From 3f0e079f78ee8f7d33b19acb4666058842e6c92b Mon Sep 17 00:00:00 2001 From: Sarah Henkens Date: Wed, 12 Aug 2020 17:14:17 -0700 Subject: [PATCH 01/30] fix: Add missing verbs for pods to cluster role to support rollout restarts (#422) --- charts/argo-rollouts/Chart.yaml | 2 +- .../argo-rollouts/templates/argo-rollouts-clusterrole.yaml | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 06d2e97b..c49674fa 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.8.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.2 +version: 0.3.3 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index 43526d58..f670104b 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -106,4 +106,11 @@ rules: - watch - get - update +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete {{- end }} From abadf9ad6346f7f1bfc20ace8df49646490a412c Mon Sep 17 00:00:00 2001 From: Jungyoul Yu Date: Fri, 14 Aug 2020 06:31:02 +0900 Subject: [PATCH 02/30] chore: argo-rollouts bump to 0.3.4 (v0.8.3) (#415) * argo-rollouts bump version 0.3.4 --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c49674fa..1d05de0b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "0.8.0" +appVersion: "0.8.3" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.3 +version: 0.3.4 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index fcb2d198..fda9bf7a 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -13,7 +13,7 @@ controller: affinity: {} image: repository: argoproj/argo-rollouts - tag: v0.8.0 + tag: v0.8.3 pullPolicy: IfNotPresent resources: {} From 85b1b83ad02d90bf03c3c66872c0f23cc2c4af61 Mon Sep 17 00:00:00 2001 From: Crystal Augustus Date: Sat, 15 Aug 2020 13:49:27 -0400 Subject: [PATCH 03/30] argocd-notifications: Add podAnnotations (#423) Co-authored-by: Andy Feller --- charts/argocd-notifications/Chart.yaml | 2 +- charts/argocd-notifications/templates/deployment.yaml | 6 ++++++ charts/argocd-notifications/values.yaml | 2 ++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index dff9b0ed..1b497590 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 0.7.0 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.0.9 +version: 1.0.10 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml index 30f88629..239c6eb7 100644 --- a/charts/argocd-notifications/templates/deployment.yaml +++ b/charts/argocd-notifications/templates/deployment.yaml @@ -12,6 +12,12 @@ spec: {{- include "argocd-notifications.selectorLabels" . | nindent 6 }} template: metadata: + {{- if .Values.podAnnotations }} + annotations: + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} labels: {{- include "argocd-notifications.selectorLabels" . | nindent 8 }} spec: diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index 4882d2fc..e9a97421 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -101,6 +101,8 @@ metrics: # interval: 30s # scrapeTimeout: 10s +podAnnotations: {} + resources: {} # limits: # cpu: 100m From f1a6fcc8af080ed1a824997ed6cfea3f40aeeaa5 Mon Sep 17 00:00:00 2001 From: jpbelanger-mtl Date: Wed, 26 Aug 2020 12:26:54 -0400 Subject: [PATCH 04/30] feat(argo-rollouts): Add configurable annotation to the metrics service (#421) Co-authored-by: Scott Cabrinha --- charts/argo-rollouts/Chart.yaml | 2 +- .../templates/argo-rollouts-metrics-service.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 8 ++++++-- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 1d05de0b..c12e756b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.8.3" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.4 +version: 0.3.5 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index cb673301..4301b7c8 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -6,6 +6,10 @@ metadata: app.kubernetes.io/component: server app.kubernetes.io/name: {{ .Release.Name }}-metrics app.kubernetes.io/part-of: {{ .Release.Name }} + annotations: + {{- range $key, $value := .Values.serviceAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: ports: - name: metrics diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index fda9bf7a..fbb2f68b 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -28,11 +28,15 @@ controller: serviceAccount: name: argo-rollouts -## Annotations to be added to the Redis server pods +## Annotations to be added to the Rollout pods ## podAnnotations: {} -## Labels to be added to the Redis server pods +## Annotations to be added to the Rollout service +## +serviceAnnotations: {} + +## Labels to be added to the Rollout pods ## podLabels: {} From 12c26701a54c8d7a898797f5acf46b0776fdc88c Mon Sep 17 00:00:00 2001 From: dherman Date: Thu, 27 Aug 2020 20:01:00 -0400 Subject: [PATCH 05/30] fix(argo): add missing rbac to support pdbs (#433) This adds support for the PodDisruptionBudget feature of Argo. Without this, PDBs will fail to be created/managed. Ref: https://github.com/argoproj/argo/blob/dae0f2df1ffcc8a2ff4f3dce1ea7da3f34587e2f/manifests/cluster-install/workflow-controller-rbac/workflow-controller-clusterrole.yaml#L84-L91 --- charts/argo/Chart.yaml | 2 +- .../argo/templates/workflow-controller-cluster-roles.yaml | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index de0c3833..112e2ae0 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.9.8 +version: 0.9.9 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-cluster-roles.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml index 1bee0b17..d5c3e74d 100644 --- a/charts/argo/templates/workflow-controller-cluster-roles.yaml +++ b/charts/argo/templates/workflow-controller-cluster-roles.yaml @@ -80,6 +80,14 @@ rules: verbs: - get - list +- apiGroups: + - "policy" + resources: + - poddisruptionbudgets + verbs: + - create + - get + - delete {{- if .Values.controller.persistence }} - apiGroups: - "" From bc14a12db5ec6c3836b570f1d99b629df0adc826 Mon Sep 17 00:00:00 2001 From: dherman Date: Thu, 27 Aug 2020 20:02:54 -0400 Subject: [PATCH 06/30] fix(argo): add missing cr privileges for `patch` (#399) In Argo 2.9+, the controller needs `patch` privileges on `events`. See https://github.com/argoproj/argo/commit/ff1627b71789c42f604c0f83a9a3328d7e6b8248 https://github.com/argoproj/argo/blob/65c2bd44e45c11e0a0b03adeef8d6800b72cd551/manifests/install.yaml#L253 Co-authored-by: Spencer Gilbert --- charts/argo/templates/workflow-controller-cluster-roles.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/argo/templates/workflow-controller-cluster-roles.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml index d5c3e74d..976d49f8 100644 --- a/charts/argo/templates/workflow-controller-cluster-roles.yaml +++ b/charts/argo/templates/workflow-controller-cluster-roles.yaml @@ -73,6 +73,7 @@ rules: - events verbs: - create + - patch - apiGroups: - "" resources: From 0a03ca0babb5231fd859821d8fbd813364e208e7 Mon Sep 17 00:00:00 2001 From: Richard Simpson Date: Fri, 28 Aug 2020 21:01:39 -0500 Subject: [PATCH 07/30] feat: add support for configuring bot port (#432) * feat: add support for configuring bot port Adds support for configuring the bot listening port for people who want it to listen on 443 (for example) * bump version * remove unnecessary protocol Co-authored-by: Andy Feller --- charts/argocd-notifications/Chart.yaml | 2 +- .../templates/bots/slack/deployment.yaml | 3 +++ .../argocd-notifications/templates/bots/slack/service.yaml | 6 +++--- charts/argocd-notifications/values.yaml | 1 + 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 1b497590..9d73681c 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 0.7.0 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.0.10 +version: 1.0.11 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/bots/slack/deployment.yaml b/charts/argocd-notifications/templates/bots/slack/deployment.yaml index 284d3c10..75883073 100644 --- a/charts/argocd-notifications/templates/bots/slack/deployment.yaml +++ b/charts/argocd-notifications/templates/bots/slack/deployment.yaml @@ -30,6 +30,9 @@ spec: command: - /app/argocd-notifications - bot + ports: + - containerPort: 8080 + name: http {{- with .Values.bots.slack.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argocd-notifications/templates/bots/slack/service.yaml b/charts/argocd-notifications/templates/bots/slack/service.yaml index 68881a36..c31ad935 100644 --- a/charts/argocd-notifications/templates/bots/slack/service.yaml +++ b/charts/argocd-notifications/templates/bots/slack/service.yaml @@ -9,10 +9,10 @@ metadata: {{- end }} spec: ports: - - name: server - port: 80 + - name: http + port: {{ .Values.bots.slack.service.port }} protocol: TCP - targetPort: 8080 + targetPort: http selector: {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 4 }} type: {{ .Values.bots.slack.service.type }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index e9a97421..93ce5390 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -211,6 +211,7 @@ bots: service: annotations: {} + port: 80 type: LoadBalancer serviceAccount: From f45bd52b0e51bb6fefdbbaaa43dca589cba7a377 Mon Sep 17 00:00:00 2001 From: Connor Hallett Date: Sat, 29 Aug 2020 16:37:57 -0400 Subject: [PATCH 08/30] feat(argo-cd): Add Support for syncWindows in additionalProjects (#398) * Add support for syncWindows in additionalProjects * Update values.yaml Add example of syncWindows * Update Chart.yaml Bump version Co-authored-by: Spencer Gilbert --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/projects.yaml | 4 ++++ charts/argo-cd/values.yaml | 7 +++++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b2142005..836988ca 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.6.2" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.6.0 +version: 2.6.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/projects.yaml b/charts/argo-cd/templates/argocd-server/projects.yaml index 3f768bf0..6b85889d 100644 --- a/charts/argo-cd/templates/argocd-server/projects.yaml +++ b/charts/argo-cd/templates/argocd-server/projects.yaml @@ -46,5 +46,9 @@ items: roles: {{- toYaml .roles | nindent 8 }} {{- end }} + {{- if .syncWindows }} + syncWindows: +{{- toYaml .syncWindows | nindent 8 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 21ef54a9..83741e83 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -604,6 +604,13 @@ server: # kind: StatefulSet # orphanedResources: {} # roles: [] + # syncWindows: + # - kind: allow + # schedule: '10 1 * * *' + # duration: 1h + # applications: + # - '*-prod' + # manualSync: true ## Enable Admin ClusterRole resources. ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. From bfb16d911b9973ba7927b9d57d6f600fef5580df Mon Sep 17 00:00:00 2001 From: Johnathan Falk Date: Sat, 29 Aug 2020 16:42:25 -0400 Subject: [PATCH 09/30] feat(argo-cd): Update CRD's to match upstream version. (#430) Signed-off-by: Johnathan Falk Co-authored-by: Spencer Gilbert --- charts/argo-cd/crds/crd-application.yaml | 681 ++++++++++------------- charts/argo-cd/crds/crd-project.yaml | 164 +++--- 2 files changed, 391 insertions(+), 454 deletions(-) diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index e51c04bb..b18d2058 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -23,14 +23,10 @@ spec: description: Application is a definition of Application resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -50,33 +46,50 @@ spec: type: object type: array initiatedBy: - description: OperationInitiator holds information about the operation - initiator + description: OperationInitiator holds information about the operation initiator properties: automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. + description: Automated is set to true if operation was initiated automatically by the application controller. type: boolean username: description: Name of a user who started operation. type: string type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object sync: description: SyncOperation contains sync operation details. properties: dryRun: - description: DryRun will perform a `kubectl apply --dry-run` without - actually performing the sync + description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync type: boolean manifests: - description: Manifests is an optional field that overrides sync - source with a local directory for development + description: Manifests is an optional field that overrides sync source with a local directory for development items: type: string type: array prune: - description: Prune deletes resources that are no longer tracked - in git + description: Prune deletes resources that are no longer tracked in git type: boolean resources: description: Resources describes which resources to sync @@ -89,19 +102,18 @@ spec: type: string name: type: string + namespace: + type: string required: - kind - name type: object type: array revision: - description: Revision is the revision in which to sync the application - to. If omitted, will use the revision specified in app spec. + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. type: string source: - description: Source overrides the source definition set in the application. - This is typically set in a Rollback operation and nil during a - Sync operation + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation properties: chart: description: Chart is a Helm chart name @@ -110,8 +122,7 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific - options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: description: ExtVars is a list of Jsonnet External Variables @@ -129,6 +140,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -153,11 +169,9 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm - template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to - a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter @@ -173,8 +187,7 @@ spec: description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -185,30 +198,25 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will use - the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined as - a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: description: KsonnetParameter is a ksonnet component parameter properties: @@ -238,12 +246,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -253,8 +259,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -274,13 +279,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch - in which to sync the application to. If omitted, will sync - to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -294,55 +296,42 @@ spec: description: SyncStrategy describes how to perform the sync properties: apply: - description: Apply wil perform a `kubectl apply` to perform - the sync. + description: Apply wil perform a `kubectl apply` to perform the sync. properties: force: - description: Force indicates whether or not to supply the - --force flag to `kubectl apply`. The --force flag deletes - and re-create the resource, when PATCH encounters conflict - and has retried for 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object hook: - description: Hook will submit any referenced resources to perform - the sync. This is the default strategy + description: Hook will submit any referenced resources to perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to supply the - --force flag to `kubectl apply`. The --force flag deletes - and re-create the resource, when PATCH encounters conflict - and has retried for 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object type: object type: object type: object spec: - description: ApplicationSpec represents desired application state. Contains - link to repository with application definition and additional parameters - link definition revision. + description: ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. properties: destination: - description: Destination overrides the kubernetes server and namespace - defined in the environment ksonnet app.yaml + description: Destination overrides the kubernetes server and namespace defined in the environment ksonnet app.yaml properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string namespace: - description: Namespace overrides the environment namespace value - in the ksonnet app.yaml + description: Namespace overrides the environment namespace value in the ksonnet app.yaml type: string server: - description: Server overrides the environment server value in the - ksonnet app.yaml + description: Server overrides the environment server value in the ksonnet app.yaml type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources fields which should - be ignored during comparison + description: IgnoreDifferences controls resources fields which should be ignored during comparison items: - description: ResourceIgnoreDifferences contains resource filter and - list of json paths which should be ignored during comparison with - live state. + description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. properties: group: type: string @@ -362,8 +351,7 @@ spec: type: object type: array info: - description: Infos contains a list of useful information (URLs, email - addresses, and plain text) that relates to the application + description: Infos contains a list of useful information (URLs, email addresses, and plain text) that relates to the application items: properties: name: @@ -376,20 +364,14 @@ spec: type: object type: array project: - description: Project is a application project name. Empty name means - that application belongs to 'default' project. + description: Project is a application project name. Empty name means that application belongs to 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept in the apps revision - history. This should only be changed in exceptional circumstances. - Setting to zero will store no history. This will reduce storage used. - Increasing will increase the space used to store the history, so we - do not recommend increasing it. Default is 10. + description: This limits this number of items kept in the apps revision history. This should only be changed in exceptional circumstances. Setting to zero will store no history. This will reduce storage used. Increasing will increase the space used to store the history, so we do not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location ksonnet application - definition + description: Source is a reference to the location ksonnet application definition properties: chart: description: Chart is a Helm chart name @@ -398,8 +380,7 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific - options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: description: ExtVars is a list of Jsonnet External Variables @@ -417,6 +398,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -441,11 +427,9 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm - template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to a helm - template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter @@ -461,8 +445,7 @@ spec: description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to tell Helm - to interpret booleans and numbers as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -473,12 +456,10 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will use the - application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to use - when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array @@ -490,12 +471,10 @@ spec: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component parameter - override values + description: Parameters are a list of ksonnet component parameter override values items: description: KsonnetParameter is a ksonnet component parameter properties: @@ -525,12 +504,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for - kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for - kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -540,8 +517,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management plugin - specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -564,8 +540,7 @@ spec: description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch in - which to sync the application to. If omitted, will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -574,17 +549,37 @@ spec: description: SyncPolicy controls when a sync will be performed properties: automated: - description: Automated will keep an application synced to the target - revision + description: Automated will keep an application synced to the target revision properties: prune: - description: 'Prune will prune resources automatically as part - of automated sync (default: false)' + description: 'Prune will prune resources automatically as part of automated sync (default: false)' type: boolean selfHeal: description: 'SelfHeal enables auto-syncing if (default: false)' type: boolean type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object syncOptions: description: Options allow you to specify whole app sync-options items: @@ -597,22 +592,18 @@ spec: - source type: object status: - description: ApplicationStatus contains information about application sync, - health status + description: ApplicationStatus contains information about application sync, health status properties: conditions: items: - description: ApplicationCondition contains details about current application - condition + description: ApplicationCondition contains details about current application condition properties: lastTransitionTime: - description: LastTransitionTime is the time the condition was - first observed. + description: LastTransitionTime is the time the condition was first observed. format: date-time type: string message: - description: Message contains human-readable message indicating - details about condition + description: Message contains human-readable message indicating details about condition type: string type: description: Type is an application condition type @@ -631,23 +622,27 @@ spec: type: string type: object history: - description: RevisionHistories is a array of history, oldest first and - newest last + description: RevisionHistories is a array of history, oldest first and newest last items: - description: RevisionHistory contains information relevant to an application - deployment + description: RevisionHistory contains information relevant to an application deployment properties: + deployStartedAt: + description: DeployStartedAt holds the time the deployment started + format: date-time + type: string deployedAt: + description: DeployedAt holds the time the deployment completed format: date-time type: string id: + description: ID is an auto incrementing identifier of the RevisionHistory format: int64 type: integer revision: + description: Revision holds the revision of the sync type: string source: - description: ApplicationSource contains information about github - repository, path within repository and target application environment. + description: ApplicationSource contains information about github repository, path within repository and target application environment. properties: chart: description: Chart is a Helm chart name @@ -656,12 +651,10 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific - options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -676,6 +669,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -700,30 +698,25 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the - helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to - a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the helm - parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -734,33 +727,27 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will - use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -788,12 +775,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -803,8 +788,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -824,13 +808,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch - in which to sync the application to. If omitted, will sync - to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -842,21 +823,18 @@ spec: type: object type: array observedAt: - description: ObservedAt indicates when the application state was updated - without querying latest git state + description: ObservedAt indicates when the application state was updated without querying latest git state format: date-time type: string operationState: - description: OperationState contains information about state of currently - performing operation on application. + description: OperationState contains information about state of currently performing operation on application. properties: finishedAt: description: FinishedAt contains time of operation completion format: date-time type: string message: - description: Message hold any pertinent messages when attempting - to perform operation (typically errors). + description: Message hold any pertinent messages when attempting to perform operation (typically errors). type: string operation: description: Operation is the original requested operation @@ -874,39 +852,55 @@ spec: type: object type: array initiatedBy: - description: OperationInitiator holds information about the - operation initiator + description: OperationInitiator holds information about the operation initiator properties: automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. + description: Automated is set to true if operation was initiated automatically by the application controller. type: boolean username: description: Name of a user who started operation. type: string type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object sync: description: SyncOperation contains sync operation details. properties: dryRun: - description: DryRun will perform a `kubectl apply --dry-run` - without actually performing the sync + description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync type: boolean manifests: - description: Manifests is an optional field that overrides - sync source with a local directory for development + description: Manifests is an optional field that overrides sync source with a local directory for development items: type: string type: array prune: - description: Prune deletes resources that are no longer - tracked in git + description: Prune deletes resources that are no longer tracked in git type: boolean resources: description: Resources describes which resources to sync items: - description: SyncOperationResource contains resources - to sync. + description: SyncOperationResource contains resources to sync. properties: group: type: string @@ -914,35 +908,30 @@ spec: type: string name: type: string + namespace: + type: string required: - kind - name type: object type: array revision: - description: Revision is the revision in which to sync the - application to. If omitted, will use the revision specified - in app spec. + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. type: string source: - description: Source overrides the source definition set - in the application. This is typically set in a Rollback - operation and nil during a Sync operation + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation properties: chart: description: Chart is a Helm chart name type: string directory: - description: Directory holds path/directory specific - options + description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -957,9 +946,13 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments + description: TLAS is a list of Jsonnet Top-level Arguments items: description: JsonnetVar is a jsonnet variable properties: @@ -982,72 +975,56 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters - to the helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter - to a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: - description: Name is the name of the helm - parameter + description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the - helm parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm - template + description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a - helm template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: - description: Name is the name of the helm - parameter + description: Name is the name of the helm parameter type: string value: - description: Value is the value for the helm - parameter + description: Value is the value for the helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it - will use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application - environment name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -1067,8 +1044,7 @@ spec: commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels adds additional kustomize commonLabels type: object images: description: Images are kustomize image overrides @@ -1076,25 +1052,20 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to - resources for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to - resources for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: - description: Version contains optional Kustomize - version + description: Version contains optional Kustomize version type: string type: object path: - description: Path is a directory path within the Git - repository + description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -1114,20 +1085,16 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, - or branch in which to sync the application to. If - omitted, will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL type: object syncOptions: - description: SyncOptions provide per-sync sync-options, - e.g. Validate=false + description: SyncOptions provide per-sync sync-options, e.g. Validate=false items: type: string type: array @@ -1135,27 +1102,17 @@ spec: description: SyncStrategy describes how to perform the sync properties: apply: - description: Apply wil perform a `kubectl apply` to - perform the sync. + description: Apply wil perform a `kubectl apply` to perform the sync. properties: force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force - flag deletes and re-create the resource, when - PATCH encounters conflict and has retried for - 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object hook: - description: Hook will submit any referenced resources - to perform the sync. This is the default strategy + description: Hook will submit any referenced resources to perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force - flag deletes and re-create the resource, when - PATCH encounters conflict and has retried for - 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object type: object @@ -1164,6 +1121,10 @@ spec: phase: description: Phase is the current phase of the operation type: string + retryCount: + description: RetryCount contains time of operation retries + format: int64 + type: integer startedAt: description: StartedAt contains time of operation start format: date-time @@ -1172,22 +1133,17 @@ spec: description: SyncResult is the result of a Sync operation properties: resources: - description: Resources holds the sync result of each individual - resource + description: Resources holds the sync result of each individual resource items: - description: ResourceResult holds the operation result details - of a specific resource + description: ResourceResult holds the operation result details of a specific resource properties: group: type: string hookPhase: - description: 'the state of any operation associated with - this resource OR hook note: can contain values for non-hook - resources' + description: 'the state of any operation associated with this resource OR hook note: can contain values for non-hook resources' type: string hookType: - description: the type of the hook, empty for non-hook - resources + description: the type of the hook, empty for non-hook resources type: string kind: type: string @@ -1199,13 +1155,10 @@ spec: namespace: type: string status: - description: the final result of the sync, this is be - empty if the resources is yet to be applied/pruned and - is always zero-value for hooks + description: the final result of the sync, this is be empty if the resources is yet to be applied/pruned and is always zero-value for hooks type: string syncPhase: - description: indicates the particular phase of the sync - that this is for + description: indicates the particular phase of the sync that this is for type: string version: type: string @@ -1221,8 +1174,7 @@ spec: description: Revision holds the revision of the sync type: string source: - description: Source records the application source information - of the sync, used for comparing auto-sync + description: Source records the application source information of the sync, used for comparing auto-sync properties: chart: description: Chart is a Helm chart name @@ -1231,12 +1183,10 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -1251,9 +1201,13 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments + description: TLAS is a list of Jsonnet Top-level Arguments items: description: JsonnetVar is a jsonnet variable properties: @@ -1276,31 +1230,25 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the - helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter - to a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the helm - parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -1311,33 +1259,27 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will - use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -1357,8 +1299,7 @@ spec: commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels adds additional kustomize commonLabels type: object images: description: Images are kustomize image overrides @@ -1366,12 +1307,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -1381,8 +1320,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -1402,13 +1340,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or - branch in which to sync the application to. If omitted, - will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -1422,14 +1357,12 @@ spec: - startedAt type: object reconciledAt: - description: ReconciledAt indicates when the application state was reconciled - using the latest git version + description: ReconciledAt indicates when the application state was reconciled using the latest git version format: date-time type: string resources: items: - description: ResourceStatus holds the current sync and health status - of a resource + description: ResourceStatus holds the current sync and health status of a resource properties: group: type: string @@ -1452,8 +1385,7 @@ spec: requiresPruning: type: boolean status: - description: SyncStatusCode is a type which represents possible - comparison results + description: SyncStatusCode is a type which represents possible comparison results type: string version: type: string @@ -1464,8 +1396,7 @@ spec: summary: properties: externalURLs: - description: ExternalURLs holds all external URLs of application - child resources. + description: ExternalURLs holds all external URLs of application child resources. items: type: string type: array @@ -1476,30 +1407,26 @@ spec: type: array type: object sync: - description: SyncStatus is a comparison result of application spec and - deployed application. + description: SyncStatus is a comparison result of application spec and deployed application. properties: comparedTo: - description: ComparedTo contains application source and target which - was used for resources comparison + description: ComparedTo contains application source and target which was used for resources comparison properties: destination: - description: ApplicationDestination contains deployment destination - information + description: ApplicationDestination contains deployment destination information properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string namespace: - description: Namespace overrides the environment namespace - value in the ksonnet app.yaml + description: Namespace overrides the environment namespace value in the ksonnet app.yaml type: string server: - description: Server overrides the environment server value - in the ksonnet app.yaml + description: Server overrides the environment server value in the ksonnet app.yaml type: string type: object source: - description: ApplicationSource contains information about github - repository, path within repository and target application - environment. + description: ApplicationSource contains information about github repository, path within repository and target