diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 5e51a8cd..52a841b9 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -85,6 +85,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.gitCommitTemplate | string | `""` | Changing the Git commit message | | config.gitCommitUser | string | `""` | Username to use for Git commits | | config.logLevel | string | `"info"` | Argo CD Image Update log level | +| config.namespaced | string | `"true"` | Check annotations in ArgoCD namespace only (if true) or in all namespaces (if false) | | config.registries | list | `[]` | Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | | config.sshConfig | object | `{}` | Argo CD Image Updater ssh client parameter configuration. | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | diff --git a/charts/argocd-image-updater/templates/clusterrole.yaml b/charts/argocd-image-updater/templates/clusterrole.yaml new file mode 100644 index 00000000..4137219d --- /dev/null +++ b/charts/argocd-image-updater/templates/clusterrole.yaml @@ -0,0 +1,36 @@ +{{- if .Values.rbac.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-image-updater-clusterrole + labels: + {{ include "argocd-image-updater.labels" . | nindent 4 }} +rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - delete + - get + - patch + - list + - watch + - apiGroups: + - "" + resources: + - applications + - applicationsets + verbs: + - get + - list + - update + - patch + - apiGroups: + - "" + resources: + - events + verbs: + - create +{{- end }} \ No newline at end of file diff --git a/charts/argocd-image-updater/templates/clusterrolebinding.yaml b/charts/argocd-image-updater/templates/clusterrolebinding.yaml new file mode 100644 index 00000000..dceb41e9 --- /dev/null +++ b/charts/argocd-image-updater/templates/clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if .Values.rbac.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-image-updater-clusterrolebinding + labels: + {{ include "argocd-image-updater.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-image-updater-clusterrole +subjects: + - kind: ServiceAccount + name: {{ include "argocd-image-updater.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml index 46ee3b80..77322079 100644 --- a/charts/argocd-image-updater/templates/configmap.yaml +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -46,3 +46,4 @@ data: registries: {{- toYaml . | nindent 6 }} {{- end }} + namespaced: {{ .Values.config.namespaced | quote }} \ No newline at end of file diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 4aaa83b3..e0ce2168 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -118,6 +118,12 @@ spec: key: git.commit-sign-off name: argocd-image-updater-config optional: true + - name: IMAGE_UPDATER_NAMESPACED + valueFrom: + configMapKeyRef: + key: namespaced + name: argocd-image-updater-config + optional: true {{- with .Values.extraEnv }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 19291de9..c543d96a 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -145,6 +145,9 @@ config: # -- Argo CD Image Update log level logLevel: "info" + # -- Check annotations in ArgoCD namespace only (if true) or in all namespaces (if false) + namespaced : "true" + # -- Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) registries: [] # - name: Docker Hub