DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(argo-cd): Add ServiceAccount for redis (#828)

Browse source 
* Add ability to create ServiceAccount for redis

Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>

* Use correct default for ServiceAccounts in _helpers.tpl

Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>

* Bump version and update changelog

Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
This commit is contained in:
Marco Kilchhofer 2021-07-12 13:06:50 +02:00 committed by GitHub
parent 1416d5e082
commit 62699ffc82
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 42 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
charts/argo-cd/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
appVersion: 2.0.4 appVersion: 2.0.4
description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd name: argo-cd
version: 3.8.0 version: 3.8.1
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
keywords: keywords:
@ -21,4 +21,4 @@ dependencies:
condition: redis-ha.enabled condition: redis-ha.enabled
annotations: annotations:
artifacthub.io/changes: | artifacthub.io/changes: |
- "[Added]: Ability to override API versions" - "[Fixed]: Cannot create a service account for redis"

19
charts/argo-cd/templates/_helpers.tpl
View file

@ -71,7 +71,7 @@ Create the name of the controller service account to use
*/}} */}}
{{- define "argo-cd.controllerServiceAccountName" -}} {{- define "argo-cd.controllerServiceAccountName" -}}
{{- if .Values.controller.serviceAccount.create -}} {{- if .Values.controller.serviceAccount.create -}}
{{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }} {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
{{- else -}} {{- else -}}
{{ default "default" .Values.controller.serviceAccount.name }} {{ default "default" .Values.controller.serviceAccount.name }}
{{- end -}} {{- end -}}
@ -82,18 +82,29 @@ Create the name of the dex service account to use
*/}} */}}
{{- define "argo-cd.dexServiceAccountName" -}} {{- define "argo-cd.dexServiceAccountName" -}}
{{- if .Values.dex.serviceAccount.create -}} {{- if .Values.dex.serviceAccount.create -}}
{{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }} {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
{{- else -}} {{- else -}}
{{ default "default" .Values.dex.serviceAccount.name }} {{ default "default" .Values.dex.serviceAccount.name }}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{/*
Create the name of the redis service account to use
*/}}
{{- define "argo-cd.redisServiceAccountName" -}}
{{- if .Values.redis.serviceAccount.create -}}
{{ default (include "argo-cd.redis.fullname" .) .Values.redis.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.redis.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/* {{/*
Create the name of the ArgoCD server service account to use Create the name of the ArgoCD server service account to use
*/}} */}}
{{- define "argo-cd.serverServiceAccountName" -}} {{- define "argo-cd.serverServiceAccountName" -}}
{{- if .Values.server.serviceAccount.create -}} {{- if .Values.server.serviceAccount.create -}}
{{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }} {{ default (include "argo-cd.server.fullname" .) .Values.server.serviceAccount.name }}
{{- else -}} {{- else -}}
{{ default "default" .Values.server.serviceAccount.name }} {{ default "default" .Values.server.serviceAccount.name }}
{{- end -}} {{- end -}}
@ -104,7 +115,7 @@ Create the name of the repo-server service account to use
*/}} */}}
{{- define "argo-cd.repoServerServiceAccountName" -}} {{- define "argo-cd.repoServerServiceAccountName" -}}
{{- if .Values.repoServer.serviceAccount.create -}} {{- if .Values.repoServer.serviceAccount.create -}}
{{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }} {{ default (include "argo-cd.repoServer.fullname" .) .Values.repoServer.serviceAccount.name }}
{{- else -}} {{- else -}}
{{ default "default" .Values.repoServer.serviceAccount.name }} {{ default "default" .Values.repoServer.serviceAccount.name }}
{{- end -}} {{- end -}}

3
charts/argo-cd/templates/redis/deployment.yaml
View file

@ -30,7 +30,8 @@ spec:
imagePullSecrets: imagePullSecrets:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
automountServiceAccountToken: false automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }}
serviceAccountName: {{ template "argo-cd.redisServiceAccountName" . }}
{{- if .Values.redis.securityContext }} {{- if .Values.redis.securityContext }}
securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }} securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }}
{{- end }} {{- end }}

15
charts/argo-cd/templates/redis/serviceaccount.yaml Normal file
View file

@ -0,0 +1,15 @@
{{- if and .Values.redis.enabled .Values.redis.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }}
metadata:
name: {{ template "argo-cd.redisServiceAccountName" . }}
{{- if .Values.redis.serviceAccount.annotations }}
annotations:
{{- range $key, $value := .Values.redis.serviceAccount.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }}
{{- end }}

8
charts/argo-cd/values.yaml
View file

@ -365,6 +365,14 @@ redis:
fsGroup: 1000 fsGroup: 1000
runAsNonRoot: true runAsNonRoot: true
serviceAccount:
create: false
name: ""
## Annotations applied to created service account
annotations: {}
## Automount API credentials for the Service Account
automountServiceAccountToken: false
resources: {} resources: {}
# limits: # limits:
# cpu: 200m # cpu: 200m