Add resources for rollouts dashboard

Signed-off-by: Alan Tang <alantang888@users.noreply.github.com>

charts/argo-rollouts/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: "v1.0.2"
 description: A Helm chart for Argo Rollouts
 name: argo-rollouts
-version: 1.0.3
+version: 1.0.4
 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
 home: https://github.com/argoproj/argo-helm
 maintainers:
@@ -11,4 +11,4 @@ maintainers:
   - name: jessesuen
 annotations:
   artifacthub.io/changes: |
-    - "[Added]: Initialize Changelog"
+    - "[Added]: Argo Rollouts Dashboard"

charts/argo-rollouts/README.md

@@ -36,9 +36,9 @@ $ helm install my-release argo/argo-rollouts
 | controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use |
 | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) |
 | controller.resources | object | `{}` | Resource limits and requests for the controller pods. |
-| controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) |
+| controller.tolerations | list | `[]` | [Tolerations for use with node taints] |
-| controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) |
+| controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment] |
-| controller.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) |
+| controller.nodeSelector | object | `{}` | [Node selector] |
 | controller.metrics.enabled | bool | `false` | Deploy metrics service |
 | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
 | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor |
@@ -53,6 +53,22 @@ $ helm install my-release argo/argo-rollouts
 | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
 | podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level |
 | containerSecurityContext | object | `{}` | Security Context to set on container level |
+| dashboard.enable | bool | `false` | Enable dashboard |
+| dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` |
+| dashboard.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy |
+| dashboard.image.registry | string | `quay.io` | Registry to use |
+| dashboard.image.repository | string | `"argoproj/kubectl-argo-rollouts"` | Repository to use |
+| dashboard.image.tag | string | `"master"` | Image tag |
+| dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. |
+| dashboard.tolerations | list | `[]` | [Tolerations for use with node taints] |
+| dashboard.affinity | object | `{}` | [Assign custom affinity rules to the deployment] |
+| dashboard.nodeSelector | object | `{}` | [Node selector] |
+| dashboard.servicePort | int | `3100` | Port for service and ingress. Default use dashboard port 3100. If use sidecar proxy, can change to that port. |
+| dashboard.sidecarContainer | list | `[]` | List of sidecar container |
+| dashboard.ingress.enabled | bool | `false` | Enable ingress for dashboard |
+| dashboard.ingress.previousApi | bool | `false` | Use old apiVersion `extensions/v1beta1` for ingress. Only enable for K8S < 1.19 |
+| dashboard.ingress.host | string | `change.me` | FQDN for dashboard |
+| dashboard.ingress.annotation | object | `{}` | Annotation for dashboard's ingress. |
 
 ## Upgrading
 
@@ -68,3 +84,7 @@ $ helm install my-release argo/argo-rollouts
 * Breaking parameters update
   * `securityContext` was renamed to `containerSecurityContext`
   * Added `controller.image.registry`. Prior to this chart version you had to override the registry via `controller.image.repository`
+
+[Tolerations for use with node taints]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+[Assign custom affinity rules to the deployment]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/

charts/argo-rollouts/templates/_helpers.tpl

@@ -62,3 +62,11 @@ Create the name of the service account to use
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
+
+{{/*
+Dashboard selector labels
+*/}}
+{{- define "argo-rollouts-dashboard.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "argo-rollouts.name" . }}-dashboard
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}

charts/argo-rollouts/templates/argo-rollouts-dashboard-clusterrole.yaml

@@ -0,0 +1,49 @@
+{{- if and .Values.dashboard.enabled .Values.clusterInstall }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard
+  labels:
+    app.kubernetes.io/component: {{ .Values.dashboard.component }}
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - "apps"
+  resources:
+  - replicasets
+  verbs:
+  - get
+  - watch
+  - list
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+  - watch
+  - list
+- apiGroups:
+  - argoproj.io
+  resources:
+  - rollouts
+  - rollouts/scale
+  - rollouts/status
+  - experiments
+  - analysisruns
+  verbs:
+  - list
+  - watch
+  - get
+  - patch
+  - update
+- apiGroups:
+  - argoproj.io
+  resources:
+  - experiments
+  - analysisruns
+  verbs:
+  - list
+  - watch
+  - get
+{{- end }}

charts/argo-rollouts/templates/argo-rollouts-dashboard-clusterrolebinding.yaml

@@ -0,0 +1,17 @@
+{{- if and .Values.dashboard.enabled .Values.clusterInstall }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard
+  labels:
+    app.kubernetes.io/component: {{ .Values.dashboard.component }}
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard
+subjects:
+- kind: ServiceAccount
+  name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard
+  namespace: {{ .Release.Namespace }}
+{{- end }}