application environment. properties: chart: description: Chart is a Helm chart name @@ -1508,12 +1435,10 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -1528,9 +1453,13 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments + description: TLAS is a list of Jsonnet Top-level Arguments items: description: JsonnetVar is a jsonnet variable properties: @@ -1553,31 +1482,25 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the - helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter - to a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the helm - parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -1588,33 +1511,27 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will - use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -1634,8 +1551,7 @@ spec: commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels adds additional kustomize commonLabels type: object images: description: Images are kustomize image overrides @@ -1643,12 +1559,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -1658,8 +1572,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -1679,13 +1592,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or - branch in which to sync the application to. If omitted, - will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -1697,8 +1607,7 @@ spec: revision: type: string status: - description: SyncStatusCode is a type which represents possible - comparison results + description: SyncStatusCode is a type which represents possible comparison results type: string required: - status @@ -1712,4 +1621,4 @@ spec: versions: - name: v1alpha1 served: true - storage: true + storage: true \ No newline at end of file diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 386dcb83..5ac16fa2 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -20,34 +20,37 @@ spec: scope: Namespaced validation: openAPIV3Schema: - description: 'AppProject provides a logical grouping of applications, providing - controls for: * where the apps may deploy to (cluster whitelist) * what may - be deployed (repository whitelist, resource whitelist/blacklist) * who can - access these applications (roles, OIDC group claims bindings) * and what they - can do (RBAC policies) * automation access to these roles (JWT tokens)' + description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)' properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: AppProjectSpec is the specification of an AppProject properties: - clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted cluster - level resources + clusterResourceBlacklist: + description: ClusterResourceBlacklist contains list of blacklisted cluster level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + clusterResourceWhitelist: + description: ClusterResourceWhitelist contains list of whitelisted cluster level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types properties: group: type: string @@ -62,29 +65,25 @@ spec: description: Description contains optional project description type: string destinations: - description: Destinations contains list of destinations available for - deployment + description: Destinations contains list of destinations available for deployment items: - description: ApplicationDestination contains deployment destination - information + description: ApplicationDestination contains deployment destination information properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string namespace: - description: Namespace overrides the environment namespace value - in the ksonnet app.yaml + description: Namespace overrides the environment namespace value in the ksonnet app.yaml type: string server: - description: Server overrides the environment server value in - the ksonnet app.yaml + description: Server overrides the environment server value in the ksonnet app.yaml type: string type: object type: array namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted - namespace level resources + description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types properties: group: type: string @@ -96,12 +95,9 @@ spec: type: object type: array namespaceResourceWhitelist: - description: NamespaceResourceWhitelist contains list of whitelisted - namespace level resources + description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types properties: group: type: string @@ -113,17 +109,25 @@ spec: type: object type: array orphanedResources: - description: OrphanedResources specifies if controller should monitor - orphaned resources of apps in this project + description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project properties: + ignore: + items: + properties: + group: + type: string + kind: + type: string + name: + type: string + type: object + type: array warn: - description: Warn indicates if warning condition should be created - for apps which have orphaned resources + description: Warn indicates if warning condition should be created for apps which have orphaned resources type: boolean type: object roles: - description: Roles are user defined RBAC roles associated with this - project + description: Roles are user defined RBAC roles associated with this project items: description: ProjectRole represents a role that has access to a project properties: @@ -131,17 +135,14 @@ spec: description: Description is a description of the role type: string groups: - description: Groups are a list of OIDC group claims bound to this - role + description: Groups are a list of OIDC group claims bound to this role items: type: string type: array jwtTokens: - description: JWTTokens are a list of generated JWT tokens bound - to this role + description: JWTTokens are a list of generated JWT tokens bound to this role items: - description: JWTToken holds the issuedAt and expiresAt values - of a token + description: JWTToken holds the issuedAt and expiresAt values of a token properties: exp: format: int64 @@ -159,8 +160,7 @@ spec: description: Name is a name for this role type: string policies: - description: Policies Stores a list of casbin formated strings - that define access policies for the role in the project + description: Policies Stores a list of casbin formated strings that define access policies for the role in the project items: type: string type: array @@ -168,55 +168,83 @@ spec: - name type: object type: array + signatureKeys: + description: List of PGP key IDs that commits to be synced to must be signed with + items: + description: SignatureKey is the specification of a key required to verify commit signatures with + properties: + keyID: + description: The ID of the key in hexadecimal notation + type: string + required: + - keyID + type: object + type: array sourceRepos: - description: SourceRepos contains list of repository URLs which can - be used for deployment + description: SourceRepos contains list of repository URLs which can be used for deployment items: type: string type: array syncWindows: - description: SyncWindows controls when syncs can be run for apps in - this project + description: SyncWindows controls when syncs can be run for apps in this project items: - description: SyncWindow contains the kind, time, duration and attributes - that are used to assign the syncWindows to apps + description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps properties: applications: - description: Applications contains a list of applications that - the window will apply to + description: Applications contains a list of applications that the window will apply to items: type: string type: array clusters: - description: Clusters contains a list of clusters that the window - will apply to + description: Clusters contains a list of clusters that the window will apply to items: type: string type: array duration: - description: Duration is the amount of time the sync window will - be open + description: Duration is the amount of time the sync window will be open type: string kind: description: Kind defines if the window allows or blocks syncs type: string manualSync: - description: ManualSync enables manual syncs when they would otherwise - be blocked + description: ManualSync enables manual syncs when they would otherwise be blocked type: boolean namespaces: - description: Namespaces contains a list of namespaces that the - window will apply to + description: Namespaces contains a list of namespaces that the window will apply to items: type: string type: array schedule: - description: Schedule is the time the window will begin, specified - in cron format + description: Schedule is the time the window will begin, specified in cron format type: string type: object type: array type: object + status: + description: AppProjectStatus contains information about appproj + properties: + jwtTokensByRole: + additionalProperties: + properties: + items: + items: + description: JWTToken holds the issuedAt and expiresAt values of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + type: object + type: object + type: object required: - metadata - spec @@ -225,4 +253,4 @@ spec: versions: - name: v1alpha1 served: true - storage: true + storage: true \ No newline at end of file From e1e2dd963171a022802a7f336bf1491e24d21822 Mon Sep 17 00:00:00 2001 From: Michael Barrientos Date: Sat, 29 Aug 2020 14:19:51 -0700 Subject: [PATCH 10/30] feat: Argo CD allow custom paths for ingress (#424) Similar to #317, this allows us to add extra paths to Argo CD. This adds compatibility with the ALB Ingress Controller when using EKS to be able to add the additional listener rule to perform a HTTP->HTTPS redirect on port 80. --- charts/argo-cd/Chart.yaml | 2 +- .../templates/argocd-server/ingress-grpc.yaml | 2 ++ charts/argo-cd/templates/argocd-server/ingress.yaml | 3 +++ charts/argo-cd/values.yaml | 12 ++++++++++++ 4 files changed, 18 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 836988ca..36849a20 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.6.2" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.6.1 +version: 2.6.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 42538d61..8ce8b8fc 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -33,6 +33,7 @@ spec: - host: {{ $host }} http: paths: + {{- toYaml .Values.server.ingressGrpc.extraPaths | nindent 10 }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -43,6 +44,7 @@ spec: {{- else }} - http: paths: + {{- toYaml .Values.server.ingressGrpc.extraPaths | nindent 10 }} {{- range $p := $paths }} - path: {{ $p }} backend: diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 056776a4..468de536 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -2,6 +2,7 @@ {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} +{{- $extraPaths := .Values.server.ingress.extraPaths -}} {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} apiVersion: networking.k8s.io/v1beta1 {{ else }} @@ -33,6 +34,7 @@ spec: - host: {{ $host }} http: paths: + {{- toYaml $extraPaths | nindent 10 }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -43,6 +45,7 @@ spec: {{- else }} - http: paths: + {{- toYaml $extraPaths | nindent 10 }} {{- range $p := $paths }} - path: {{ $p }} backend: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 83741e83..5a8abb51 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -454,6 +454,12 @@ server: # - argocd.example.com paths: - / + extraPaths: + [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation tls: [] # - secretName: argocd-example-tls @@ -476,6 +482,12 @@ server: # - argocd.example.com paths: - / + extraPaths: + [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation tls: [] # - secretName: argocd-example-tls From ffc9220f04e27a332d7db6df938d297978e008d3 Mon Sep 17 00:00:00 2001 From: Tim Hobbs Date: Sun, 30 Aug 2020 19:10:09 +0200 Subject: [PATCH 11/30] feat: imagePullSecrets for servers and controllers (#361) --- .gitignore | 1 + charts/argo-ci/Chart.yaml | 2 +- charts/argo-ci/templates/ci-deployment.yaml | 4 ++++ charts/argo-ci/values.yaml | 3 +++ charts/argo-events/Chart.yaml | 2 +- .../argo-events/templates/eventbus-controller-deployment.yaml | 4 ++++ charts/argo-events/templates/eventbus-crd.yaml | 3 +++ .../templates/eventsource-controller-deployment.yaml | 4 ++++ charts/argo-events/templates/eventsource-crd.yaml | 3 +++ .../argo-events/templates/sensor-controller-deployment.yaml | 4 ++++ charts/argo-events/templates/sensor-crd.yaml | 3 +++ charts/argo-events/values.yaml | 4 ++++ charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-rollouts/values.yaml | 2 ++ charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-deployment.yaml | 4 ++++ charts/argo/templates/workflow-controller-deployment.yaml | 4 ++++ charts/argo/values.yaml | 3 +++ 18 files changed, 50 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 2529e3b1..2786867c 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ output .DS_Store .idea **/*.tgz +**/charts/*/charts diff --git a/charts/argo-ci/Chart.yaml b/charts/argo-ci/Chart.yaml index 337de899..b658915d 100644 --- a/charts/argo-ci/Chart.yaml +++ b/charts/argo-ci/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart for Argo-CI name: argo-ci -version: 0.1.6 +version: 0.1.7 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png appVersion: v1.0.0-alpha2 home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-ci/templates/ci-deployment.yaml b/charts/argo-ci/templates/ci-deployment.yaml index 1995f29c..bf2e4121 100644 --- a/charts/argo-ci/templates/ci-deployment.yaml +++ b/charts/argo-ci/templates/ci-deployment.yaml @@ -33,3 +33,7 @@ spec: ports: - containerPort: 8001 - containerPort: 8002 + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-ci/values.yaml b/charts/argo-ci/values.yaml index cccff91b..86dadf98 100644 --- a/charts/argo-ci/values.yaml +++ b/charts/argo-ci/values.yaml @@ -2,6 +2,9 @@ imageNamespace: argoproj ciImage: argoci imageTag: v1.0.0-alpha2 imagePullPolicy: Always +# Secrets with credentials to pull images from a private registry +imagePullSecrets: [] +# - name: argo-pull-secret workflowNamespace: default argo: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f63ec1a8..9da7eea6 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.17.0 +version: 0.17.1 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index 8d0ec2b3..dc698b1b 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -37,3 +37,7 @@ spec: value: {{ .Values.eventbusController.natsStreamingImage }} - name: NATS_METRICS_EXPORTER_IMAGE value: {{ .Values.eventbusController.natsMetricsExporterImage }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/eventbus-crd.yaml b/charts/argo-events/templates/eventbus-crd.yaml index dfc7b2cb..175e2e60 100644 --- a/charts/argo-events/templates/eventbus-crd.yaml +++ b/charts/argo-events/templates/eventbus-crd.yaml @@ -3,6 +3,9 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: eventbus.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation spec: group: argoproj.io names: diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 3b050eda..99947ade 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -35,3 +35,7 @@ spec: fieldPath: metadata.namespace - name: EVENTSOURCE_IMAGE value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag }}" + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/eventsource-crd.yaml b/charts/argo-events/templates/eventsource-crd.yaml index c174ae56..e791608b 100644 --- a/charts/argo-events/templates/eventsource-crd.yaml +++ b/charts/argo-events/templates/eventsource-crd.yaml @@ -3,6 +3,9 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: eventsources.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation spec: group: argoproj.io scope: Namespaced diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 24986d82..425fd66b 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -35,3 +35,7 @@ spec: fieldPath: metadata.namespace - name: SENSOR_IMAGE value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag }}" + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/sensor-crd.yaml b/charts/argo-events/templates/sensor-crd.yaml index 12e19e0f..cf3793c4 100644 --- a/charts/argo-events/templates/sensor-crd.yaml +++ b/charts/argo-events/templates/sensor-crd.yaml @@ -4,6 +4,9 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sensors.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation spec: group: argoproj.io names: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 59fa2209..d963d9db 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -4,6 +4,10 @@ registry: argoproj # The image pull policy imagePullPolicy: Always +# Secrets with credentials to pull images from a private registry +imagePullSecrets: [] +# - name: argo-pull-secret + # If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation. installCRD: true diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c12e756b..418dd589 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.8.3" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.5 +version: 0.3.6 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index fbb2f68b..9e2011d2 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -40,4 +40,6 @@ serviceAnnotations: {} ## podLabels: {} +# Secrets with credentials to pull images from a private registry imagePullSecrets: [] +# - name: argo-pull-secret diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 112e2ae0..75980b73 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.9.9 +version: 0.9.10 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index 52acbc79..2593d07f 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -67,6 +67,10 @@ spec: volumeMounts: {{- toYaml . | nindent 12}} {{- end }} + {{- with .Values.images.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.server.volumes }} volumes: {{- toYaml . | nindent 8}} diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml index 852bad52..752183ea 100644 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ b/charts/argo/templates/workflow-controller-deployment.yaml @@ -63,6 +63,10 @@ spec: ports: - containerPort: 8080 {{- end }} + {{- with .Values.images.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 0dc5dd47..9662ea50 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -4,6 +4,9 @@ images: server: argocli executor: argoexec pullPolicy: Always + # Secrets with credentials to pull images from a private registry + pullSecrets: [] + # - name: argo-pull-secret tag: v2.7.6 crdVersion: v1alpha1 From b9af202660993e69ceba62dda51e943c1e6accb1 Mon Sep 17 00:00:00 2001 From: Ertugrul Karademir Date: Tue, 1 Sep 2020 23:41:22 +0100 Subject: [PATCH 12/30] fix: Helm giving linting error when no ingress or ingressGrpc extraPaths are given (#435) * Added conditionals for ingress extraPaths * Added conditionals for ingressGrpc extraPaths * Version bump --- charts/argo-cd/Chart.yaml | 2 +- .../argo-cd/templates/argocd-server/ingress-grpc.yaml | 11 ++++++++--- charts/argo-cd/templates/argocd-server/ingress.yaml | 6 +++++- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 36849a20..6414551e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.6.2" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.6.2 +version: 2.6.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 8ce8b8fc..d2894273 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -2,6 +2,7 @@ {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} +{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} apiVersion: networking.k8s.io/v1beta1 {{ else }} @@ -33,7 +34,9 @@ spec: - host: {{ $host }} http: paths: - {{- toYaml .Values.server.ingressGrpc.extraPaths | nindent 10 }} + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end -}} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -44,7 +47,9 @@ spec: {{- else }} - http: paths: - {{- toYaml .Values.server.ingressGrpc.extraPaths | nindent 10 }} + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end -}} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -56,4 +61,4 @@ spec: tls: {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 468de536..4be764a3 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -34,7 +34,9 @@ spec: - host: {{ $host }} http: paths: + {{- if $extraPaths }} {{- toYaml $extraPaths | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -45,7 +47,9 @@ spec: {{- else }} - http: paths: + {{- if $extraPaths }} {{- toYaml $extraPaths | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -57,4 +61,4 @@ spec: tls: {{- toYaml .Values.server.ingress.tls | nindent 4 }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} From 196ab4f281bb11b4b854a7d1f60d152e1bd0733a Mon Sep 17 00:00:00 2001 From: Markus Lippert Date: Wed, 2 Sep 2020 18:04:05 +0200 Subject: [PATCH 13/30] feat(argo): Add linux node selectors by default (#403) --- charts/argo/Chart.yaml | 2 +- charts/argo/values.yaml | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 75980b73..39a1bbfd 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.9.10 +version: 0.10.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 9662ea50..8358572f 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -108,7 +108,8 @@ controller: ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux tolerations: [] affinity: {} @@ -160,7 +161,8 @@ server: ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux tolerations: [] affinity: {} From d32e27edc852c868a93cb158c375b720905ddc8f Mon Sep 17 00:00:00 2001 From: Chris Date: Wed, 2 Sep 2020 18:09:17 +0200 Subject: [PATCH 14/30] feat: allow for configuring security context of all components (#410) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-deployment.yaml | 4 ++++ charts/argo/templates/workflow-controller-config-map.yaml | 5 ++++- charts/argo/templates/workflow-controller-deployment.yaml | 4 ++++ charts/argo/values.yaml | 6 ++++++ 5 files changed, 19 insertions(+), 2 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 39a1bbfd..2a845430 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.10.0 +version: 0.10.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index 2593d07f..0d5c8af5 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -26,6 +26,10 @@ spec: {{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }} spec: serviceAccountName: {{ .Values.server.serviceAccount | quote }} + {{- if .Values.server.podSecurityContext }} + securityContext: + {{- toYaml .Values.server.podSecurityContext | nindent 8 }} + {{- end }} containers: - name: argo-server args: diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 5dde9ff3..54ba076e 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -16,7 +16,7 @@ data: {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} - {{- if or .Values.executor.resources .Values.executor.env }} + {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: {{- with .Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} @@ -24,6 +24,9 @@ data: {{- with .Values.executor.env }} env: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.executor.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} artifactRepository: diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml index 752183ea..ca80c816 100644 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ b/charts/argo/templates/workflow-controller-deployment.yaml @@ -26,6 +26,10 @@ spec: {{ toYaml .Values.controller.podAnnotations | indent 8}}{{- end }} spec: serviceAccountName: {{ .Values.controller.serviceAccount | quote }} + {{- if .Values.controller.podSecurityContext }} + securityContext: + {{- toYaml .Values.controller.podSecurityContext | nindent 8 }} + {{- end }} containers: - name: controller image: "{{ .Values.images.namespace }}/{{ .Values.images.controller }}:{{ default .Values.images.tag .Values.controller.image.tag }}" diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 8358572f..731b68ca 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -31,6 +31,8 @@ controller: podAnnotations: {} # Optional labels to add to the controller pods podLabels: {} + # SecurityContext to set on the controller pods + podSecurityContext: {} # podPortName: http metricsConfig: enabled: false @@ -121,6 +123,8 @@ executor: resources: {} # Adds environment variables for the executor. env: {} + # sets security context for the executor container + securityContext: {} server: enabled: true @@ -135,6 +139,8 @@ server: podAnnotations: {} # Optional labels to add to the UI pods podLabels: {} + # SecurityContext to set on the server pods + podSecurityContext: {} name: server serviceType: ClusterIP servicePort: 2746 From 4ba9e5228ab0887755a8df487006a9a6d8d37ee7 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 4 Sep 2020 23:23:16 +0100 Subject: [PATCH 15/30] feat: Support GCS artifactRepository (#428) --- charts/argo/Chart.yaml | 2 +- .../templates/workflow-controller-config-map.yaml | 5 +++++ charts/argo/values.yaml | 15 +++++++++++++++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 2a845430..7ec638e1 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.10.1 +version: 0.10.