Merge branch 'main' into main

2024-01-07 12:00:13 +09:00 · 2024-01-07 12:00:13 +09:00 · a2d31f2f36
commit a2d31f2f36
parent 766a2c6462 d1389a90b9
33 changed files with 141 additions and 132 deletions
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@ -3,7 +3,7 @@ appVersion: v2.9.3
 kubeVersion: ">=1.23.0-0"
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 5.52.0
+version: 5.52.1
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 sources:
@ -27,4 +27,4 @@ annotations:
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
  artifacthub.io/changes: |
    - kind: changed
-      description: Use new Argo CD extension mechanism
+      description: DRY cleanup of ServiceAccounts
--- a/charts/argo-cd/templates/_helpers.tpl
+++ b/charts/argo-cd/templates/_helpers.tpl
@ -11,7 +11,7 @@ to 63 chars and it includes 10 chars of hash and a separating '-'.
 {{/*
 Create the name of the controller service account to use
 */}}
-{{- define "argo-cd.controllerServiceAccountName" -}}
+{{- define "argo-cd.controller.serviceAccountName" -}}
 {{- if .Values.controller.serviceAccount.create -}}
    {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
 {{- else -}}
@ -40,7 +40,7 @@ Create Dex server endpoint
 {{/*
 Create the name of the dex service account to use
 */}}
-{{- define "argo-cd.dexServiceAccountName" -}}
+{{- define "argo-cd.dex.serviceAccountName" -}}
 {{- if .Values.dex.serviceAccount.create -}}
    {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
 {{- else -}}
@ -78,7 +78,7 @@ Return Redis server endpoint
 {{/*
 Create the name of the redis service account to use
 */}}
-{{- define "argo-cd.redisServiceAccountName" -}}
+{{- define "argo-cd.redis.serviceAccountName" -}}
 {{- if .Values.redis.serviceAccount.create -}}
    {{ default (include "argo-cd.redis.fullname" .) .Values.redis.serviceAccount.name }}
 {{- else -}}
@ -96,7 +96,7 @@ Create argocd server name and version as used by the chart label.
 {{/*
 Create the name of the Argo CD server service account to use
 */}}
-{{- define "argo-cd.serverServiceAccountName" -}}
+{{- define "argo-cd.server.serviceAccountName" -}}
 {{- if .Values.server.serviceAccount.create -}}
    {{ default (include "argo-cd.server.fullname" .) .Values.server.serviceAccount.name }}
 {{- else -}}
@ -114,7 +114,7 @@ Create argocd repo-server name and version as used by the chart label.
 {{/*
 Create the name of the repo-server service account to use
 */}}
-{{- define "argo-cd.repoServerServiceAccountName" -}}
+{{- define "argo-cd.repoServer.serviceAccountName" -}}
 {{- if .Values.repoServer.serviceAccount.create -}}
    {{ default (include "argo-cd.repoServer.fullname" .) .Values.repoServer.serviceAccount.name }}
 {{- else -}}
@ -132,7 +132,7 @@ Create argocd application set name and version as used by the chart label.
 {{/*
 Create the name of the application set service account to use
 */}}
-{{- define "argo-cd.applicationSetServiceAccountName" -}}
+{{- define "argo-cd.applicationSet.serviceAccountName" -}}
 {{- if .Values.applicationSet.serviceAccount.create -}}
    {{ default (include "argo-cd.applicationSet.fullname" .) .Values.applicationSet.serviceAccount.name }}
 {{- else -}}
@ -150,7 +150,7 @@ Create argocd notifications name and version as used by the chart label.
