merge 5.27.1

This commit is contained in:
Ilia Medvedev 2023-03-22 08:18:21 +02:00
commit b21dfe08d7
110 changed files with 8663 additions and 1509 deletions

View file

@ -38,8 +38,8 @@ jobs:
changed=$(ct --config ./.github/configs/ct-lint.yaml --target-branch ${{ github.base_ref }} list-changed)
charts=$(echo "$changed" | tr '\n' ' ' | xargs)
if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true"
echo "::set-output name=changed_charts::$charts"
echo "changed=true" >> $GITHUB_OUTPUT
echo "changed_charts=$charts" >> $GITHUB_OUTPUT
fi
- name: Run chart-testing (lint)
@ -58,7 +58,7 @@ jobs:
fi
- name: Create kind cluster
uses: helm/kind-action@v1.4.0
uses: helm/kind-action@v1.5.0
if: steps.list-changed.outputs.changed == 'true'
with:
config: .github/configs/kind-config.yaml

View file

@ -40,7 +40,7 @@ jobs:
helm package charts/argo-cd -u -d .cr-release-packages/
- name: Run chart-releaser
uses: helm/chart-releaser-action@main
uses: helm/chart-releaser-action@v1.5.0
with:
config: "./.github/configs/cr.yaml"
skip_packaging: true

View file

@ -14,7 +14,7 @@ jobs:
pull-requests: write # for actions/stale to close stale PRs
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v6
- uses: actions/stale@v7
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
# Number of days of inactivity before an issue becomes stale

View file

@ -7,7 +7,7 @@
/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco
# Argo CD
/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth
/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil
# Argo Events
/charts/argo-events/ @jbehling @VaibhavPage @pdrastil

View file

@ -2,110 +2,160 @@
Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently.
# Pull Requests
## Pull Requests
All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project.
### Pull Request Title Linting
We lint the title of your pull request to ensure it follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) specification. This is done using GitHub actions and the [action-semantic-pull-request](.github/workflows/pr-title.yml) workflow. We require the scope of the change to be included in the title. The scope should be the name of the chart you are changing. For example, if you are changing the `argo-cd` chart, the title of your pull request should be `fix(argo-cd): Fix typo in values.yaml`.
## Documentation
The documentation for each chart is generated with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation.
We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges):
```shell
./scripts/helm-docs.sh
```
> **Note**
> When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file.
### Updating a chart README.md
When updating the `README.md.gotmpl` inside a chart directory you must to run the `helm-docs` script to generate the updated `README.md` file. To reiterate, you should not edit the `README.md` file manually. It will be generated by the following command:
```shell
./scripts/helm-docs.sh
```
> **Note**
> If you see changes to unrelated chart `README.md` files you may have accidentally updated a `README.md.gotmpl` file in another chart's folder unintentionally or someone else failed to run this script. Please revert those changes if you do not intend them to be a part of your pull request.
## Versioning
Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease).
Each chart's version follows the [semver standard](https://semver.org/).
New charts should start at version `1.0.0`, if it's considered stable. If it isn't considered stable, it must be released as `prerelease`.
Any breaking changes to a chart (backwards incompatible) require:
* Bump of the current Major version of the chart
* State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades))
* Bump of the current Major version of the chart
* State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl`
### New Application Versions
When selecting new application versions ensure you make the following changes:
* `values.yaml`: Bump all instances of the container image version
* `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version`
Please ensure chart version changes adhere to semantic versioning standards:
* Major: Large chart rewrites, major non-backwards compatible or destructive changes
* Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes
* Patch: App version patch updates, backwards compatible optional chart features
### Immutability
Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error.
### Chart Versioning
Currently we require a chart version bump for every change to a chart, including updating information for older verions. This may change in the future.
### Artifact Hub Annotations
Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub.
* [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/)
* [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/)
#### Changelog
We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release.
Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template:
Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file).
A new `artifacthub.io/changes` needs to be written covering only the changes since the previous release.
Each change requires a new bullet point following the pattern. See more information [Artifact Hub annotations in Helm Chart.yaml file](https://artifacthub.io/docs/topics/annotations/helm/).
```yaml
- kind: {type}
description: {description}
```
You can use the following template:
```yaml
name: argo-cd
version: 3.4.1
version: 5.19.12
...
annotations:
artifacthub.io/changes: |
- "[Added]: Something New was added"
- "[Changed]: Changed Something within this chart"
- "[Changed]: Changed Something else within this chart"
- "[Deprecated]: Something deprecated"
- "[Removed]: Something was removed"
- "[Fixed]: Something was fixed"
- "[Security]": Some Security Patch was included"
- kind: added
description: Something New was added
- kind: changed
description: Changed Something within this chart
- kind: changed
description: Changed Something else within this chart
- kind: deprecated
description: Something deprecated
- kind: removed
description: Something was removed
- kind: fixed
description: Something was fixed
- kind: security
description: Some Security Patch was included
```
## Documentation
## Testing
The documentation for each chart is done with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation.
We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges):
```
bash scripts/helm-docs.sh
```
**NOTE**: When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file.
# Testing
## Testing Argo Workflows Changes
### Testing Argo Workflows Changes
Minimally:
```
```shell
helm install charts/argo-workflows -n argo
argo version
```
Follow this instructions for running a hello world workflow.
Follow [these](https://argoproj.github.io/argo-workflows/quick-start/#submitting-an-example-workflow) instructions for running a hello world workflow.
## Testing Argo CD Changes
### Testing Argo CD Changes
Clean-up:
```
```shell
helm delete argo-cd --purge
kubectl delete crd -l app.kubernetes.io/part-of=argocd
```
Pre-requisites:
```
```shell
helm repo add redis-ha https://dandydeveloper.github.io/charts/
helm dependency update
```
Minimally:
```
```shell
helm install argocd argo/argo-cd -n argocd --create-namespace
kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443
```
In a new terminal:
```
```shell
argocd version --server localhost:8080 --insecure
# reset password to 'Password1!'
kubectl -n argocd patch secret argocd-secret \
-p '{"stringData": {
"admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O",
"admin.passwordMtime": "'$(date +%FT%T%Z)'"
"admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O",
"admin.passwordMtime": "'$(date +%FT%T%Z)'"
}}'
argocd login localhost:8080 --username admin --password 'Password1!'
@ -114,38 +164,25 @@ argocd login localhost:8080 --username admin --password 'Password1!'
Create and sync app:
```
```shell
argocd app create guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --path guestbook --project default --repo https://github.com/argoproj/argocd-example-apps.git
argocd app sync guestbook
```
## New Application Versions
When raising application versions ensure you make the following changes:
- `values.yaml`: Bump all instances of the container image version
- `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version`
Please ensure chart version changes adhere to semantic versioning standards:
- Patch: App version patch updates, backwards compatible optional chart features
- Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes
- Major: Large chart rewrites, major non-backwards compatible or destructive changes
## Testing Charts
### Testing Charts
As part of the Continuous Integration system we run Helm's [Chart Testing](https://github.com/helm/chart-testing) tool.
The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames.
The checks for Chart Testing are stricter than the standard Helm requirements. For example, fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames.
Linting configuration can be found in [ct-lint.yaml](./.github/configs/ct-lint.yaml)
The linting can be invoked manually with the following command:
```
```shell
./scripts/lint.sh
```
## Publishing Changes
Changes are automatically publish whenever a commit is merged to main. The CI job (see `./.github/workflows/publish.yml`).
Changes are automatically publish whenever a commit is merged to the `main` branch by the CI job (see `./.github/workflows/publish.yml`).

