diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b34759a5..b2142005 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "1.5.4" +appVersion: "1.6.2" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.3.5 +version: 2.6.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4a2e4be9..44a907a0 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -62,12 +62,13 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.5.3"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.6.1"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | installCRDs | Install CRDs if you are using Helm2. | `true` | +| configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | | configs.secret.annotations | Annotations for argocd-secret | `{}` | | configs.secret.argocdServerAdminPassword | Bcrypt hashed admin password | `null` | @@ -76,6 +77,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | configs.secret.createSecret | Create the argocd-secret. | `true` | | configs.secret.githubSecret | GitHub incoming webhook secret | `""` | | configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` | +| configs.tlsCertsAnnotations | TLS certificate configmap annotations | `{}` | | configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) | | configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` | | openshift.enabled | enables using arbitrary uid for argo repo server | `false` | @@ -86,6 +88,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i |-----|---------|-------------| | controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | | controller.args.operationProcessors | define the controller `--operation-processors` | `"10"` | +| controller.args.appResyncPeriod | define the controller `--app-resync` | `"180"` | | controller.args.statusProcessors | define the controller `--status-processors` | `"20"` | | controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | | controller.containerPort | Controller listening port. | `8082` | @@ -120,6 +123,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | controller.service.annotations | Controller service annotations. | `{}` | | controller.service.labels | Controller service labels. | `{}` | | controller.service.port | Controller service port. | `8082` | +| controler.serviceAccount.annotations | Controller service account annotations | `{}` | | controller.serviceAccount.create | Create a service account for the controller | `true` | | controller.serviceAccount.name | Service account name. | `"argocd-application-controller"` | | controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | @@ -169,6 +173,9 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | repoServer.service.annotations | Repo server service annotations. | `{}` | | repoServer.service.labels | Repo server service labels. | `{}` | | repoServer.service.port | Repo server service port. | `8081` | +| repoServer.serviceAccount.annotations | Repo server service account annotations | `{}` | +| repoServer.serviceAccount.create | Create repo server service account | `false` | +| repoServer.serviceAccount.name | Repo server service account name | `"argocd-repo-server"` | | repoServer.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | repoServer.volumeMounts | Repo server volume mounts | `[]` | | repoServer.volumes | Repo server volumes | `[]` | @@ -190,6 +197,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | server.certificate.enabled | Enables a certificate manager certificate. | `false` | | server.certificate.issuer | Certificate manager issuer | `{}` | | server.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | +| server.configAnnotations | ArgoCD configuration configmap annotations | `{}` | | server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | @@ -202,6 +210,12 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | server.ingress.hosts | List of ingress hosts | `[]` | | server.ingress.labels | Additional ingress labels. | `{}` | | server.ingress.tls | Ingress TLS configuration. | `[]` | +| server.ingress.https | Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` | `false` | +| server.ingressGrpc.annotations | Additional ingress annotations for dedicated [gRPC-ingress] | `{}` | +| server.ingressGrpc.enabled | Enable an ingress resource for the server for dedicated [gRPC-ingress] | `false` | +| server.ingressGrpc.hosts | List of ingress hosts for dedicated [gRPC-ingress] | `[]` | +| server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` | +| server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | @@ -221,6 +235,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | server.podAnnotations | Annotations for the server pods | `{}` | | server.podLabels | Labels for the server pods | `{}` | | server.priorityClassName | Priority class for the server | `""` | +| server.rbacConfigAnnotations | RBAC configmap annotations | `{}` | | server.rbacConfig | [Argo CD RBAC policy](https://argoproj.github.io/argo-cd/operator-manual/rbac/) | `{}` | | server.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | | server.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | @@ -237,6 +252,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | server.service.servicePortHttpsName | Server service https port name, can be used to route traffic via istio | `https` | | server.service.loadBalancerSourceRanges | Source IP ranges to allow access to service from. | `[]` | | server.service.type | Server service type | `"ClusterIP"` | +| server.serviceAccount.annotations | Server service account annotations | `{}` | | server.serviceAccount.create | Create server service account | `true` | | server.serviceAccount.name | Server service account name | `"argocd-server"` | | server.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | @@ -287,7 +303,7 @@ through `xxx.extraArgs` | redis.enabled | Enable redis | `true` | | redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` | | redis.image.repository | Redis repository | `"redis"` | -| redis.image.tag | Redis tag | `"5.0.3"` | +| redis.image.tag | Redis tag | `"5.0.8"` | | redis.name | Redis name | `"redis"` | | redis.env | Environment variables for the Redis server. | `[]` | | redis.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | @@ -295,6 +311,7 @@ through `xxx.extraArgs` | redis.podLabels | Labels for the Redis server pods | `{}` | | redis.priorityClassName | Priority class for redis | `""` | | redis.resources | Resource limits and requests for redis | `{}` | +| redis.securityContext | Redis Pod Security Context | See [values.yaml](values.yaml) | | redis.servicePort | Redis service port | `6379` | | redis.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | redis-ha | Configures [Redis HA subchart](https://github.com/helm/charts/tree/master/stable/redis-ha) The properties below have been changed from the subchart defaults | | @@ -306,3 +323,6 @@ through `xxx.extraArgs` | redis-ha.redis.config.save | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | `""` | | redis-ha.haproxy.enabled | Enabled HAProxy LoadBalancing/Proxy | `true` | | redis-ha.haproxy.metrics.enabled | HAProxy enable prometheus metric scraping | `true` | +| redis-ha.image.tag | Redis tag | `"5.0.8-alpine"` | + +[gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ \ No newline at end of file diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index 0d4f9651..e51c04bb 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -37,6 +37,18 @@ spec: operation: description: Operation contains requested operation parameters. properties: + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array initiatedBy: description: OperationInitiator holds information about the operation initiator @@ -574,7 +586,7 @@ spec: type: boolean type: object syncOptions: - description: Options allow youe to specify whole app sync-options + description: Options allow you to specify whole app sync-options items: type: string type: array @@ -615,6 +627,7 @@ spec: message: type: string status: + description: Represents resource health status type: string type: object history: @@ -848,6 +861,18 @@ spec: operation: description: Operation is the original requested operation properties: + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array initiatedBy: description: OperationInitiator holds information about the operation initiator @@ -1413,6 +1438,7 @@ spec: message: type: string status: + description: Represents resource health status type: string type: object hook: diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 97119083..c9f45142 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -52,6 +52,8 @@ spec: - {{ .Values.controller.args.statusProcessors | quote }} - --operation-processors - {{ .Values.controller.args.operationProcessors | quote }} + - --app-resync + - {{ .Values.controller.args.appResyncPeriod | quote }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - --loglevel @@ -121,3 +123,6 @@ spec: volumes: {{- toYaml .Values.controller.volumes | nindent 8 }} {{- end }} +{{- if .Values.controller.priorityClassName }} + priorityClassName: {{ .Values.controller.priorityClassName }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index fbbb0b78..f93114a6 100644 --- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -3,6 +3,12 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-cd.controllerServiceAccountName" . }} +{{- if .Values.controller.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.controller.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} labels: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 8f83fd6b..0ce489bc 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -9,5 +9,11 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.server.configAnnotations }} + annotations: + {{- range $key, $value := .Values.server.configAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} data: {{- toYaml .Values.server.config | nindent 4 }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index a4b8e92f..8bbb7a93 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -9,6 +9,12 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.server.rbacConfigAnnotations }} + annotations: + {{- range $key, $value := .Values.server.rbacConfigAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} {{- if .Values.server.rbacConfig }} data: {{- toYaml .Values.server.rbacConfig | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index cf424661..6a8f6dee 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -9,4 +9,10 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.configs.knownHostsAnnotations }} + annotations: + {{- range $key, $value := .Values.configs.knownHostsAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: argocd-ssh-known-hosts-cm \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index e36fab55..a12ce59e 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -11,4 +11,10 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.configs.tlsCertsAnnotations }} + annotations: + {{- range $key, $value := .Values.configs.tlsCertsAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: argocd-tls-certs-cm \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 9268cc65..8aed308e 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -152,3 +152,6 @@ spec: initContainers: {{- toYaml .Values.repoServer.initContainers | nindent 6 }} {{- end }} +{{- if .Values.repoServer.priorityClassName }} + priorityClassName: {{ .Values.repoServer.priorityClassName }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index d73e3df4..ca7c9ba4 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -151,3 +151,6 @@ spec: name: argocd-tls-certs-cm name: tls-certs {{- end }} +{{- if .Values.server.priorityClassName }} + priorityClassName: {{ .Values.server.priorityClassName }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml new file mode 100644 index 00000000..42538d61 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -0,0 +1,57 @@ +{{- if .Values.server.ingressGrpc.enabled -}} +{{- $serviceName := include "argo-cd.server.fullname" . -}} +{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} +{{- $paths := .Values.server.ingressGrpc.paths -}} +{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} +apiVersion: networking.k8s.io/v1beta1 +{{ else }} +apiVersion: extensions/v1beta1 +{{ end -}} +kind: Ingress +metadata: +{{- if .Values.server.ingressGrpc.annotations }} + annotations: + {{- range $key, $value := .Values.server.ingressGrpc.