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 54ba076e..9563ac12 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -33,6 +33,10 @@ data: {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} {{- end }} + {{- if .Values.artifactRepository.gcs }} + gcs: +{{ toYaml .Values.artifactRepository.gcs | indent 8}} + {{- else }} s3: {{- if .Values.useStaticCredentials }} accessKeySecret: @@ -57,6 +61,7 @@ data: {{- if .Values.artifactRepository.s3.useSDKCreds }} useSDKCreds: {{ .Values.artifactRepository.s3.useSDKCreds }} {{- end }} + {{- end }} {{- end}} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 731b68ca..fc96e7f1 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -251,6 +251,21 @@ artifactRepository: # region: # roleARN: # useSDKCreds: true + # gcs: + # bucket: -argo + # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/" + # serviceAccountKeySecret is a secret selector. + # It references the k8s secret named 'my-gcs-credentials'. + # This secret is expected to have have the key 'serviceAccountKey', + # containing the base64 encoded credentials + # to the bucket. + # + # If it's running on GKE and Workload Identity is used, + # serviceAccountKeySecret is not needed. + # serviceAccountKeySecret: + # name: my-gcs-credentials + # key: serviceAccountKey + # NOTE: These are setting attributes for the `minio` optional dependency minio: From cc52713dbd760209e279768784c9fb04ea1abe65 Mon Sep 17 00:00:00 2001 From: Vaibhav Date: Fri, 4 Sep 2020 19:15:12 -0400 Subject: [PATCH 16/30] chore: bump to latest (#440) * chore: bump to latest * chore: bump to latest * update image versions --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/values.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 9da7eea6..4f5960c4 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.17.1 +version: 1.0.0 keywords: - argo-events - sensor-controller @@ -12,6 +12,6 @@ sources: maintainers: - name: VaibhavPage - name: whynowy -appVersion: 0.17.0 +appVersion: 1.0.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index d963d9db..1da1335f 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -46,21 +46,21 @@ singleNamespace: true sensorController: name: sensor-controller image: sensor-controller - tag: v0.17.0 + tag: v1.0.0 replicaCount: 1 sensorImage: sensor eventsourceController: name: eventsource-controller image: eventsource-controller - tag: v0.17.0 + tag: v1.0.0 replicaCount: 1 eventsourceImage: eventsource eventbusController: name: eventbus-controller image: eventbus-controller - tag: v0.17.0 + tag: v1.0.0 replicaCount: 1 natsStreamingImage: nats-streaming:0.17.0 natsMetricsExporterImage: synadia/prometheus-nats-exporter:0.6.2 From cddd6a6048a4308241124725d3a2c2af7a9a5c67 Mon Sep 17 00:00:00 2001 From: Markus Lippert Date: Tue, 8 Sep 2020 18:18:26 +0200 Subject: [PATCH 17/30] feat(argo): Allow setting up ServiceAccount and RBAC resources for running workflows (#402) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/workflow-rb.yaml | 19 ++++++++++++++++++ charts/argo/templates/workflow-role.yaml | 25 ++++++++++++++++++++++++ charts/argo/templates/workflow-sa.yaml | 13 ++++++++++++ charts/argo/values.yaml | 9 +++++++++ 5 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 charts/argo/templates/workflow-rb.yaml create mode 100644 charts/argo/templates/workflow-role.yaml create mode 100644 charts/argo/templates/workflow-sa.yaml diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 7ec638e1..b98b6d96 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.10.2 +version: 0.11.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-rb.yaml b/charts/argo/templates/workflow-rb.yaml new file mode 100644 index 00000000..17785257 --- /dev/null +++ b/charts/argo/templates/workflow-rb.yaml @@ -0,0 +1,19 @@ +{{- if .Values.workflow.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ .Release.Name }}-workflow +{{- if .Values.workflow.namespace }} + namespace: {{ .Values.workflow.namespace }} +{{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ .Release.Name }}-workflow +subjects: +- kind: ServiceAccount + name: {{ .Values.workflow.serviceAccount.name }} + {{- if .Values.workflow.namespace }} + namespace: {{ .Values.workflow.namespace }} + {{- end }} +{{- end }} diff --git a/charts/argo/templates/workflow-role.yaml b/charts/argo/templates/workflow-role.yaml new file mode 100644 index 00000000..37365f21 --- /dev/null +++ b/charts/argo/templates/workflow-role.yaml @@ -0,0 +1,25 @@ +{{- if .Values.workflow.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ .Release.Name }}-workflow + {{- if .Values.workflow.namespace }} + namespace: {{ .Values.workflow.namespace }} + {{- end }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - patch +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - watch +{{- end }} diff --git a/charts/argo/templates/workflow-sa.yaml b/charts/argo/templates/workflow-sa.yaml new file mode 100644 index 00000000..45d97cf0 --- /dev/null +++ b/charts/argo/templates/workflow-sa.yaml @@ -0,0 +1,13 @@ +{{- if .Values.workflow.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.workflow.serviceAccount.name }} + {{- if .Values.workflow.namespace }} + namespace: {{ .Values.workflow.namespace }} + {{- end }} + {{- with .Values.workflow.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index fc96e7f1..718d4b55 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -23,6 +23,15 @@ createAggregateRoles: true # and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. singleNamespace: false +workflow: + namespace: "" # Speficy namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. + serviceAccount: + create: false # Specifies whether a service account should be created + annotations: {} + name: "argo-workflow" # Service account which is used to run workflows + rbac: + create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows + controller: image: # Overrides .images.tag if defined. From 2f36128868a8afb295b7201bc350395f54202e44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20R=C3=BCegg?= Date: Thu, 10 Sep 2020 02:43:22 +0200 Subject: [PATCH 18/30] chore(argocd): Upgrade to v1.7.4 (#444) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Simon Rüegg --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6414551e..b0c76865 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "1.6.2" +appVersion: 1.7.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.6.3 +version: 2.7.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5a8abb51..67b5503f 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.6.2 + tag: v1.7.4 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -28,7 +28,7 @@ controller: image: repository: # argoproj/argocd - tag: # v1.6.2 + tag: # v1.7.4 imagePullPolicy: # IfNotPresent ## Argo controller commandline flags @@ -330,7 +330,7 @@ server: image: repository: # argoproj/argocd - tag: # v1.6.1 + tag: # v1.7.4 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server @@ -654,7 +654,7 @@ repoServer: image: repository: # argoproj/argocd - tag: # v1.6.1 + tag: # v1.7.4 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server From eaf8c629bf417375d4c8090566235423b69ad81b Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Wed, 16 Sep 2020 12:46:13 -0700 Subject: [PATCH 19/30] feat(argo): Add support for workflow restrictions. (#447) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/workflow-controller-config-map.yaml | 3 +++ charts/argo/values.yaml | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index b98b6d96..b9684c1d 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.11.0 +version: 0.12.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 9563ac12..2c182c60 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -78,3 +78,6 @@ data: {{- with .Values.server.sso }} sso: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.workflowRestrictions }} + workflowRestrictions: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 718d4b55..5914600c 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -73,6 +73,8 @@ controller: # secondsAfterCompletion: 84600 # workflowWorkers: 32 # podWorkers: 32 + workflowRestrictions: {} # Only valid for 2.9+ + # templateReferencing: Strict|Secure telemetryConfig: enabled: false path: /telemetry From 49a7fc9340a4b195e523bc60f592f7cf64d22ce0 Mon Sep 17 00:00:00 2001 From: rpeter Date: Fri, 18 Sep 2020 17:01:01 -0700 Subject: [PATCH 20/30] chore: bump argocd to version v1.7.5 (#448) Co-authored-by: rpeter --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b0c76865..f4efa35f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: 1.7.4 +appVersion: 1.7.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.0 +version: 2.7.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 67b5503f..73c1253d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.7.4 + tag: v1.7.5 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -28,7 +28,7 @@ controller: image: repository: # argoproj/argocd - tag: # v1.7.4 + tag: # v1.7.5 imagePullPolicy: # IfNotPresent ## Argo controller commandline flags @@ -330,7 +330,7 @@ server: image: repository: # argoproj/argocd - tag: # v1.7.4 + tag: # v1.7.5 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server @@ -654,7 +654,7 @@ repoServer: image: repository: # argoproj/argocd - tag: # v1.7.4 + tag: # v1.7.5 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server From 3c6629263c0938ba626f03659fc01059e311f759 Mon Sep 17 00:00:00 2001 From: rpeets Date: Sat, 19 Sep 2020 17:25:31 -0700 Subject: [PATCH 21/30] chore: bump argocd to version v1.7.6 (#449) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f4efa35f..2b0ce419 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: 1.7.5 +appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.1 +version: 2.7.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 73c1253d..24eae7c6 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.7.5 + tag: v1.7.6 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -28,7 +28,7 @@ controller: image: repository: # argoproj/argocd - tag: # v1.7.5 + tag: # v1.7.6 imagePullPolicy: # IfNotPresent ## Argo controller commandline flags @@ -330,7 +330,7 @@ server: image: repository: # argoproj/argocd - tag: # v1.7.5 + tag: # v1.7.6 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server @@ -654,7 +654,7 @@ repoServer: image: repository: # argoproj/argocd - tag: # v1.7.5 + tag: # v1.7.6 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server From 4c4121ce188d977602ca17b7bb6b38e6c379ef8b Mon Sep 17 00:00:00 2001 From: Hayden Fuss Date: Mon, 21 Sep 2020 18:28:21 -0400 Subject: [PATCH 22/30] fix: Adding EmptyDir Volume for Repo Server on OpenShift (#450) --- charts/argo-cd/Chart.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2b0ce419..8e4872ec 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.2 +version: 2.7.