View file

@ -1,5 +1,6 @@
# Argo Helm Charts
[![Slack](https://img.shields.io/badge/slack-%23argo--helm--charts-brightgreen.svg?logo=slack)](https://argoproj.github.io/community/join-slack)
[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
[![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml)
[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo)
@ -7,7 +8,7 @@
Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command:
```
```bash
helm repo add argo https://argoproj.github.io/argo-helm
```
@ -15,10 +16,27 @@ helm repo add argo https://argoproj.github.io/argo-helm
We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details.
### Custom resource definitions
Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of the main four charts (argo-cd, argo-workflows, argo-events, argo-rollouts) by using `--set crds.install=false` when installing the chart.
Helm cannot upgrade custom resource definitions in the `<chart>/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `<chart>/templates` to address this design decision.
If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:
Example:
```bash
kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=<appVersion>"
# Eg. version v2.4.9
kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9"
```
### Security Policy
If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new).
### Changelog
Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog).
Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog).

View file

@ -1,6 +1,6 @@
dependencies:
- name: redis-ha
repository: https://dandydeveloper.github.io/charts/
version: 4.22.3
digest: sha256:ef6269e4e073dad10c230ccfb069fc013608111c895c5e7568450bb3967cf195
generated: "2022-11-03T12:04:33.673857+09:00"
version: 4.22.4
digest: sha256:5df60910862b364ebfb82cba2b2f0951c39ad36446647fb3f501bdeadc92fbd7
generated: "2022-12-26T22:58:11.561184+09:00"

View file

@ -1,8 +1,8 @@
apiVersion: v2
appVersion: v2.5.5-cap-CR-16950
appVersion: v2.6.0-cap-CR-17237
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 5.16.0-2-cap-CR-16950
version: 5.27.1-1-cap-CR-17237
kubeVersion: ">=1.22.0-0"
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
@ -18,9 +18,10 @@ maintainers:
url: https://argoproj.github.io/
dependencies:
- name: redis-ha
version: 4.22.3
version: 4.22.4
repository: https://dandydeveloper.github.io/charts/
condition: redis-ha.enabled
annotations:
artifacthub.io/changes: |
- "[Added]: Ability to annotate Deployment and Statefulset objects for all components"
- kind: changed
description: Upgrade Argo CD to v2.6.6

View file

@ -105,14 +105,29 @@ For full list of changes please check ArtifactHub [changelog].
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
### 5.24.0
This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
Default `global.affinity` rules can be disabled when `none` value is used for the preset.
### 5.22.0
This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.
### 5.19.0
This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections.
You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories.
### 5.13.0
This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter.
### 5.12.0
This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server.
If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret.
If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead.
For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`.
For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys.
### 5.10.0
@ -359,12 +374,11 @@ NAME: my-release
| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart |
| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart |
| apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart |
| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart |
| apiVersionOverrides.pdb | string | `""` | String to override apiVersion of pod disruption budgets rendered by this helm chart |
| crds.annotations | object | `{}` | Annotations to be added to all CRDs |
| crds.install | bool | `true` | Install and upgrade CRDs |
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds |
| createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources |
| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. |
| extraObjects | list | `[]` | Array of extra K8s manifests to deploy |
| fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` |
| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests |
@ -376,6 +390,9 @@ NAME: my-release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| global.additionalLabels | object | `{}` | Common labels for the all resources |
| global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity |
| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` |
| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` |
| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments |
| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files |
| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments |
@ -386,11 +403,15 @@ NAME: my-release
| global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` |
| global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components |
| global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic |
| global.nodeSelector | object | `{}` | Default node selector for all components |
| global.podAnnotations | object | `{}` | Annotations for the all deployed pods |
| global.podLabels | object | `{}` | Labels for the all deployed pods |
| global.priorityClassName | string | `""` | Default priority class for all components |
| global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. |
| global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. |
| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets |
| global.tolerations | object | `{}` | Default tolerations for all components |
| global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components |
## Argo CD Configs
@ -401,17 +422,20 @@ NAME: my-release
| configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning |
| configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI |
| configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement |
| configs.cm."timeout.hard.reconciliation" | int | `0` | Timeout to refresh application data as well as target manifests cache |
| configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache |
| configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository |
| configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap |
| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] |
| configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO |
| configs.cmp.annotations | object | `{}` | Annotations to be added to argocd-cmp-cm configmap |
| configs.cmp.create | bool | `false` | Create the argocd-cmp-cm configmap |
| configs.cmp.plugins | object | `{}` | Plugin yaml files to be added to argocd-cmp-cm |
| configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos |
| configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret |
| configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap |
| configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring |
| configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts |
| configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations |
| configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability |
| configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` |
| configs.params."controller.operation.processors" | int | `10` | Number of application operation processors |
| configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. |
| configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts |
@ -443,25 +467,31 @@ NAME: my-release
| configs.secret.githubSecret | string | `""` | Shared secret for authenticating GitHub webhook events |
| configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events |
| configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events |
| configs.secret.labels | object | `{}` | Labels to be added to argocd-secret |
| configs.ssh.annotations | object | `{}` | Annotations to be added to argocd-ssh-known-hosts-cm configmap |
| configs.ssh.extraHosts | string | `""` | Additional known hosts for private repositories |
| configs.ssh.knownHosts | string | See [values.yaml] | Known hosts to be added to the known host list by default. |
| configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. |
| configs.tlsCerts | object | See [values.yaml] | TLS certificate |
| configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations |
| configs.tls.annotations | object | `{}` | Annotations to be added to argocd-tls-certs-cm configmap |
| configs.tls.certificates | object | `{}` (See [values.yaml]) | TLS certificates for Git repositories |
## Argo CD Controller
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| controller.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| controller.args | object | `{}` | DEPRECATED - Application controller commandline flags |
| controller.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments |
| controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource |
| controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource |
| controller.containerPort | int | `8082` | Application controller listening port |
| controller.containerPorts.metrics | int | `8082` | Metrics container port |
| controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context |
| controller.dnsConfig | object | `{}` | [DNS configuration] |
| controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods |
| controller.env | list | `[]` | Environment variables to pass to application controller |
| controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller |
| controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller |
| controller.extraContainers | list | `[]` | Additional containers to be added to the application controller pod |
| controller.hostNetwork | bool | `false` | Host Network for application controller pods |
| controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller |
| controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller |
| controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller |
@ -470,7 +500,11 @@ NAME: my-release
| controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric |
| controller.metrics.applicationLabels.labels | list | `[]` | Additional labels |
| controller.metrics.enabled | bool | `false` | Deploy metrics service |
| controller.metrics.rules.additionalLabels | object | `{}` | PrometheusRule labels |
| controller.metrics.rules.annotations | object | `{}` | PrometheusRule annotations |
| controller.metrics.rules.enabled | bool | `false` | Deploy a PrometheusRule for the application controller |
| controller.metrics.rules.namespace | string | `""` | PrometheusRule namespace |
| controller.metrics.rules.selector | object | `{}` | PrometheusRule selector |
| controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller |
| controller.metrics.service.annotations | object | `{}` | Metrics service annotations |
| controller.metrics.service.labels | object | `{}` | Metrics service labels |
@ -487,15 +521,15 @@ NAME: my-release
| controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| controller.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| controller.name | string | `"application-controller"` | Application controller name string |
| controller.nodeSelector | object | `{}` | [Node selector] |
| controller.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb |
| controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller |
| controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb |
| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
| controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods |
| controller.podLabels | object | `{}` | Labels to be added to application controller pods |
| controller.priorityClassName | string | `""` | Priority class for the application controller pods |
| controller.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the application controller pods |
| controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| controller.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
| controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
@ -509,8 +543,8 @@ NAME: my-release
| controller.serviceAccount.labels | object | `{}` | Labels applied to created service account |
| controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name |
| controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet |
| controller.tolerations | list | `[]` | [Tolerations] for use with node taints |
| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller |
| controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller |
| controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container |
| controller.volumes | list | `[]` | Additional volumes to the application controller pod |
@ -518,7 +552,7 @@ NAME: my-release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| repoServer.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer |
| repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server |
| repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] |
@ -526,21 +560,30 @@ NAME: my-release
| repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] |
| repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] |
| repoServer.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-repo-server-tls secret |
| repoServer.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-repo-server-tls secret |
| repoServer.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. |
| repoServer.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. |
| repoServer.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) |
| repoServer.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) |
| repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret |
| repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret |
| repoServer.certificateSecret.key | string | `""` | Certificate private key |
| repoServer.certificateSecret.key | string | `""` | Certificate private key |
| repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret |
| repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret |
| repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments |
| repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource |
| repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource |
| repoServer.containerPort | int | `8081` | Configures the repo server port |
