Merge branch 'master' into includ-crd-fix-issue-137

.circleci/chart-testing.yaml

@@ -0,0 +1,2 @@
+chart-repos:
+  - argo=https://argoproj.github.io/argo-helm

.circleci/config.yml

@@ -0,0 +1,38 @@
+version: 2.1
+jobs:
+  lint:
+    docker:
+      - image: gcr.io/kubernetes-charts-ci/test-image:v3.0.1
+    steps:
+      - checkout
+      - run: ct lint --config .circleci/chart-testing.yaml --lint-conf .circleci/lintconf.yaml
+  # Technically this only needs to be run on master, but it's good to have it run on every PR
+  # so that it is regularly tested.
+  publish:
+    docker:
+      # We just need an image with `helm` on it. Handily we know of one already.
+      - image: gcr.io/kubernetes-charts-ci/test-image:v3.0.1
+    steps:
+      # install the additional keys needed to push to Github. Alex Collins owns these keys.
+      - add_ssh_keys
+      - run: git config --global user.email "nobody@circleci.com"
+      - run: git config --global user.name "Circle CI Build"
+      - checkout
+      - run: helm init --client-only
+      # Only actually publish charts on master.
+      - run: |
+          set -x
+          if [ "$CIRCLE_BRANCH" = "master" ]; then
+            export GIT_PUSH=true
+          else 
+            export GIT_PUSH=false
+          fi
+          sh ./scripts/publish.sh
+workflows:
+  version: 2
+  workflow:
+    jobs:
+      - lint
+      - publish:
+          requires:
+            - lint

.circleci/lintconf.yaml

@@ -0,0 +1,42 @@
+---
+rules:
+  braces:
+    min-spaces-inside: 0
+    max-spaces-inside: 0
+    min-spaces-inside-empty: -1
+    max-spaces-inside-empty: -1
+  brackets:
+    min-spaces-inside: 0
+    max-spaces-inside: 0
+    min-spaces-inside-empty: -1
+    max-spaces-inside-empty: -1
+  colons:
+    max-spaces-before: 0
+    max-spaces-after: 1
+  commas:
+    max-spaces-before: 0
+    min-spaces-after: 1
+    max-spaces-after: 1
+  comments:
+    require-starting-space: true
+    min-spaces-from-content: 1
+  document-end: disable
+  document-start: disable # No --- to start a file
+  empty-lines:
+    max: 2
+    max-start: 0
+    max-end: 0
+  hyphens:
+    max-spaces-after: 1
+  indentation:
+    spaces: consistent
+    indent-sequences: whatever # - list indentation will handle both indentation and without
+    check-multi-line-strings: false
+  key-duplicates: enable
+  line-length: disable # Lines can be any length
+  new-line-at-end-of-file: enable
+  new-lines:
+    type: unix
+  trailing-spaces: enable
+  truthy:
+    level: warning

.github/pull_request_template.md

@@ -3,4 +3,7 @@ Checklist:
 * [ ] I have update the chart version in `Chart.yaml` following Semantic Versioning.
 * [ ] Any new values are backwards compatible and/or have sensible default.
 * [ ] I have followed the testing instructions in the [contributing guide](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md).
-* [ ] I have signed the CLA.
+* [ ] I have signed the CLA and the build is green.
+* [ ] I will test my changes again once merged to master and published.
+
+Changes are automatically published when merged to `master`. They are not published on branches.

.gitignore

@@ -1,4 +1,4 @@
 output
 .vscode
 .DS_Store
-/*.tgz
+*.tgz

CODEOWNERS

@@ -0,0 +1,10 @@
+# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
+
+# Argo CD
+/charts/argo-cd @seanson
+
+# Argo Events
+/charts/argo-events @jbehling
+
+# Argo Workflows
+/charts/argo @benjaminws

CONTRIBUTING.md

@@ -26,13 +26,13 @@ Minimally:
 
 ```
 helm install charts/argo-cd --namespace argocd -n argo-cd
-kubectl port-forward svc/argocd-server -n argocd 8080:443
+kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443
 ```
 
 In a new terminal:
 
 ```
-argocd version
+argocd version --server localhost:8080 --insecure
 # reset password to 'Password1!'
 kubectl -n argocd patch secret argocd-secret \
   -p '{"stringData": {
@@ -40,6 +40,8 @@ kubectl -n argocd patch secret argocd-secret \
     "admin.passwordMtime": "'$(date +%FT%T%Z)'"
   }}'
 argocd login localhost:8080 --username admin --password 'Password1!'
+
+# WARNING: server certificate had error: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y
 ```
 
 Create and sync app:
@@ -49,9 +51,36 @@ argocd app create guestbook --dest-namespace default --dest-server https://kuber
 argocd app sync guestbook
 ```
 
+## New Application Versions
+
+When raising application versions ensure you make the following changes:
+
+- `values.yaml`: Bump all instances of the container image version
+- `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version`
+
+Please ensure chart version changes adhere to semantic versioning standards:
+
+- Patch: App version patch updates, backwards compatible optional chart features
+- Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes
+- Major: Large chart rewrites, major non-backwards compatible or destructive changes
+
+## Testing Charts
+
+As part of the Continous Intergration system we run Helm's [Chart Testing](https://github.com/helm/chart-testing) tool.
+
+The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames.
+
+Linting configuration can be found in [lintconf.yaml](.circleci/lintconf.yaml)
+
+The linting can be invoked manually with the following command:
+
+```
+./scripts/lint.sh
+```
+
 ## Publishing Changes
 
-To push changes use following script:
+Changes are automatically publish whenever a commit is merged to master. The CI job (see `.circleci/config.yaml`) runs this:
 
 ```
 GIT_PUSH=true ./scripts/publish.sh

charts/argo-cd/.helmignore

@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj

charts/argo-cd/Chart.yaml

@@ -1,6 +1,16 @@
 apiVersion: v1
-appVersion: "1.2.3"
+appVersion: "1.2.4"
-description: A Helm chart for Argo-CD
+description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 0.7.1
+version: 1.0.7
+home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
+keywords:
+  - argoproj
+  - argocd
+  - gitops
+maintainers:
+  - name: alexec
+  - name: alexmt
+  - name: jessesuen
+  - name: seanson

charts/argo-cd/README.md

@@ -1,5 +1,12 @@
-# Argo CD Chart
+Argo CD Chart
+======
+A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 
+Current chart version is `1.0.4`
+
+Source code can be found [here](https://argoproj.github.io/argo-cd/)
+
+## Additional Information
 This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes.
 