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 8aed308e..846b542d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -82,6 +82,10 @@ spec: {{- if .Values.repoServer.volumeMounts }} {{- toYaml .Values.repoServer.volumeMounts | nindent 8}} {{- end }} + {{- if .Values.openshift.enabled }} + - mountPath: /app/config/gpg/keys + name: gpg-keyring + {{- end }} {{- if .Values.configs.knownHosts }} - mountPath: /app/config/ssh name: ssh-known-hosts @@ -138,6 +142,10 @@ spec: {{- if .Values.repoServer.volumes }} {{- toYaml .Values.repoServer.volumes | nindent 6}} {{- end }} + {{- if .Values.openshift.enabled }} + - emptyDir: {} + name: gpg-keyring + {{- end }} {{- if .Values.configs.knownHosts }} - configMap: name: argocd-ssh-known-hosts-cm From 1c83d371a565385b77c27f81554074c8f51580b1 Mon Sep 17 00:00:00 2001 From: Bruno Clermont Date: Tue, 22 Sep 2020 09:50:19 +0800 Subject: [PATCH 23/30] feat: add metrics for argo-cd/dex (#452) --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 5 +++ charts/argo-cd/templates/dex/deployment.yaml | 5 +++ charts/argo-cd/templates/dex/service.yaml | 6 ++++ .../argo-cd/templates/dex/servicemonitor.yaml | 35 +++++++++++++++++++ charts/argo-cd/values.yaml | 10 ++++++ 6 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 charts/argo-cd/templates/dex/servicemonitor.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8e4872ec..87cfab70 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.3 +version: 2.7.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 44a907a0..813e08e1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -273,6 +273,11 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | dex.initImage.repository | Argo CD init image repository. | `global.image.repository` | | dex.initImage.imagePullPolicy | Argo CD init image imagePullPolicy | `global.image.imagePullPolicy` | | dex.initImage.tag | Argo CD init image tag | `global.image.tag` | +| dex.metrics.enabled | Deploy metrics service | `false` | +| dex.metrics.service.annotations | Metrics service annotations | `{}` | +| dex.metrics.service.labels | Metrics service labels | `{}` | +| dex.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | +| dex.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | | dex.name | Dex name | `"dex-server"` | | dex.env | Environment variables for the Dex server. | `[]` | | dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5bae8b18..03f033c0 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -80,6 +80,11 @@ spec: - name: grpc containerPort: {{ .Values.dex.containerPortGrpc }} protocol: TCP + {{- if .Values.dex.metrics.enabled }} + - name: metrics + containerPort: {{ .Values.dex.containerPortMetrics }} + protocol: TCP + {{- end }} {{- if .Values.dex.volumeMounts }} volumeMounts: {{- toYaml .Values.dex.volumeMounts | nindent 10 }} diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index cb5ec3f6..b0567ead 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -20,6 +20,12 @@ spec: protocol: TCP port: {{ .Values.dex.servicePortGrpc }} targetPort: grpc +{{- if .Values.dex.metrics.enabled }} + - name: metrics + protocol: TCP + port: {{ .Values.dex.servicePortMetrics }} + targetPort: metrics +{{- end }} selector: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml new file mode 100644 index 00000000..eb72a573 --- /dev/null +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -0,0 +1,35 @@ +{{- if and .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.dex.fullname" . }} + {{- if .Values.dex.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.dex.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.dex.name }} + {{- if .Values.dex.metrics.serviceMonitor.selector }} +{{- toYaml .Values.dex.metrics.serviceMonitor.selector | nindent 4 }} + {{- end }} + {{- if .Values.dex.metrics.serviceMonitor.additionalLabels }} +{{- toYaml .Values.dex.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + interval: 30s + path: /metrics + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + app.kubernetes.io/component: {{ .Values.dex.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 24eae7c6..5500f01d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -172,6 +172,14 @@ dex: enabled: true name: dex-server + metrics: + enabled: false + service: + annotations: {} + labels: {} + serviceMonitor: + enabled: false + image: repository: quay.io/dexidp/dex tag: v2.22.0 @@ -212,6 +220,8 @@ dex: servicePortHttp: 5556 containerPortGrpc: 5557 servicePortGrpc: 5557 + containerPortMetrics: 5558 + servicePortMetrics: 5558 ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ From e3371f333fe57733261033eb385f3cd3eed4482a Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Tue, 22 Sep 2020 14:35:26 -0700 Subject: [PATCH 24/30] feat(argo): Allow Argo server read access to events. (#454) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-cluster-roles.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index b9684c1d..f6df8715 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.12.0 +version: 0.12.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml index 8da10df2..0c8f0763 100644 --- a/charts/argo/templates/server-cluster-roles.yaml +++ b/charts/argo/templates/server-cluster-roles.yaml @@ -8,6 +8,7 @@ rules: - "" resources: - configmaps + - events verbs: - get - watch From 83e9e19e2da4819f1d522c8ce943fe1d47eed3d0 Mon Sep 17 00:00:00 2001 From: Roman Date: Thu, 1 Oct 2020 06:37:26 +0300 Subject: [PATCH 25/30] fix: default argocd version in documentation (#456) * Fix default argocd version in documentation * Bump chart version --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 87cfab70..75fc9ae3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.4 +version: 2.7.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 813e08e1..b58434e2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -62,7 +62,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.6.1"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.7.6"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | From 50a66fd7ab21e625fb8a0065e0c2294615076217 Mon Sep 17 00:00:00 2001 From: Yann Soubeyrand Date: Fri, 2 Oct 2020 05:09:25 +0200 Subject: [PATCH 26/30] chore: update certificate apiVersion (#458) * chore: update certificate apiVersion * chore: bump chart version --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/certificate.yaml | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 75fc9ae3..c8e9ca39 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.5 +version: 2.7.6 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index be778be8..b2f227b5 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,5 +1,7 @@ {{- if .Values.server.certificate.enabled -}} -{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }} +{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1" }} +apiVersion: cert-manager.io/v1 +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }} apiVersion: cert-manager.io/v1alpha3 {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" }} apiVersion: cert-manager.io/v1alpha2 From 41ddad4aba2f57865b3e0aa0f42e02ff0ca7a662 Mon Sep 17 00:00:00 2001 From: Mike Bryant Date: Fri, 2 Oct 2020 04:12:35 +0100 Subject: [PATCH 27/30] feat: Allow setting the log format to json for Argo CD (#463) --- charts/argo-cd/Chart.yaml | 2 +- .../templates/argocd-application-controller/deployment.yaml | 2 ++ charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 ++ charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 6 ++++++ 5 files changed, 13 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c8e9ca39..2da7db6a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.6 +version: 2.8.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index c9f45142..3067e969 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -56,6 +56,8 @@ spec: - {{ .Values.controller.args.appResyncPeriod | quote }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --logformat + - {{ .Values.controller.logFormat }} - --loglevel - {{ .Values.controller.logLevel }} {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 846b542d..de6c21a3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -60,6 +60,8 @@ spec: - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} {{- end }} + - --logformat + - {{ .Values.repoServer.logFormat }} - --loglevel - {{ .Values.repoServer.logLevel }} {{- with .Values.repoServer.extraArgs }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ca7c9ba4..b54b947f 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -61,6 +61,8 @@ spec: - --dex-server - http://{{ template "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }} {{- end }} + - --logformat + - {{ .Values.server.logFormat }} - --loglevel - {{ .Values.server.logLevel }} {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5500f01d..c87d0c79 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -37,6 +37,8 @@ controller: operationProcessors: "10" appResyncPeriod: "180" + ## Argo controller log format: text|json + logFormat: text ## Argo controller log level logLevel: info @@ -352,6 +354,8 @@ server: ## env: [] + ## Argo server log format: text|json + logFormat: text ## Argo server log level logLevel: info @@ -675,6 +679,8 @@ repoServer: ## env: [] + ## Argo repoServer log format: text|json + logFormat: text ## Argo repoServer log level logLevel: info From 44de70c7419f580085c319a9eed87c0bb0e6a03f Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Mon, 5 Oct 2020 09:45:49 -0700 Subject: [PATCH 28/30] feat(Argo): Make Argo Server service account creation conditional. (#460) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-crb.yaml | 2 +- charts/argo/templates/server-sa.yaml | 2 +- charts/argo/values.yaml | 3 +++ 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index f6df8715..3f2fb613 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.12.1 +version: 0.12.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-crb.yaml b/charts/argo/templates/server-crb.yaml index a919e573..d1ad5ea4 100644 --- a/charts/argo/templates/server-crb.yaml +++ b/charts/argo/templates/server-crb.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.enabled -}} +{{- if and .Values.server.enabled .Values.server.createServiceAccount -}} apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding diff --git a/charts/argo/templates/server-sa.yaml b/charts/argo/templates/server-sa.yaml index c0d332e1..5b419a65 100644 --- a/charts/argo/templates/server-sa.yaml +++ b/charts/argo/templates/server-sa.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.enabled -}} +{{- if and .Values.server.enabled .Values.server.createServiceAccount -}} apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 5914600c..bc031487 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -157,6 +157,9 @@ server: servicePort: 2746 # servicePortName: http serviceAccount: argo-server + # Whether to create the service account with the name specified in + # server.serviceAccount and bind it to the server role. + createServiceAccount: true # Service account annotations serviceAccountAnnotations: {} # Annotations to be applied to the UI Service From ed19bc61e5e3831edce1327b75c86eb96307bc36 Mon Sep 17 00:00:00 2001 From: w33dw0r7d Date: Mon, 5 Oct 2020 20:14:50 +0300 Subject: [PATCH 29/30] feat: bump to v0.9.1 (#464) --- charts/argo-rollouts/Chart.yaml | 4 +- charts/argo-rollouts/README.md | 2 +- .../templates/argo-rollouts-clusterrole.yaml | 37 +- .../templates/argo-rollouts-role.yaml | 38 +- .../templates/crds/analysis-run-crd.yaml | 72 +- .../templates/crds/analysis-template-crd.yaml | 72 +- .../crds/cluster-analysis-template-crd.yaml | 2734 +++++++++++++++++ .../templates/crds/experiment-crd.yaml | 62 +- .../templates/crds/rollout-crd.yaml | 146 +- charts/argo-rollouts/values.yaml | 2 +- 10 files changed, 2933 insertions(+), 236 deletions(-) create mode 100644 charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 418dd589..26d47ab3 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "0.8.3" +appVersion: "0.9.