| repoServer.containerPorts.metrics | int | `8084` | Metrics container port |
| repoServer.containerPorts.server | int | `8081` | Repo server container port |
| repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context |
| repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment |
| repoServer.dnsConfig | object | `{}` | [DNS configuration] |
| repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods |
| repoServer.env | list | `[]` | Environment variables to pass to repo server |
| repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server |
| repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server |
| repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod |
| repoServer.hostNetwork | bool | `false` | Host Network for Repo server pods |
| repoServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the repo server |
| repoServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the repo server |
| repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server |
@ -567,15 +610,15 @@ NAME: my-release
| repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| repoServer.name | string | `"repo-server"` | Repo server name |
| repoServer.nodeSelector | object | `{}` | [Node selector] |
| repoServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb |
| repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server |
| repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb |
| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
| repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods |
| repoServer.podLabels | object | `{}` | Labels to be added to repo server pods |
| repoServer.priorityClassName | string | `""` | Priority class for the repo server |
| repoServer.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the repo server pods |
| repoServer.rbac | list | `[]` | Repo server rbac rules |
| repoServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| repoServer.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
@ -593,8 +636,8 @@ NAME: my-release
| repoServer.serviceAccount.create | bool | `true` | Create repo server service account |
| repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account |
| repoServer.serviceAccount.name | string | `""` | Repo server service account name |
| repoServer.tolerations | list | `[]` | [Tolerations] for use with node taints |
| repoServer.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the repo server |
| repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server |
| repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container |
| repoServer.volumes | list | `[]` | Additional volumes to the repo server pod |
@ -608,7 +651,7 @@ NAME: my-release
| server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] |
| server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate |
| server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. |
| server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer |
| server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server |
| server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] |
@ -621,7 +664,7 @@ NAME: my-release
| server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) |
| server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` |
| server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` |
| server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` |
| server.certificate.issuer.name | string | `""` | Certificate issuer name. Eg. `letsencrypt` |
| server.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` |
| server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` |
| server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` |
@ -633,20 +676,24 @@ NAME: my-release
| server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret |
| server.certificateSecret.key | string | `""` | Private Key of the certificate |
| server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret |
| server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments |
| server.containerPort | int | `8080` | Configures the server port |
| server.containerPorts.metrics | int | `8083` | Metrics container port |
| server.containerPorts.server | int | `8080` | Server container port |
| server.containerSecurityContext | object | See [values.yaml] | Server container-level security context |
| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment |
| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment |
| server.dnsConfig | object | `{}` | [DNS configuration] |
| server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods |
| server.env | list | `[]` | Environment variables to pass to Argo CD server |
| server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server |
| server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context |
| server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions |
| server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions |
| server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions |
| server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image |
| server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image |
| server.extensions.image.tag | string | `"v0.2.1"` | Tag to use for extensions image |
| server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container |
| server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server |
| server.extraContainers | list | `[]` | Additional containers to be added to the server pod |
| server.hostNetwork | bool | `false` | Host Network for Server pods |
| server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server |
| server.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Argo CD server |
| server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server |
@ -697,15 +744,15 @@ NAME: my-release
| server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| server.name | string | `"server"` | Argo CD server name |
| server.nodeSelector | object | `{}` | [Node selector] |
| server.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb |
| server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server |
| server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb |
| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
| server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| server.podAnnotations | object | `{}` | Annotations to be added to server pods |
| server.podLabels | object | `{}` | Labels to be added to server pods |
| server.priorityClassName | string | `""` | Priority class for the Argo CD server |
| server.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the Argo CD server pods |
| server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
| server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
@ -724,7 +771,6 @@ NAME: my-release
| server.service.labels | object | `{}` | Server service labels |
| server.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field |
| server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from |
| server.service.namedTargetPort | bool | `true` | Use named target port for argocd |
| server.service.nodePortHttp | int | `30080` | Server service http port for NodePort service type (only if `server.service.type` is set to "NodePort") |
| server.service.nodePortHttps | int | `30443` | Server service https port for NodePort service type (only if `server.service.type` is set to "NodePort") |
| server.service.servicePortHttp | int | `80` | Server service http port |
@ -738,8 +784,8 @@ NAME: my-release
| server.serviceAccount.create | bool | `true` | Create server service account |
| server.serviceAccount.labels | object | `{}` | Labels applied to created service account |
| server.serviceAccount.name | string | `"argocd-server"` | Server service account name |
| server.tolerations | list | `[]` | [Tolerations] for use with node taints |
| server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the Argo CD server |
| server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server |
| server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container |
| server.volumes | list | `[]` | Additional volumes to the server pod |
@ -769,18 +815,20 @@ server:
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| dex.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret |
| dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. |
| dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) |
| dex.certificateSecret.enabled | bool | `false` | Create argocd-dex-server-tls secret |
| dex.certificateSecret.key | string | `""` | Certificate private key |
| dex.certificateSecret.labels | object | `{}` | Labels to be added to argocd-dex-server-tls secret |
| dex.containerPortGrpc | int | `5557` | Container port for gRPC access |
| dex.containerPortHttp | int | `5556` | Container port for HTTP access |
| dex.containerPortMetrics | int | `5558` | Container port for metrics access |
| dex.containerPorts.grpc | int | `5557` | gRPC container port |
| dex.containerPorts.http | int | `5556` | HTTP container port |
| dex.containerPorts.metrics | int | `5558` | Metrics container port |
| dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context |
| dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment |
| dex.dnsConfig | object | `{}` | [DNS configuration] |
| dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods |
| dex.enabled | bool | `true` | Enable dex |
| dex.env | list | `[]` | Environment variables to pass to the Dex server |
| dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server |
@ -815,7 +863,7 @@ server:
| dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| dex.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| dex.name | string | `"dex-server"` | Dex name |
| dex.nodeSelector | object | `{}` | [Node selector] |
| dex.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb |
| dex.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Dex server |
| dex.pdb.labels | object | `{}` | Labels to be added to Dex server pdb |
@ -823,7 +871,7 @@ server:
| dex.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods |
| dex.podLabels | object | `{}` | Labels to be added to the Dex server pods |
| dex.priorityClassName | string | `""` | Priority class for dex |
| dex.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the dex pods |
| dex.readinessProbe.enabled | bool | `false` | Enable Kubernetes readiness probe for Dex >= 2.28.0 |
| dex.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| dex.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
@ -840,8 +888,8 @@ server:
| dex.servicePortHttp | int | `5556` | Service port for HTTP access |
| dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access |
| dex.servicePortMetrics | int | `5558` | Service port for metrics access |
| dex.tolerations | list | `[]` | [Tolerations] for use with node taints |
| dex.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to dex |
| dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex |
| dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container |
| dex.volumes | list | `[]` | Additional volumes to the dex pod |
@ -851,27 +899,31 @@ server:
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| redis.containerPort | int | `6379` | Redis container port |
| redis.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| redis.containerPorts.metrics | int | `9121` | Metrics container port |
| redis.containerPorts.redis | int | `6379` | Redis container port |
| redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context |
| redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment |
| redis.dnsConfig | object | `{}` | [DNS configuration] |
| redis.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Redis server pods |
| redis.enabled | bool | `true` | Enable redis |
| redis.env | list | `[]` | Environment variables to pass to the Redis server |
| redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server |
| redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context |
| redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar |
| redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter |
| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter |
| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter |
| redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter |
| redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar |
| redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server |
| redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod |
| redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy |
| redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy |
| redis.image.repository | string | `"quay.io/codefresh/redis"` | Redis repository |
| redis.image.tag | string | `"7.0.5-alpine"` | Redis tag |
| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag |
| redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
| redis.initContainers | list | `[]` | Init containers to add to the redis pod |
| redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar |
| redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context |
| redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar |
| redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy |
| redis.metrics.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository |
| redis.metrics.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag |
| redis.metrics.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar |
| redis.metrics.enabled | bool | `false` | Deploy metrics service |
| redis.metrics.service.annotations | object | `{}` | Metrics service annotations |
| redis.metrics.service.clusterIP | string | `"None"` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
| redis.metrics.service.labels | object | `{}` | Metrics service labels |
@ -889,7 +941,7 @@ server:
| redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| redis.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| redis.name | string | `"redis"` | Redis name |
| redis.nodeSelector | object | `{}` | [Node selector] |
| redis.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| redis.pdb.annotations | object | `{}` | Annotations to be added to Redis pdb |
| redis.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Redis |
| redis.pdb.labels | object | `{}` | Labels to be added to Redis pdb |
@ -897,7 +949,7 @@ server:
| redis.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods |
| redis.podLabels | object | `{}` | Labels to be added to the Redis server pods |