 The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases).
@@ -19,73 +26,203 @@ $ helm repo add argo https://argoproj.github.io/argo-helm
 $ helm install --name my-release argo/argo-cd
 ```
 
+
 ## Chart Values
 
+| Parameter | Description | Default |
+|-----|------|---------|
+| global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` |
+| global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` |
+| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.2.3"` |
+| nameOverride | Provide a name in place of `argocd` | `"argocd"` |
+| configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) |
+| configs.secret.bitbucketSecret | BitBucket incoming webhook secret | `""` |
+| configs.secret.createSecret | Create the argocd-secret. | `true` |
+| configs.secret.githubSecret | GitHub incoming webhook secret | `""` |
+| configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` |
+| configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) |
+
+## ArgoCD Controller
+
 | Key | Type | Default | Description |
-| -------------------------------------- | ------ | ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+|-----|------|---------|-------------|
-| applicationController.containerPort    | int    | `8082`                 | Container port for application controller server and metrics                                                                                                                                                                                                                  |
+| controller.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
-| applicationController.image.pullPolicy | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| controller.args.operationProcessors | define the controller `--operation-processors` | `"10"` |
-| applicationController.image.repository | string | `"argoproj/argocd"`    | Docker image repo                                                                                                                                                                                                                                                             |
+| controller.args.statusProcessors | define the controller `--status-processors` | `"20"` |
-| applicationController.image.tag        | string | `"v1.2.3"`             | Docker image tag                                                                                                                                                                                                                                                              |
+| controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` |
-| applicationController.servicePort      | int    | `8082`                 | Service port for applicaiton controller server                                                                                                                                                                                                                                |
+| controller.containerPort | Controller listening port. | `8082` |
-| applicationController.volumeMounts     | list   | `[]`                   | Additional volume mounts                                                                                                                                                                                                                                                      |
+| controller.extraArgs | Additional arguments for the controller. | `[]` |
-| applicationController.volumes          | list   | `[]`                   | Additional volumes                                                                                                                                                                                                                                                            |
+| controller.image.repository | Repository to use for the controller | `global.image.repository` |
-| certificate.enabled                    | bool   | `false`                | Enable certificate (requires cert-manager)                                                                                                                                                                                                                                    |
+| controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` |
-| clusterAdminAccess.enabled             | bool   | `true`                 | Standard Argo CD installation with cluster-admin access. Set this true if you plan to use Argo CD to deploy applications in the same cluster that Argo CD runs in (i.e. kubernetes.svc.default). Will still be able to deploy to external clusters with inputted credentials. |
+| controller.image.tag | Tag to use for the controller | `global.image.tag` |
-| config.configManagementPlugins         | string | `nil`                  | List of custom config management plugins, see [values.yaml](./values.yaml) for format                                                                                                                                                                                         |
+| controller.livenessProbe.failureThreshold | int | `3` |
-| config.createSecret                    | bool   | `true`                 | Creates the argocd-secret secret, set to false to manage externally                                                                                                                                                                                                           |
+| controller.livenessProbe.initialDelaySeconds | int | `10` |
-| config.dexConfig                       | string | `nil`                  | Configuration for external auth and URL, see [values.yaml](./values.yaml) for format                                                                                                                                                                                          |
+| controller.livenessProbe.periodSeconds | int | `10` |
-| config.helmRepositories                | string | `nil`                  | Configuration for external Helm charts, see [values.yaml](./values.yaml) for format                                                                                                                                                                                           |
+| controller.livenessProbe.successThreshold | int | `1` |
-| config.oidcConfig                      | string | `nil`                  | Configuration for OpenID connect, see [values.yaml](./values.yaml) for format                                                                                                                                                                                                 |
+| controller.livenessProbe.timeoutSeconds | int | `1` |
-| config.repositories                    | string | `nil`                  | Configuration for remote Git repositories for Applications, see [values.yaml](./values.yaml) for format                                                                                                                                                                       |
+| controller.logLevel | Controller log level | `"info"` |
-| config.resourceCustomizations          | string | `nil`                  | resourceCustomizations can be used to create custom health checks for resources [https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/health.md#way-1-define-a-custom-health-check-in-argocd-cm-configmap]                                                    |
+| controller.metrics.enabled | Deploy metrics service | `false` |
-| config.url                             | string | `nil`                  | External URL for ArgoCD                                                                                                                                                                                                                                                       |
+| controller.metrics.service.annotations | Metrics service annotations | `{}` |
-| config.instanceLabelKey                | string | `nil`                  | Custom instance label key                                                                                                                                                                                                                                                     |
+| controller.metrics.service.labels | Metrics service labels | `{}` |
-| config.webhook.bitbucketSecret         | string | `nil`                  | BitBucket incoming webhook secret                                                                                                                                                                                                                                             |
+| controller.metrics.service.servicePort | Metrics service port | `8082` |
-| config.webhook.githubSecret            | string | `nil`                  | GitHub incoming webhook secret                                                                                                                                                                                                                                                |
+| controller.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
-| config.webhook.gitlabSecret            | string | `nil`                  | GitLab incoming webhook secret                                                                                                                                                                                                                                                |
+| controller.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
-| dexServer.containerPortGrpc            | int    | `5557`                 | Container port for Dex Server GRPC                                                                                                                                                                                                                                            |
+| controller.name | Controller name string. | `"application-controller"` |
-| dexServer.containerPortHttp            | int    | `5556`                 | Container port for Dex Server HTTP                                                                                                                                                                                                                                            |
+| controller.nodeSelector | controller node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
-| dexServer.image.pullPolicy             | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| controller.podAnnotations | Annotations for the controller pods | `{}` |
-| dexServer.image.repository             | string | `"quay.io/dexidp/dex"` | Docker image repo                                                                                                                                                                                                                                                             |
+| controller.podLabels | Labels for the controller pods | `{}` |
-| dexServer.image.tag                    | string | `"v2.12.0"`            | Docker image tag                                                                                                                                                                                                                                                              |
+| controller.priorityClassName | Priority class for the controller pods | `""` |
-| dexServer.initImage.pullPolicy         | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| controller.readinessProbe.failureThreshold | int | `3` |
-| dexServer.initImage.repository         | string | `"argoproj/argocd"`    | Docker image repo                                                                                                                                                                                                                                                             |
+| controller.readinessProbe.initialDelaySeconds | int | `10` |
-| dexServer.initImage.tag                | string | `"v1.2.0"`             | Docker image tag                                                                                                                                                                                                                                                              |
+| controller.readinessProbe.periodSeconds | int | `10` |
-| dexServer.servicePortGrpc              | int    | `5557`                 | Service port for Dex Server GRPC                                                                                                                                                                                                                                              |
+| controller.readinessProbe.successThreshold | int | `1` |
-| dexServer.servicePortHttp              | int    | `5556`                 | Service port for Dex Server GRPC                                                                                                                                                                                                                                              |
+| controller.readinessProbe.timeoutSeconds | int | `1` |
-| dexServer.volumeMounts                 | list   | `[]`                   | Additional volume mounts                                                                                                                                                                                                                                                      |
+| controller.resources | Resource limits and requests for the controller pods. | `{}` |
-| dexServer.volumes                      | list   | `[]`                   | Additional volumes                                                                                                                                                                                                                                                            |
+| controller.service.annotations | Controller service annotations. | `{}` |
-| ingress.additionalHosts                | list   | `[]`                   | Ingress additional hosts                                                                                                                                                                                                                                                      |
+| controller.service.labels | Controller service labels. | `{}` |
-| ingress.annotations                    | object | `{}`                   | Annotations for ingress object, set `nginx.ingress.kubernetes.io/force-ssl-redirect: "true"` and `nginx.ingress.kubernetes.io/ssl-passthrough: "true"` if serving GRPC and HTTPS on the same ingress                                                                          |
+| controller.service.port | Controller service port. | `8082` |
-| ingress.enabled                        | bool   | `false`                | Enable ingress                                                                                                                                                                                                                                                                |
+| controller.serviceAccount.create | Create a service account for the controller | `true` |