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.6 +version: 0.3.7 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 6a775bba..3d484594 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -2,7 +2,7 @@ Argo Rollouts Chart ============= A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. -Current chart version is `0.3.0` +Current chart version is `0.3.7` Source code can be found [here](https://github.com/argoproj/argo-rollouts) diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index f670104b..8cfcdcc8 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -47,6 +47,12 @@ rules: - watch - update - patch +- apiGroups: + - argoproj.io + resources: + - rollouts/finalizers + verbs: + - update - apiGroups: - argoproj.io resources: @@ -60,10 +66,18 @@ rules: - update - patch - delete +- apiGroups: + - argoproj.io + resources: + - analysisruns/finalizers + - experiments/finalizers + verbs: + - update - apiGroups: - argoproj.io resources: - analysistemplates + - clusteranalysistemplates verbs: - get - list @@ -106,11 +120,22 @@ rules: - watch - get - update -- apiGroups: - - "" - resources: - - pods - verbs: - list - - delete +- apiGroups: + - split.smi-spec.io + resources: + - trafficsplits + verbs: + - create + - watch + - get + - update + - patch +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-role.yaml b/charts/argo-rollouts/templates/argo-rollouts-role.yaml index df4e2b26..dee6f168 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml @@ -28,6 +28,14 @@ rules: - list - watch - patch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch - apiGroups: - argoproj.io resources: @@ -38,6 +46,12 @@ rules: - watch - update - patch +- apiGroups: + - argoproj.io + resources: + - rollouts/finalizers + verbs: + - update - apiGroups: - argoproj.io resources: @@ -51,10 +65,18 @@ rules: - update - patch - delete +- apiGroups: + - argoproj.io + resources: + - analysisruns/finalizers + - experiments/finalizers + verbs: + - update - apiGroups: - argoproj.io resources: - analysistemplates + - clusteranalysistemplates verbs: - get - list @@ -90,17 +112,9 @@ rules: - update - patch - apiGroups: - - "" + - "" resources: - - secrets + - pods verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - list - - delete + - list + - delete diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 5263d47d..3a4caef4 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -84,6 +84,15 @@ spec: job: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -127,6 +136,15 @@ spec: template: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -748,23 +766,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1304,23 +1305,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1864,23 +1848,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -2740,6 +2707,8 @@ spec: - value type: object type: array + insecure: + type: boolean jsonPath: type: string timeoutSeconds: @@ -2747,7 +2716,6 @@ spec: url: type: string required: - - jsonPath - url type: object type: object diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index d88cce46..c559fae1 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -78,6 +78,15 @@ spec: job: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -121,6 +130,15 @@ spec: template: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -742,23 +760,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1298,23 +1299,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1858,23 +1842,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -2734,6 +2701,8 @@ spec: - value type: object type: array + insecure: + type: boolean jsonPath: type: string timeoutSeconds: @@ -2741,7 +2710,6 @@ spec: url: type: string required: - - jsonPath - url type: object type: object diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml new file mode 100644 index 00000000..9a768072 --- /dev/null +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -0,0 +1,2734 @@ +{{- if .Values.installCRDs }} +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.5 + name: clusteranalysistemplates.argoproj.io +spec: + group: argoproj.io + names: + kind: ClusterAnalysisTemplate + listKind: ClusterAnalysisTemplateList + plural: clusteranalysistemplates + shortNames: + - cat + singular: clusteranalysistemplate + scope: Cluster + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + args: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + - name + type: object + type: object + required: + - name + type: object + type: array + metrics: + items: + properties: + consecutiveErrorLimit: + format: int32 + type: integer + count: + format: int32 + type: integer + failureCondition: + type: string + failureLimit: + format: int32 + type: integer + inconclusiveLimit: + format: int32 + type: integer + initialDelay: + type: string + interval: + type: string + name: + type: string + provider: + properties: + job: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + backoffLimit: + format: int32 + type: integer + completions: + format: int32 + type: integer + manualSelector: + type: boolean + parallelism: + format: int32 + type: integer + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + securityContext: + properties: + fsGroup: + format: int64 + type: integer + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + maxSkew: + format: int32 + type: integer + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + ttlSecondsAfterFinished: + format: int32 + type: integer + required: + - template + type: object + required: + - spec + type: object + kayenta: + properties: + address: + type: string + application: + type: string + canaryConfigName: + type: string + configurationAccountName: + type: string + metricsAccountName: + type: string + scopes: + items: + properties: + controlScope: + properties: + end: + type: string + region: + type: string + scope: + type: string + start: + type: string + step: + type: integer + required: + - end + - region + - scope + - start + - step + type: object + experimentScope: + properties: + end: + type: string + region: + type: string + scope: + type: string + start: + type: string + step: + type: integer + required: + - end + - region + - scope + - start + - step + type: object + name: + type: string + required: + - controlScope + - experimentScope + - name + type: object + type: array + storageAccountName: + type: string + threshold: + properties: + marginal: + type: integer + pass: + type: integer + required: + - marginal + - pass + type: object + required: + - address + - application + - canaryConfigName + - configurationAccountName + - metricsAccountName + - scopes + - storageAccountName + - threshold + type: object + prometheus: + properties: + address: + type: string + query: + type: string + type: object + wavefront: + properties: + address: + type: string + query: + type: string + type: object + web: + properties: + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean + jsonPath: + type: string + timeoutSeconds: + type: integer + url: + type: string + required: + - url + type: object + type: object + successCondition: + type: string + required: + - name + - provider + type: object + type: array + required: + - metrics + type: object + required: + - spec + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +{{- end }} diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index ceaf3b83..bd435156 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -59,6 +59,8 @@ spec: - name type: object type: array + clusterScope: + type: boolean name: type: string requiredForCompletion: @@ -112,6 +114,15 @@ spec: template: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -733,23 +744,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1289,23 +1283,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1849,23 +1826,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 0f276b16..18afb92b 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -132,15 +132,17 @@ spec: - name type: object type: array + clusterScope: + type: boolean templateName: type: string templates: items: properties: + clusterScope: + type: boolean templateName: type: string - required: - - templateName type: object type: array type: object @@ -162,15 +164,17 @@ spec: - name type: object type: array + clusterScope: + type: boolean templateName: type: string templates: items: properties: + clusterScope: + type: boolean templateName: type: string - required: - - templateName type: object type: array type: object @@ -208,6 +212,8 @@ spec: - name type: object type: array + clusterScope: + type: boolean startingStep: format: int32 type: integer @@ -216,10 +222,10 @@ spec: templates: items: properties: + clusterScope: + type: boolean templateName: type: string - required: - - templateName type: object type: array type: object @@ -271,15 +277,17 @@ spec: - name type: object type: array + clusterScope: + type: boolean templateName: type: string templates: items: properties: + clusterScope: + type: boolean templateName: type: string - required: - - templateName type: object type: array type: object @@ -304,6 +312,8 @@ spec: - name type: object type: array + clusterScope: + type: boolean name: type: string templateName: @@ -388,6 +398,8 @@ spec: type: string ingress: type: string + rootService: + type: string servicePort: format: int32 type: integer @@ -425,12 +437,28 @@ spec: required: - stableIngress type: object + smi: + properties: + rootService: + type: string + trafficSplitName: + type: string + type: object type: object type: object type: object template: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -1052,23 +1080,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1608,23 +1619,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -2168,23 +2162,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -2935,6 +2912,9 @@ spec: type: integer abort: type: boolean + abortedAt: + format: date-time + type: string availableReplicas: format: int32 type: integer @@ -2944,8 +2924,32 @@ spec: type: string postPromotionAnalysisRun: type: string + postPromotionAnalysisRunStatus: + properties: + message: + type: string + name: + type: string + status: + type: string + required: + - name + - status + type: object prePromotionAnalysisRun: type: string + prePromotionAnalysisRunStatus: + properties: + message: + type: string + name: + type: string + status: + type: string + required: + - name + - status + type: object previewSelector: type: string previousActiveSelector: @@ -2960,10 +2964,34 @@ spec: properties: currentBackgroundAnalysisRun: type: string + currentBackgroundAnalysisRunStatus: + properties: + message: + type: string + name: + type: string + status: + type: string + required: + - name + - status + type: object currentExperiment: type: string currentStepAnalysisRun: type: string + currentStepAnalysisRunStatus: + properties: + message: + type: string + name: + type: string + status: + type: string + required: + - name + - status + type: object stableRS: type: string type: object diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 9e2011d2..ed242ff1 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -13,7 +13,7 @@ controller: affinity: {} image: repository: argoproj/argo-rollouts - tag: v0.8.3 + tag: v0.9.1 pullPolicy: IfNotPresent resources: {} From 03aecd7af94172b04e94a967662c62cb3b83103f Mon Sep 17 00:00:00 2001 From: Lars Fenneberg Date: Thu, 8 Oct 2020 06:18:44 +0000 Subject: [PATCH 30/30] fix(argocd): Unconditionally start reposerver with uid_entrypoint.sh (#466) * fix(argocd): Unconditionally start reposerver with uid_entrypoint.sh While uid_entrypoint.sh contains the OpenShift specific manipulation of /etc/passwd it also starts the reposerver via tini and so ensures that any zombies produced by reposerver and its decendants are collected. This matches the behaviour from the manifests included with the main ArgoCD project. See: * https://github.com/argoproj/argo-cd/blob/f93da5346c3dfe0ec75549fd78b2d30ce7d5cfad/manifests/base/repo-server/argocd-repo-server-deployment.yaml#L24 * https://github.com/argoproj/argo-cd/pull/3721 * https://github.com/argoproj/argo-cd/issues/3611 * chore: Bumping minor semver as this feels like a bit more than a patch change. --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2da7db6a..23544511 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.8.0 +version: 2.9.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index de6c21a3..a75c1283 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -52,9 +52,7 @@ spec: image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} command: - {{- if .Values.openshift.enabled }} - uid_entrypoint.sh - {{- end }} - argocd-repo-server {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis