diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6f904714..251d0bcc 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.3 +version: 1.0.4 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Added]: Argo Rollouts Dashboard" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 8916a86c..0cc2f732 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -36,9 +36,9 @@ $ helm install my-release argo/argo-rollouts | controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | -| controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | -| controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | -| controller.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | +| controller.tolerations | list | `[]` | [Tolerations for use with node taints] | +| controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment] | +| controller.nodeSelector | object | `{}` | [Node selector] | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | @@ -53,6 +53,22 @@ $ helm install my-release argo/argo-rollouts | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | | containerSecurityContext | object | `{}` | Security Context to set on container level | +| dashboard.enable | bool | `false` | Enable dashboard | +| dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` | +| dashboard.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| dashboard.image.registry | string | `quay.io` | Registry to use | +| dashboard.image.repository | string | `"argoproj/kubectl-argo-rollouts"` | Repository to use | +| dashboard.image.tag | string | `"master"` | Image tag | +| dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | +| dashboard.tolerations | list | `[]` | [Tolerations for use with node taints] | +| dashboard.affinity | object | `{}` | [Assign custom affinity rules to the deployment] | +| dashboard.nodeSelector | object | `{}` | [Node selector] | +| dashboard.servicePort | int | `3100` | Port for service and ingress. Default use dashboard port 3100. If use sidecar proxy, can change to that port. | +| dashboard.sidecarContainer | list | `[]` | List of sidecar container | +| dashboard.ingress.enabled | bool | `false` | Enable ingress for dashboard | +| dashboard.ingress.previousApi | bool | `false` | Use old apiVersion `extensions/v1beta1` for ingress. Only enable for K8S < 1.19 | +| dashboard.ingress.host | string | `change.me` | FQDN for dashboard | +| dashboard.ingress.annotation | object | `{}` | Annotation for dashboard's ingress. | ## Upgrading @@ -68,3 +84,7 @@ $ helm install my-release argo/argo-rollouts * Breaking parameters update * `securityContext` was renamed to `containerSecurityContext` * Added `controller.image.registry`. Prior to this chart version you had to override the registry via `controller.image.repository` + +[Tolerations for use with node taints]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[Assign custom affinity rules to the deployment]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 2e5153b5..3b7e22e6 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -62,3 +62,11 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Dashboard selector labels +*/}} +{{- define "argo-rollouts-dashboard.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argo-rollouts.name" . }}-dashboard +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-dashboard-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-dashboard-clusterrole.yaml new file mode 100644 index 00000000..e76d00b0 --- /dev/null +++ b/charts/argo-rollouts/templates/argo-rollouts-dashboard-clusterrole.yaml @@ -0,0 +1,49 @@ +{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +rules: +- apiGroups: + - "apps" + resources: + - replicasets + verbs: + - get + - watch + - list +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - list +- apiGroups: + - argoproj.io + resources: + - rollouts + - rollouts/scale + - rollouts/status + - experiments + - analysisruns + verbs: + - list + - watch + - get + - patch + - update +- apiGroups: + - argoproj.io + resources: + - experiments + - analysisruns + verbs: + - list + - watch + - get +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-dashboard-clusterrolebinding.yaml b/charts/argo-rollouts/templates/argo-rollouts-dashboard-clusterrolebinding.yaml new file mode 100644 index 00000000..c894c9a8 --- /dev/null +++ b/charts/argo-rollouts/templates/argo-rollouts-dashboard-clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard +subjects: +- kind: ServiceAccount + name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-dashboard-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-dashboard-deployment.yaml new file mode 100644 index 00000000..56bcd664 --- /dev/null +++ b/charts/argo-rollouts/templates/argo-rollouts-dashboard-deployment.yaml @@ -0,0 +1,63 @@ +{{- if .Values.dashboard.