| redis.priorityClassName | string | `""` | Priority class for redis |
| redis.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for redis pods |
| redis.resources | object | `{}` | Resource limits and requests for redis |
| redis.securityContext | object | See [values.yaml] | Redis pod-level security context |
| redis.service.annotations | object | `{}` | Redis service annotations |
@ -907,8 +959,8 @@ server:
| redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod |
| redis.serviceAccount.name | string | `""` | Service account name for redis pod |
| redis.servicePort | int | `6379` | Redis service port |
| redis.tolerations | list | `[]` | [Tolerations] for use with node taints |
| redis.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to redis |
| redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis |
| redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container |
| redis.volumes | list | `[]` | Additional volumes to the redis pod |
@ -921,11 +973,13 @@ The main options are listed here:
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment |
| redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled |
| redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar |
| redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter |
| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter |
| redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy |
| redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping |
| redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag |
| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes |
| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag |
| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes |
| redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) |
| redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled |
| redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated |
@ -1028,45 +1082,29 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| notifications.affinity | object | `{}` | Assign custom [affinity] rules |
| notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates |
| notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules |
| notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context |
| notifications.bots.slack.enabled | bool | `false` | Enable slack bot |
| notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot |
| notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot |
| notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot |
| notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
| notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] |
| notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb |
| notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot |
| notifications.bots.slack.pdb.labels | object | `{}` | Labels to be added to Slack bot pdb |
| notifications.bots.slack.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| notifications.bots.slack.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot |
| notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot |
| notifications.bots.slack.service.port | int | `80` | Service port for Slack bot |
| notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot |
| notifications.bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. |
| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints |
| notifications.cm.create | bool | `true` | Whether helm chart creates controller config map |
| notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map |
| notifications.containerPorts.metrics | int | `9001` | Metrics container port |
| notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context |
| notifications.context | object | `{}` | Define user-defined context |
| notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment |
| notifications.dnsConfig | object | `{}` | [DNS configuration] |
| notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods |
| notifications.enabled | bool | `false` | Enable notifications controller |
| notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller |
| notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller |
| notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod |
| notifications.extraEnv | list | `[]` | Additional container environment variables |
| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller |
| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller |
| notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) |
| notifications.extraVolumes | list | `[]` | List of extra volumes to add |
| notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller |
| notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller |
| notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller |
| notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Application controller log format. Either `text` or `json` |
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Application controller log level. One of: `debug`, `info`, `warn`, `error` |
| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod |
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` |
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` |
| notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server |
| notifications.metrics.port | int | `9001` | Metrics port |
| notifications.metrics.service.annotations | object | `{}` | Metrics service annotations |
@ -1075,31 +1113,35 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
| notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
| notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
| notifications.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion |
| notifications.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping |
| notifications.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme |
| notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| notifications.name | string | `"notifications-controller"` | Notifications controller name string |
| notifications.nodeSelector | object | `{}` | [Node selector] |
| notifications.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook |
| notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb |
| notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller |
| notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb |
| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
| notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods |
| notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods |
| notifications.priorityClassName | string | `""` | Priority class for the controller pods |
| notifications.resources | object | `{}` | Resource limits and requests for the controller |
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods |
| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods |
| notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods |
| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller |
| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret |
| notifications.secret.create | bool | `true` | Whether helm chart creates controller secret |
| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret |
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret |
| notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
| notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
| notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
| notifications.serviceAccount.create | bool | `true` | Create notifications controller service account |
| notifications.serviceAccount.labels | object | `{}` | Labels applied to created service account |
| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. |
| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name |
| notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions |
| notifications.templates | object | `{}` | The notification template is used to generate the notification content |
| notifications.tolerations | list | `[]` | [Tolerations] for use with node taints |
| notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller |
| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent |
----------------------------------------------
@ -1110,6 +1152,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom
[CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/
[changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog
[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
[external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters
[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters
[declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup

View file

@ -104,14 +104,29 @@ For full list of changes please check ArtifactHub [changelog].
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
### 5.24.0
This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
Default `global.affinity` rules can be disabled when `none` value is used for the preset.
### 5.22.0
This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.
### 5.19.0
This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections.
You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories.
### 5.13.0
This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter.
### 5.12.0
This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server.
If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret.
If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead.
For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`.
For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys.
### 5.10.0
@ -515,6 +530,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom
[CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/
[changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog
[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
[external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters
[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters
[declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup

View file

@ -52,6 +52,42 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys
{{- if .Values.configs.gpgKeysAnnotations }}
DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations
{{- end }}
<<<<<<< HEAD
=======
{{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }}
DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles
{{- end }}
{{- if hasKey (.Values.server.clusterAdminAccess | default dict) "enabled" }}
DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles
{{- end }}
{{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }}
DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles
{{- end }}
{{- if .Values.configs.knownHostsAnnotations }}
DEPRECATED option configs.knownHostsAnnotations - Use configs.ssh.annotations
{{- end }}
{{- if hasKey .Values.configs "knownHosts" }}
DEPRECATED option configs.knownHosts.data.ssh_known_hosts - Use configs.ssh.knownHosts
{{- end }}
{{- if .Values.configs.tlsCertsAnnotations }}
DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations
{{- end }}
{{- if hasKey .Values.configs "tlsCerts" }}
DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates
{{- end }}
{{- if .Values.applicationSet.logFormat }}
DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format
{{- end }}
{{- if .Values.applicationSet.logLevel }}
DEPRECATED option applicationSet.logLevel - Use configs.params.applicationsetcontroller.log.level
{{- end }}
{{- if .Values.applicationSet.args.policy }}
DEPRECATED option applicationSet.args.policy - Use configs.params.applicationsetcontroller.policy
{{- end }}
{{- if .Values.applicationSet.args.dryRun }}
DEPRECATED option applicationSet.args.dryRun - Use configs.params.applicationsetcontroller.dryRun
{{- end }}
>>>>>>> argo-cd-5.27.1
{{- if .Values.controller.service }}
REMOVED option controller.service - Use controller.metrics
{{- end }}
@ -64,6 +100,30 @@ REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug
{{- if .Values.applicationSet.args.enableLeaderElection }}
REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas
{{- end }}
<<<<<<< HEAD
=======
{{- if .Values.controller.containerPort }}
REMOVED option controller.containerPort - Use controller.containerPorts
{{- end }}
{{- if .Values.server.containerPort }}
REMOVED option server.containerPort - Use server.containerPorts
{{- end }}
{{- if .Values.repoServer.containerPort }}
REMOVED option repoServer.containerPort - Use repoServer.containerPorts
{{- end }}
{{- if .Values.applicationSet.args.metricsAddr }}
REMOVED option applicationSet.args.metricsAddr - Use applicationSet.containerPorts
{{- end }}
{{- if .Values.applicationSet.args.probeBindAddr }}
REMOVED option applicationSet.args.probeBindAddr - Use applicationSet.containerPorts
{{- end }}
{{- if .Values.redis.containerPort }}
REMOVED option redis.containerPort - Use redis.containerPorts
{{- end }}
{{- if .Values.redis.metrics.containerPort }}
REMOVED option redis.metrics.containerPort - Use redis.containerPorts
{{- end }}
>>>>>>> argo-cd-5.27.1
In order to access the server UI you have the following options:

View file

@ -63,3 +63,60 @@ app.kubernetes.io/instance: {{ .context.Release.Name }}
app.kubernetes.io/component: {{ .component }}
{{- end }}
{{- end }}
{{/*
Common affinity definition
Pod affinity
- Soft prefers different nodes
- Hard requires different nodes and prefers different availibility zones
Node affinity
- Soft prefers given user expressions
- Hard requires given user expressions
*/}}
{{- define "argo-cd.affinity" -}}
{{- with .component.affinity -}}
{{- toYaml . -}}
{{- else -}}
{{- $preset := .context.Values.global.affinity -}}
{{- if (eq $preset.podAntiAffinity "soft") }}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
topologyKey: kubernetes.io/hostname
{{- else if (eq $preset.podAntiAffinity "hard") }}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
topologyKey: topology.kubernetes.io/zone
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
topologyKey: kubernetes.io/hostname
{{- end }}
{{- with $preset.nodeAffinity.matchExpressions }}
{{- if (eq $preset.nodeAffinity.type "soft") }}
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
{{- toYaml . | nindent 6 }}
{{- else if (eq $preset.nodeAffinity.type "hard") }}
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- end -}}
{{- end -}}
{{- end -}}

View file

@ -8,6 +8,17 @@ to 63 chars and it includes 10 chars of hash and a separating '-'.
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 52 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the controller service account to use
