From 53edfb9fc5bf4888132b824da26044b38e403296 Mon Sep 17 00:00:00 2001 From: Maciej Strzelecki Date: Tue, 14 Apr 2020 23:15:17 +0200 Subject: [PATCH 1/3] feat: Add a load balancer IP to server's service (#306) * add loadBalancerIP to server's service * optimize condition --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/service.yaml | 7 ++++++- charts/argo-cd/values.yaml | 1 + 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cbad77a5..649c6ae1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.5.1" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.2.2 +version: 2.2.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 8c13a4e6..292bf94b 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -32,7 +32,12 @@ spec: selector: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} -{{- if and (eq .Values.server.service.type "LoadBalancer") .Values.server.service.loadBalancerSourceRanges }} +{{- if eq .Values.server.service.type "LoadBalancer" }} +{{- if .Values.server.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.server.service.loadBalancerIP | quote }} +{{- end }} +{{- if .Values.server.service.loadBalancerSourceRanges }} loadBalancerSourceranges: {{ toYaml .Values.server.service.loadBalancerSourceRanges | indent 4 }} +{{- end }} {{- end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cbe7326f..5719be9c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -404,6 +404,7 @@ server: type: ClusterIP servicePortHttp: 80 servicePortHttps: 443 + loadBalancerIP: "" loadBalancerSourceRanges: [] ## Server metrics service configuration From 0eb0730abb54f9cc45e94256855fb7e845fb7df3 Mon Sep 17 00:00:00 2001 From: LucasBoisserie Date: Thu, 16 Apr 2020 14:44:52 +0200 Subject: [PATCH 2/3] [argocd] add annotations for secret (#308) --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 6 ++++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 11 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 649c6ae1..0977943c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.5.1" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.2.3 +version: 2.2.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 44163122..52063bc9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -64,6 +64,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | installCRDs | bool | `true` | Install CRDs if you are using Helm2. | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | +| configs.secret.annotations | Annotations for argocd-secret | `{}` | | configs.secret.argocdServerAdminPassword | Admin password | `null` | | configs.secret.argocdServerAdminPasswordMtime | Admin password modification time | `date "2006-01-02T15:04:05Z" now` if configs.secret.argocdServerAdminPassword is set | | configs.secret.bitbucketSecret | BitBucket incoming webhook secret | `""` | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index ad8da483..efb80358 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -10,6 +10,12 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.configs.secret.annotations }} + annotations: + {{- range $key, $value := .Values.configs.secret.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} type: Opaque {{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }} # Setting a blank data again will wipe admin password/key/cert diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5719be9c..fe6f7e9d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -779,6 +779,9 @@ configs: # -----END RSA PRIVATE KEY----- secret: createSecret: true + ## Annotations to be added to argocd-secret + ## + annotations: {} # Webhook Configs githubSecret: "" From 02e0da50d41e13b66a7e65fbaefbd76383ab834a Mon Sep 17 00:00:00 2001 From: Ryota Date: Thu, 16 Apr 2020 18:20:32 +0100 Subject: [PATCH 3/3] fix: Upgrade Argo CD with v1.5.2 for security patch (#309) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0977943c..7ffa0ea4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "1.5.1" +appVersion: "1.5.2" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.2.4 +version: 2.2.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 52063bc9..5d0221af 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -47,7 +47,7 @@ $ helm install --name my-release argo/argo-cd ### Helm v3 Compatability -Requires chart version 1.5.1 or newer. +Requires chart version 1.5.2 or newer. Helm v3 has removed the `install-crds` hook so CRDs are now populated by files in the [crds](./crds) directory. Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistant webhooks. @@ -57,7 +57,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.5.1"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.5.2"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fe6f7e9d..37845070 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.5.1 + tag: v1.5.2 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -28,7 +28,7 @@ controller: image: repository: # argoproj/argocd - tag: # v1.5.1 + tag: # v1.5.2 imagePullPolicy: # IfNotPresent ## Argo controller commandline flags @@ -319,7 +319,7 @@ server: image: repository: # argoproj/argocd - tag: # v1.5.1 + tag: # v1.5.2 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server @@ -576,7 +576,7 @@ repoServer: image: repository: # argoproj/argocd - tag: # v1.5.1 + tag: # v1.5.2 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server