 {{/*
 Create the name of the notifications service account to use
 */}}
-{{- define "argo-cd.notificationsServiceAccountName" -}}
+{{- define "argo-cd.notifications.serviceAccountName" -}}
 {{- if .Values.notifications.serviceAccount.create -}}
    {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.serviceAccount.name }}
 {{- else -}}
--- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml
@ -12,6 +12,6 @@ roleRef:
  name: {{ include "argo-cd.controller.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ include "argo-cd.controllerServiceAccountName" . }}
+  name: {{ include "argo-cd.controller.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml
@ -1,15 +1,15 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ template "argo-cd.controller.fullname" . }}
+  name: {{ include "argo-cd.controller.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
-  name: {{ template "argo-cd.controller.fullname" . }}
+  name: {{ include "argo-cd.controller.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ template "argo-cd.controllerServiceAccountName" . }}
+  name: {{ include "argo-cd.controller.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
--- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml
@ -3,17 +3,17 @@ apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }}
 metadata:
-  name: {{ template "argo-cd.controllerServiceAccountName" . }}
+  name: {{ include "argo-cd.controller.serviceAccountName" . }}
  namespace: {{ .Release.Namespace | quote }}
-{{- if .Values.controller.serviceAccount.annotations }}
+  {{- with .Values.controller.serviceAccount.annotations }}
  annotations:
-  {{- range $key, $value := .Values.controller.serviceAccount.annotations }}
+    {{- range $key, $value := . }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
-  {{- range $key, $value := .Values.controller.serviceAccount.labels }}
+    {{- with .Values.controller.serviceAccount.labels }}
-    {{ $key }}: {{ $value | quote }}
+      {{- toYaml . | nindent 4 }}
    {{- end }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml
+++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml
@ -55,7 +55,7 @@ spec:
      {{- if .Values.controller.terminationGracePeriodSeconds }}
      terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
      {{- end }}
-      serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }}
+      serviceAccountName: {{ include "argo-cd.controller.serviceAccountName" . }}
      containers:
      - args:
        - /usr/local/bin/argocd-application-controller
--- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml
@ -55,7 +55,7 @@ spec:
      {{- if .Values.applicationSet.terminationGracePeriodSeconds }}
      terminationGracePeriodSeconds: {{ .Values.applicationSet.terminationGracePeriodSeconds }}
      {{- end }}
-      serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }}
+      serviceAccountName: {{ include "argo-cd.applicationSet.serviceAccountName" . }}
      containers:
        - name: {{ .Values.applicationSet.name }}
          image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }}
--- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml
@ -2,16 +2,16 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  name: {{ include "argo-cd.applicationSet.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
-  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  name: {{ include "argo-cd.applicationSet.fullname" . }}
 subjects:
  - kind: ServiceAccount
-    name: {{ template "argo-cd.applicationSetServiceAccountName" . }}
+    name: {{ include "argo-cd.applicationSet.serviceAccountName" . }}
    namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml
@ -3,17 +3,17 @@ apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }}
 metadata:
-  name: {{ template "argo-cd.applicationSetServiceAccountName" . }}
+  name: {{ include "argo-cd.applicationSet.serviceAccountName" . }}
  namespace: {{ .Release.Namespace | quote }}
-{{- if .Values.applicationSet.serviceAccount.annotations }}
+  {{- with .Values.applicationSet.serviceAccount.annotations }}
  annotations:
-  {{- range $key, $value := .Values.applicationSet.serviceAccount.annotations }}
+    {{- range $key, $value := . }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
-  {{- range $key, $value := .Values.applicationSet.serviceAccount.labels }}
+    {{- with .Values.applicationSet.serviceAccount.labels }}
-    {{ $key }}: {{ $value | quote }}
+      {{- toYaml . | nindent 4 }}
    {{- end }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml
@ -11,6 +11,6 @@ roleRef:
  name: {{ include "argo-cd.notifications.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ include "argo-cd.notificationsServiceAccountName" . }}
+  name: {{ include "argo-cd.notifications.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml
@ -54,7 +54,7 @@ spec:
      {{- if .Values.notifications.terminationGracePeriodSeconds }}
      terminationGracePeriodSeconds: {{ .Values.notifications.terminationGracePeriodSeconds }}
      {{- end }}
-      serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }}
+      serviceAccountName: {{ include "argo-cd.notifications.serviceAccountName" . }}
      containers:
        - name: {{ .Values.notifications.name }}
          image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }}
--- a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml
@ -2,16 +2,16 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ template "argo-cd.notifications.fullname" . }}
+  name: {{ include "argo-cd.notifications.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