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ template "argo-cd.server.fullname" . }}-grpc + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.server.name }} +{{- if .Values.server.ingressGrpc.labels }} +{{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }} +{{- end }} +spec: + rules: + {{- if .Values.server.ingressGrpc.hosts }} + {{- range $host := .Values.server.ingressGrpc.hosts }} + - host: {{ $host }} + http: + paths: + {{- range $p := $paths }} + - path: {{ $p }} + backend: + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end -}} + {{- end -}} + {{- else }} + - http: + paths: + {{- range $p := $paths }} + - path: {{ $p }} + backend: + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end -}} + {{- end -}} + {{- if .Values.server.ingressGrpc.tls }} + tls: +{{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} + {{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index df2f93ce..056776a4 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -1,6 +1,6 @@ {{- if .Values.server.ingress.enabled -}} {{- $serviceName := include "argo-cd.server.fullname" . -}} -{{- $servicePort := .Values.server.service.servicePortHttp -}} +{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} apiVersion: networking.k8s.io/v1beta1 diff --git a/charts/argo-cd/templates/argocd-server/route.yaml b/charts/argo-cd/templates/argocd-server/route.yaml index 775a0a2f..7a7f3618 100644 --- a/charts/argo-cd/templates/argocd-server/route.yaml +++ b/charts/argo-cd/templates/argocd-server/route.yaml @@ -26,6 +26,4 @@ spec: termination: {{ .Values.server.route.termination_type | default "passthrough" }} insecureEdgeTerminationPolicy: {{ .Values.server.route.termination_policy | default "None" }} wildcardPolicy: None -status: - ingress: [] {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index b8549600..2c02f6b7 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -3,6 +3,12 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-cd.serverServiceAccountName" . }} +{{- if .Values.server.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.server.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} labels: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index d2fde3e3..5bae8b18 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -103,4 +103,7 @@ spec: volumes: {{- toYaml .Values.dex.volumes | nindent 8}} {{- end }} +{{- if .Values.dex.priorityClassName }} + priorityClassName: {{ .Values.dex.priorityClassName }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 7531f6d2..58934683 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -41,8 +41,8 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} automountServiceAccountToken: false - {{- if .Values.global.securityContext }} - securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- if .Values.redis.securityContext }} + securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }} {{- end }} containers: - name: {{ template "argo-cd.redis.fullname" . }} @@ -85,4 +85,7 @@ spec: volumes: {{- toYaml .Values.redis.volumes | nindent 8}} {{- end }} +{{- if .Values.redis.priorityClassName }} + priorityClassName: {{ .Values.redis.priorityClassName }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 45d20995..21ef54a9 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.5.4 + tag: v1.6.2 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -28,13 +28,14 @@ controller: image: repository: # argoproj/argocd - tag: # v1.5.4 + tag: # v1.6.2 imagePullPolicy: # IfNotPresent ## Argo controller commandline flags args: statusProcessors: "20" operationProcessors: "10" + appResyncPeriod: "180" ## Argo controller log level logLevel: info @@ -113,6 +114,8 @@ controller: serviceAccount: create: true name: argocd-application-controller + ## Annotations applied to created service account + annotations: {} ## Server metrics controller configuration metrics: @@ -241,7 +244,7 @@ redis: image: repository: redis - tag: 5.0.3 + tag: 5.0.8 imagePullPolicy: IfNotPresent containerPort: 6379 @@ -274,6 +277,12 @@ redis: # drop: # - all + ## Redis Pod specific security context + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + runAsNonRoot: true resources: {} # limits: @@ -303,6 +312,8 @@ redis-ha: enabled: true metrics: enabled: true + image: + tag: 5.0.8-alpine ## Server server: @@ -319,7 +330,7 @@ server: image: repository: # argoproj/argocd - tag: # v1.5.4 + tag: # v1.6.1 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server @@ -426,6 +437,8 @@ server: serviceAccount: create: true name: argocd-server + ## Annotations applied to created service account + annotations: {} ingress: enabled: false @@ -446,6 +459,29 @@ server: # - secretName: argocd-example-tls # hosts: # - argocd.example.com + https: false + # dedicated ingess for gRPC as documented at + # https://argoproj.github.io/argo-cd/operator-manual/ingress/ + ingressGrpc: + enabled: false + annotations: {} + labels: {} + + ## Argo Ingress. + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + ## + hosts: + [] + # - argocd.example.com + paths: + - / + tls: + [] + # - secretName: argocd-example-tls + # hosts: + # - argocd.example.com + https: false # Create a OpenShift Route with SSL passthrough for UI and CLI # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain @@ -486,6 +522,9 @@ server: # - profile # - email + ## Annotations to be added to ArgoCD ConfigMap + configAnnotations: {} + ## ArgoCD rbac config ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbacConfig: @@ -509,6 +548,9 @@ server: # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. # scopes: '[cognito:groups, email]' + ## Annotations to be added to ArgoCD rbac ConfigMap + rbacConfigAnnotations: {} + ## Not well tested and not well supported on release v1.0.0. ## Applications ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ @@ -593,7 +635,7 @@ repoServer: image: repository: # argoproj/argocd - tag: # v1.5.4 + tag: # v1.6.1 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server @@ -727,6 +769,7 @@ repoServer: ## Argo Configs configs: + knownHostsAnnotations: {} knownHosts: data: ssh_known_hosts: | @@ -737,6 +780,7 @@ configs: gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + tlsCertsAnnotations: {} tlsCerts: {} # data: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 4d953bcf..f63ec1a8 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,15 +1,17 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.14.0 +version: 0.17.0 keywords: - argo-events - sensor-controller - - gateway-controller + - eventsource-controller + - eventbus-controller sources: - https://github.com/argoproj/argo-events maintainers: - name: VaibhavPage -appVersion: 0.14.0 + - name: whynowy +appVersion: 0.17.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 5dd63adb..3c375c3a 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -2,13 +2,14 @@ This is a **community maintained** chart. It installs the [argo-events](https://github.com/argoproj/argo-events) application. This application comes packaged with: - Sensor Custom Resource Definition (See CRD Notes) -- Gateway Custom Resource Definition (See CRD Notes) - EventSource Custom Resource Definition (See CRD Notes) +- EventBus Custom Resource Definition (See CRD Notes) - Sensor Controller Deployment -- Sensor Controller ConfigMap -- Gateway Controller Deployment -- Gateway Controller ConfigMap +- EventSource Controller Deployment +- EventBus Controller Deployment - Service Account +- Roles +- Role Bindings - Cluster Roles - Cluster Role Bindings @@ -16,10 +17,4 @@ This is a **community maintained** chart. It installs the [argo-events](https:// Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart. -You can install the CRDs manually like so: - -``` -kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.14.0/hack/k8s/manifests/sensor-crd.yaml -kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.14.0/hack/k8s/manifests/gateway-crd.yaml -kubectl apply -f https://github.com/argoproj/argo-events/raw/v0.14.0/hack/k8s/manifests/event-source-crd.yaml -``` +You can install the CRDs manually from `crds` folder. \ No newline at end of file diff --git a/charts/argo-events/crds/gateway-crd.yml b/charts/argo-events/crds/eventbus-crd.yml similarity index 50% rename from charts/argo-events/crds/gateway-crd.yml rename to charts/argo-events/crds/eventbus-crd.yml index 7b9178f4..340d4989 100644 --- a/charts/argo-events/crds/gateway-crd.yml +++ b/charts/argo-events/crds/eventbus-crd.yml @@ -1,16 +1,15 @@ ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: gateways.argoproj.io + name: eventbus.argoproj.io spec: group: argoproj.io names: - kind: Gateway - listKind: GatewayList - plural: gateways - singular: gateway + kind: EventBus + listKind: EventBusList + plural: eventbus shortNames: - - gw + - eb + singular: eventbus scope: Namespaced - version: "v1alpha1" + version: v1alpha1 diff --git a/charts/argo-events/crds/event-source-crd.yml b/charts/argo-events/crds/eventsource-crd.yml similarity index 100% rename from charts/argo-events/crds/event-source-crd.yml rename to charts/argo-events/crds/eventsource-crd.yml diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index a0b79f78..16f55e46 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -1,3 +1,5 @@ +{{- if not .Values.singleNamespace }} + apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -43,12 +45,12 @@ rules: - workflows/finalizers - workflowtemplates - workflowtemplates/finalizers - - gateways - - gateways/finalizers - sensors - sensors/finalizers - eventsources - eventsources/finalizers + - eventbus + - eventbus/finalizers - apiGroups: - "" resources: @@ -83,6 +85,7 @@ rules: - "apps" resources: - deployments + - statefulsets verbs: - create - get @@ -92,3 +95,4 @@ rules: - patch - delete +{{- end }} diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml new file mode 100644 index 00000000..d6de39d2 --- /dev/null +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -0,0 +1,100 @@ +{{- if .Values.singleNamespace }} + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argo-events-binding + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argo-events-role +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount }} + namespace: {{ .Release.Namespace }} + {{- if .Values.additionalSaNamespaces }} + {{ $sa := .Values.serviceAccount }} + {{- range $namespace := .Values.additionalSaNamespaces }} + - kind: ServiceAccount + name: {{ $sa }} + namespace: {{ $namespace }} + {{- end }} + {{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argo-events-role + namespace: {{ .Release.Namespace }} +rules: + {{- if .Values.additionalServiceAccountRules }} + {{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} + {{- end }} + - apiGroups: + - argoproj.io + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + resources: + - workflows + - workflows/finalizers + - workflowtemplates + - workflowtemplates/finalizers + - sensors + - sensors/finalizers + - eventsources + - eventsources/finalizers + - eventbus + - eventbus/finalizers + - apiGroups: + - "" + resources: + - pods + - pods/exec + - configmaps + - secrets + - services + - events + - persistentvolumeclaims + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - "batch" + resources: + - jobs + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - "apps" + resources: + - deployments + - statefulsets + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + +{{- end }} diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml new file mode 100644 index 00000000..8d0ec2b3 --- /dev/null +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -0,0 +1,39 