-| ingress.tls                            | object | `{}`                   | Ingress TLS configuration                                                                                                                                                                                                                                                     |
+| controller.serviceAccount.name | Service account name. | `"argocd-application-controller"` |
-| rbac.policyCsv                         | string | `nil`                  | RBAC policy in CSV, see [values.yaml](./values.yaml) for format                                                                                                                                                                                                               |
+| controller.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` |
-| rbac.policyDefault                     | string | `nil`                  | The default role Argo CD will fall back to, when authorizing API requests, ie: `role:readonly`                                                                                                                                                                                |
+| controller.volumeMounts | Controller volume mounts | `[]` |
-| rbac.scopes                            | string | `nil`                  | Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). ie: `[groups]`                                                                                                                                                             |
+| controller.volumes | Controller volumes | `[]` |
-| redis.containerPort                    | int    | `6379`                 | Container port for Redis                                                                                                                                                                                                                                                      |
+
-| redis.image.pullPolicy                 | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+## Argo Repo Server
-| redis.image.repository                 | string | `"redis"`              | Docker image repo                                                                                                                                                                                                                                                             |
+
-| redis.image.tag                        | string | `"5.0.3"`              | Docker image tag                                                                                                                                                                                                                                                              |
+| Key | Type | Default | Description |
-| redis.servicePort                      | int    | `6379`                 | Service port for Redis                                                                                                                                                                                                                                                        |
+|-----|------|---------|-------------|
-| repoServer.containerPort               | int    | `8081`                 | Container port for repo server                                                                                                                                                                                                                                                |
+| repoServer.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
-| repoServer.image.pullPolicy            | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| repoServer.containerPort | Repo server port | `8081` |
-| repoServer.image.repository            | string | `"argoproj/argocd"`    | Docker image repo                                                                                                                                                                                                                                                             |
+| repoServer.extraArgs | Additional arguments for the repo server | `[]` |
-| repoServer.image.tag                   | string | `"v1.2.0"`             | Docker image tag                                                                                                                                                                                                                                                              |
+| repoServer.image.repository | Repository to use for the repo server | `global.image.repository` |
-| repoServer.servicePort                 | int    | `8081`                 | Service port for repo server                                                                                                                                                                                                                                                  |
+| repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` |
-| repoServer.volumeMounts                | list   | `[]`                   | Additional volume mounts                                                                                                                                                                                                                                                      |
+| repoServer.image.tag | Tag to use for the repo server | `global.image.tag` |
-| repoServer.volumes                     | list   | `[]`                   | Additional volumes                                                                                                                                                                                                                                                            |
+| repoServer.livenessProbe.failureThreshold | int | `3` |
-| repoServer.initContainers              | list   | `[]`                   | Initialisation containers, see [values.yaml](./values.yaml) for syntax for Helm v2.12.3                                                                                                                                                                                       |
+| repoServer.livenessProbe.initialDelaySeconds | int | `10` |
-| repoServer.imagePullSecrets            | list   | `[]`                   | List of image pull secrets, see [values.yaml](./values.yaml) for syntax for a secret called "docker-auth-secret"                                                                                                                                                              |
+| repoServer.livenessProbe.periodSeconds | int | `10` |
-| server.annotations                     | object | `{}`                   | Annotations for the server deployment                                                                                                                                                                                                                                         |
+| repoServer.livenessProbe.successThreshold | int | `1` |
-| server.containerPort                   | int    | `8080`                 | Container port for server                                                                                                                                                                                                                                                     |
+| repoServer.livenessProbe.timeoutSeconds | int | `1` |
-| server.extraArgs                       | list   | `[]`                   | Add additional arguments                                                                                                                                                                                                                                                      |
+| repoServer.logLevel | Log level | `"info"` |
-| server.image.pullPolicy                | string | `"Always"`             | Docker image pull policy                                                                                                                                                                                                                                                      |
+| repoServer.metrics.enabled | Deploy metrics service | `false` |
-| server.image.repository                | string | `"argoproj/argocd"`    | Docker image repo                                                                                                                                                                                                                                                             |
+| repoServer.metrics.service.annotations | Metrics service annotations | `{}` |
-| server.image.tag                       | string | `"v1.2.0"`             | Docker image tag                                                                                                                                                                                                                                                              |
+| repoServer.metrics.service.labels | Metrics service labels | `{}` |
-| server.metricsPort                     | int    | `8083`                 | Container port for server metrics                                                                                                                                                                                                                                             |
+| repoServer.metrics.service.servicePort | Metrics service port | `8082` |
-| server.serviceAnnotations              | object | `{}`                   | Annotations for server service                                                                                                                                                                                                                                                |
+| repoServer.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
-| server.servicePortHttp                 | int    | `80`                   | HTTP Container port for server                                                                                                                                                                                                                                                |
+| repoServer.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
-| server.servicePortHttps                | int    | `443`                  | HTTPS Container port for server                                                                                                                                                                                                                                               |
+| repoServer.name | Repo server name | `"repo-server"` |
-| server.volumeMounts                    | list   | `[]`                   | Additional volume mounts, see [values.yaml](./values.yaml) for syntax for SSH known hosts                                                                                                                                                                                     |
+| repoServer.nodeSelector | controller node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
-| server.volumes                         | list   | `[]`                   | Additional volumes, see [values.yaml](./values.yaml) for syntax for SSH known hosts                                                                                                                                                                                           |
+| repoServer.podAnnotations | Annotations for the repo server pods | `{}` |
+| repoServer.podLabels | Labels for the repo server pods | `{}` |
+| repoServer.priorityClassName | Priority class for the repo server | `""` |
+| repoServer.readinessProbe.failureThreshold | int | `3` |
+| repoServer.readinessProbe.initialDelaySeconds | int | `10` |
+| repoServer.readinessProbe.periodSeconds | int | `10` |
+| repoServer.readinessProbe.successThreshold | int | `1` |
+| repoServer.readinessProbe.timeoutSeconds | int | `1` |
+| repoServer.resources | Resource limits and requests for the repo server pods. | `{}` |
+| repoServer.service.annotations | Repo server service annotations. | `{}` |
+| repoServer.service.labels | Repo server service labels. | `{}` |
+| repoServer.service.port | Repo server service port. | `8081` |
+| repoServer.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` |
+| repoServer.volumeMounts | Repo server volume mounts | `[]` |
+| repoServer.volumes | Repo server volumes | `[]` |
+
+## Argo Server
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| server.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
+| server.certificate.additionalHosts | Certificate manager additional hosts | `[]` |
+| server.certificate.domain | Certificate manager domain | `"argocd.example.com"` |
+| server.certificate.enabled | Enables a certificate manager certificate. | `false` |
+| server.certificate.issuer | Certificate manager issuer | `{}` |
+| server.config | URL for Argo CD | `{}` |
+| server.containerPort | Server container port. | `8080` |
+| server.extraArgs | Additional arguments for the server | `[]` |
+| server.image.repository | Repository to use for the server | `global.image.repository` |
+| server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` |
+| server.image.tag | Tag to use for the repo server | `global.image.tag` |
+| server.ingress.annotations | Additional ingress annotations | `{}` |
+| server.ingress.enabled | Enable an ingress resource for the server | `false` |
+| server.ingress.hosts | List of ingress hosts | `[]` |
+| server.ingress.labels | Additional ingress labels. | `{}` |
+| server.ingress.tls | Ingress TLS configuration. | `[]` |
+| server.route.enabled | Enable a OpenShift route for the server | `false` |
+| server.route.hostname | Hostname of OpenShift route | `""` |
+| server.livenessProbe.failureThreshold | int | `3` |
+| server.livenessProbe.initialDelaySeconds | int | `10` |
+| server.livenessProbe.periodSeconds | int | `10` |
+| server.livenessProbe.successThreshold | int | `1` |
+| server.livenessProbe.timeoutSeconds | int | `1` |
+| server.logLevel | Log level | `"info"` |
+| server.metrics.enabled | Deploy metrics service | `false` |
+| server.metrics.service.annotations | Metrics service annotations | `{}` |
+| server.metrics.service.labels | Metrics service labels | `{}` |
+| server.metrics.service.servicePort | Metrics service port | `8082` |
+| server.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
+| server.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
+| server.name | Argo CD server name | `"server"` |
+| server.nodeSelector | controller node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
+| server.podAnnotations | Annotations for the repo server pods | `{}` |
+| server.podLabels | Labels for the repo server pods | `{}` |
+| server.priorityClassName | Priority class for the repo server | `""` |
+| server.rbacConfig | Argo CD RBAC policy https://argoproj.github.io/argo-cd/operator-manual/rbac/ | `See [values.yaml](values.yaml)` |
+| server.readinessProbe.failureThreshold | int | `3` |
+| server.readinessProbe.initialDelaySeconds | int | `10` |
+| server.readinessProbe.periodSeconds | int | `10` |
+| server.readinessProbe.successThreshold | int | `1` |
+| server.readinessProbe.timeoutSeconds | int | `1` |
+| server.resources | Resource limits and requests for the server | `{}` |
