diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 207f260c..edfff5f5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -14,6 +14,10 @@ This chart currently installs the non-HA version of ArgoCD. ## Upgrading +### 2.14.7 and above + +The `matchLabels` key in the ArgoCD Appliaction Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. + ### 2.10.x to 2.11.0 The application controller is now available as a `StatefulSet` when the `controller.enableStatefulSet` flag is set to true. Depending on your Helm deployment this may be a downtime or breaking change if enabled when using HA and will become the default in 3.x. @@ -329,7 +333,7 @@ through `xxx.extraArgs` | redis.securityContext | Redis Pod Security Context | See [values.yaml](values.yaml) | | redis.servicePort | Redis service port | `6379` | | redis.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| redis-ha | Configures [Redis HA subchart](https://github.com/helm/charts/tree/master/stable/redis-ha) The properties below have been changed from the subchart defaults | | +| redis-ha | Configures [Redis HA subchart](https://github.com/DandyDeveloper/charts/tree/master/charts/redis-ha) The properties below have been changed from the subchart defaults | | | redis-ha.enabled | Enables the Redis HA subchart and disables the custom Redis single node deployment| `false` | | redis-ha.exporter.enabled | If `true`, the prometheus exporter sidecar is enabled | `true` | | redis-ha.persistentVolume.enabled | Configures persistency on Redis nodes | `false` diff --git a/charts/argo-cd/requirements.lock b/charts/argo-cd/requirements.lock index fd400f51..45d95b5b 100644 --- a/charts/argo-cd/requirements.lock +++ b/charts/argo-cd/requirements.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.10.1 -digest: sha256:e1e0526ad009ecc065df937b48c4e0e5877e5194242c7888b1dc4467775f2663 -generated: "2020-12-14T14:00:30.830130403+01:00" + version: 4.10.4 +digest: sha256:e36321520ffd6f91962b0bcfeae947a86983d6b6d273eb616f08425e2b8ab9c2 +generated: "2021-03-03T10:13:21.0955491+01:00" diff --git a/charts/argo-cd/requirements.yaml b/charts/argo-cd/requirements.yaml index 82c0ed62..fad20e4a 100644 --- a/charts/argo-cd/requirements.yaml +++ b/charts/argo-cd/requirements.yaml @@ -1,5 +1,5 @@ dependencies: - name: redis-ha - version: 4.10.1 + version: 4.10.4 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index c2260c78..e9a9d700 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -14,7 +14,7 @@ metadata: spec: selector: matchLabels: - app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} app.kubernetes.io/instance: {{ .Release.Name }} {{- if .Values.controller.enableStatefulSet }} serviceName: {{ template "argo-cd.controller.fullname" . }} diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 4f5960c4..cc676f23 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ -apiVersion: v1 +apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.0.0 +version: 1.2.3 keywords: - argo-events - sensor-controller @@ -12,6 +12,6 @@ sources: maintainers: - name: VaibhavPage - name: whynowy -appVersion: 1.0.0 +appVersion: 1.2.3 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-events/crds/eventbus-crd.yml b/charts/argo-events/crds/eventbus-crd.yml index 340d4989..d7cf3a1c 100644 --- a/charts/argo-events/crds/eventbus-crd.yml +++ b/charts/argo-events/crds/eventbus-crd.yml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: eventbus.argoproj.io @@ -12,4 +12,7 @@ spec: - eb singular: eventbus scope: Namespaced - version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo-events/crds/eventsource-crd.yml b/charts/argo-events/crds/eventsource-crd.yml index 2ed64f2e..3bddfee5 100644 --- a/charts/argo-events/crds/eventsource-crd.yml +++ b/charts/argo-events/crds/eventsource-crd.yml @@ -1,5 +1,5 @@ --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: eventsources.argoproj.io @@ -13,6 +13,9 @@ spec: listKind: EventSourceList shortNames: - es - version: "v1alpha1" + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo-events/crds/sensor-crd.yml b/charts/argo-events/crds/sensor-crd.yml index b38207f7..04b1d6b7 100644 --- a/charts/argo-events/crds/sensor-crd.yml +++ b/charts/argo-events/crds/sensor-crd.yml @@ -1,5 +1,5 @@ --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: sensors.argoproj.io @@ -13,5 +13,8 @@ spec: shortNames: - sn scope: Namespaced - version: "v1alpha1" + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index dc698b1b..dd734a88 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -37,7 +37,31 @@ spec: value: {{ .Values.eventbusController.natsStreamingImage }} - name: NATS_METRICS_EXPORTER_IMAGE value: {{ .Values.eventbusController.natsMetricsExporterImage }} + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 3 + periodSeconds: 3 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 3 + periodSeconds: 3 + {{- with .Values.