*/}}
{{- define "argo-cd.controllerServiceAccountName" -}}
{{- if .Values.controller.serviceAccount.create -}}
{{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.controller.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create dex name and version as used by the chart label.
*/}}
@ -26,6 +37,17 @@ Create Dex server endpoint
{{- printf "%s://%s:%d" $scheme $host $port }}
{{- end }}
{{/*
Create the name of the dex service account to use
*/}}
{{- define "argo-cd.dexServiceAccountName" -}}
{{- if .Values.dex.serviceAccount.create -}}
{{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.dex.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create redis name and version as used by the chart label.
*/}}
@ -53,56 +75,6 @@ Return Redis server endpoint
{{- end }}
{{- end -}}
{{/*
Create argocd server name and version as used by the chart label.
*/}}
{{- define "argo-cd.server.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create argocd repo-server name and version as used by the chart label.
*/}}
{{- define "argo-cd.repoServer.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create argocd application set name and version as used by the chart label.
*/}}
{{- define "argo-cd.applicationSet.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create argocd notifications name and version as used by the chart label.
*/}}
{{- define "argo-cd.notifications.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the controller service account to use
*/}}
{{- define "argo-cd.controllerServiceAccountName" -}}
{{- if .Values.controller.serviceAccount.create -}}
{{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.controller.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the dex service account to use
*/}}
{{- define "argo-cd.dexServiceAccountName" -}}
{{- if .Values.dex.serviceAccount.create -}}
{{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.dex.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the redis service account to use
*/}}
@ -114,6 +86,13 @@ Create the name of the redis service account to use
{{- end -}}
{{- end -}}
{{/*
Create argocd server name and version as used by the chart label.
*/}}
{{- define "argo-cd.server.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the Argo CD server service account to use
*/}}
@ -125,6 +104,13 @@ Create the name of the Argo CD server service account to use
{{- end -}}
{{- end -}}
{{/*
Create argocd repo-server name and version as used by the chart label.
*/}}
{{- define "argo-cd.repoServer.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the repo-server service account to use
*/}}
@ -136,6 +122,13 @@ Create the name of the repo-server service account to use
{{- end -}}
{{- end -}}
{{/*
Create argocd application set name and version as used by the chart label.
*/}}
{{- define "argo-cd.applicationSet.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the application set service account to use
*/}}
@ -147,6 +140,13 @@ Create the name of the application set service account to use
{{- end -}}
{{- end -}}
{{/*
Create argocd notifications name and version as used by the chart label.
*/}}
{{- define "argo-cd.notifications.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the notifications service account to use
*/}}
@ -158,17 +158,6 @@ Create the name of the notifications service account to use
{{- end -}}
{{- end -}}
{{/*
Create the name of the notifications bots slack service account to use
*/}}
{{- define "argo-cd.notificationsBotsSlackServiceAccountName" -}}
{{- if .Values.notifications.bots.slack.serviceAccount.create -}}
{{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.bots.slack.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.notifications.bots.slack.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Argo Configuration Preset Values (Incluenced by Values configuration)
*/}}
@ -185,7 +174,10 @@ Merge Argo Configuration with Preset Configuration
{{- $config := (mergeOverwrite (deepCopy (omit .Values.configs.cm "create" "annotations")) (.Values.server.config | default dict)) -}}
{{- $preset := include "argo-cd.config.cm.presets" . | fromYaml | default dict -}}
{{- range $key, $value := mergeOverwrite $preset $config }}
{{ $key }}: {{ toString $value | toYaml }}
{{- $fmted := $value | toString }}
{{- if not (eq $fmted "") }}
{{ $key }}: {{ $fmted | toYaml }}
{{- end }}
{{- end }}
{{- end -}}
@ -202,10 +194,13 @@ redis.server: {{ . | quote }}
server.dex.server: {{ include "argo-cd.dex.server" . | quote }}
server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }}
{{- end }}
{{- range $component := tuple "controller" "server" "reposerver" }}
{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" }}
{{ $component }}.log.format: {{ $.Values.global.logging.format | quote }}
{{ $component }}.log.level: {{ $.Values.global.logging.level | quote }}
{{- end }}
{{- if .Values.applicationSet.enabled }}
applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.replicaCount | int64) 1 }}
{{- end }}
{{- end -}}
{{/*

View file

@ -19,34 +19,6 @@ Return the appropriate apiVersion for autoscaling
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for ingress
*/}}
{{- define "argo-cd.apiVersion.ingress" -}}
{{- if .Values.apiVersionOverrides.ingress -}}
{{- print .Values.apiVersionOverrides.ingress -}}
{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" .) -}}
{{- print "extensions/v1beta1" -}}
{{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" .) -}}
{{- print "networking.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for pod disruption budget
*/}}
{{- define "argo-cd.apiVersion.pdb" -}}
{{- if .Values.apiVersionOverrides.pdb -}}
{{- print .Values.apiVersionOverrides.pdb -}}
{{- else if semverCompare "<1.21-0" (include "argo-cd.kubeVersion" .) -}}
{{- print "policy/v1beta1" -}}
{{- else -}}
{{- print "policy/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for cert-manager
*/}}
@ -55,6 +27,8 @@ Return the appropriate apiVersion for cert-manager
{{- print .Values.apiVersionOverrides.certmanager -}}
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}}
{{- print "cert-manager.io/v1" -}}
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}}
{{- print "cert-manager.io/v1beta1" -}}
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}}
{{- print "cert-manager.io/v1alpha3" -}}
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}}

View file

@ -11,7 +11,12 @@ rules:
- argoproj.io
resources:
- applications
{{- if .Values.applicationSet.enabled }}
- applicationsets
{{- end }}
{{- if .Values.server.extensions.enabled }}
- argocdextensions
{{- end }}
- appprojects
verbs:
- get
@ -31,7 +36,12 @@ rules:
- argoproj.io
resources:
- applications
{{- if .Values.applicationSet.enabled }}
- applicationsets
{{- end }}
{{- if .Values.server.extensions.enabled }}
- argocdextensions
{{- end }}
- appprojects
verbs:
- create
@ -56,7 +66,12 @@ rules:
- argoproj.io
resources:
- applications
{{- if .Values.applicationSet.enabled }}
- applicationsets
{{- end }}
{{- if .Values.server.extensions.enabled }}
- argocdextensions
{{- end }}
- appprojects
verbs:
- create

View file

@ -1,23 +1,24 @@
{{- if .Values.controller.clusterAdminAccess.enabled }}
{{- $config := .Values.controller.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "argo-cd.controller.fullname" . }}
name: {{ include "argo-cd.controller.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
rules:
{{- if .Values.controller.clusterRoleRules.enabled }}
{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 0 }}
{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }}
{{- else }}
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
{{- end }}
{{- end }}

View file

@ -1,16 +1,17 @@
{{- if .Values.controller.clusterAdminAccess.enabled }}
{{- $config := .Values.controller.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "argo-cd.controller.fullname" . }}
name: {{ include "argo-cd.controller.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "argo-cd.controller.fullname" . }}
name: {{ include "argo-cd.controller.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "argo-cd.controllerServiceAccountName" . }}
name: {{ include "argo-cd.controllerServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}

View file

@ -1,5 +1,5 @@
{{- if .Values.controller.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.controller.fullname" . }}

View file

@ -14,6 +14,10 @@ metadata:
{{- if .Values.controller.metrics.rules.additionalLabels }}
{{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }}
{{- end }}
{{- with .Values.controller.metrics.rules.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
groups:
- name: argocd

View file

@ -37,13 +37,28 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }}
containers:
- command:
- argocd-application-controller
- --metrics-port={{ .Values.controller.containerPorts.metrics }}
{{- if .Values.controller.metrics.applicationLabels.enabled }}
{{- range .Values.controller.metrics.applicationLabels.labels }}
- --metrics-application-labels
- {{ . }}
{{- end }}
{{- end }}
{{- with .Values.controller.args.statusProcessors }}
- --status-processors
- {{ . | quote }}
@ -76,12 +91,6 @@ spec:
- --loglevel
- {{ . | quote }}
{{- end }}
{{- if .Values.controller.metrics.applicationLabels.enabled }}
{{- range .Values.controller.metrics.applicationLabels.labels }}
- --metrics-application-labels
- {{ . }}
{{- end }}
{{- end }}
{{- with .Values.controller.extraArgs }}
{{- toYaml . | nindent 8 }}
{{- end }}
@ -232,7 +241,7 @@ spec:
{{- end }}
ports:
- name: metrics
containerPort: {{ .Values.controller.containerPort }}
containerPort: {{ .Values.controller.containerPorts.metrics }}
protocol: TCP
readinessProbe:
httpGet:
@ -257,21 +266,25 @@ spec:
- mountPath: /home/argocd
name: argocd-home
{{- with .Values.controller.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.controller.nodeSelector }}
{{- with .Values.controller.initContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.controller) }}
affinity:
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.controller.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.tolerations }}
{{- with .Values.controller.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.topologySpreadConstraints }}
{{- with .Values.controller.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -282,11 +295,6 @@ spec:
{{- end }}
{{- end }}
{{- end }}
serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
volumes:
{{- with .Values.controller.volumes }}
{{- toYaml . | nindent 6 }}
@ -304,10 +312,9 @@ spec:
path: tls.key
- key: ca.crt
path: ca.crt
{{- with .Values.controller.initContainers }}
initContainers:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.controller.priorityClassName }}
priorityClassName: {{ . }}
hostNetwork: {{ .Values.controller.hostNetwork }}
{{- with .Values.controller.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
dnsPolicy: {{ .Values.controller.dnsPolicy }}

View file

@ -1,5 +1,5 @@
{{- if and .Values.applicationSet.enabled .Values.applicationSet.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.applicationSet.fullname" . }}

View file

@ -1,89 +1,72 @@
{{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}}
{{- $serviceName := include "argo-cd.applicationSet.fullname" . -}}
{{- $servicePort := .Values.applicationSet.service.portName -}}
{{- $paths := .Values.applicationSet.webhook.ingress.paths -}}
{{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}}
{{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}}
apiVersion: {{ include "argo-cd.apiVersion.ingress" . }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
{{- if .Values.applicationSet.webhook.ingress.annotations }}
annotations:
{{- range $key, $value := .Values.applicationSet.webhook.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ template "argo-cd.applicationSet.fullname" . }}
name: {{ include "argo-cd.applicationSet.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
{{- if .Values.applicationSet.webhook.ingress.labels }}
{{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }}
{{- with .Values.applicationSet.webhook.ingress.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.applicationSet.webhook.ingress.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
{{- with .Values.applicationSet.webhook.ingress.ingressClassName }}
ingressClassName: {{ . }}
{{- end }}
{{- end }}
rules:
{{- if .Values.applicationSet.webhook.ingress.hosts }}
{{- range $host := .Values.applicationSet.webhook.ingress.hosts }}
- host: {{ $host }}
http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.applicationSet.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.applicationSet.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- if .Values.applicationSet.webhook.ingress.tls }}
{{- with .Values.applicationSet.webhook.ingress.tls }}
tls:
{{- toYaml .Values.applicationSet.webhook.ingress.tls | nindent 4 }}
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- end -}}

View file

@ -0,0 +1,24 @@
{{- if .Values.configs.cmp.create }}
apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-cmp-cm
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "cmp-cm") | nindent 4 }}
{{- with .Values.configs.cmp.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
data:
{{- range $cmp_plugin, $cmp_plugin_config := .Values.configs.cmp.plugins }}
{{ $cmp_plugin }}.yaml: |
apiVersion: argoproj.io/v1alpha1
kind: ConfigManagementPlugin
metadata:
name: {{ $cmp_plugin }}
spec:
{{- toYaml $cmp_plugin_config | nindent 6 }}
{{- end }}
{{- end }}

View file

@ -1,4 +1,4 @@
{{- if and .Values.repoServer.enabled .Values.repoServer.certificateSecret.enabled }}
{{- if .Values.repoServer.certificateSecret.enabled }}
apiVersion: v1
kind: Secret
metadata:

View file

@ -5,6 +5,9 @@ metadata:
name: argocd-secret
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }}
{{- with .Values.configs.secret.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.configs.secret.annotations }}
annotations:
{{- range $key, $value := . }}

View file

@ -3,11 +3,20 @@ kind: ConfigMap
metadata:
name: argocd-ssh-known-hosts-cm
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "ssh-known-hosts-cm") | nindent 4 }}
{{- with .Values.configs.knownHostsAnnotations }}
{{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }}
{{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
{{- toYaml .Values.configs.knownHosts | nindent 0 }}
data:
ssh_known_hosts: |
{{- if hasKey .Values.configs "knownHosts" }}