+| server.service.annotations | Server service annotations | `{}` |
+| server.service.labels | Server service labels | `{}` |
+| server.service.servicePortHttp | Server service http port | `80` |
+| server.service.servicePortHttps | Server service https port | `443` |
+| server.service.type | Server service type | `"ClusterIP"` |
+| server.serviceAccount.create | Create server service account | `true` |
+| server.serviceAccount.name | Server service account name | `"argocd-server"` |
+| server.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` |
+| server.volumeMounts | Server volume mounts | `[]` |
+| server.volumes | Server volumes | `[]` |
+
+## Dex
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| dex.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
+| dex.containerPortGrpc | GRPC container port | `5557` |
+| dex.containerPortHttp | HTTP container port | `5556` |
+| dex.enabled | Enable dex | `true` |
+| dex.image.imagePullPolicy | Dex imagePullPolicy | `"IfNotPresent"` |
+| dex.image.repository | Dex image repository | `"quay.io/dexidp/dex"` |
+| dex.image.tag | Dex image tag | `"v2.14.0"` |
+| dex.initImage.repository | Argo CD init image repository. | `global.image.repository` |
+| dex.initImage.imagePullPolicy | Argo CD init image imagePullPolicy | `global.image.imagePullPolicy` |
+| dex.initImage.tag | Argo CD init image tag | `global.image.tag` |
+| dex.name | Dex name | `"dex-server"` |
+| dex.nodeSelector | Dex node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
+| dex.priorityClassName | Priority class for dex | `""` |
+| dex.resources | Resource limits and requests for dex | `{}` |
+| dex.serviceAccount.create | Create dex service account | `true` |
+| dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` |
+| dex.servicePortGrpc | Server GRPC port | `5557` |
+| dex.servicePortHttp | Server HTTP port | `5556` |
+| dex.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` |
+| dex.volumeMounts | Dex volume mounts | `"/shared"` |
+| dex.volumes | Dex volumes | `{}` |
+
+## Redis
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| redis.affinity | Assign custom affinity rules to the deployment https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` |
+| redis.containerPort | Redis container port | `6379` |
+| redis.enabled | Enable redis | `false` |
+| redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` |
+| redis.image.repository | Redis repository | `"redis"` |
+| redis.image.tag | Redis tag | `"5.0.3"` |
+| redis.name | Redis name | `"redis"` |
+| redis.nodeSelector | Redis node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` |
+| redis.priorityClassName | Priority class for redis | `""` |
+| redis.resources | Resource limits and requests for redis | `{}` |
+| redis.servicePort | Redis service port | `6379` |
+| redis.tolerations | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` |

charts/argo-cd/templates/NOTES.txt

@@ -1,13 +1,15 @@
 In order to access the server UI you have the following options:
 
-1. kubectl port-forward svc/argocd-server -n argocd 8080:443
+1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443
 
     and then open the browser on http://localhost:8080 and accept the certificate
 
-2. enable ingress and check the first option ssl passthrough:
+2. enable ingress in the values file `service.ingress.enabled` and either
-    https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough
+      - Add the annotation for ssl passthrough: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough
+      - Add the `insecure: ""` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts
+
 
 After reaching the UI the first time you can login with username: admin and the password will be the
 name of the server pod. You can get the pod name by running:
 
-kubectl get pods -n argocd -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2
+kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2

charts/argo-cd/templates/_helpers.tpl

@@ -24,6 +24,74 @@ If release name contains chart name it will be used as a full name.
 {{- end -}}
 {{- end -}}
 
+{{/*
+Create controller name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.controller.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create dex name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.dex.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.dex.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create redis name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.redis.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.redis.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create argocd server name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.server.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create argocd repo-server name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.repoServer.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create the name of the controller service account to use
+*/}}
+{{- define "argo-cd.controllerServiceAccountName" -}}
+{{- if .Values.controller.serviceAccount.create -}}
+    {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.controller.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the dex service account to use
+*/}}
+{{- define "argo-cd.dexServiceAccountName" -}}
+{{- if .Values.dex.serviceAccount.create -}}
+    {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.dex.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the ArgoCD server service account to use
+*/}}
+{{- define "argo-cd.serverServiceAccountName" -}}
+{{- if .Values.server.serviceAccount.create -}}
+    {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.server.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Create chart name and version as used by the chart label.
 */}}

charts/argo-cd/templates/argocd-application-controller-clusterrolebinding.yaml

@@ -1,21 +0,0 @@
-{{- if .Values.clusterAdminAccess.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: argocd-application-controller
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: argocd-application-controller
-subjects:
-- kind: ServiceAccount
-  name: argocd-application-controller
-  namespace: {{ .Release.Namespace }}
-{{- end -}}

charts/argo-cd/templates/argocd-application-controller-deployment.yaml

@@ -1,51 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-application-controller
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: application-controller
-    spec:
-      containers:
-      - command:
-        - argocd-application-controller
-        - --status-processors
-        - "20"
-        - --operation-processors
-        - "10"
-        image: {{ .Values.applicationController.image.repository }}:{{ .Values.applicationController.image.tag }}
-        imagePullPolicy: {{ .Values.applicationController.image.pullPolicy }}
-        name: argocd-application-controller
-        ports:
-        - containerPort: {{ .Values.applicationController.containerPort }}
-        readinessProbe:
-          tcpSocket:
-            port: {{ .Values.applicationController.containerPort }}
-          initialDelaySeconds: 5
-          periodSeconds: 10
-        volumeMounts:
-        {{- if .Values.applicationController.volumeMounts }}
-        {{ toYaml .Values.applicationController.volumeMounts | nindent 8 | trim }}
-        {{- end }}
-      serviceAccountName: argocd-application-controller
-      volumes:
-      {{- if .Values.applicationController.volumes }}
-      {{ toYaml .Values.applicationController.volumes | nindent 6 | trim }}
-      {{- end }}

charts/argo-cd/templates/argocd-application-controller-metrics-service.yaml

@@ -1,19 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
-  name: argocd-metrics
-spec:
-  ports:
-  - name: metrics
-    protocol: TCP
-    port: {{ .Values.applicationController.servicePort }}
-    targetPort: {{ .Values.applicationController.containerPort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller

charts/argo-cd/templates/argocd-application-controller-rolebinding.yaml

@@ -1,18 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: argocd-application-controller
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: argocd-application-controller
-subjects:
-- kind: ServiceAccount
-  name: argocd-application-controller

charts/argo-cd/templates/argocd-application-controller-sa.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: argocd-application-controller
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller

charts/argo-cd/templates/argocd-application-controller-service.yaml

@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: argocd-application-controller
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: application-controller
-spec:
-  ports:
-  - port: {{ .Values.applicationController.servicePort }}
-    targetPort: {{ .Values.applicationController.containerPort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller

charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml

@@ -1,15 +1,15 @@
-{{- if .Values.clusterAdminAccess.enabled }}
+{{- if .Values.controller.clusterAdminAccess.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: argocd-application-controller
+  name: {{ template "argo-cd.controller.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: application-controller
+    app.kubernetes.io/component: {{ .Values.controller.name }}
 rules:
 - apiGroups:
   - '*'

charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml

@@ -0,0 +1,21 @@
+{{- if .Values.controller.clusterAdminAccess.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "argo-cd.controller.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "argo-cd.controller.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "argo-cd.controllerServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end }}

charts/argo-cd/templates/argocd-application-controller/deployment.yaml

@@ -0,0 +1,106 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.controller.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  revisionHistoryLimit: 5
+  replicas: 1
+  template:
+    metadata:
+      {{- if .Values.controller.podAnnotations }}
+      annotations:
+      {{- range $key, $value := .Values.controller.podAnnotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: argocd
+        app.kubernetes.io/component: {{ .Values.controller.name }}
+        {{- if .Values.controller.podLabels }}
+{{- toYaml .Values.controller.podLabels | nindent 8 }}
+        {{- end }}
+    spec:
+      containers:
+      - command:
+        - argocd-application-controller
+        - --status-processors
+        - {{ .Values.controller.args.statusProcessors | quote }}
+        - --operation-processors
+        - {{ .Values.controller.args.operationProcessors | quote }}
+        - --repo-server
+        - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
+        - --loglevel
+        - {{ .Values.controller.logLevel }}
+        {{- if .Values.redis.enabled }}
+        - --redis
+        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
+        {{- end }}
+        {{- range $key, $value := .Values.controller.extraArgs }}
+          {{- if $value }}
+        - --{{ $key }}={{ $value }}
+          {{- else }}
+        - --{{ $key }}
+          {{- end }}
+        {{- end }}
+        image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default .Values.global.image.tag .Values.controller.image.tag }}
+        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }}
+        name: {{ .Values.controller.name }}
+        ports:
+        - name: controller
+          containerPort: {{ .Values.controller.containerPort }}
+          protocol: TCP
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: {{ .Values.controller.containerPort }}
+          initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.controller.livenessProbe.successThreshold }}
+          failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }}
+        readinessProbe:
+          tcpSocket:
+            port: {{ .Values.controller.containerPort }}
+          initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.controller.readinessProbe.successThreshold }}
+          failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }}
+{{- if .Values.controller.volumeMounts }}
+        volumeMounts:
+{{- toYaml .Values.controller.volumeMounts | nindent 10}}
+{{- end }}
+        resources:
+{{- toYaml .Values.controller.resources | nindent 10 }}
+    {{- if .Values.controller.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.controller.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.controller.tolerations }}
+      tolerations:
+{{- toYaml .Values.controller.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.controller.affinity }}
+      affinity:
+{{- toYaml .Values.controller.affinity | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }}
+{{- if .Values.controller.volumes }}
+      volumes:
+{{- toYaml .Values.controller.volumes | nindent 8 }}
+{{- end }}

charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml

@@ -0,0 +1,31 @@
+{{- if .Values.controller.metrics.enabled}}
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.controller.metrics.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.controller.metrics.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+{{- if .Values.controller.metrics.service.labels }}
+{{- toYaml .Values.controller.metrics.service.labels | nindent 4 }}
+{{- end }}
+  name: {{ template "argo-cd.controller.fullname" . }}-metrics
+spec:
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: {{ .Values.controller.metrics.service.servicePort }}
+    targetPort: controller
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+{{- end }}

charts/argo-cd/templates/argocd-application-controller/role.yaml

@@ -1,14 +1,14 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: argocd-application-controller
+  name: {{ template "argo-cd.controller.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: application-controller
+    app.kubernetes.io/component: {{ .Values.controller.name }}
 rules:
 - apiGroups:
   - ""
@@ -39,4 +39,3 @@ rules:
   verbs:
   - create
   - list
-  

charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml

@@ -0,0 +1,19 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "argo-cd.controller.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "argo-cd.controller.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "argo-cd.controllerServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}

charts/argo-cd/templates/argocd-application-controller/service.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.controller.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.controller.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.controller.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+spec:
+  ports:
+  - name: {{ .Values.controller.name }}
+    port: {{ .Values.controller.service.port }}
+    targetPort: {{ .Values.controller.containerPort }}
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}

charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "argo-cd.controllerServiceAccountName" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.controller.name }}

charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml

@@ -0,0 +1,32 @@
+{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "argo-cd.controller.fullname" . }}
+  {{- if .Values.controller.metrics.serviceMonitor.namespace }}
+  namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }}
+  {{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.controller.name }}
+{{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }}
+    {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }}