charts/argo-rollouts/templates/argo-rollouts-dashboard-deployment.yaml

@@ -0,0 +1,63 @@
+{{- if .Values.dashboard.enabled -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard
+  labels:
+    app.kubernetes.io/component: {{ .Values.dashboard.component }}
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "argo-rollouts-dashboard.selectorLabels" . | nindent 6 }}
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "argo-rollouts-dashboard.selectorLabels" . | nindent 8 }}
+        {{- range $key, $value := .Values.podLabels }}
+        {{ $key }}: {{ $value | quote }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard
+      containers:
+      - image: "{{ .Values.dashboard.image.registry }}/{{ .Values.dashboard.image.repository }}:{{ .Values.dashboard.image.tag }}"
+        imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }}
+        name: argo-rollouts-dashboard
+        command:
+        - kubectl-argo-rollouts
+        - dashboard
+        ports:
+        - containerPort: 3100
+          name: dashboard
+        securityContext:
+          {{- toYaml .Values.containerSecurityContext | nindent 10 }}
+        resources:
+          {{- toYaml .Values.dashboard.resources | nindent 10 }}
+      {{- with .Values.dashboard.sidecarContainer }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+      {{- if .Values.dashboard.nodeSelector }}
+      nodeSelector:
+        {{- toYaml .Values.dashboard.nodeSelector | nindent 8 }}
+      {{- end }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      {{- if .Values.dashboard.tolerations }}
+      tolerations:
+        {{- toYaml .Values.dashboard.tolerations | nindent 8 }}
+      {{- end }}
+      {{- if .Values.dashboard.affinity }}
+      affinity:
+        {{- toYaml .Values.dashboard.affinity | nindent 8 }}
+      {{- end }}
+{{- end }}

charts/argo-rollouts/templates/argo-rollouts-dashboard-ingress.yaml

@@ -0,0 +1,37 @@
+{{- if .Values.dashboard.ingress.enabled -}}
+{{- if not .Values.dashboard.ingress.previousApi -}}
+apiVersion: networking.k8s.io/v1
+{{- else }}
+apiVersion:  extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard
+  labels:
+    app.kubernetes.io/component: {{ .Values.dashboard.component }}
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
+  {{- with .Values.dashboard.ingress.annotation }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  tls:
+  - hosts:
+    - {{ .Values.dashboard.ingress.host }}
+    secretName: {{ .Values.dashboard.ingress.host | replace "." "-" }}-tls
+  rules:
+  - host: {{ .Values.dashboard.ingress.host }}
+    http:
+      paths:
+      - path: /
+        backend:
+          {{- if not .Values.dashboard.ingress.previousApi -}}
+          service:
+            name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard
+            port:
+              number: {{ .Values.dashboard.servicePort }}
+          {{- else }}
+          serviceName: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard
+          servicePort: {{ .Values.dashboard.servicePort }}
+          {{- end }}
+{{- end }}

charts/argo-rollouts/templates/argo-rollouts-dashboard-role.yaml

@@ -0,0 +1,40 @@
+{{- if and .Values.dashboard.enabled (not .Values.clusterInstall) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard
+  labels:
+    app.kubernetes.io/component: {{ .Values.dashboard.component }}
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - "apps"
+  resources:
+  - replicasets
+  verbs:
+  - get
+  - watch
+  - list
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+  - watch
+  - list
+- apiGroups:
+  - argoproj.io
+  resources:
+  - rollouts
+  - rollouts/scale
+  - rollouts/status
+  - experiments
+  - analysisruns
+  verbs:
+  - list
+  - watch
+  - get
+  - patch
+  - update
+{{- end }}

charts/argo-rollouts/templates/argo-rollouts-dashboard-rolebinding.yaml

@@ -0,0 +1,16 @@
+{{- if and .Values.dashboard.enabled (not .Values.clusterInstall) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard
+  labels:
+    app.kubernetes.io/component: {{ .Values.dashboard.component }}
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard
+subjects:
+- kind: ServiceAccount
+  name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard
+{{- end }}

charts/argo-rollouts/templates/argo-rollouts-dashboard-sa.yaml

@@ -0,0 +1,13 @@
+{{- if and .Values.dashboard.enabled .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "argo-rollouts.serviceAccountName" . | trunc 53 }}-dashboard
+  labels:
+    app.kubernetes.io/component: {{ .Values.dashboard.component }}
+    {{- include "argo-rollouts.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}

charts/argo-rollouts/templates/argo-rollouts-dashboard-svc.yaml

@@ -0,0 +1,12 @@
+{{- if .Values.dashboard.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "argo-rollouts.fullname" . | trunc 53}}-dashboard
+spec:
+  selector:
+    {{- include "argo-rollouts-dashboard.selectorLabels" . | nindent 4 }}
+  ports:
+  - port: {{ .Values.dashboard.servicePort }}
+  type: ClusterIP
+{{- end }}

charts/argo-rollouts/values.yaml

@@ -31,6 +31,27 @@ controller:
       additionalLabels: {}
       additionalAnnotations: {}
 
+dashboard:
+  enabled: false
+  component: rollouts-dashboard
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+  image:
+    registry: quay.io
+    repository: argoproj/kubectl-argo-rollouts
+    tag: master
+    pullPolicy: IfNotPresent
+  servicePort: 3100
+  resources: {}
+  # Additional sidecar container. Like proxy. (With ingrss-nginx can use `External OAUTH Authentication` instead of proxy sidecar)
+  sidecarContainer: []
+  ingress:
+    enabled: false
+    previousApi: false
+    host: change.me
+    annotation: {}
+
 serviceAccount:
   # Specifies whether a service account should be created
   create: true