{{- .Values.configs.knownHosts.data.ssh_known_hosts | nindent 4 }}
{{- else }}
{{- .Values.configs.ssh.knownHosts | nindent 4 }}
{{- end }}
{{- with .Values.configs.ssh.extraHosts }}
{{- . | nindent 4 }}
{{- end }}

View file

@ -3,13 +3,20 @@ kind: ConfigMap
metadata:
name: argocd-tls-certs-cm
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "tls-certs-cm") | nindent 4 }}
{{- with .Values.configs.tlsCertsAnnotations }}
{{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }}
{{- with (mergeOverwrite (deepCopy .Values.configs.tls.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
{{- with .Values.configs.tlsCerts }}
{{- toYaml . | nindent 0 }}
{{- if hasKey .Values.configs "tlsCerts" }}
{{- with .Values.configs.tlsCerts }}
{{- toYaml . | nindent 0 }}
{{- end }}
{{- else }}
{{- with .Values.configs.tls.certificates }}
data:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}

View file

@ -26,6 +26,9 @@ stringData:
clusterResources: {{ .clusterResources | quote }}
{{- end }}
{{- end }}
{{- if .project }}
project: {{ .project | quote }}
{{- end }}
config: |
{{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toRawJson | nindent 4 }}
{{- end }}

View file

@ -1,26 +0,0 @@
{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.notifications.fullname" . }}-bot
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
{{- with .Values.notifications.bots.slack.pdb.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.notifications.bots.slack.pdb.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
{{- with .Values.notifications.bots.slack.pdb.maxUnavailable }}
maxUnavailable: {{ . }}
{{- else }}
minAvailable: {{ .Values.notifications.bots.slack.pdb.minAvailable | default 0 }}
{{- end }}
selector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }}
{{- end }}

View file

@ -1,27 +0,0 @@
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ template "argo-cd.notifications.fullname" . }}-bot
rules:
- apiGroups:
- ""
resources:
- secrets
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- argoproj.io
resources:
- applications
- appprojects
verbs:
- get
- list
- watch
- update
- patch
{{ end }}

View file

@ -1,13 +0,0 @@
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ template "argo-cd.notifications.fullname" . }}-bot
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ template "argo-cd.notifications.fullname" . }}-bot
subjects:
- kind: ServiceAccount
name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }}
{{ end }}

View file

@ -1,19 +0,0 @@
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "argo-cd.notifications.fullname" . }}-bot
{{- if .Values.notifications.bots.slack.service.annotations }}
annotations:
{{- toYaml .Values.notifications.bots.slack.service.annotations | nindent 4 }}
{{- end }}
spec:
ports:
- name: http
port: {{ .Values.notifications.bots.slack.service.port }}
protocol: TCP
targetPort: http
selector:
{{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }}
type: {{ .Values.notifications.bots.slack.service.type }}
{{ end }}

View file

@ -1,15 +0,0 @@
{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.notifications.bots.slack.serviceAccount.automountServiceAccountToken }}
metadata:
name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }}
{{- if .Values.notifications.bots.slack.serviceAccount.annotations }}
annotations:
{{- range $key, $value := .Values.notifications.bots.slack.serviceAccount.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
{{- end }}

View file

@ -37,10 +37,17 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }}
containers:
- name: {{ .Values.notifications.name }}
@ -48,9 +55,9 @@ spec:
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }}
command:
- argocd-notifications
- --metrics-port={{ .Values.notifications.containerPorts.metrics }}
- --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }}
- --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }}
- --metrics-port={{ .Values.notifications.metrics.port }}
- --namespace={{ .Release.Namespace }}
- --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
{{- range .Values.notifications.extraArgs }}
@ -66,7 +73,7 @@ spec:
{{- end }}
ports:
- name: metrics
containerPort: {{ .Values.notifications.metrics.port }}
containerPort: {{ .Values.notifications.containerPorts.metrics }}
protocol: TCP
resources:
{{- toYaml .Values.notifications.resources | nindent 12 }}
@ -81,12 +88,47 @@ spec:
{{- with .Values.notifications.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.notifications.extraContainers }}
{{- tpl (toYaml . ) $ | nindent 8 }}
{{- end }}
{{- with .Values.notifications.initContainers }}
initContainers:
{{- tpl (toYaml . ) $ | nindent 8 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) }}
affinity:
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
{{- if not $constraint.labelSelector }}
labelSelector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.notifications.name) | nindent 12 }}
{{- end }}
{{- end }}
{{- end }}
volumes:
- configMap:
{{- with .Values.notifications.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
- name: tls-certs
configMap:
name: argocd-tls-certs-cm
name: tls-certs
- name: argocd-repo-server-tls
secret:
secretName: argocd-repo-server-tls
optional: true
items:
- key: tls.crt
path: tls.crt
@ -94,24 +136,9 @@ spec:
path: tls.key
- key: ca.crt
path: ca.crt
optional: true
secretName: argocd-repo-server-tls
{{- with .Values.notifications.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.nodeSelector }}
nodeSelector:
{{- with .Values.notifications.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
dnsPolicy: {{ .Values.notifications.dnsPolicy }}
{{- end }}

View file

@ -1,5 +1,5 @@
{{- if and .Values.notifications.enabled .Values.notifications.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.notifications.fullname" . }}

View file

@ -35,6 +35,14 @@ spec:
tlsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.metrics.serviceMonitor.relabelings }}
relabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.metrics.serviceMonitor.metricRelabelings }}
metricRelabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}

View file

@ -1,23 +1,24 @@
{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }}
{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "argo-cd.repoServer.fullname" . }}
name: {{ include "argo-cd.repoServer.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
rules:
{{- if .Values.repoServer.clusterRoleRules.enabled }}
{{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 0 }}
{{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 2 }}
{{- else }}
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
{{- end }}
{{- end }}

View file

@ -1,16 +1,17 @@
{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }}
{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "argo-cd.repoServer.fullname" . }}
name: {{ include "argo-cd.repoServer.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "argo-cd.repoServer.fullname" . }}
name: {{ include "argo-cd.repoServer.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "argo-cd.repoServerServiceAccountName" . }}
name: {{ include "argo-cd.repoServerServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}

View file

@ -40,11 +40,18 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }}
containers:
- name: {{ .Values.repoServer.name }}
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
@ -53,6 +60,8 @@ spec:
- entrypoint.sh
args:
- argocd-repo-server
- --port={{ .Values.repoServer.containerPorts.server }}
- --metrics-port={{ .Values.repoServer.containerPorts.metrics }}
{{- with .Values.repoServer.logFormat }}
- --logformat
- {{ . | quote }}
@ -236,10 +245,10 @@ spec:
name: tmp
ports:
- name: repo-server
containerPort: {{ .Values.repoServer.containerPort }}
containerPort: {{ .Values.repoServer.containerPorts.server }}
protocol: TCP
- name: metrics
containerPort: 8084
containerPort: {{ .Values.repoServer.containerPorts.metrics }}
protocol: TCP
livenessProbe:
httpGet:
@ -264,21 +273,44 @@ spec:
securityContext:
{{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }}
{{- with .Values.repoServer.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.repoServer.nodeSelector }}
initContainers:
- command:
- cp
- -n
- /usr/local/bin/argocd
- /var/run/argocd/argocd-cmp-server
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
name: copyutil
{{- with .Values.repoServer.resources }}
resources:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.repoServer.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 10 }}
{{- end }}
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
{{- with .Values.repoServer.initContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) }}
affinity:
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.tolerations }}
{{- with .Values.repoServer.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.topologySpreadConstraints }}
{{- with .Values.repoServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -289,11 +321,6 @@ spec:
{{- end }}
{{- end }}
{{- end }}
serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
volumes:
{{- with .Values.repoServer.volumes }}
{{- toYaml . | nindent 6 }}
@ -328,29 +355,9 @@ spec:
path: tls.key
- key: ca.crt
path: ca.crt
initContainers:
- command:
- cp
- -n
- /usr/local/bin/argocd
- /var/run/argocd/argocd-cmp-server
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
name: copyutil
{{- with .Values.repoServer.resources }}
resources:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.repoServer.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 10 }}
{{- end }}
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
{{- with .Values.repoServer.initContainers }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.repoServer.priorityClassName }}
priorityClassName: {{ . }}
hostNetwork: {{ .Values.repoServer.hostNetwork }}
{{- with .Values.repoServer.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
dnsPolicy: {{ .Values.repoServer.dnsPolicy }}

View file

@ -1,5 +1,5 @@
{{- if .Values.repoServer.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.repoServer.fullname" . }}

View file

@ -12,11 +12,11 @@ spec:
- name: {{ .Values.server.service.servicePortHttpName }}
protocol: TCP
port: {{ .Values.server.service.servicePortHttp }}
targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
targetPort: server
- name: {{ .Values.server.service.servicePortHttpsName }}
protocol: TCP
port: {{ .Values.server.service.servicePortHttps }}
targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
targetPort: server
selector:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }}
sessionAffinity: None

View file

@ -1,4 +1,5 @@
{{- if .Values.server.clusterAdminAccess.enabled }}
{{- $config := .Values.server.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:

View file

@ -1,16 +1,17 @@
{{- if .Values.server.clusterAdminAccess.enabled }}
{{- $config := .Values.server.clusterAdminAccess | default dict -}}
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "argo-cd.server.fullname" . }}
name: {{ include "argo-cd.server.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "argo-cd.server.fullname" . }}
name: {{ include "argo-cd.server.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "argo-cd.serverServiceAccountName" . }}
name: {{ include "argo-cd.serverServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}

View file

@ -37,16 +37,26 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }}
containers:
- name: {{ .Values.server.name }}
image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
command:
- argocd-server
- --port={{ .Values.server.containerPorts.server }}
- --metrics-port={{ .Values.server.containerPorts.metrics }}
{{- with .Values.server.logFormat }}
- --logformat
- {{ . | quote }}
@ -260,6 +270,12 @@ spec:
name: argocd-cmd-params-cm
key: application.namespaces
optional: true
- name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: server.enable.proxy.extension
optional: true
{{- with .Values.server.envFrom }}
envFrom:
{{- toYaml . | nindent 10 }}
@ -287,16 +303,16 @@ spec:
name: extensions
{{- end }}
ports:
- name: {{ .Values.server.name }}
containerPort: {{ .Values.server.containerPort }}
- name: server
containerPort: {{ .Values.server.containerPorts.server }}
protocol: TCP
- name: metrics
containerPort: 8083
containerPort: {{ .Values.server.containerPorts.metrics }}
protocol: TCP
livenessProbe:
httpGet:
path: /healthz?full=true
port: {{ .Values.server.containerPort }}
port: server
initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }}
@ -305,7 +321,7 @@ spec:
readinessProbe:
httpGet:
path: /healthz
port: {{ .Values.server.containerPort }}
port: server
initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }}
@ -319,9 +335,6 @@ spec:
lifecycle:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.server.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- if .Values.server.extensions.enabled }}
- name: argocd-extensions
image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }}
@ -336,19 +349,26 @@ spec:
- name: tmp
mountPath: /tmp
{{- end }}
{{- with .Values.server.nodeSelector }}
{{- with .Values.server.extraContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.server.initContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.server) }}
affinity:
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.server.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.tolerations }}
{{- with .Values.server.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.topologySpreadConstraints }}
{{- with .Values.server.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -359,11 +379,6 @@ spec:
{{- end }}
{{- end }}
{{- end }}
serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
volumes:
{{- with .Values.server.volumes }}
{{- toYaml . | nindent 6}}
@ -406,10 +421,9 @@ spec:
path: tls.crt
- key: ca.crt
path: ca.crt
{{- with .Values.server.initContainers }}
initContainers:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.server.priorityClassName }}
priorityClassName: {{ . }}
hostNetwork: {{ .Values.server.hostNetwork }}
{{- with .Values.server.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
dnsPolicy: {{ .Values.server.dnsPolicy }}

View file

@ -1,89 +1,72 @@
{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}}
{{- $serviceName := include "argo-cd.server.fullname" . -}}
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
{{- $paths := .Values.server.ingressGrpc.paths -}}
{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}}