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-{{ .Values.eventbusController.name }} + labels: + app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.eventbusController.replicaCount }} + selector: + matchLabels: + app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ .Values.serviceAccount }} + containers: + - name: {{ .Values.eventbusController.name }} + image: "{{ .Values.registry }}/{{ .Values.eventbusController.image }}:{{ .Values.eventbusController.tag }}" + imagePullPolicy: {{ .Values.imagePullPolicy }} + {{- if .Values.singleNamespace }} + args: + - --namespaced + {{- end }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NATS_STREAMING_IMAGE + value: {{ .Values.eventbusController.natsStreamingImage }} + - name: NATS_METRICS_EXPORTER_IMAGE + value: {{ .Values.eventbusController.natsMetricsExporterImage }} diff --git a/charts/argo-events/templates/eventbus-crd.yaml b/charts/argo-events/templates/eventbus-crd.yaml new file mode 100644 index 00000000..dfc7b2cb --- /dev/null +++ b/charts/argo-events/templates/eventbus-crd.yaml @@ -0,0 +1,21 @@ +{{- if .Values.installCRD }} +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: eventbus.argoproj.io +spec: + group: argoproj.io + names: + kind: EventBus + listKind: EventBusList + plural: eventbus + shortNames: + - eb + singular: eventbus + scope: Namespaced + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +{{- end }} diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml new file mode 100644 index 00000000..3b050eda --- /dev/null +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -0,0 +1,37 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} + labels: + app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.eventsourceController.replicaCount }} + selector: + matchLabels: + app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ .Values.serviceAccount }} + containers: + - name: {{ .Values.eventsourceController.name }} + image: "{{ .Values.registry }}/{{ .Values.eventsourceController.image }}:{{ .Values.eventsourceController.tag }}" + imagePullPolicy: {{ .Values.imagePullPolicy }} + {{- if .Values.singleNamespace }} + args: + - --namespaced + {{- end }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: EVENTSOURCE_IMAGE + value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag }}" diff --git a/charts/argo-events/templates/gateway-controller-configmap.yaml b/charts/argo-events/templates/gateway-controller-configmap.yaml deleted file mode 100644 index 5e01b9b8..00000000 --- a/charts/argo-events/templates/gateway-controller-configmap.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-{{ .Values.gatewayController.name }}-configmap - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - config: | - instanceID: {{ .Values.instanceID }} -{{- if .Values.singleNamespace }} - namespace: {{ .Values.namespace }} -{{- end }} diff --git a/charts/argo-events/templates/gateway-controller-deployment.yaml b/charts/argo-events/templates/gateway-controller-deployment.yaml deleted file mode 100644 index 63350fbf..00000000 --- a/charts/argo-events/templates/gateway-controller-deployment.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-{{ .Values.gatewayController.name }} - labels: - app: {{ .Release.Name }}-{{ .Values.gatewayController.name }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.gatewayController.replicaCount }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.gatewayController.name }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-{{ .Values.gatewayController.name }} - release: {{ .Release.Name }} - spec: - serviceAccountName: {{ .Values.serviceAccount }} - containers: - - name: {{ .Values.gatewayController.name }} - image: "{{ .Values.registry }}/{{ .Values.gatewayController.image }}:{{ .Values.gatewayController.tag }}" - imagePullPolicy: {{ .Values.imagePullPolicy }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONTROLLER_CONFIG_MAP - value: {{ .Release.Name }}-{{ .Values.gatewayController.name }}-configmap diff --git a/charts/argo-events/templates/gateway-crd.yaml b/charts/argo-events/templates/gateway-crd.yaml deleted file mode 100644 index fd6e1d26..00000000 --- a/charts/argo-events/templates/gateway-crd.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.installCRD }} -# Define a "gateway" custom resource definition -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: gateways.argoproj.io -spec: - group: argoproj.io - names: - kind: Gateway - listKind: GatewayList - plural: gateways - singular: gateway - shortNames: - - gw - scope: Namespaced - version: "v1alpha1" -{{- end }} diff --git a/charts/argo-events/templates/sensor-controller-configmap.yaml b/charts/argo-events/templates/sensor-controller-configmap.yaml deleted file mode 100644 index 17735823..00000000 --- a/charts/argo-events/templates/sensor-controller-configmap.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-{{ .Values.sensorController.name }}-configmap - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - config: | - instanceID: {{ .Values.instanceID }} -{{- if .Values.singleNamespace }} - namespace: {{ .Values.namespace }} -{{- end }} diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 2dd9602e..24986d82 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -24,10 +24,14 @@ spec: - name: {{ .Values.sensorController.name }} image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag }}" imagePullPolicy: {{ .Values.imagePullPolicy }} + {{- if .Values.singleNamespace }} + args: + - --namespaced + {{- end }} env: - name: NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - - name: CONTROLLER_CONFIG_MAP - value: {{ .Release.Name }}-{{ .Values.sensorController.name }}-configmap + - name: SENSOR_IMAGE + value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag }}" diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 4ac26da1..59fa2209 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -42,11 +42,21 @@ singleNamespace: true sensorController: name: sensor-controller image: sensor-controller - tag: v0.14.0 + tag: v0.17.0 replicaCount: 1 + sensorImage: sensor -gatewayController: - name: gateway-controller - image: gateway-controller - tag: v0.14.0 +eventsourceController: + name: eventsource-controller + image: eventsource-controller + tag: v0.17.0 replicaCount: 1 + eventsourceImage: eventsource + +eventbusController: + name: eventbus-controller + image: eventbus-controller + tag: v0.17.0 + replicaCount: 1 + natsStreamingImage: nats-streaming:0.17.0 + natsMetricsExporterImage: synadia/prometheus-nats-exporter:0.6.2 diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 94fa7062..06d2e97b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.8.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.1 +version: 0.3.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 6a096131..90022412 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -35,6 +35,10 @@ $ helm install --name my-release argo/argo-rollouts | controller.image.repository | string | `"argoproj/argo-rollouts"` | | | controller.image.tag | string | `"v0.8.0"` | | | controller.name | string | `"argo-rollouts"` | | +| controller.resources | Resource limits and requests for the controller pods. | `{}` | +| controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | +| controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | +| controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | imagePullSecrets | list | `[]` | | | installCRDs | bool | `true` | | | podAnnotations | object | `{}` | | diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index 1fb1a2d2..595fe120 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -38,6 +38,20 @@ spec: volumeMounts: - name: tmp mountPath: /tmp + resources: + {{- toYaml .Values.controller.resources | nindent 10 }} + {{- if .Values.controller.nodeSelector }} + nodeSelector: + {{- toYaml .Values.controller.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.controller.tolerations }} + tolerations: + {{- toYaml .Values.controller.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.controller.affinity }} + affinity: + {{- toYaml .Values.controller.affinity | nindent 8 }} + {{- end }} volumes: - name: tmp emptyDir: {} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 18b7dff4..fcb2d198 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -5,11 +5,26 @@ clusterInstall: true controller: name: argo-rollouts component: rollouts-controller + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} image: repository: argoproj/argo-rollouts tag: v0.8.0 pullPolicy: IfNotPresent + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + + serviceAccount: name: argo-rollouts diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index f79367d2..de0c3833 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.9.5 +version: 0.9.8 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index 5f5ff726..52acbc79 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -63,6 +63,14 @@ spec: value: {{ .Values.server.baseHref | quote }} resources: {{- toYaml .Values.server.resources | nindent 12 }} + {{- with .Values.server.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12}} + {{- end }} + {{- with .Values.server.volumes }} + volumes: + {{- toYaml . | nindent 8}} + {{- end }} {{- with .Values.server.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index a5845681..5dde9ff3 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -25,8 +25,8 @@ data: env: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} + {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} artifactRepository: - {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} {{- end }} @@ -54,7 +54,7 @@ data: {{- if .Values.artifactRepository.s3.useSDKCreds }} useSDKCreds: {{ .Values.artifactRepository.s3.useSDKCreds }} {{- end }} - {{- end}} + {{- end}} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: {{ toYaml .Values.controller.metricsConfig | indent 6}}{{- end }} @@ -67,3 +67,6 @@ data: {{- if .Values.controller.workflowDefaults }} workflowDefaults: {{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} + {{- with .Values.server.sso }} + sso: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index a5492cb6..0dc5dd47 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -164,6 +164,10 @@ server: # Extra arguments to provide to the Argo server binary. extraArgs: [] + ## Additional volumes to the server main container. + volumeMounts: [] + volumes: [] + ## Ingress configuration. ## ref: https://kubernetes.io/docs/user-guide/ingress/ ## @@ -197,6 +201,23 @@ server: clusterWorkflowTemplates: # Give the server permissions to edit ClusterWorkflowTemplates. enableEditing: true + sso: + ## SSO configuration when SSO is specified as a server auth mode. + ## All the values are requied. SSO is activated by adding --auth-mode=sso + ## to the server command line. + # + ## The root URL of the OIDC identity provider. + # issuer: https://accounts.google.com + ## Name of a secret and a key in it to retrieve the app OIDC client ID from. + # clientId: + # name: argo-server-sso + # key: client-id + ## Name of a secret and a key in it to retrieve the app OIDC client secret from. + # clientSecret: + # name: argo-server-sso + # key: client-secret + ## The OIDC redirect URL. Should be in the form /oauth2/callback. + # redirectUrl: https://argo/oauth2/callback # Influences the creation of the ConfigMap for the workflow-controller itself. useDefaultArtifactRepo: false diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 02d935de..dff9b0ed 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 0.7.0 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.0.2 +version: 1.0.9 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/_helpers.tpl b/charts/argocd-notifications/templates/_helpers.tpl index bbe07b54..373c5495 100644 --- a/charts/argocd-notifications/templates/_helpers.tpl +++ b/charts/argocd-notifications/templates/_helpers.tpl @@ -43,6 +43,31 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end -}} +{{/* +Common metrics labels +*/}} +{{- define "argocd-notifications.metrics.labels" -}} +helm.sh/chart: {{ include "argocd-notifications.chart" . }} +{{ include "argocd-notifications.metrics.