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "argo-rollouts-dashboard.selectorLabels" . | nindent 6 }} + strategy: + type: Recreate + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "argo-rollouts-dashboard.selectorLabels" . | nindent 8 }} + {{- range $key, $value := .Values.podLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard + containers: + - image: "{{ .Values.dashboard.image.registry }}/{{ .Values.dashboard.image.repository }}:{{ .Values.dashboard.image.tag }}" + imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }} + name: argo-rollouts-dashboard + command: + - kubectl-argo-rollouts + - dashboard + ports: + - containerPort: 3100 + name: dashboard + securityContext: + {{- toYaml .Values.containerSecurityContext | nindent 10 }} + resources: + {{- toYaml .Values.dashboard.resources | nindent 10 }} + {{- with .Values.dashboard.sidecarContainer }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- if .Values.dashboard.nodeSelector }} + nodeSelector: + {{- toYaml .Values.dashboard.nodeSelector | nindent 8 }} + {{- end }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.dashboard.tolerations }} + tolerations: + {{- toYaml .Values.dashboard.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.dashboard.affinity }} + affinity: + {{- toYaml .Values.dashboard.affinity | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-dashboard-ingress.yaml b/charts/argo-rollouts/templates/argo-rollouts-dashboard-ingress.yaml new file mode 100644 index 00000000..7c624074 --- /dev/null +++ b/charts/argo-rollouts/templates/argo-rollouts-dashboard-ingress.yaml @@ -0,0 +1,37 @@ +{{- if .Values.dashboard.ingress.enabled -}} +{{- if not .Values.dashboard.ingress.previousApi -}} +apiVersion: networking.k8s.io/v1 +{{- else }} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.dashboard.ingress.annotation }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + tls: + - hosts: + - {{ .Values.dashboard.ingress.host }} + secretName: {{ .Values.dashboard.ingress.host | replace "." "-" }}-tls + rules: + - host: {{ .Values.dashboard.ingress.host }} + http: + paths: + - path: / + backend: + {{- if not .Values.dashboard.ingress.previousApi -}} + service: + name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard + port: + number: {{ .Values.dashboard.servicePort }} + {{- else }} + serviceName: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard + servicePort: {{ .Values.dashboard.servicePort }} + {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-dashboard-role.yaml b/charts/argo-rollouts/templates/argo-rollouts-dashboard-role.yaml new file mode 100644 index 00000000..0d7cfccb --- /dev/null +++ b/charts/argo-rollouts/templates/argo-rollouts-dashboard-role.yaml @@ -0,0 +1,40 @@ +{{- if and .Values.dashboard.enabled (not .Values.clusterInstall) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +rules: +- apiGroups: + - "apps" + resources: + - replicasets + verbs: + - get + - watch + - list +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - list +- apiGroups: + - argoproj.io + resources: + - rollouts + - rollouts/scale + - rollouts/status + - experiments + - analysisruns + verbs: + - list + - watch + - get + - patch + - update +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-dashboard-rolebinding.yaml b/charts/argo-rollouts/templates/argo-rollouts-dashboard-rolebinding.yaml new file mode 100644 index 00000000..9d255e56 --- /dev/null +++ b/charts/argo-rollouts/templates/argo-rollouts-dashboard-rolebinding.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.dashboard.enabled (not .Values.clusterInstall) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard +subjects: +- kind: ServiceAccount + name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-dashboard-sa.yaml b/charts/argo-rollouts/templates/argo-rollouts-dashboard-sa.yaml new file mode 100644 index 00000000..4099ccfc --- /dev/null +++ b/charts/argo-rollouts/templates/argo-rollouts-dashboard-sa.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.dashboard.enabled .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-dashboard-svc.yaml b/charts/argo-rollouts/templates/argo-rollouts-dashboard-svc.yaml new file mode 100644 index 00000000..140e8189 --- /dev/null +++ b/charts/argo-rollouts/templates/argo-rollouts-dashboard-svc.yaml @@ -0,0 +1,12 @@ +{{- if .Values.dashboard.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard +spec: + selector: + {{- include "argo-rollouts-dashboard.selectorLabels" . | nindent 4 }} + ports: + - port: {{ .Values.dashboard.servicePort }} + type: ClusterIP +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e778377f..ac74f20a 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -31,6 +31,27 @@ controller: additionalLabels: {} additionalAnnotations: {} +dashboard: + enabled: false + component: rollouts-dashboard + nodeSelector: {} + tolerations: [] + affinity: {} + image: + registry: quay.io + repository: argoproj/kubectl-argo-rollouts + tag: master + pullPolicy: IfNotPresent + servicePort: 3100 + resources: {} + # Additional sidecar container. Like proxy. (With ingrss-nginx can use `External OAUTH Authentication` instead of proxy sidecar) + sidecarContainer: [] + ingress: + enabled: false + previousApi: false + host: change.me + annotation: {} + serviceAccount: # Specifies whether a service account should be created create: true