O0AcrfK623oHwgEj4vpeFwnfaBdtM5GfH9zaj6pnXV7VZc3oBHrBnHUgFT3NEYUe
+    # tt6rtatIguBH61Aj/pyij9sOfF0xDj0s1nwFTbdHtZR/31kCQQDIwcVTqhKkDNW6
+    # cvdz+Wt3v9x1wNg+VhZhyA/pKILz3+qtn3GogLrQqhpVi+Y7tdvEv9FvgKaCjUp8
+    # 6Lfp6dDFAkEAx7HpQbXFdrtcveOi9kosKRDX1PT4zdhB08jAXGlV8jr0jkrZazVM
+    # hV5rVCuu35Vh6x1fiyGwwiVsqhgWE+KPLwJAWrDemasM/LsnmjDxhJy6ZcBwsWlK
+    # xu5Q8h9UwLmiXtVayNBsofh1bGpLtzWZ7oN7ImidDkgJ8JQvgDoJS0xrGQJBALPJ
+    # FkMFnrjtqGqBVkc8shNqyZY90v6oM2OzupO4dht2PpUZCDPAMZtlTWXjSjabbCPc
+    # NxexBk1UmkdtFftjHxsCQGjG+nhRYH92MsmrbvZyFzgxg9SIOu6xel7D3Dq9l5Le
+    # XG+bpHPF4SiCpAxthP5WNa17zuvk+CDsMZgZNuhYNMo=
+    # -----END RSA PRIVATE KEY-----
   secret:
     createSecret: true
     githubSecret: ""
@@ -534,5 +610,7 @@ configs:
     bitbucketSecret: ""
 #   argocdServerTlsConfig:
 #     key:
-#     cert:
+#     crt:
+    # Argo expects the password in the secret to be bcrypt hashed. You can create this hash with
+    # `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'`
 #   argocdServerAdminPassword:

charts/argo-events/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 description: A Helm chart to install Argo-Events in k8s Cluster
 name: argo-events
-version: 0.5.2
+version: 0.6.0
 keywords:
   - argo-events
   - sensor-controller
@@ -11,6 +11,6 @@ sources:
 maintainers:
   - name: VaibhavPage
   - name: magaldima
-appVersion: 0.10
+appVersion: 0.11
 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
 home: https://github.com/argoproj/argo-helm

charts/argo-events/README.md

@@ -14,3 +14,10 @@ This is a **community maintained** chart. It installs the [argo-events](https://
 ## Notes on CRD Installation
 
 Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart.
+
+You can install the CRDs manually like so:
+
+```
+kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.11/hack/k8s/manifests/sensor-crd.yaml
+kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.11/hack/k8s/manifests/gateway-crd.yaml
+```

charts/argo-events/ci/test-values.yaml

@@ -0,0 +1,6 @@
+serviceAccount: argo-events-sa-test
+additionalSaNamespaces:
+  - nsone
+  - nstwo
+instanceID: test-argo-events
+singleNamespace: false

charts/argo-events/templates/argo-events-cluster-roles.yaml

@@ -11,9 +11,10 @@ subjects:
     name: {{ .Values.serviceAccount }}
     namespace: {{ .Release.Namespace }}
   {{- if .Values.additionalSaNamespaces }}
+  {{ $sa := .Values.serviceAccount }}
   {{- range $namespace := .Values.additionalSaNamespaces }}
   - kind: ServiceAccount
-    name: {{ .Values.serviceAccount }}
+    name: {{ $sa }}
     namespace: {{ $namespace }}
   {{- end }}
   {{- end }}
@@ -51,6 +52,8 @@ rules:
     resources:
       - workflows
       - workflows/finalizers
+      - workflowtemplates
+      - workflowtemplates/finalizers
       - gateways
       - gateways/finalizers
       - sensors

charts/argo-events/templates/argo-events-sa.yaml

@@ -1,4 +1,4 @@
-# All argo-events services are bound to the "argo-events" service account. 
+# All argo-events services are bound to the "argo-events" service account.
 # In RBAC enabled setups, this SA is bound to specific roles.
 apiVersion: v1
 kind: ServiceAccount
@@ -6,12 +6,13 @@ metadata:
   name: {{ .Values.serviceAccount }}
   namespace: {{ .Release.Namespace }}
 {{- if .Values.additionalSaNamespaces }}
+{{ $sa := .Values.serviceAccount }}
 {{- range $namespace := .Values.additionalSaNamespaces }}
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ .Values.serviceAccount }}
+  name: {{ $sa }}
   namespace: {{ $namespace }}
 {{- end }}
-{{- end }}
+{{- end }}

charts/argo-events/values.yaml

@@ -26,11 +26,11 @@ singleNamespace: true
 sensorController:
   name: sensor-controller
   image: sensor-controller
-  tag: v0.10
+  tag: v0.11
   replicaCount: 1
 
 gatewayController:
   name: gateway-controller
   image: gateway-controller
-  tag: v0.10
+  tag: v0.11
   replicaCount: 1