+{{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: metrics
+      interval: 30s
+      path: /metrics
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
+      app.kubernetes.io/component: {{ .Values.controller.name }}
+{{- end }}

charts/argo-cd/templates/argocd-cm.yaml

@@ -1,48 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: argocd-cm
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-data:
-{{- if .Values.config.enableAnonymousAccess }}
-  users.anonymous.enabled: "{{ .Values.config.enableAnonymousAccess }}"
-{{- end }}
-{{- if .Values.config.helmRepositories }}
-  helm.repositories: |
-{{ toYaml .Values.config.helmRepositories | indent 4 }}
-{{- end }}
-{{- if .Values.config.repositories }}
-  repositories: |
-{{ toYaml .Values.config.repositories | indent 4 }}
-{{- end }}
-{{- if .Values.config.dexConfig }}
-  dex.config: |
-{{ toYaml .Values.config.dexConfig | indent 4 }}
-{{- end }}
-{{- if .Values.config.url }}
-  url: {{ .Values.config.url }}
-{{- end }}
-{{- if .Values.config.instanceLabelKey }}
-  application.instanceLabelKey: {{ .Values.config.instanceLabelKey }}
-{{- end }}
-{{- if .Values.config.oidcConfig }}
-  oidc.config: |
-{{ toYaml .Values.config.oidcConfig | indent 4 }}
-{{- end }}
-{{- if .Values.config.resourceCustomizations }}
-  resource.customizations: |
-{{ toYaml .Values.config.resourceCustomizations | indent 4 }}
-{{- end }}
-{{- if .Values.config.resourceExclusions }}
-  resource.exclusions: |
-{{ toYaml .Values.config.resourceExclusions | indent 4 }}
-{{- end }}
-{{- if .Values.config.configManagementPlugins }}
-  configManagementPlugins: |
-{{ toYaml .Values.config.configManagementPlugins | indent 4 }}
-{{- end }}

charts/argo-cd/templates/argocd-configs/argocd-cm.yaml

@@ -1,11 +1,13 @@
 apiVersion: v1
-data: null
 kind: ConfigMap
 metadata:
+  name: argocd-cm
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-cm
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: argocd
-  name: argocd-tls-certs-cm
+    app.kubernetes.io/component: {{ .Values.server.name }}
+data:
+{{- toYaml .Values.server.config | nindent 4 }}

charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: argocd-rbac-cm
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-rbac-cm
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+{{- if .Values.server.rbacConfig }}
+data:
+{{- toYaml .Values.server.rbacConfig | nindent 4 }}
+{{- end }}

charts/argo-cd/templates/argocd-configs/argocd-secret.yaml

@@ -0,0 +1,27 @@
+{{- if .Values.configs.secret.createSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: argocd-secret
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+type: Opaque
+{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketSecret) }}
+# Setting a blank data again will wipe admin password/key/cert
+data:
+  {{- if .Values.configs.secret.githubSecret }}
+  github.webhook.secret: {{ .Values.configs.secret.githubSecret | b64enc }}
+  {{- end }}
+  {{- if .Values.configs.secret.gitlabSecret }}
+  gitlab.webhook.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }}
+  {{- end }}
+  {{- if .Values.configs.secret.bitbucketSecret }}
+  bitbucket.webhook.uuid: {{ .Values.configs.secret.bitbucketSecret | b64enc }}
+  {{- end }}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+{{- toYaml .Values.configs.knownHosts | nindent 0 }}
+kind: ConfigMap
+metadata:
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-ssh-known-hosts-cm
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+  name: argocd-ssh-known-hosts-cm

charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+{{- if .Values.configs.tlsCerts }}
+{{- toYaml .Values.configs.tlsCerts | nindent 0 }}
+{{- end }}
+kind: ConfigMap
+metadata:
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-tls-certs-cm
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+  name: argocd-tls-certs-cm

charts/argo-cd/templates/argocd-dex-server-deployment.yaml

@@ -1,54 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-dex-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: dex-server
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: dex-server
-    spec:
-      serviceAccountName: argocd-dex-server
-      initContainers:
-      - name: copyutil
-        image: {{ .Values.dexServer.initImage.repository }}:{{ .Values.dexServer.initImage.tag }}
-        imagePullPolicy: {{ .Values.dexServer.initImage.pullPolicy }}
-        command: [cp, /usr/local/bin/argocd-util, /shared]
-        volumeMounts:
-        - mountPath: /shared
-          name: static-files
-      containers:
-      - name: dex
-        image: {{ .Values.dexServer.image.repository }}:{{ .Values.dexServer.image.tag }}
-        imagePullPolicy: {{ .Values.dexServer.image.pullPolicy }}
-        command: [/shared/argocd-util, rundex]
-        ports:
-        - containerPort: {{ .Values.dexServer.containerPortHttp }}
-        - containerPort: {{ .Values.dexServer.containerPortGrpc }}
-        volumeMounts:
-        - mountPath: /shared
-          name: static-files
-        {{- if .Values.dexServer.volumeMounts }}
-        {{ toYaml .Values.dexServer.volumeMounts | nindent 8 | trim }}
-        {{- end }}
-      volumes:
-      - emptyDir: {}
-        name: static-files
-      {{- if .Values.dexServer.volumes }}
-      {{ toYaml .Values.dexServer.volumes | nindent 6 | trim }}
-      {{- end }}

charts/argo-cd/templates/argocd-dex-server-rolebinding.yaml

@@ -1,18 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: argocd-dex-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: dex-server
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: argocd-dex-server
-subjects:
-- kind: ServiceAccount
-  name: argocd-dex-server

charts/argo-cd/templates/argocd-dex-server-sa.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: argocd-dex-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: dex-server

charts/argo-cd/templates/argocd-dex-server-service.yaml

@@ -1,23 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: argocd-dex-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: dex-server  
-spec:
-  ports:
-  - name: http
-    protocol: TCP
-    port: {{ .Values.dexServer.servicePortHttp }}
-    targetPort: {{ .Values.dexServer.containerPortHttp }}
-  - name: grpc
-    protocol: TCP
-    port: {{ .Values.dexServer.servicePortGrpc }}
-    targetPort: {{ .Values.dexServer.containerPortGrpc }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server

charts/argo-cd/templates/argocd-rbac-cm.yaml

@@ -1,21 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: argocd-rbac-cm
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-data:
-{{- if .Values.rbac.policyDefault }}
-  policy.default: {{ .Values.rbac.policyDefault }}
-{{- end }}
-{{- if .Values.rbac.policyCsv }}
-  policy.csv:
-{{- toYaml .Values.rbac.policyCsv | indent 4 }}
-{{- end }}
-{{- if .Values.rbac.scopes }}
-  scopes: {{ .Values.rbac.scopes }}
-{{- end }}

charts/argo-cd/templates/argocd-redis-deployment.yaml

@@ -1,38 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-redis
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: redis
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: redis
-    spec:
-      automountServiceAccountToken: false
-      containers:
-      - name: redis
-        args:
-        - --save
-        - ""
-        - --appendonly
-        - "no"
-        image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
-        imagePullPolicy: {{ .Values.redis.image.pullPolicy}}
-        ports:
-        - containerPort: {{ .Values.redis.containerPort }}
-

charts/argo-cd/templates/argocd-redis-service.yaml

@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: argocd-redis
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: redis
-spec:
-  ports:
-  - port: {{ .Values.redis.servicePort }}
-    targetPort: {{ .Values.redis.servicePort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis

charts/argo-cd/templates/argocd-repo-server-deployment.yaml

@@ -1,69 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-repo-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: repo-server
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: repo-server
-    spec:
-      automountServiceAccountToken: false
-      containers:
-      - name: argocd-repo-server
-        image: {{ .Values.repoServer.image.repository }}:{{ .Values.repoServer.image.tag }}
-        imagePullPolicy: {{ .Values.repoServer.image.pullPolicy}}
-        command: [argocd-repo-server]
-        ports:
-        - containerPort: {{ .Values.repoServer.containerPort }}
-        livenessProbe:
-          initialDelaySeconds: 5
-          periodSeconds: 10
-          tcpSocket:
-            port: {{ .Values.repoServer.containerPort }}
-        readinessProbe:
-          tcpSocket:
-            port: {{ .Values.repoServer.containerPort }}
-          initialDelaySeconds: 5
-          periodSeconds: 10
-        volumeMounts:
-        - mountPath: /app/config/ssh
-          name: ssh-known-hosts
-        - mountPath: /app/config/tls
-          name: tls-certs
-        {{- if .Values.repoServer.volumeMounts }}
-        {{ toYaml .Values.repoServer.volumeMounts | nindent 8 | trim }}
-        {{- end }}
-      volumes:
-      - configMap:
-          name: argocd-ssh-known-hosts-cm
-        name: ssh-known-hosts
-      - configMap:
-          name: argocd-tls-certs-cm
-        name: tls-certs
-      {{- if .Values.repoServer.volumes }}
-      {{ toYaml .Values.repoServer.volumes | nindent 6 | trim }}
-      {{- end }}
-      {{- if .Values.repoServer.initContainers }}
-      initContainers:
-      {{ toYaml .Values.repoServer.initContainers | nindent 6 | trim }}
-      {{- end }}
-      {{- if .Values.repoServer.imagePullSecrets }}
-      imagePullSecrets:
-      {{ toYaml .Values.repoServer.imagePullSecrets | nindent 6 | trim }}
-      {{- end }}

charts/argo-cd/templates/argocd-repo-server-service.yaml

@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: argocd-repo-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: repo-server
-spec:
-  ports:
-  - port: {{ .Values.repoServer.servicePort }}
-    targetPort: {{ .Values.repoServer.servicePort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server

charts/argo-cd/templates/argocd-repo-server/deployment.yaml

@@ -0,0 +1,121 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.repoServer.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  revisionHistoryLimit: 5
+  replicas: 1
+  template:
+    metadata:
+      {{- if .Values.repoServer.podAnnotations }}
+      annotations:
+      {{- range $key, $value := .Values.repoServer.podAnnotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: argocd
+        app.kubernetes.io/component: {{ .Values.repoServer.name }}
+        {{- if .Values.controller.podLabels }}
+{{- toYaml .Values.controller.podLabels | nindent 8 }}
+        {{- end }}
+    spec:
+      containers:
+      - name: {{ .Values.repoServer.name }}
+        image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }}
+        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
+        command:
+        - argocd-repo-server
+        {{- if .Values.redis.enabled }}
+        - --redis
+        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
+        {{- end }}
+        - --loglevel
+        - {{ .Values.repoServer.logLevel }}
+        {{- range $key, $value := .Values.repoServer.extraArgs }}
+          {{- if $value }}
+        - --{{ $key }}={{ $value }}
+          {{- else }}
+        - --{{ $key }}
+          {{- end }}
+        {{- end }}
+        volumeMounts:
+        {{- if .Values.repoServer.volumeMounts }}
+{{- toYaml .Values.repoServer.volumeMounts | nindent 10}}
+        {{- end }}
+        {{- if .Values.configs.knownHosts }}
+        - mountPath: /app/config/ssh
+          name: ssh-known-hosts
+        {{- end }}
+        {{- if .Values.configs.tlsCerts }}
+        - mountPath: /app/config/tls
+          name: tls-certs
+        {{- end }}
+        ports:
+        - name: repo-server
+          containerPort: {{ .Values.repoServer.containerPort }}
+          protocol: TCP
+        {{ if .Values.repoServer.metrics.enabled }}
+        - name: metrics
+          containerPort: 8084
+          protocol: TCP
+        {{- end }}
+        livenessProbe:
+          tcpSocket:
+            port: {{ .Values.repoServer.containerPort }}
+          initialDelaySeconds: {{ .Values.repoServer.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.repoServer.livenessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.repoServer.livenessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.repoServer.livenessProbe.successThreshold }}
+          failureThreshold: {{ .Values.repoServer.livenessProbe.failureThreshold }}
+        readinessProbe:
+          tcpSocket:
+            port: {{ .Values.repoServer.containerPort }}
+          initialDelaySeconds: {{ .Values.repoServer.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.repoServer.readinessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.repoServer.readinessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.repoServer.readinessProbe.successThreshold }}
+          failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }}
+        resources:
+{{- toYaml .Values.repoServer.resources | nindent 10 }}
+    {{- if .Values.repoServer.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.repoServer.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.repoServer.tolerations }}
+      tolerations:
+{{- toYaml .Values.repoServer.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.repoServer.affinity }}
+      affinity:
+{{- toYaml .Values.repoServer.affinity | nindent 8 }}
+    {{- end }}
+      volumes:
+      {{- if .Values.repoServer.volumes }}
+{{- toYaml .Values.repoServer.volumes | nindent 8}}
+      {{- end }}
+      {{- if .Values.configs.knownHosts }}
+      - configMap:
+          name: argocd-ssh-known-hosts-cm
+        name: ssh-known-hosts
+      {{- end }}
+      {{- if .Values.configs.tlsCerts }}
+      - configMap:
+          name: argocd-tls-certs-cm
+        name: tls-certs
+      {{- end }}

charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml

@@ -0,0 +1,31 @@
+{{- if .Values.repoServer.metrics.enabled}}
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.repoServer.metrics.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.repoServer.metrics.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+{{- if .Values.repoServer.metrics.service.labels }}
+{{- toYaml .Values.repoServer.metrics.service.labels | nindent 4 }}
+{{- end }}
+  name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
+spec:
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: {{ .Values.repoServer.metrics.service.servicePort }}
+    targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+{{- end }}

charts/argo-cd/templates/argocd-repo-server/service.yaml

@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.repoServer.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.repoServer.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+  name: {{ template "argo-cd.repoServer.fullname" . }}
+spec:
+  ports:
+  - name: repo-server
+    protocol: TCP
+    port: {{ .Values.repoServer.service.port }}
+    targetPort: repo-server
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}

charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml

@@ -0,0 +1,33 @@
+{{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "argo-cd.repoServer.fullname" . }}
+  {{- if .Values.repoServer.metrics.serviceMonitor.namespace }}
+  namespace: {{ .Values.repoServer.metrics.serviceMonitor.namespace }}