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + + +{{/* +Common slack bot labels +*/}} +{{- define "argocd-notifications.bots.slack.labels" -}} +helm.sh/chart: {{ include "argocd-notifications.chart" . }} +{{ include "argocd-notifications.bots.slack.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + {{/* Selector labels */}} @@ -51,6 +76,22 @@ app.kubernetes.io/name: {{ include "argocd-notifications.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} +{{/* +Selector metrics labels +*/}} +{{- define "argocd-notifications.metrics.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argocd-notifications.name" . }}-metrics +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Selector slack bot labels +*/}} +{{- define "argocd-notifications.bots.slack.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argocd-notifications.name" . }}-bot +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + {{/* Create the name of the service account to use */}} @@ -61,3 +102,14 @@ Create the name of the service account to use {{ default "default" .Values.serviceAccount.name }} {{- end -}} {{- end -}} + +{{/* +Create the name of the bot service account to use +*/}} +{{- define "argocd-notifications.bots.slack.serviceAccountName" -}} +{{- if .Values.bots.slack.serviceAccount.create -}} + {{ default (printf "%s-bot" (include "argocd-notifications.fullname" .)) .Values.bots.slack.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.bots.slack.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/argocd-notifications/templates/bots/slack/deployment.yaml b/charts/argocd-notifications/templates/bots/slack/deployment.yaml new file mode 100644 index 00000000..284d3c10 --- /dev/null +++ b/charts/argocd-notifications/templates/bots/slack/deployment.yaml @@ -0,0 +1,45 @@ +{{ if .Values.bots.slack.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "argocd-notifications.name" . }}-bot + labels: + {{- include "argocd-notifications.bots.slack.labels" . | nindent 4 }} +spec: + strategy: + {{- .Values.bots.slack.updateStrategy | toYaml | nindent 4 }} + selector: + matchLabels: + {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.bots.slack.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} + containers: + - name: {{ include "argocd-notifications.name" . }}-bot + image: "{{ .Values.bots.slack.image.repository }}:{{ .Values.bots.slack.image.tag }}" + imagePullPolicy: {{ .Values.bots.slack.image.pullPolicy }} + resources: + {{- toYaml .Values.bots.slack.resources | nindent 12 }} + command: + - /app/argocd-notifications + - bot + {{- with .Values.bots.slack.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.bots.slack.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.bots.slack.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{ end }} diff --git a/charts/argocd-notifications/templates/bots/slack/role.yaml b/charts/argocd-notifications/templates/bots/slack/role.yaml new file mode 100644 index 00000000..b509f6d4 --- /dev/null +++ b/charts/argocd-notifications/templates/bots/slack/role.yaml @@ -0,0 +1,27 @@ +{{ if .Values.bots.slack.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "argocd-notifications.name" . }}-bot +rules: +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch +{{ end }} diff --git a/charts/argocd-notifications/templates/bots/slack/rolebinding.yaml b/charts/argocd-notifications/templates/bots/slack/rolebinding.yaml new file mode 100644 index 00000000..6a87bb49 --- /dev/null +++ b/charts/argocd-notifications/templates/bots/slack/rolebinding.yaml @@ -0,0 +1,13 @@ +{{ if .Values.bots.slack.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "argocd-notifications.name" . }}-bot +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "argocd-notifications.name" . }}-bot +subjects: +- kind: ServiceAccount + name: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} +{{ end }} diff --git a/charts/argocd-notifications/templates/bots/slack/service.yaml b/charts/argocd-notifications/templates/bots/slack/service.yaml new file mode 100644 index 00000000..68881a36 --- /dev/null +++ b/charts/argocd-notifications/templates/bots/slack/service.yaml @@ -0,0 +1,19 @@ +{{ if .Values.bots.slack.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argocd-notifications.name" . }}-bot + {{- if .Values.bots.slack.service.annotations }} + annotations: + {{- toYaml .Values.bots.slack.service.annotations | nindent 4 }} + {{- end }} +spec: + ports: + - name: server + port: 80 + protocol: TCP + targetPort: 8080 + selector: + {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 4 }} + type: {{ .Values.bots.slack.service.type }} +{{ end }} diff --git a/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml b/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml new file mode 100644 index 00000000..badee60f --- /dev/null +++ b/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml @@ -0,0 +1,8 @@ +{{- if .Values.bots.slack.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} + labels: + {{- include "argocd-notifications.bots.slack.labels" . | nindent 4 }} +{{ end }} diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml index 14fd9f48..30f88629 100644 --- a/charts/argocd-notifications/templates/deployment.yaml +++ b/charts/argocd-notifications/templates/deployment.yaml @@ -22,13 +22,26 @@ spec: serviceAccountName: {{ include "argocd-notifications.serviceAccountName" . }} containers: - name: {{ include "argocd-notifications.name" . }}-controller - image: "{{ .Values.image.repository }}:{{ .Values.image.tag}}" + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} resources: {{- toYaml .Values.resources | nindent 12 }} command: - /app/argocd-notifications - controller + - --loglevel={{ .Values.logLevel }} + {{- if .Values.metrics.enabled }} + - --metrics-port={{ .Values.metrics.port }} + {{- end }} + {{- range .Values.extraArgs }} + - {{ . | squote }} + {{- end }} + ports: + {{- if .Values.metrics.enabled }} + - containerPort: {{ .Values.metrics.port }} + name: metrics + protocol: TCP + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argocd-notifications/templates/secret.yaml b/charts/argocd-notifications/templates/secret.yaml index 26612dfa..74c76992 100644 --- a/charts/argocd-notifications/templates/secret.yaml +++ b/charts/argocd-notifications/templates/secret.yaml @@ -12,5 +12,28 @@ stringData: slack: token: {{ .Values.secret.notifiers.slack.token }} username: {{ .Values.secret.notifiers.slack.username }} + icon: {{ .Values.secret.notifiers.slack.icon | quote }} + signingSecret: {{ .Values.secret.notifiers.slack.signingSecret }} +{{- end }} +{{- if .Values.secret.notifiers.grafana.enabled }} + grafana: + apiUrl: {{ .Values.secret.notifiers.grafana.apiUrl }} + apiKey: {{ .Values.secret.notifiers.grafana.apiKey }} +{{- end }} +{{- if .Values.secret.notifiers.webhooks }} + webhook: +{{- range $k, $v := .Values.secret.notifiers.webhooks }} + - name: {{ $k }} + {{- $v | toYaml | nindent 8 }} +{{- end }} +{{- end }} +{{- if .Values.secret.notifiers.email.enabled }} + email: + host: {{ .Values.secret.notifiers.email.host | quote }} + port: {{ .Values.secret.notifiers.email.port }} + insecure_skip_verify: {{ .Values.secret.notifiers.email.insecure_skip_verify }} + username: {{ .Values.secret.notifiers.email.username | quote }} + password: {{ .Values.secret.notifiers.email.password | quote }} + from: {{ .Values.secret.notifiers.email.from | quote }} {{- end }} {{ end }} diff --git a/charts/argocd-notifications/templates/service-metrics.yaml b/charts/argocd-notifications/templates/service-metrics.yaml new file mode 100644 index 00000000..5645a4d3 --- /dev/null +++ b/charts/argocd-notifications/templates/service-metrics.yaml @@ -0,0 +1,15 @@ +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argocd-notifications.name" . }}-metrics + labels: + {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} +spec: + selector: + {{- include "argocd-notifications.selectorLabels" . | nindent 4 }} + ports: + - name: metrics + port: {{ .Values.metrics.port }} + targetPort: {{ .Values.metrics.port }} +{{- end }} diff --git a/charts/argocd-notifications/templates/serviceaccount.yaml b/charts/argocd-notifications/templates/serviceaccount.yaml index 5181c5a4..591d13bd 100644 --- a/charts/argocd-notifications/templates/serviceaccount.yaml +++ b/charts/argocd-notifications/templates/serviceaccount.yaml @@ -1,6 +1,8 @@ +{{- if .Values.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argocd-notifications.serviceAccountName" . }} labels: {{- include "argocd-notifications.labels" . | nindent 4 }} +{{- end }} diff --git a/charts/argocd-notifications/templates/servicemonitor.yaml b/charts/argocd-notifications/templates/servicemonitor.yaml new file mode 100644 index 00000000..b04851f3 --- /dev/null +++ b/charts/argocd-notifications/templates/servicemonitor.yaml @@ -0,0 +1,30 @@ +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "argocd-notifications.name" . }}-metrics + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} + {{- if .Values.metrics.serviceMonitor.additionalLabels }} + {{- toYaml .Values.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + path: /metrics + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argocd-notifications.metrics.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index 993b75bb..4882d2fc 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -35,6 +35,71 @@ secret: token: # Optional override username username: + # Optional override icon + icon: + # Optional override signingSecret: https://argoproj-labs.github.io/argocd-notifications/recipients/slack-bot/ + signingSecret: + + grafana: + # For more information: https://argoproj-labs.github.io/argocd-notifications/services/grafana/ + + # Specifies whether Grafana notifier should be configured + enabled: false + # Grafana api endpoint; for example: https://grafana.example.com/api + apiUrl: + # Grafana api key + apiKey: + + webhooks: {} + # For more information: https://argoproj-labs.github.io/argocd-notifications/services/webhook/ + # mywebhook: + # url: http://example.com + # headers: + # - name: headerName + # value: headerValue + # basicAuth: + # username: username + # password: mypassword + # mywebhook2: + # url: http://example.com + # headers: + # - name: headerName + # value: headerValue + # basicAuth: + # username: username + # password: mypassword + + email: + # For more information: https://argoproj-labs.github.io/argocd-notifications/services/overview/ + + # Specifies whether email notifier should be configured + enabled: false + # SMTP endpoint + host: + # SMTP port + port: + # enable/disable check on TLS certificate + insecure_skip_verify: + # SMTP username + username: + # SMTP password + password: + # email address in from field + from: + +logLevel: info + +extraArgs: [] + +metrics: + enabled: false + port: 9001 + serviceMonitor: + enabled: false + additionalLabels: {} + # namespace: monitoring + # interval: 30s + # scrapeTimeout: 10s resources: {} # limits: @@ -125,3 +190,45 @@ triggers: # template: my-custom-template # # For more information: https://argoproj-labs.github.io/argocd-notifications/triggers_and_templates/ + +bots: + # For more information: https://argoproj-labs.github.io/argocd-notifications/recipients/bot/ + slack: + # You have to set secret.notifiers.slack.signingSecret + enabled: false + + updateStrategy: + type: Recreate + + image: + repository: argoprojlabs/argocd-notifications + tag: v0.7.0 + pullPolicy: IfNotPresent + + imagePullSecrets: [] + + service: + annotations: {} + type: LoadBalancer + + serviceAccount: + # Specifies whether a service account should be created + create: true + + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: argocd-notifications-bot + + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + affinity: {} + + tolerations: [] + + nodeSelector: {}