-  name: {{ template "argo-cd.notifications.fullname" . }}
+  name: {{ include "argo-cd.notifications.fullname" . }}
 subjects:
  - kind: ServiceAccount
-    name: {{ template "argo-cd.notificationsServiceAccountName" . }}
+    name: {{ include "argo-cd.notifications.serviceAccountName" . }}
    namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml
@ -3,17 +3,17 @@ apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }}
 metadata:
-  name: {{ template "argo-cd.notificationsServiceAccountName" . }}
+  name: {{ include "argo-cd.notifications.serviceAccountName" . }}
  namespace: {{ .Release.Namespace | quote }}
-{{- if .Values.notifications.serviceAccount.annotations }}
+  {{- with .Values.notifications.serviceAccount.annotations }}
  annotations:
-  {{- range $key, $value := .Values.notifications.serviceAccount.annotations }}
+    {{- range $key, $value := . }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
-  {{- range $key, $value := .Values.notifications.serviceAccount.labels }}
+    {{- with .Values.notifications.serviceAccount.labels }}
-    {{ $key }}: {{ $value | quote }}
+      {{- toYaml . | nindent 4 }}
    {{- end }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml
@ -12,6 +12,6 @@ roleRef:
  name: {{ include "argo-cd.repoServer.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ include "argo-cd.repoServerServiceAccountName" . }}
+  name: {{ include "argo-cd.repoServer.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml
@ -65,7 +65,7 @@ spec:
      {{- if .Values.repoServer.terminationGracePeriodSeconds }}
      terminationGracePeriodSeconds: {{ .Values.repoServer.terminationGracePeriodSeconds }}
      {{- end }}
-      serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }}
+      serviceAccountName: {{ include "argo-cd.repoServer.serviceAccountName" . }}
      containers:
      - name: {{ .Values.repoServer.name }}
        image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
--- a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml
@ -2,16 +2,16 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ template "argo-cd.repoServer.fullname" . }}
+  name: {{ include "argo-cd.repoServer.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
-  name: {{ template "argo-cd.repoServer.fullname" . }}
+  name: {{ include "argo-cd.repoServer.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ template "argo-cd.repoServerServiceAccountName" . }}
+  name: {{ include "argo-cd.repoServer.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml
@ -3,17 +3,17 @@ apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }}
 metadata:
-  name: {{ template "argo-cd.repoServerServiceAccountName" . }}
+  name: {{ include "argo-cd.repoServer.serviceAccountName" . }}
  namespace: {{ .Release.Namespace | quote }}
-{{- if .Values.repoServer.serviceAccount.annotations }}
+  {{- with .Values.repoServer.serviceAccount.annotations }}
  annotations:
-  {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }}
+    {{- range $key, $value := . }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
    {{- range $key, $value := .Values.repoServer.serviceAccount.labels }}
-    {{ $key }}: {{ $value | quote }}
+      {{- toYaml . | nindent 4 }}
    {{- end }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml
@ -12,6 +12,6 @@ roleRef:
  name: {{ include "argo-cd.server.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ include "argo-cd.serverServiceAccountName" . }}
+  name: {{ include "argo-cd.server.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-server/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-server/deployment.yaml
@ -56,7 +56,7 @@ spec:
      {{- if .Values.server.terminationGracePeriodSeconds }}
      terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }}
      {{- end }}
-      serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }}
+      serviceAccountName: {{ include "argo-cd.server.serviceAccountName" . }}
      containers:
      - name: {{ .Values.server.name }}
        image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }}
--- a/charts/argo-cd/templates/argocd-server/rolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-server/rolebinding.yaml
@ -1,7 +1,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
+  name: {{ include "argo-cd.server.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
@ -11,5 +11,5 @@ roleRef:
  name: {{ template "argo-cd.server.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ template "argo-cd.serverServiceAccountName" . }}
+  name: {{ include "argo-cd.server.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
--- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml
@ -3,17 +3,17 @@ apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.server.serviceAccount.automountServiceAccountToken }}
 metadata:
-  name: {{ template "argo-cd.serverServiceAccountName" . }}
+  name: {{ include "argo-cd.server.serviceAccountName" . }}
  namespace: {{ .Release.Namespace | quote }}
-{{- if .Values.server.serviceAccount.annotations }}
+  {{- with .Values.server.serviceAccount.annotations }}
  annotations:
-  {{- range $key, $value := .Values.server.serviceAccount.annotations }}
+    {{- range $key, $value := . }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
    {{- range $key, $value := .Values.server.serviceAccount.labels }}
-    {{ $key }}: {{ $value | quote }}
+      {{- toYaml . | nindent 4 }}
    {{- end }}
 {{- end }}
--- a/charts/argo-cd/templates/dex/deployment.yaml
+++ b/charts/argo-cd/templates/dex/deployment.yaml
@ -58,7 +58,7 @@ spec:
      {{- if .Values.dex.terminationGracePeriodSeconds }}
      terminationGracePeriodSeconds: {{ .Values.dex.terminationGracePeriodSeconds }}
      {{- end }}
-      serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
+      serviceAccountName: {{ template "argo-cd.dex.serviceAccountName" . }}
      containers:
      - name: {{ .Values.dex.name }}
        image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
--- a/charts/argo-cd/templates/dex/rolebinding.yaml
+++ b/charts/argo-cd/templates/dex/rolebinding.yaml
@ -2,16 +2,16 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ template "argo-cd.dex.fullname" . }}
+  name: {{ include "argo-cd.dex.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
-  name: {{ template "argo-cd.dex.fullname" . }}
+  name: {{ include "argo-cd.dex.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ template "argo-cd.dexServiceAccountName" . }}
+  name: {{ include "argo-cd.dex.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo-cd/templates/dex/serviceaccount.yaml
+++ b/charts/argo-cd/templates/dex/serviceaccount.yaml
@ -3,11 +3,11 @@ apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.dex.serviceAccount.automountServiceAccountToken }}
 metadata:
-  name: {{ template "argo-cd.dexServiceAccountName" . }}
+  name: {{ include "argo-cd.dex.serviceAccountName" . }}
  namespace: {{ .Release.Namespace | quote }}
-{{- if .Values.dex.serviceAccount.annotations }}
+  {{- with .Values.dex.serviceAccount.annotations }}
  annotations:
-  {{- range $key, $value := .Values.dex.serviceAccount.annotations }}
+    {{- range $key, $value := . }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
--- a/charts/argo-cd/templates/redis/deployment.yaml
+++ b/charts/argo-cd/templates/redis/deployment.yaml
@ -51,7 +51,7 @@ spec:
      {{- if .Values.redis.terminationGracePeriodSeconds }}
      terminationGracePeriodSeconds: {{ .Values.redis.terminationGracePeriodSeconds }}
      {{- end }}
-      serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }}
+      serviceAccountName: {{ include "argo-cd.redis.serviceAccountName" . }}
      containers:
      - name: {{ .Values.redis.name }}
        image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
--- a/charts/argo-cd/templates/redis/serviceaccount.yaml
+++ b/charts/argo-cd/templates/redis/serviceaccount.yaml
@ -3,11 +3,11 @@ apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }}
 metadata:
-  name: {{ template "argo-cd.redisServiceAccountName" . }}
+  name: {{ include "argo-cd.redis.serviceAccountName" . }}
  namespace: {{ .Release.Namespace | quote }}
-{{- if .Values.redis.serviceAccount.annotations }}
+  {{- with .Values.redis.serviceAccount.annotations }}
  annotations:
-  {{- range $key, $value := .Values.redis.serviceAccount.annotations }}
+    {{- range $key, $value := . }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
--- a/charts/argo-workflows/Chart.yaml
+++ b/charts/argo-workflows/Chart.yaml
@ -3,7 +3,7 @@ appVersion: v3.5.2
 name: argo-workflows
 description: A Helm chart for Argo Workflows
 type: application
-version: 0.40.3
+version: 0.40.4
 icon: https://argoproj.github.io/argo-workflows/assets/logo.png
 home: https://github.com/argoproj/argo-helm
 sources:
@ -16,5 +16,5 @@ annotations:
    fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
  artifacthub.io/changes: |
-    - kind: added
+    - kind: changed
-      description: Add instruction for SSO
+      description: Update doc for Argo Workflows server authentication
--- a/charts/argo-workflows/README.md
+++ b/charts/argo-workflows/README.md
@ -56,11 +56,6 @@ spec:
        args: [ "hello world" ]
 ```
 ### Argo Workflows Server SSO
 In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`.
 In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details.
 ## Installing the Chart
 To install the chart with the release name `my-release`:
@ -89,9 +84,12 @@ Please see the upstream [Operator Manual's High Availability page](https://argop
 This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs.
-### Workflow server authentication
+### Argo Workflows server authentication
-By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting.
+Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means.
 Please refer to [Argo Server Auth Mode] for more details.
 Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details.
 ## Values
@ -392,4 +390,5 @@ Fields to note:
 [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
 [values.yaml]: values.yaml
 [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog
-[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac
+[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/
 [Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/
--- a/charts/argo-workflows/README.md.gotmpl
+++ b/charts/argo-workflows/README.md.gotmpl
@ -56,11 +56,6 @@ spec:
        args: [ "hello world" ]
 ```
 ### Argo Workflows Server SSO
 In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`.
 In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details.
 ## Installing the Chart
 To install the chart with the release name `my-release`:
@ -89,9 +84,13 @@ Please see the upstream [Operator Manual's High Availability page](https://argop
 This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs.
-### Workflow server authentication
+### Argo Workflows server authentication
 Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means.
 Please refer to [Argo Server Auth Mode] for more details.
 Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details.
 By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting.