+  {{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.repoServer.name }}
+{{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }}
+    {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }}
+{{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: metrics
+      interval: 30s
+      path: /metrics
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: {{ .Release.Name }}
+      app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
+      app.kubernetes.io/component: {{ .Values.repoServer.name }}
+{{- end }}

charts/argo-cd/templates/argocd-secret.yaml

@@ -1,26 +0,0 @@
-{{- if .Values.config.createSecret }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: argocd-secret
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-type: Opaque
-{{- if or .Values.config.webhook.githubSecret (or .Values.config.webhook.gitlabSecret .Values.config.webhook.bitbucketSecret) }}
-# Setting a blank data again will wipe admin password/key/cert
-data:
-{{- if .Values.config.webhook.githubSecret }}
-  github.webhook.secret: {{ .Values.config.webhook.githubSecret }}
-{{- end }}
-{{- if .Values.config.webhook.gitlabSecret }}
-  gitlab.webhook.secret: {{ .Values.config.webhook.gitlabSecret }}
-{{- end }}
-{{- if .Values.config.webhook.bitbucketSecret }}
-  bitbucket.webhook.uuid: {{ .Values.config.webhook.bitbucketSecret }}
-{{- end }}
-{{- end }}
-{{- end }}

charts/argo-cd/templates/argocd-server-clusterrolebinding.yaml

@@ -1,21 +0,0 @@
-{{- if .Values.clusterAdminAccess.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: argocd-server
-subjects:
-  - kind: ServiceAccount
-    name: argocd-server
-    namespace: {{ .Release.Namespace }}
-{{- end -}}

charts/argo-cd/templates/argocd-server-deployment.yaml

@@ -1,77 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-        app.kubernetes.io/component: server
-      annotations:
-        {{- range $key, $value := .Values.server.annotations }}
-        {{ $key }}: {{ $value | quote }}
-        {{- end }}
-    spec:
-      serviceAccountName: argocd-server
-      containers:
-      - name: argocd-server
-        image: {{ .Values.server.image.repository }}:{{ .Values.server.image.tag }}
-        imagePullPolicy: {{ .Values.server.image.pullPolicy }}
-        command:
-        - argocd-server
-        - --staticassets
-        - /shared/app
-        {{- range .Values.server.extraArgs }}
-        - {{. | quote }}
-        {{- end }}
-        volumeMounts:
-        - mountPath: /app/config/ssh
-          name: ssh-known-hosts
-        - mountPath: /app/config/tls
-          name: tls-certs
-        {{- if .Values.server.volumeMounts }}
-        {{ toYaml .Values.server.volumeMounts | nindent 8 | trim }}
-        {{- end }}
-        ports:
-        - containerPort: {{ .Values.server.containerPort }}
-        - containerPort: {{ .Values.server.metricsPort }}
-        livenessProbe:
-          httpGet:
-            path: /healthz
-            port: {{ .Values.server.containerPort }}
-          initialDelaySeconds: 3
-          periodSeconds: 30
-        readinessProbe:
-          httpGet:
-            path: /healthz
-            port: {{ .Values.server.containerPort }}
-          initialDelaySeconds: 3
-          periodSeconds: 30
-      volumes:
-      - emptyDir: {}
-        name: static-files
-      - configMap:
-          name: argocd-ssh-known-hosts-cm
-        name: ssh-known-hosts
-      - configMap:
-          name: argocd-tls-certs-cm
-        name: tls-certs
-      {{- if .Values.server.volumes }}
-      {{ toYaml .Values.server.volumes | nindent 6 | trim }}
-      {{- end }}
-

charts/argo-cd/templates/argocd-server-ingress.yaml

@@ -1,33 +0,0 @@
-{{- if .Values.ingress.enabled -}}
-{{- $host := regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.config.url "${1}" }}
-{{- $path := default "/" (regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.config.url "${2}") }}
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-{{- with .Values.ingress.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-  rules:
-  {{- range prepend .Values.ingress.additionalHosts $host }}
-    - host: {{ . | quote }}
-      http:
-        paths:
-          - path: {{ $path | quote }}
-            backend:
-              serviceName: argocd-server
-              servicePort: https
-  {{- end }}
-  {{- if .Values.ingress.tls }}
-  tls:
-{{ toYaml .Values.ingress.tls | indent 4 }}
-  {{- end -}}
-{{- end }}

charts/argo-cd/templates/argocd-server-metrics.yaml

@@ -1,19 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
-  name: argocd-server-metrics
-spec:
-  ports:
-  - name: metrics
-    protocol: TCP
-    port: {{ .Values.server.servicePortHttp }}
-    targetPort: {{ .Values.server.metricsPort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server

charts/argo-cd/templates/argocd-server-rolebinding.yaml

@@ -1,19 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
-
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: argocd-server
-subjects:
-- kind: ServiceAccount
-  name: argocd-server

charts/argo-cd/templates/argocd-server-sa.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server

charts/argo-cd/templates/argocd-server-service.yaml

@@ -1,28 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: argocd-server
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
-    app.kubernetes.io/component: server
-  {{- if .Values.server.serviceAnnotations }}
-  annotations:
-{{ toYaml .Values.server.serviceAnnotations | indent 4}}{{- end }}
-spec:
-  type: {{ .Values.server.serviceType }}
-  ports:
-  - name: http
-    protocol: TCP
-    port: {{ .Values.server.servicePortHttp }}
-    targetPort: {{ .Values.server.containerPort }}
-  - name: https
-    protocol: TCP
-    port: {{ .Values.server.servicePortHttps }}
-    targetPort: {{ .Values.server.containerPort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
-

charts/argo-cd/templates/argocd-server/applications.yaml

@@ -0,0 +1,42 @@
+{{- if .Values.server.additionalApplications }}
+apiVersion: v1
+kind: List
+items:
+{{- range .Values.server.additionalApplications }}
+  - apiVersion: argoproj.io/v1alpha1
+    kind: Application
+    metadata:
+      {{- if .additionalAnnotations }}
+      annotations:
+      {{- range $key, $value := .additionalAnnotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      {{- if .additionalLabels }}
+      labels:
+{{- toYaml .additionalLabels | nindent 8 }}
+      {{- end }}
+      name: {{ .name }}
+      {{- if .namespace }}
+      namespace: {{ .namespace }}
+      {{- end }}
+      {{- if .finalizers }}
+      finalizers:
+{{- toYaml .finalizers | nindent 8 }}
+      {{- end }}
+    spec:
+      project: {{ tpl .project $ }}
+      source:
+{{- toYaml .source | nindent 8 }}
+      destination:
+{{- toYaml .destination | nindent 8 }}
+      {{- if .syncPolicy }}
+      syncPolicy:
+{{- toYaml .syncPolicy | nindent 8 }}
+      {{- end }}
+      {{- if .ignoreDifferences }}
+      ignoreDifferences:
+{{- toYaml .ignoreDifferences | nindent 8 }}
+      {{- end }}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-server/certificate.yaml

@@ -1,19 +1,19 @@
-{{- if .Values.certificate.enabled -}}
+{{- if .Values.server.certificate.enabled -}}
-{{- $commonName := regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.config.url "${1}" }}
 apiVersion: certmanager.k8s.io/v1alpha1
 kind: Certificate
 metadata:
-  name: argocd-server
+  name: {{ template "argo-cd.server.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
 spec:
-  commonName: {{ $commonName | quote }}
+  commonName: {{ .Values.server.certificate.domain | quote }}
   dnsNames:
-    - {{ $commonName | quote }}
+    - {{ .Values.server.certificate.domain | quote }}
   {{- range .Values.ingress.additionalHosts }}
     - {{ . | quote }}
   {{- end }}

charts/argo-cd/templates/argocd-server/clusterrole.yaml

@@ -1,15 +1,14 @@
-{{- if .Values.clusterAdminAccess.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: argocd-server
+  name: {{ template "argo-cd.server.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: server
+    app.kubernetes.io/component: {{ .Values.server.name }}
 rules:
   - apiGroups:
       - '*'
@@ -32,4 +31,3 @@ rules:
       - pods/log
     verbs:
       - get
-{{- end }}

charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml

@@ -0,0 +1,19 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "argo-cd.server.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "argo-cd.server.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "argo-cd.serverServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}

charts/argo-cd/templates/argocd-server/deployment.yaml

@@ -0,0 +1,134 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.server.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  revisionHistoryLimit: 5
+  replicas: 1
+  template:
+    metadata:
+      {{- if .Values.server.podAnnotations }}
+      annotations:
+      {{- range $key, $value := .Values.server.podAnnotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: argocd
+        app.kubernetes.io/component: {{ .Values.server.name }}
+        {{- if .Values.controller.podLabels }}
+{{- toYaml .Values.controller.podLabels | nindent 8 }}
+        {{- end }}
+    spec:
+      containers:
+      - name: {{ .Values.server.name }}
+        image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default .Values.global.image.tag .Values.server.image.tag }}
+        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
+        command:
+        - argocd-server
+        - --staticassets
+        - /shared/app
+        - --repo-server
+        - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
+        {{- if .Values.dex.enabled }}
+        - --dex-server
+        - http://{{ template "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }}
+        {{- end }}
+        - --loglevel
+        - {{ .Values.server.logLevel }}
+        {{- if .Values.redis.enabled }}
+        - --redis
+        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
+        {{- end }}
+        {{- range $key, $value := .Values.server.extraArgs }}
+          {{- if $value }}
+        - --{{ $key }}={{ $value }}
+          {{- else }}
+        - --{{ $key }}
+          {{- end }}
+        {{- end }}
+        volumeMounts:
+        {{- if .Values.server.volumeMounts }}
+{{- toYaml .Values.server.volumeMounts | nindent 10}}
+        {{- end }}
+        {{- if .Values.configs.knownHosts }}
+        - mountPath: /app/config/ssh
+          name: ssh-known-hosts
+        {{- end }}
+        {{- if .Values.configs.tlsCerts }}
+        - mountPath: /app/config/tls
+          name: tls-certs
+        {{- end }}
+        ports:
+        - name: {{ .Values.server.name }}
+          containerPort: {{ .Values.server.containerPort }}
+          protocol: TCP
+        {{ if .Values.server.metrics.enabled }}
+        - name: metrics
+          containerPort: 8083
+          protocol: TCP
+        {{- end }}
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: {{ .Values.server.containerPort }}
+          initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.server.livenessProbe.successThreshold }}
+          failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }}
+        readinessProbe:
+          httpGet:
+            path: /healthz
+            port: {{ .Values.server.containerPort }}
+          initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.server.readinessProbe.successThreshold }}
+          failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }}
+        resources:
+{{- toYaml .Values.server.resources | nindent 10 }}
+    {{- if .Values.server.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.server.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.server.tolerations }}
+      tolerations:
+{{- toYaml .Values.server.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.server.affinity }}
+      affinity:
+{{- toYaml .Values.server.affinity | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }}
+      volumes:
+      {{- if .Values.server.volumes }}
+{{- toYaml .Values.server.volumes | nindent 8}}
+      {{- end }}
+      - emptyDir: {}
+        name: static-files
+      {{- if .Values.configs.knownHosts }}
+      - configMap:
+          name: argocd-ssh-known-hosts-cm
+        name: ssh-known-hosts
+      {{- end }}
+      {{- if .Values.configs.tlsCerts }}
+      - configMap:
+          name: argocd-tls-certs-cm
+        name: tls-certs
+      {{- end }}

charts/argo-cd/templates/argocd-server/ingress.yaml

@@ -0,0 +1,53 @@
+{{- if .Values.server.ingress.enabled -}}
+{{- $serviceName := include "argo-cd.server.fullname" . -}}
+{{- $servicePort := .Values.server.name -}}
+{{- $paths := .Values.server.ingress.paths -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+{{- if .Values.server.ingress.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.server.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.server.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+{{- if .Values.server.ingress.labels }}
+{{- toYaml .Values.server.ingress.labels | nindent 4 }}
+{{- end }}
+spec:
+  rules:
+  {{- if .Values.server.ingress.hosts }}
+  {{- range $host := .Values.server.ingress.hosts }}
+    - host: {{ $host }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ $p }}
+            backend:
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ $p }}
+            backend:
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.server.ingress.tls }}
+  tls:
+{{- toYaml .Values.server.ingress.tls | nindent 4 }}
+  {{- end -}}
+{{- end -}}

charts/argo-cd/templates/argocd-server/metrics-service.yaml

@@ -0,0 +1,31 @@
+{{- if .Values.server.metrics.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  {{- if .Values.server.metrics.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.server.metrics.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+{{- if .Values.server.metrics.service.labels }}
+{{- toYaml .Values.server.metrics.service.labels | nindent 4 }}
+{{- end }}
+  name: {{ template "argo-cd.server.fullname" . }}-metrics
+spec:
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: {{ .Values.server.metrics.service.servicePort }}
+    targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+{{- end }}

charts/argo-cd/templates/argocd-server/projects.yaml

@@ -0,0 +1,46 @@
+{{- if .Values.server.additionalProjects }}
+apiVersion: v1
+kind: List
+items:
+{{- range .Values.server.additionalProjects }}
+  - apiVersion: argoproj.io/v1alpha1
+    kind: AppProject
+    metadata:
+      {{- if .additionalProjects }}
+      annotations:
+      {{- range $key, $value := .additionalProjects }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      {{- if .additionalLabels }}
+      labels:
+{{- toYaml .additionalLabels | nindent 8 }}
+      {{- end }}
+      name: {{ .name }}
+      {{- if .namespace }}
+      namespace: {{ .namespace }}
+      {{- end }}
+    spec:
+      description: {{ .description }}
+      sourceRepos:
+{{- toYaml .sourceRepos | nindent 8 }}
+      destinations:
+{{- toYaml .destinations | nindent 8 }}
+      {{- if .clusterResourceWhitelist }}
+      clusterResourceWhitelist:
+{{- toYaml .clusterResourceWhitelist | nindent 8 }}
+      {{- end }}
+      {{- if .namespaceResourceBlacklist }}
+      namespaceResourceBlacklist:
+{{- toYaml .namespaceResourceBlacklist | nindent 8 }}
+      {{- end }}
+      {{- if .orphanedResources }}
+      orphanedResources:
+{{- toYaml .orphanedResources | nindent 8 }}
+      {{- end }}
+      {{- if .roles }}
+      roles:
+{{- toYaml .roles | nindent 8 }}
+      {{- end }}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-server/role.yaml

@@ -1,14 +1,14 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: argocd-server
+  name: {{ template "argo-cd.server.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: server
+    app.kubernetes.io/component: {{ .Values.server.name }}
 rules:
 - apiGroups:
   - ""

charts/argo-cd/templates/argocd-server/rolebinding.yaml

@@ -0,0 +1,19 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "argo-cd.server.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "argo-cd.server.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "argo-cd.serverServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}

charts/argo-cd/templates/argocd-server/route.yaml

@@ -0,0 +1,30 @@
+{{- if .Values.server.route.enabled -}}
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+  name: {{ template "argo-cd.server.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+{{- with .Values.server.route.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+  host: {{ .Values.server.route.hostname | quote }}
+  subdomain: ''
+  to:
+    kind: Service
+    name: {{ template "argo-cd.server.fullname" . }}
+    weight: 100
+  port:
+    targetPort: https
+  tls:
+    termination: passthrough
+    insecureEdgeTerminationPolicy: None
+  wildcardPolicy: None
+{{- end }}

charts/argo-cd/templates/argocd-server/service.yaml

@@ -0,0 +1,31 @@
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.server.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.server.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.server.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+spec:
+  type: {{ .Values.server.service.type }}
+  ports:
+  - name: http
+    protocol: TCP
+    port: {{ .Values.server.service.servicePortHttp }}
+    targetPort: {{ .Values.server.name }}
+  - name: https
+    protocol: TCP
+    port: {{ .Values.server.service.servicePortHttps }}
+    targetPort: {{ .Values.server.name }}
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}

charts/argo-cd/templates/argocd-server/serviceaccount.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "argo-cd.serverServiceAccountName" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}

charts/argo-cd/templates/argocd-server/servicemonitor.yaml

@@ -0,0 +1,33 @@
+{{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "argo-cd.server.fullname" . }}
+  {{- if .Values.server.metrics.serviceMonitor.namespace }}
+  namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }}
+  {{- end }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.server.name }}
+{{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }}
+    {{- if .Values.server.metrics.serviceMonitor.additionalLabels }}
+{{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: metrics
+      interval: 30s
+      path: /metrics
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: {{ .Release.Name }}
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics
+      app.kubernetes.io/component: {{ .Values.server.name }}
+{{- end }}

charts/argo-cd/templates/argocd-ssh-known-hosts-cm.yaml

@@ -1,19 +0,0 @@
-apiVersion: v1
-data:
-  ssh_known_hosts: |
-    bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
-    github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
-    gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=
-    gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf
-    gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
-    ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
-    vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
-kind: ConfigMap
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-  name: argocd-ssh-known-hosts-cm

charts/argo-cd/templates/crds/application-crd.yaml

@@ -4,7 +4,7 @@ metadata:
   labels:
     app.kubernetes.io/name: {{ include "argo-cd.name" . }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/part-of: argocd
   name: applications.argoproj.io
   annotations:
     "helm.sh/hook": crd-install

charts/argo-cd/templates/crds/appproject-crd.yaml

@@ -4,7 +4,7 @@ metadata:
   labels:
     app.kubernetes.io/name: {{ include "argo-cd.name" . }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/part-of: argocd
   name: appprojects.argoproj.io
   annotations:
     "helm.sh/hook": crd-install

charts/argo-cd/templates/dex/deployment.yaml

@@ -0,0 +1,76 @@
+{{- if .Values.dex.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.dex.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.dex.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: argocd
+        app.kubernetes.io/component: {{ .Values.dex.name }}
+    spec:
+      initContainers:
+      - name: copyutil
+        image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }}
+        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.pullPolicy }}
+        command:
+        - cp
+        - /usr/local/bin/argocd-util
+        - /shared
+        volumeMounts:
+        - mountPath: /shared
+          name: static-files
+      containers:
+      - name: {{ .Values.dex.name }}
+        image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
+        imagePullPolicy: {{ .Values.dex.image.imagePullPolicy }}
+        command:
+        - /shared/argocd-util
+        - rundex
+        ports:
+        - name: http
+          containerPort: {{ .Values.dex.containerPortHttp }}
+          protocol: TCP
+        - name: grpc
+          containerPort: {{ .Values.dex.containerPortGrpc }}
+          protocol: TCP
+{{- if .Values.dex.volumeMounts }}
+        volumeMounts:
+{{- toYaml .Values.dex.volumeMounts | nindent 10 }}
+{{- end }}
+        resources:
+{{- toYaml .Values.dex.resources | nindent 10 }}
+    {{- if .Values.dex.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.dex.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.dex.tolerations }}
+      tolerations:
+{{- toYaml .Values.dex.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.dex.affinity }}
+      affinity:
+{{- toYaml .Values.dex.affinity | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
+{{- if .Values.dex.volumes }}
+      volumes:
+{{- toYaml .Values.dex.volumes | nindent 8}}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/dex/role.yaml

@@ -1,14 +1,15 @@
+{{- if .Values.dex.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: argocd-dex-server
+  name: {{ template "argo-cd.dex.fullname" . }}
   labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
     helm.sh/chart: {{ include "argo-cd.chart" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: {{ include "argo-cd.name" . }}
+    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: dex-server
+    app.kubernetes.io/component: {{ .Values.dex.name }}
 rules:
 - apiGroups:
   - ""
@@ -19,3 +20,4 @@ rules:
   - get
   - list
   - watch
+{{- end }}

charts/argo-cd/templates/dex/rolebinding.yaml

@@ -0,0 +1,21 @@
+{{- if .Values.dex.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "argo-cd.dex.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.dex.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "argo-cd.dex.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "argo-cd.dexServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end }}

charts/argo-cd/templates/dex/service.yaml

@@ -0,0 +1,26 @@
+{{- if .Values.dex.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "argo-cd.dex.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.dex.name }}
+spec:
+  ports:
+  - name: http
+    protocol: TCP
+    port: {{ .Values.dex.servicePortHttp }}
+    targetPort: http
+  - name: grpc
+    protocol: TCP
+    port: {{ .Values.dex.servicePortGrpc }}
+    targetPort: grpc
+  selector:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}

charts/argo-cd/templates/dex/serviceaccount.yaml

@@ -0,0 +1,13 @@
+{{- if .Values.dex.enabled }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "argo-cd.dexServiceAccountName" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.dex.name }}
+{{- end }}

charts/argo-cd/templates/redis/deployment.yaml

@@ -0,0 +1,61 @@
+{{- if .Values.redis.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.redis.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.redis.name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
+        helm.sh/chart: {{ include "argo-cd.chart" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/part-of: argocd
+        app.kubernetes.io/component: {{ .Values.redis.name }}
+    spec:
+      automountServiceAccountToken: false
+      containers:
+      - name: {{ template "argo-cd.redis.fullname" . }}
+        args:
+        - --save
+        - ""
+        - --appendonly
+        - "no"
+        image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
+        imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}}
+        ports:
+        - containerPort: {{ .Values.redis.containerPort }}
+{{- if .Values.redis.volumeMounts }}
+        volumeMounts:
+{{- toYaml .Values.redis.volumeMounts | nindent 10 }}
+{{- end }}
+        resources:
+{{- toYaml .Values.redis.resources | nindent 10 }}
+    {{- if .Values.redis.nodeSelector }}
+      nodeSelector:
+{{- toYaml .Values.redis.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.redis.tolerations }}
+      tolerations:
+{{- toYaml .Values.redis.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.redis.affinity }}
+      affinity:
+{{- toYaml .Values.redis.affinity | nindent 8 }}
+    {{- end }}
+{{- if .Values.redis.volumes }}
+      volumes:
+{{- toYaml .Values.redis.volumes | nindent 8}}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/redis/service.yaml

@@ -0,0 +1,19 @@
+{{- if .Values.redis.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "argo-cd.redis.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/component: {{ .Values.redis.name }}
+spec:
+  ports:
+  - port: {{ .Values.redis.servicePort }}
+    targetPort: {{ .Values.redis.servicePort }}
+  selector:
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
+{{- end }}

charts/argo-cd/values.yaml

@@ -1,198 +1,534 @@
-applicationController:
+## ArgoCD configuration
-  containerPort: 8082
+## Ref: https://github.com/argoproj/argo-cd
-  servicePort: 8082
+##
-  image:
+nameOverride: argocd
-    repository: argoproj/argocd
-    tag: v1.2.3
-    pullPolicy: Always
-  volumeMounts: []
-  volumes: []
 
-server:
+global:
-  containerPort: 8080
-  metricsPort: 8083
-  servicePortHttp: 80
-  servicePortHttps: 443
-  serviceAnnotations: {}
   image:
     repository: argoproj/argocd
-    tag: v1.2.3
+    tag: v1.2.4
-    pullPolicy: Always
+    imagePullPolicy: IfNotPresent
-  serviceType: ClusterIP
+
+## Controller
+controller:
+  name: application-controller
+
+  image: {}
+  #  repository: argoproj/argocd
+  #  tag: v1.2.1
+  #  imagePullPolicy: IfNotPresent
+
+  ## Argo controller commandline flags
+  args:
+    statusProcessors: "20"
+    operationProcessors: "10"
+
+  ## Argo controller log level
+  logLevel: info
+
+  ## Additional command line arguments to pass to argocd-controller
   extraArgs: []
+
+  ## Annotations to be added to controller pods
+  ##
+  podAnnotations: {}
+
+  ## Labels to be added to controller pods
+  ##
+  podLabels: {}
+
+  ## Configures the controller port
+  containerPort: 8082
+
+  ## Readiness and liveness probes for default backend
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
+  ##
+  readinessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+  livenessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+
+  ## Additional volumeMounts to the controller main container.
   volumeMounts: []
-  # - name: ssh-known-hosts
+
-  #   mountPath: /app/config/ssh
+  ## Additional volumes to the controller pod.
   volumes: []
-  # - name: ssh-known-hosts
+
-  #   configMap:
+  ## Controller service configuration
-  #     name: argocd-ssh-known-hosts-cm
+  service:
     annotations: {}
+    labels: {}
+    port: 8082
 
-repoServer:
+  ## Node selectors and tolerations for server scheduling to nodes with taints
-  containerPort: 8081
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-  servicePort: 8081
+  ##
-  image:
+  nodeSelector: {}
-    repository: argoproj/argocd
+  tolerations: []
-    tag: v1.2.3
+  affinity: {}
-    pullPolicy: Always
-  volumeMounts: []
-  volumes: []
-  #   - name: custom-tools
-  #     emptyDir: {}
-  initContainers: []
-  # - name: download-tools
-  #   image: alpine:3.8
-  #   command: [sh, -c]
-  #   args:
-  #   - wget -qO- https://storage.googleapis.com/kubernetes-helm/helm-v2.12.3-linux-amd64.tar.gz | tar -xvzf - &&
-  #     mv linux-amd64/helm /custom-tools/
-  #   volumeMounts:
-  #   - mountPath: /custom-tools
-  #     name: custom-tools
-  imagePullSecrets: []
-  # - name: docker-auth-secret
 
-dexServer:
+  priorityClassName: ""
-  containerPortHttp: 5556
-  containerPortGrpc: 5557
-  servicePortHttp: 5556
-  servicePortGrpc: 5557
-  image:
-    repository: quay.io/dexidp/dex
-    tag: v2.19.0
-    pullPolicy: Always
-  initImage:
-    repository: argoproj/argocd
-    tag: v1.2.3
-    pullPolicy: Always
-  volumeMounts: []
-  volumes: []
 
-# terminate tls at ArgoCD level
+  resources: {}
-ingress:
+  #  limits:
+  #    cpu: 500m
+  #    memory: 512Mi
+  #  requests:
+  #    cpu: 250m
+  #    memory: 256Mi
+
+  serviceAccount:
+    create: true
+    name: argocd-application-controller
+
+  ## Server metrics controller configuration
+  metrics:
     enabled: false
-  annotations:
+    service:
-    {}
+      annotations: {}
-    # kubernetes.io/ingress.class: nginx
+      labels: {}
-    # nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+      servicePort: 8082
-    # nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+    serviceMonitor:
-  path: /
-  additionalHosts: []
-  tls:
-    # Secrets must be manually created in the namespace.
-    # - secretName: chart-example-tls
-    #   hosts:
-    #     - chart-example.local
-
-certificate:
       enabled: false
-  issuer:
+    #   selector:
-    kind: # ClusterIssuer
+    #     prometheus: kube-prometheus
-    name: # letsencrypt
+    #   namespace: monitoring
+    #   additionalLabels: {}
 
-clusterAdminAccess:
+  ## Enable Admin ClusterRole resources.
+  ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster.
+  clusterAdminAccess:
     enabled: true
 
-config:
+## Dex
-  createSecret: true
+dex:
-  enableAnonymousAccess: false
+  enabled: true
-  resourceExclusions:
+  name: dex-server
-    # - apiGroups:
-    #   - "*"
-    #   kinds:
-    #   - "*"
-    #   clusters:
-    #   - https://192.168.0.20
-  helmRepositories:
-    # - name: privateRepo
-    #   url: http://chartmuseum.privatecloud.com
-    #   usernameSecret:
-    #     name: private-chartmuseum
-    #     key: username
-    #   passwordSecret:
-    #     name: private-chartmuseum
-    #     key: password
-    # - name: incubator
-    #   url: https://kubernetes-charts-incubator.storage.googleapis.com/
-  repositories:
-    # - url: git@gitlab.com:usersprivategroup/users-gitops-config.git
-    #   sshPrivateKeySecret:
-    #     key: privateKey
-    #     name: argocd-dev-key
-    # - url: git@gitlab.com:accountingprivategroup/accounting-gitops-config.git
-    #   sshPrivateKeySecret:
-    #     key: privateKey
-    #     name: argocd-dev-key
-  dexConfig:
-    #   # Argo CD's externally facing base URL. Required for configuring SSO
-    #   # url: https://argo-cd-demo.argoproj.io
-    #
-    #   # A dex connector configuration. See documentation on how to configure SSO:
-    #   # https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/sso.md#2-configure-argo-cd-for-sso
-    # connectors:
-    #   # GitHub example
-    #   - type: github
-    #     id: github