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- if .Values.eventbusController.nodeSelector }} + nodeSelector: {{ toYaml .Values.eventbusController.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.eventbusController.tolerations }} + tolerations: {{ toYaml .Values.eventbusController.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.eventbusController.affinity }} + affinity: {{ toYaml .Values.eventbusController.affinity | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/eventbus-crd.yaml b/charts/argo-events/templates/eventbus-crd.yaml index 175e2e60..673e796f 100644 --- a/charts/argo-events/templates/eventbus-crd.yaml +++ b/charts/argo-events/templates/eventbus-crd.yaml @@ -1,5 +1,5 @@ {{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: eventbus.argoproj.io @@ -16,7 +16,6 @@ spec: - eb singular: eventbus scope: Namespaced - version: v1alpha1 versions: - name: v1alpha1 served: true diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 99947ade..95e7e83a 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -35,7 +35,31 @@ spec: fieldPath: metadata.namespace - name: EVENTSOURCE_IMAGE value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag }}" + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 3 + periodSeconds: 3 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 3 + periodSeconds: 3 + {{- with .Values.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- if .Values.eventsourceController.nodeSelector }} + nodeSelector: {{ toYaml .Values.eventsourceController.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.eventsourceController.tolerations }} + tolerations: {{ toYaml .Values.eventsourceController.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.eventsourceController.affinity }} + affinity: {{ toYaml .Values.eventsourceController.affinity | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/eventsource-crd.yaml b/charts/argo-events/templates/eventsource-crd.yaml index e791608b..920f2478 100644 --- a/charts/argo-events/templates/eventsource-crd.yaml +++ b/charts/argo-events/templates/eventsource-crd.yaml @@ -1,5 +1,5 @@ {{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: eventsources.argoproj.io @@ -16,5 +16,8 @@ spec: listKind: EventSourceList shortNames: - es - version: "v1alpha1" + versions: + - name: v1alpha1 + served: true + storage: true {{- end }} diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 425fd66b..214ee2bb 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -35,7 +35,31 @@ spec: fieldPath: metadata.namespace - name: SENSOR_IMAGE value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag }}" + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 3 + periodSeconds: 3 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 3 + periodSeconds: 3 + {{- with .Values.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- if .Values.sensorController.nodeSelector }} + nodeSelector: {{ toYaml .Values.sensorController.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.sensorController.tolerations }} + tolerations: {{ toYaml .Values.sensorController.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.sensorController.affinity }} + affinity: {{ toYaml .Values.sensorController.affinity | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/sensor-crd.yaml b/charts/argo-events/templates/sensor-crd.yaml index cf3793c4..b9ccc1bd 100644 --- a/charts/argo-events/templates/sensor-crd.yaml +++ b/charts/argo-events/templates/sensor-crd.yaml @@ -1,6 +1,6 @@ {{- if .Values.installCRD }} # Define a "sensor" custom resource definition -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: sensors.argoproj.io @@ -17,5 +17,8 @@ spec: shortNames: - sn scope: Namespaced - version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true {{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 1da1335f..05a8d634 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -21,7 +21,6 @@ additionalSaNamespaces: [] additionalServiceAccountRules: - apiGroups: - apiextensions.k8s.io - - apiextensions.k8s.io/v1beta1 verbs: - create - delete @@ -46,21 +45,34 @@ singleNamespace: true sensorController: name: sensor-controller image: sensor-controller - tag: v1.0.0 + tag: v1.2.3 replicaCount: 1 sensorImage: sensor + nodeSelector: {} + tolerations: {} + affinity: {} eventsourceController: name: eventsource-controller image: eventsource-controller - tag: v1.0.0 + tag: v1.2.3 replicaCount: 1 eventsourceImage: eventsource + nodeSelector: {} + tolerations: {} + affinity: {} eventbusController: name: eventbus-controller image: eventbus-controller - tag: v1.0.0 + tag: v1.2.3 replicaCount: 1 + nodeSelector: {} + tolerations: {} + affinity: {} natsStreamingImage: nats-streaming:0.17.0 natsMetricsExporterImage: synadia/prometheus-nats-exporter:0.6.2 + +securityContext: + runAsNonRoot: true + runAsUser: 9731 diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 2353232f..d519e34c 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.12.5 description: A Helm chart for Argo Workflows name: argo -version: 0.16.2 +version: 0.16.7 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml index 3000c129..85ce605d 100644 --- a/charts/argo/templates/server-cluster-roles.yaml +++ b/charts/argo/templates/server-cluster-roles.yaml @@ -111,11 +111,7 @@ rules: - delete --- apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -{{- else }} kind: ClusterRole -{{- end }} metadata: name: {{ .Release.Name }}-{{ .Values.server.name }}-cluster-template rules: diff --git a/charts/argo/templates/server-crb.yaml b/charts/argo/templates/server-crb.yaml index 44467c7c..ad4cfeda 100644 --- a/charts/argo/templates/server-crb.yaml +++ b/charts/argo/templates/server-crb.yaml @@ -21,20 +21,12 @@ subjects: namespace: {{ .Release.Namespace }} --- apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: RoleBinding -{{ else }} kind: ClusterRoleBinding -{{- end }} metadata: name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template roleRef: apiGroup: rbac.authorization.k8s.io - {{- if .Values.singleNamespace }} - kind: Role - {{ else }} kind: ClusterRole - {{- end }} name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template subjects: - kind: ServiceAccount diff --git a/charts/argo/templates/workflow-aggregate-roles.yaml b/charts/argo/templates/workflow-aggregate-roles.yaml index 168dd862..b89e7b13 100644 --- a/charts/argo/templates/workflow-aggregate-roles.yaml +++ b/charts/argo/templates/workflow-aggregate-roles.yaml @@ -1,10 +1,6 @@ {{- if .Values.createAggregateRoles }} apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -{{ else }} kind: ClusterRole -{{- end }} metadata: annotations: helm.sh/hook: pre-install @@ -30,11 +26,7 @@ rules: - watch --- apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -{{ else }} kind: ClusterRole -{{- end }} metadata: annotations: helm.sh/hook: pre-install @@ -65,11 +57,7 @@ rules: - watch --- apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -{{ else }} kind: ClusterRole -{{- end }} metadata: annotations: helm.sh/hook: pre-install diff --git a/charts/argo/templates/workflow-controller-cluster-roles.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml index e5590060..4d596b1c 100644 --- a/charts/argo/templates/workflow-controller-cluster-roles.yaml +++ b/charts/argo/templates/workflow-controller-cluster-roles.yaml @@ -131,11 +131,7 @@ rules: - delete --- apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -{{- else }} kind: ClusterRole -{{- end }} metadata: name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template rules: diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 94b0bad6..26fe2cd8 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -53,7 +53,7 @@ data: endpoint: {{ .Values.artifactRepository.s3.endpoint | default (printf "%s-%s" .Release.Name "minio:9000") }} insecure: {{ .Values.artifactRepository.s3.insecure }} {{- if .Values.artifactRepository.s3.keyFormat }} - keyFormat: {{ .Values.artifactRepository.s3.keyFormat }} + keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }} {{- end }} {{- if .Values.artifactRepository.s3.region }} region: {{ .Values.artifactRepository.s3.region }} diff --git a/charts/argo/templates/workflow-controller-crb.yaml b/charts/argo/templates/workflow-controller-crb.yaml index 5e171155..66cca4d0 100644 --- a/charts/argo/templates/workflow-controller-crb.yaml +++ b/charts/argo/templates/workflow-controller-crb.yaml @@ -31,20 +31,12 @@ subjects: {{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: RoleBinding -{{ else }} kind: ClusterRoleBinding -{{- end }} metadata: name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template roleRef: apiGroup: rbac.authorization.k8s.io - {{- if .Values.singleNamespace }} - kind: Role - {{ else }} kind: ClusterRole - {{- end }} name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template subjects: - kind: ServiceAccount