 ## Values
@ -209,4 +208,5 @@ Fields to note:
 [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
 [values.yaml]: values.yaml
 [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog
-[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac
+[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/
 [Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/ 
--- a/charts/argocd-image-updater/Chart.yaml
+++ b/charts/argocd-image-updater/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 name: argocd-image-updater
 description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD
 type: application
-version: 0.9.1
+version: 0.9.2
 appVersion: v0.12.2
 home: https://github.com/argoproj-labs/argocd-image-updater
 icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png
@ -18,5 +18,7 @@ annotations:
    fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
  artifacthub.io/changes: |
-    - kind: added
+    - kind: fixed
-      description: Introduce chart signing
+      description: Update outdated link on README
    - kind: changed
      description: Refactor README
--- a/charts/argocd-image-updater/README.md
+++ b/charts/argocd-image-updater/README.md
@ -14,7 +14,7 @@ helm repo add argo https://argoproj.github.io/argo-helm
 helm install argocd-image-updater argo/argocd-image-updater
 ```
-You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart).
+You will also need to run through the [secret setup documentation] so Argo CD Image Updater can talk to the Argo CD API (until its automated in this chart).
 ## Prerequisites
@ -22,7 +22,7 @@ You will also need to run through the [secret setup documentation](https://argoc
 ## Configuration options
-In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags).
+In order for your deployment of Argo CD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page].
 All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your Argo CD instance is setup, are set in the `config.argocd` values block. For instance:
@ -35,12 +35,12 @@ config:
    plaintext: true
 ```
-Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so.
+Any additional arguments mentioned on the [argocd-image-updater flags page] can be configured using the `extraArgs` value, like so.
 ### Argo CD API key
 If you are unable to install Argo CD Image Updater into the same Kubernetes cluster you might configure it to use API of your Argo CD installation.
-Please also read [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/).
+Please also read [Configuration of Container Registries].
 ```yaml
 config:
@ -52,7 +52,7 @@ If you specify a token value the secret will be created.
 ### Registries
-ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)):
+Argo CD Image Updater natively supports the following registries (as mentioned in [Configuration of Container Registries]):
 - Docker Hub
 - Google Container Registry
@ -60,7 +60,7 @@ ArgoCD Image Updater natively supports the following registries (as mentioned in
 - GitHub Container Registry
 - GitHub Docker Packages
-If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR.
+If you need support for ECR, you can reference this issue, [Support ECR authentication], for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR.
 The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart.
@ -125,3 +125,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
 [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
 [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
 [secret setup documentation]: https://argocd-image-updater.readthedocs.io/en/stable/install/installation/#method-2-connect-using-argo-cd-api-server
 [argocd-image-updater flags page]: https://argocd-image-updater.readthedocs.io/en/stable/install/reference/#flags
 [Configuration of Container Registries]: https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/
 [Support ECR authentication]: https://github.com/argoproj-labs/argocd-image-updater/issues/112
--- a/charts/argocd-image-updater/README.md.gotmpl
+++ b/charts/argocd-image-updater/README.md.gotmpl
@ -14,7 +14,7 @@ helm repo add argo https://argoproj.github.io/argo-helm
 helm install argocd-image-updater argo/argocd-image-updater
 ```
-You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart).
+You will also need to run through the [secret setup documentation] so Argo CD Image Updater can talk to the Argo CD API (until its automated in this chart).
 ## Prerequisites
@ -22,7 +22,7 @@ You will also need to run through the [secret setup documentation](https://argoc
 ## Configuration options
-In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags).
+In order for your deployment of Argo CD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page].
 All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your Argo CD instance is setup, are set in the `config.argocd` values block. For instance:
@ -35,12 +35,12 @@ config:
    plaintext: true
 ```
-Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so.
+Any additional arguments mentioned on the [argocd-image-updater flags page] can be configured using the `extraArgs` value, like so.
 ### Argo CD API key
 If you are unable to install Argo CD Image Updater into the same Kubernetes cluster you might configure it to use API of your Argo CD installation.
-Please also read [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/).
+Please also read [Configuration of Container Registries].
 ```yaml
 config:
@ -52,7 +52,7 @@ If you specify a token value the secret will be created.
 ### Registries
-ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)):
+Argo CD Image Updater natively supports the following registries (as mentioned in [Configuration of Container Registries]):
 - Docker Hub
 - Google Container Registry
@ -60,7 +60,7 @@ ArgoCD Image Updater natively supports the following registries (as mentioned in
 - GitHub Container Registry
 - GitHub Docker Packages
-If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR.
+If you need support for ECR, you can reference this issue, [Support ECR authentication], for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR.
 The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart.
@ -71,3 +71,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
 [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
 [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
 [secret setup documentation]: https://argocd-image-updater.readthedocs.io/en/stable/install/installation/#method-2-connect-using-argo-cd-api-server
 [argocd-image-updater flags page]: https://argocd-image-updater.readthedocs.io/en/stable/install/reference/#flags
 [Configuration of Container Registries]: https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/
 [Support ECR authentication]: https://github.com/argoproj-labs/argocd-image-updater/issues/112