-    #     name: GitHub
-    #     config:
-    #       clientID: aabbccddeeff00112233
-    #       clientSecret: $dex.github.clientSecret
-    #       orgs:
-    #       - name: your-github-org
-    #         teams:
-  url: # https://argocd.example.com/
-  oidcConfig:
-    # name: Okta
-    # issuer: https://dev-123456.oktapreview.com
-    # clientID: aaaabbbbccccddddeee
-    # clientSecret: $oidc.okta.clientSecret
-  # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook
-  # events. To enable webhooks, configure one or more of the following keys with the shared git
-  # provider webhook secret. The payload URL configured in the git provider should use the
-  # /api/webhook endpoint of your Argo CD instance (e.g. https://argocd.example.com/api/webhook)
-  webhook:
-    githubSecret:
-    gitlabSecret:
-    bitbucketSecret:
-  resourceCustomizations:
-  #   certmanager.k8s.io/Certificate:
-  #     health.lua: |
-  #       hs = {}
-  #       ...
-  #       return hs
-  configManagementPlugins:
-    # - name: pluginName
-    #   init:                          # Optional command to initialize application source directory
-    #     command: ["sample command"]
-    #     args: ["sample args"]
-    #   generate:                      # Command to generate manifests YAML
-    #     command: ["sample command"]
-    #     args: ["sample args"]
 
-rbac:
+  image:
-  #   # An RBAC policy .csv file containing additional policy and role definitions.
+    repository: quay.io/dexidp/dex
-  #   # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md on how to write RBAC policies.
+    tag: v2.14.0
-  #   policy.csv: |
+    imagePullPolicy: IfNotPresent
-  #     # Give all members of "my-org:team-alpha" the ability to sync apps in "my-project"
+  initImage: {}
-  #     p, my-org:team-alpha, applications, sync, my-project/*, allow
-  #     # Make all members of "my-org:team-beta" admins
-  #     g, my-org:team-beta, role:admin
-  policyCsv: #|
-  #   p, role:org-admin, applications, *, */*, allow
-  #   p, role:org-admin, clusters, get, *, allow
-  #   p, role:org-admin, repositories, get, *, allow
-  #   p, role:org-admin, repositories, create, *, allow
-  #   p, role:org-admin, repositories, update, *, allow
-  #   p, role:org-admin, repositories, delete, *, allow
-  #   g, your-github-org:your-team, role:org-admin
-  policyDefault: #role:readonly
-  scopes: #[groups]
 
+  serviceAccount:
+    create: true
+    name: argocd-dex-server
+
+  ## Additional volumeMounts to the controller main container.
+  volumeMounts:
+    - name: static-files
+      mountPath: /shared
+
+  ## Additional volumes to the controller pod.
+  volumes:
+    - name: static-files
+      emptyDir: {}
+
+  ## Dex deployment container ports
+  containerPortHttp: 5556
+  servicePortHttp: 5556
+  containerPortGrpc: 5557
+  servicePortGrpc: 5557
+
+  ## Node selectors and tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  priorityClassName: ""
+
+  resources: {}
+  #  limits:
+  #    cpu: 50m
+  #    memory: 64Mi
+  #  requests:
+  #    cpu: 10m
+  #    memory: 32Mi
+
+## Redis
 redis:
+  enabled: false
+  name: redis
+
   image:
     repository: redis
     tag: 5.0.3
-    pullPolicy: Always
+    imagePullPolicy: IfNotPresent
+
   containerPort: 6379
   servicePort: 6379
+
+  ## Node selectors and tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  priorityClassName: ""
+
+  resources: {}
+  #  limits:
+  #    cpu: 200m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 100m
+  #    memory: 64Mi
+
+## Server
+server:
+  name: server
+
+  image: {}
+  #  repository: argoproj/argocd
+  #  tag: v1.2.1
+  #  imagePullPolicy: IfNotPresent
+
+  ## Additional command line arguments to pass to argocd-server
+  # extraArgs: []
+  #   - insecure
+  extraArgs: []
+
+  ## Argo server log level
+  logLevel: info
+
+  ## Annotations to be added to controller pods
+  ##
+  podAnnotations: {}
+
+  ## Labels to be added to controller pods
+  ##
+  podLabels: {}
+
+  ## Configures the server port
+  containerPort: 8080
+
+  ## Readiness and liveness probes for default backend
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
+  ##
+  readinessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+  livenessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+
+  ## Additional volumeMounts to the server main container.
+  volumeMounts: []
+
+  ## Additional volumes to the controller pod.
+  volumes: []
+
+  ## Node selectors and tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  priorityClassName: ""
+
+  resources: {}
+  #  limits:
+  #    cpu: 100m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 50m
+  #    memory: 64Mi
+
+  ## Certificate configuration
+  certificate:
+    enabled: false
+    domain: argocd.example.com
+    issuer: {}
+    additionalHosts: []
+
+  ## Server service configuration
+  service:
+    annotations: {}
+    labels: {}
+    type: ClusterIP
+    servicePortHttp: 80
+    servicePortHttps: 443
+
+  ## Server metrics service configuration
+  metrics:
+    enabled: false
+    service:
+      annotations: {}
+      labels: {}
+      servicePort: 8083
+    serviceMonitor:
+      enabled: false
+    #   selector:
+    #     prometheus: kube-prometheus
+    #   namespace: monitoring
+    #   additionalLabels: {}
+
+  serviceAccount:
+    create: true
+    name: argocd-server
+
+  ingress:
+    enabled: false
+    annotations: {}
+    labels: {}
+
+    ## Argo Ingress.
+    ## Hostnames must be provided if Ingress is enabled.
+    ## Secrets must be manually created in the namespace
+    ##
+    hosts: []
+      # - argocd.example.com
+    paths:
+    - /
+    tls: []
+      # - secretName: argocd-example-tls
+      #   hosts:
+      #     - argocd.example.com
+
+  # Create a OpenShift Route with SSL passthrough for UI and CLI
+  # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain
+  # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain:
+  # If 'hostname' is an empty string "" OpenShift will create a hostname for you.
+  route:
+    enabled: false
+    hostname: ""
+
+  ## ArgoCD config
+  ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml
+  config:
+    # Argo CD's externally facing base URL (optional). Required when configuring SSO
+    url: https://argocd.example.com
+    # Argo CD instance label key
+    application.instanceLabelKey: argocd.argoproj.io/instance
+
+  ## ArgoCD rbac config
+  ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md
+  rbacConfig: {}
+    # policy.csv is an file containing user-defined RBAC policies and role definitions (optional).
+    # Policy rules are in the form:
+    #   p, subject, resource, action, object, effect
+    # Role definitions and bindings are in the form:
+    #   g, subject, inherited-subject
+    # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information.
+    # policy.csv: |
+    #   # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project'
+    #   p, my-org:team-alpha, applications, sync, my-project/*, allow
+    #   # Grant all members of 'my-org:team-beta' admins
+    #   g, my-org:team-beta, role:admin
+    # policy.default is the name of the default role which Argo CD will falls back to, when
+    # authorizing API requests (optional). If omitted or empty, users may be still be able to login,
+    # but will see no apps, projects, etc...
+    # policy.default: role:readonly
+
+    # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope).
+    # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings.
+    # scopes: '[cognito:groups, email]'
+
+  ## Not well tested and not well supported on release v1.0.0.
+  ## Applications
+  ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/
+  additionalApplications: []
+  # - name: guestbook
+  #   namespace: argocd
+  #   additionalLabels: {}
+  #   additionalAnnotations: {}
+  #   project: guestbook
+  #   source:
+  #     repoURL: https://github.com/argoproj/argocd-example-apps.git
+  #     targetRevision: HEAD
+  #     path: guestbook
+  #     directory:
+  #       recurse: true
+  #  destination:
+  #     server: https://kubernetes.default.svc
+  #     namespace: guestbook
+  #   syncPolicy:
+  #     automated:
+  #       prune: false
+  #      selfHeal: false
+
+  ## Projects
+  ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/
+  additionalProjects: []
+  # - name: guestbook
+  #   namespace: argocd
+  #   additionalLabels: {}
+  #   additionalAnnotations: {}
+  #   description: Example Project
+  #   sourceRepos:
+  #   - '*'
+  #   destinations:
+  #   - namespace: guestbook
+  #     server: https://kubernetes.default.svc
+  #   clusterResourceWhitelist: []
+  #   namespaceResourceBlacklist:
+  #   - group: ''
+  #     kind: ResourceQuota
+  #   - group: ''
+  #     kind: LimitRange
+  #   - group: ''
+  #     kind: NetworkPolicy
+  #     orphanedResources: {}
+  #     roles: []
+  #   orphanedResources: {}
+  #   roles: []
+
+## Repo Server
+repoServer:
+  name: repo-server
+
+  image: {}
+  #  repository: argoproj/argocd
+  #  tag: v1.2.1
+  #  imagePullPolicy: IfNotPresent
+
+  ## Additional command line arguments to pass to argocd-repo-server
+  ##
+  extraArgs: []
+
+  ## Argo repoServer log level
+  logLevel: info
+
+  ## Annotations to be added to repo server pods
+  ##
+  podAnnotations: {}
+
+  ## Labels to be added to repo server pods
+  ##
+  podLabels: {}
+
+  ## Configures the repo server port
+  containerPort: 8081
+
+  ## Readiness and liveness probes for default backend
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
+  ##
+  readinessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+  livenessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+
+  ## Additional volumeMounts to the repo server main container.
+  volumeMounts: []
+
+  ## Additional volumes to the repo server pod.
+  volumes: []
+
+  ## Node selectors and tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  priorityClassName: ""
+
+  resources: {}
+  #  limits:
+  #    cpu: 50m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 10m
+  #    memory: 64Mi
+
+  ## Repo server service configuration
+  service:
+    annotations: {}
+    labels: {}
+    port: 8081
+
+  ## Repo server metrics service configuration
+  metrics:
+    enabled: false
+    service:
+      annotations: {}
+      labels: {}
+      servicePort: 8084
+    serviceMonitor:
+      enabled: false
+    #   selector:
+    #     prometheus: kube-prometheus
+    #   namespace: monitoring
+    #   additionalLabels: {}
+
+## Argo Configs
+configs:
+  knownHosts:
+    data:
+      ssh_known_hosts: |
+        bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
+        github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
+        gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=
+        gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf
+        gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
+        ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
+        vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
+  tlsCerts: {}
+    # data:
+    #   argocd.example.com: |
+    #     -----BEGIN CERTIFICATE-----
+    #     MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL
+    #     BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE
+    #     BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0
+    #     c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda
+    #     Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT
+    #     YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES
+    #     MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi
+    #     MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5
+    #     NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc
+    #     CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u
+    #     P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G
+    #     ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+
+    #     YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E
+    #     Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko
+    #     Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J
+    #     kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u
+    #     kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO
+    #     gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7
+    #     bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86
+    #     r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/
+    #     BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn
+    #     Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx
+    #     CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2
+    #     XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT
+    #     +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr
+    #     d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO
+    #     OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so
+    #     6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr
+    #     jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8
+    #     9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W
+    #     +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK
+    #     XWyb96wrUlv+E8I=
+    #     -----END CERTIFICATE-----
+  secret:
+    createSecret: true
+    githubSecret: ""
+    gitlabSecret: ""
+    bitbucketSecret: ""

charts/argo-ci/Chart.yaml

@@ -1,5 +1,11 @@
 apiVersion: v1
 description: A Helm chart for Argo-CI
 name: argo-ci
-version: 0.1.4
+version: 0.1.5
 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
+appVersion: v1.0.0-alpha2
+home: https://github.com/argoproj/argo-helm
+maintainers:
+  - name: alexec
+  - name: alexmt
+  - name: jessesuen

charts/argo-ci/values.yaml

@@ -9,4 +9,3 @@ argo:
   installMinio: true
   minioBucketName: argo-artifacts
   useReleaseAsInstanceID: true
-  

charts/argo-events/Chart.yaml

@@ -1,15 +1,16 @@
 apiVersion: v1
 description: A Helm chart to install Argo-Events in k8s Cluster
 name: argo-events
-version: 0.5.1
+version: 0.5.2
 keywords:
-- argo-events
+  - argo-events
-- sensor-controller
+  - sensor-controller
-- gateway-controller
+  - gateway-controller
 sources:
-- https://github.com/argoproj/argo-events
+  - https://github.com/argoproj/argo-events
 maintainers:
-- name: Vaibhav Page
+  - name: VaibhavPage
-- name: Matt Magaldi
+  - name: magaldima
 appVersion: 0.10
 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
+home: https://github.com/argoproj/argo-helm

charts/argo/Chart.yaml

@@ -2,5 +2,11 @@ apiVersion: v1
 appVersion: "v2.4.2"
 description: A Helm chart for Argo Workflows
 name: argo
-version: 0.6.2
+version: 0.6.3
 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png
+home: https://github.com/argoproj/argo-helm
+maintainers:
+  - name: alexec
+  - name: alexmt
+  - name: jessesuen
+  - name: benjaminws

scripts/lint.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+set -eux
+
+SRCROOT="$(cd "$(dirname "$0")/.." && pwd)"
+
+for dir in $(find $SRCROOT/charts -mindepth 1 -maxdepth 1 -type d);
+do
+ name=$(basename $dir)
+ echo "Running Helm linting for $name"
+ docker run \
+    -v "$SRCROOT:/workdir" \
+    gcr.io/kubernetes-charts-ci/test-image:v3.0.1 \
+    ct \
+    lint \
+    --config .circleci/chart-testing.yaml \
+    --lint-conf .circleci/lintconf.yaml \
+    --charts "/workdir/charts/${name}"
+done

scripts/publish.sh

@@ -2,7 +2,7 @@
 set -eux
 
 SRCROOT="$(cd "$(dirname "$0")/.." && pwd)"
-GIT_PUSH=${GIT_PUSH:-true}
+GIT_PUSH=${GIT_PUSH:-false}
 
 rm -rf $SRCROOT/output && git clone -b gh-pages git@github.com:argoproj/argo-helm.git $SRCROOT/output