{{- $pathType := .Values.server.ingressGrpc.pathType -}}
apiVersion: {{ include "argo-cd.apiVersion.ingress" . }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
{{- if .Values.server.ingressGrpc.annotations }}
annotations:
{{- range $key, $value := .Values.server.ingressGrpc.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ template "argo-cd.server.fullname" . }}-grpc
name: {{ include "argo-cd.server.fullname" . }}-grpc
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
{{- if .Values.server.ingressGrpc.labels }}
{{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }}
{{- with .Values.server.ingressGrpc.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.server.ingressGrpc.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
{{- with .Values.server.ingressGrpc.ingressClassName }}
ingressClassName: {{ . }}
{{- end }}
{{- end }}
rules:
{{- if .Values.server.ingressGrpc.hosts }}
{{- range $host := .Values.server.ingressGrpc.hosts }}
- host: {{ $host }}
http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end -}}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- end -}}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- if .Values.server.ingressGrpc.tls }}
{{- with .Values.server.ingressGrpc.tls }}
tls:
{{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }}
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- end -}}

View file

@ -1,51 +1,45 @@
{{- if .Values.server.ingress.enabled -}}
{{- $serviceName := include "argo-cd.server.fullname" . -}}
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}}
{{- $paths := .Values.server.ingress.paths -}}
{{- $extraPaths := .Values.server.ingress.extraPaths -}}
{{- $pathType := .Values.server.ingress.pathType -}}
apiVersion: {{ include "argo-cd.apiVersion.ingress" . }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
{{- if .Values.server.ingress.annotations }}
annotations:
{{- range $key, $value := .Values.server.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }}
alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: |
[{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}]
{{- end }}
{{- end }}
name: {{ template "argo-cd.server.fullname" . }}
name: {{ include "argo-cd.server.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
{{- if .Values.server.ingress.labels }}
{{- toYaml .Values.server.ingress.labels | nindent 4 }}
{{- with .Values.server.ingress.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if .Values.server.ingress.annotations }}
annotations:
{{- range $key, $value := .Values.server.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }}
alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: |
[{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}]
{{- end }}
{{- end }}
spec:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
{{- with .Values.server.ingress.ingressClassName }}
ingressClassName: {{ . }}
{{- end }}
{{- end }}
rules:
{{- if .Values.server.ingress.hosts }}
{{- range $host := .Values.server.ingress.hosts }}
- host: {{ $host }}
- host: {{ $host | quote }}
http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
{{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: Prefix
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ template "argo-cd.server.fullname" $ }}-grpc
port:
@ -54,60 +48,42 @@ spec:
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc
servicePort: {{ $servicePort }}
{{- end }}
{{- end }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- if $extraPaths }}
{{- toYaml $extraPaths | nindent 10 }}
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- range $p := $paths }}
- path: {{ $p }}
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
pathType: {{ $pathType }}
{{- end }}
backend:
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
service:
name: {{ $serviceName }}
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- else }}
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- if .Values.server.ingress.tls }}
{{- with .Values.server.ingress.tls }}
tls:
{{- toYaml .Values.server.ingress.tls | nindent 4 }}
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- end -}}

View file

@ -1,5 +1,5 @@
{{- if .Values.server.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.server.fullname" . }}

View file

@ -42,3 +42,11 @@ rules:
verbs:
- create
- list
{{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }}
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
{{- end }}

View file

@ -19,14 +19,14 @@ spec:
- name: {{ .Values.server.service.servicePortHttpName }}
protocol: TCP
port: {{ .Values.server.service.servicePortHttp }}
targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
targetPort: {{ .Values.server.containerPorts.server }}
{{- if eq .Values.server.service.type "NodePort" }}
nodePort: {{ .Values.server.service.nodePortHttp }}
{{- end }}
- name: {{ .Values.server.service.servicePortHttpsName }}
protocol: TCP
port: {{ .Values.server.service.servicePortHttps }}
targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
targetPort: {{ .Values.server.containerPorts.server }}
{{- if eq .Values.server.service.type "NodePort" }}
nodePort: {{ .Values.server.service.nodePortHttps }}
{{- end }}
@ -49,4 +49,4 @@ spec:
{{- end }}
{{- with .Values.server.service.sessionAffinity }}
sessionAffinity: {{ . }}
{{- end }}
{{- end }}

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -39,31 +39,18 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with.Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
initContainers:
- name: copyutil
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
command:
- cp
- -n
- /usr/local/bin/argocd
- /shared/argocd-dex
volumeMounts:
- mountPath: /shared
name: static-files
- mountPath: /tmp
name: dexconfig
resources:
{{- toYaml .Values.dex.resources | nindent 10 }}
securityContext:
{{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
{{- with .Values.dex.initContainers }}
{{- toYaml . | nindent 6 }}
{{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
containers:
- name: {{ .Values.dex.name }}
image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
@ -91,13 +78,13 @@ spec:
{{- end }}
ports:
- name: http
containerPort: {{ .Values.dex.containerPortHttp }}
containerPort: {{ .Values.dex.containerPorts.http }}
protocol: TCP
- name: grpc
containerPort: {{ .Values.dex.containerPortGrpc }}
containerPort: {{ .Values.dex.containerPorts.grpc }}
protocol: TCP
- name: metrics
containerPort: {{ .Values.dex.containerPortMetrics }}
containerPort: {{ .Values.dex.containerPorts.metrics }}
protocol: TCP
{{- if .Values.dex.livenessProbe.enabled }}
livenessProbe:
@ -136,21 +123,42 @@ spec:
- name: argocd-dex-server-tls
mountPath: /tls
{{- with .Values.dex.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.dex.nodeSelector }}
initContainers:
- name: copyutil
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
command:
- cp
- -n
- /usr/local/bin/argocd
- /shared/argocd-dex
volumeMounts:
- mountPath: /shared
name: static-files
- mountPath: /tmp
name: dexconfig
resources:
{{- toYaml .Values.dex.resources | nindent 10 }}
securityContext:
{{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
{{- with .Values.dex.initContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.dex) }}
affinity:
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.dex.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.dex.tolerations }}
{{- with .Values.dex.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.dex.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.dex.topologySpreadConstraints }}
{{- with .Values.dex.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -161,11 +169,6 @@ spec:
{{- end }}
{{- end }}
{{- end }}
serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
volumes:
- name: static-files
emptyDir: {}
@ -185,7 +188,9 @@ spec:
{{- with .Values.dex.volumes }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.dex.priorityClassName }}
priorityClassName: {{ . }}
{{- with .Values.dex.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
dnsPolicy: {{ .Values.dex.dnsPolicy }}
{{- end }}

View file

@ -1,5 +1,5 @@
{{- if and .Values.dex.enabled .Values.dex.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.dex.fullname" . }}

View file

@ -36,15 +36,18 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.redis.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }}
{{- with .Values.redis.initContainers }}
initContainers:
{{- toYaml . | nindent 6 }}
{{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }}
containers:
- name: {{ .Values.redis.name }}
image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
@ -67,7 +70,7 @@ spec:
{{- end }}
ports:
- name: redis
containerPort: {{ .Values.redis.containerPort }}
containerPort: {{ .Values.redis.containerPorts.redis }}
protocol: TCP
resources:
{{- toYaml .Values.redis.resources | nindent 10 }}
@ -77,40 +80,47 @@ spec:
volumeMounts:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- if .Values.redis.metrics.enabled }}
{{- if .Values.redis.exporter.enabled }}
- name: metrics
image: {{ .Values.redis.metrics.image.repository }}:{{ .Values.redis.metrics.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.metrics.image.imagePullPolicy }}
image: {{ .Values.redis.exporter.image.repository }}:{{ .Values.redis.exporter.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.exporter.image.imagePullPolicy }}
env:
- name: REDIS_ADDR
value: {{ printf "redis://localhost:%v" .Values.redis.containerPort }}
value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }}
- name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS
value: {{ printf "0.0.0.0:%v" .Values.redis.metrics.containerPort }}
value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }}
{{- with .Values.redis.exporter.env }}
{{- toYaml . | nindent 8 }}
{{- end }}
ports:
- name: metrics
containerPort: {{ .Values.redis.metrics.containerPort }}
containerPort: {{ .Values.redis.containerPorts.metrics }}
protocol: TCP
resources:
{{- toYaml .Values.redis.metrics.resources | nindent 10 }}
{{- toYaml .Values.redis.exporter.resources | nindent 10 }}
securityContext:
{{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }}
{{- toYaml .Values.redis.exporter.containerSecurityContext | nindent 10 }}
{{- end }}
{{- with .Values.redis.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.redis.nodeSelector }}
{{- with .Values.redis.initContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.redis.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.redis.tolerations }}
{{- with .Values.redis.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.redis.affinity }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.redis) }}
affinity:
{{- toYaml . | nindent 8 }}
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.redis.topologySpreadConstraints }}
{{- with .Values.redis.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -121,11 +131,13 @@ spec:
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.redis.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
{{- with .Values.redis.volumes }}
volumes:
{{- toYaml . | nindent 8}}
{{- end }}
{{- with .Values.redis.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
dnsPolicy: {{ .Values.redis.dnsPolicy }}
{{- end }}

View file

@ -1,6 +1,6 @@
{{- $redisHa := index .Values "redis-ha" -}}
{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.pdb.enabled }}
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.redis.fullname" . }}
@ -16,7 +16,7 @@ metadata:
{{- end }}
{{- end }}
spec:
{{- with .Values.dex.pdb.maxUnavailable }}
{{- with .Values.redis.pdb.maxUnavailable }}
maxUnavailable: {{ . }}
{{- else }}
minAvailable: {{ .Values.redis.pdb.minAvailable | default 0 }}

View file

@ -19,7 +19,7 @@ spec:
ports:
- name: redis
port: {{ .Values.redis.servicePort }}
targetPort: {{ .Values.redis.containerPort }}
targetPort: redis
selector:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 4 }}
{{- end }}

File diff suppressed because it is too large Load diff

View file

@ -1,8 +1,8 @@
apiVersion: v2
appVersion: v1.7.3
appVersion: v1.7.6
description: A Helm chart for Argo Events, the event-driven workflow automation framework
name: argo-events
version: 2.0.6
version: 2.1.4
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-events/assets/logo.png
keywords:
@ -15,4 +15,5 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- "[Changed]: Upgrade Argo events controller to v1.7.3"
- kind: added
description: Add install guide on README

View file

@ -17,6 +17,19 @@ To regenerate this document, please run:
./scripts/helm-docs.sh
```
## Installing the Chart
To install the chart with the release name `my-release`:
```console
$ helm repo add argo https://argoproj.github.io/argo-helm
"argo" has been added to your repositories
$ helm install my-release argo/argo-events
NAME: my-release
...
```
## Upgrading
### Custom resource definitions
@ -57,11 +70,12 @@ done
| configs.jetstream.versions[0].natsImage | string | `"nats:latest"` | |
| configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | |
| configs.jetstream.versions[0].version | string | `"latest"` | |
| configs.nats.versions | list | `[{"metricsExporterImage":"natsio/prometheus-nats-exporter:latest","natsStreamingImage":"nats-streaming:latest","version":"latest"}]` | Supported versions of NATS event bus |
| configs.nats.versions | list | See [values.yaml] | Supported versions of NATS event bus |
| crds.annotations | object | `{}` | Annotations to be added to all CRDs |
| crds.install | bool | `true` | Install and upgrade CRDs |
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-events crds Only applies for cluster-wide installation (`controller.rbac.namespaced: false`) |
| extraObjects | list | `[]` | Array of extra K8s manifests to deploy |
| fullnameOverride | string | `""` | String to fully override "argo-events.fullname" template |
| global.additionalLabels | object | `{}` | Additional labels to add to all resources |
| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files |
@ -155,6 +169,7 @@ done
| webhook.pdb.labels | object | `{}` | Labels to be added to admission webhook pdb |
| webhook.podAnnotations | object | `{}` | Annotations to be added to event controller pods |
| webhook.podLabels | object | `{}` | Labels to be added to event controller pods |
| webhook.port | int | `443` | Port to listen on |
| webhook.priorityClassName | string | `""` | Priority class for the event controller pods |
| webhook.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| webhook.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |

View file

@ -17,6 +17,19 @@ To regenerate this document, please run:
./scripts/helm-docs.sh
```
## Installing the Chart
To install the chart with the release name `my-release`:
```console
$ helm repo add argo https://argoproj.github.io/argo-helm
"argo" has been added to your repositories
$ helm install my-release argo/argo-events
NAME: my-release
...
```
## Upgrading
### Custom resource definitions

View file

@ -68,6 +68,34 @@ Create chart name and version as used by the chart label.
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create kubernetes friendly chart version label for the controller.
Examples:
image.tag = v1.7.3
output = v1.7.3
image.tag = v1.7.3@sha256:a40f4f3ea20d354f00ab469a9f73102668fa545c4d632e1a8e11a206ad3093f3
output = v1.7.3
*/}}
{{- define "argo-events.controller_chart_version_label" -}}
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-events.defaultTag" .) .Values.controller.image.tag) "") "" | trunc 63 | quote -}}
{{- end -}}
{{/*
Create kubernetes friendly chart version label for the events webhook.
Examples:
image.tag = v1.7.3
output = v1.7.3
image.tag = v1.7.3@sha256:a40f4f3ea20d354f00ab469a9f73102668fa545c4d632e1a8e11a206ad3093f3
output = v1.7.3
*/}}
{{- define "argo-events.webhook_chart_version_label" -}}
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-events.defaultTag" .) .Values.webhook.image.tag) "") "" | trunc 63 | quote -}}
{{- end -}}
{{/*
Common labels
*/}}
@ -97,3 +125,14 @@ Return the default Argo Events app version
{{- define "argo-events.defaultTag" -}}
{{- default .Chart.AppVersion .Values.global.image.tag }}
{{- end -}}
{{/*
Define Pdb apiVersion
*/}}
{{- define "argo-events.pdb.apiVersion" -}}
{{- if .Capabilities.APIVersions.Has "policy/v1" }}
{{- printf "policy/v1" -}}
{{- else }}
{{- printf "policy/v1beta1" -}}
{{- end }}
{{- end }}

View file

@ -4,7 +4,7 @@ metadata:
name: {{ include "argo-events.controller.fullname" . }}
labels:
{{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag | quote }}
app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }}
spec:
selector:
matchLabels:
@ -22,7 +22,7 @@ spec:
{{- end }}
labels:
{{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }}
app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag | quote }}
app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.controller.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}

View file

@ -1,5 +1,5 @@
{{- if .Values.controller.pdb.enabled }}
apiVersion: policy/v1beta1
apiVersion: {{ template "argo-events.pdb.apiVersion" . }}
kind: PodDisruptionBudget
metadata:
name: {{ template "argo-events.controller.fullname" . }}

View file

@ -71,7 +71,6 @@ rules:
- pods
- pods/exec
- configmaps
- secrets
- services
- persistentvolumeclaims
verbs:
@ -82,6 +81,17 @@ rules:
- update
- patch
- delete
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- get
- list
- update
- patch
- delete
- apiGroups:
- apps
resources:

View file

@ -5,7 +5,7 @@ metadata:
name: events-webhook
labels:
{{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }}
app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag | quote }}
app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }}
spec:
selector:
matchLabels:
@ -22,7 +22,7 @@ spec:
{{- end }}
labels:
{{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 8 }}
app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag | quote }}
app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.webhook.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
@ -37,7 +37,7 @@ spec:
{{- end }}
containers:
- name: {{ .Values.webhook.name }}
image: {{ default .Values.global.image.repository .Values.webhook.image.repository }}:{{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag }}
image: {{ default .Values.global.image.repository .Values.webhook.image.repository }}:{{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.webhook.image.imagePullPolicy }}
args:
- webhook-service
@ -50,6 +50,8 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: PORT
value: "{{ .Values.webhook.port }}"
{{- with .Values.webhook.env }}
{{- toYaml . | nindent 8 }}
{{- end }}
@ -63,7 +65,7 @@ spec:
{{- end }}
ports:
- name: webhook
containerPort: 443
containerPort: {{ .Values.webhook.port }}
protocol: TCP
livenessProbe:
tcpSocket:

View file

@ -1,5 +1,5 @@
{{- if and .Values.webhook.enabled .Values.webhook.pdb.enabled (not .Values.controller.rbac.namespaced) }}
apiVersion: policy/v1beta1
apiVersion: {{ template "argo-events.pdb.apiVersion" . }}
kind: PodDisruptionBudget
metadata:
name: {{ template "argo-events.webhook.fullname" . }}

View file

@ -0,0 +1,4 @@
{{ range .Values.extraObjects }}
---
{{ tpl (toYaml .) $ }}
{{ end }}

View file

@ -62,10 +62,14 @@ configs:
## NATS event bus
nats:
# -- Supported versions of NATS event bus
# @default -- See [values.yaml]
versions:
- version: latest
natsStreamingImage: nats-streaming:latest
metricsExporterImage: natsio/prometheus-nats-exporter:latest
- version: 0.22.1
natsStreamingImage: nats-streaming:0.22.1
metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0
## JetStream event bus
jetstream:
@ -95,6 +99,35 @@ configs:
configReloaderImage: natsio/nats-server-config-reloader:latest
startCommand: /nats-server
# -- Array of extra K8s manifests to deploy
## Note: Supports use of custom Helm templates
extraObjects: []
# - apiVersion: secrets-store.csi.x-k8s.io/v1
# kind: SecretProviderClass
# metadata:
# name: argo-events-secrets-store
# spec:
# provider: aws
# parameters:
# objects: |
# - objectName: "argo-events"
# objectType: "secretsmanager"
# jmesPath:
# - path: "client_id"
# objectAlias: "client_id"
# - path: "client_secret"
# objectAlias: "client_secret"
# secretObjects:
# - data:
# - key: client_id
# objectName: client_id
# - key: client_secret
# objectName: client_secret
# secretName: argo-events-secrets-store
# type: Opaque
# labels:
# app.kubernetes.io/part-of: argocd
## Argo Events controller
controller:
# -- Argo Events controller name string
@ -315,6 +348,9 @@ webhook:
# -- Labels to be added to event controller pods
podLabels: {}
# -- Port to listen on
port: 443
# -- Event controller container-level security context
containerSecurityContext: {}
# capabilities:

View file

@ -1,8 +1,8 @@
apiVersion: v2
appVersion: v1.3.1
appVersion: v1.4.1
description: A Helm chart for Argo Rollouts
name: argo-rollouts
version: 2.21.1
version: 2.22.3
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
keywords:
@ -15,4 +15,7 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- "[Changed]: Upgrade ArgoRollouts to v1.3.1"
- kind: changed
description: Upgrade Argo Rollouts to v.1.4.1
- kind: added
description: Put Changelog URL on README.md

View file

@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
|:---------------------------------------------------------------------------|
| The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). |
## Changelog
For full list of changes please check ArtifactHub [changelog].
## Chart Values
### General parameters
@ -55,6 +59,14 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret |
| notifications.templates | object | `{}` | Notification templates |
| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent |
| providerRBAC.enabled | bool | `true` | Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole |
| providerRBAC.providers.ambassador | bool | `true` | Adds RBAC rules for the Ambassador provider |
| providerRBAC.providers.apisix | bool | `true` | Adds RBAC rules for the Apisix provider |
| providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider |
| providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider |
| providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider |
| providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider |
| providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider |
### Controller
@ -88,6 +100,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
| controller.replicas | int | `2` | The number of controller pods to run |
| controller.resources | object | `{}` | Resource limits and requests for the controller pods. |
| controller.tolerations | list | `[]` | [Tolerations] for use with node taints |
| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller |
| podAnnotations | object | `{}` | Annotations to be added to the Rollout pods |
| podLabels | object | `{}` | Labels to be added to the Rollout pods |
| podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level |
@ -145,6 +158,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
| dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created |
| dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
| dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints |
| dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server |
## Upgrading
@ -174,6 +188,8 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/
[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
[Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog

View file

@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
|:---------------------------------------------------------------------------|
| The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). |
## Changelog
For full list of changes please check ArtifactHub [changelog].
## Chart Values
### General parameters
@ -96,6 +100,8 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/
[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
[Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog

View file

@ -31,6 +31,20 @@ Create chart name and version as used by the chart label.
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create kubernetes friendly chart version label.
Examples:
image.tag = v1.3.1
output = v1.3.1
image.tag = v1.3.1@sha256:38828e693b02e6f858d89fa22a9d9811d3d7a2430a1d4c7d687b6f509775c6ce
output = v1.3.1
*/}}
{{- define "argo-rollouts.chart_version_label" -}}
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default .Chart.AppVersion $.Values.controller.image.tag) "") "" | trunc 63 | quote -}}
{{- end -}}
{{/*
Common labels
*/}}
@ -38,7 +52,7 @@ Common labels
helm.sh/chart: {{ include "argo-rollouts.chart" . }}
{{ include "argo-rollouts.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ default .Chart.AppVersion $.Values.controller.image.tag | quote }}
app.kubernetes.io/version: {{ include "argo-rollouts.chart_version_label" . }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: argo-rollouts

View file

@ -89,7 +89,7 @@ rules:
- create
- get
- update
# secret access to run analysis templates which reference secrets, allow init containers to manipulate secrets
# secret read access to run analysis templates which reference secrets
- apiGroups:
- ""
resources:
@ -99,9 +99,6 @@ rules:
- get
- list
- watch
- create
- patch
- update
# pod list/update needed for updating ephemeral data
- apiGroups:
- ""
@ -110,6 +107,7 @@ rules:
verbs:
- list
- update
- watch
# pods eviction needed for restart
- apiGroups:
- ""
@ -151,6 +149,8 @@ rules:
- update
- patch
- delete
{{- if .Values.providerRBAC.enabled }}
{{- if .Values.providerRBAC.providers.istio }}
# virtualservice/destinationrule access needed for using the Istio provider
- apiGroups:
- networking.istio.io
@ -163,6 +163,8 @@ rules:
- update
- patch
- list
{{- end }}
{{- if .Values.providerRBAC.providers.smi }}
# trafficsplit access needed for using the SMI provider
- apiGroups:
- split.smi-spec.io
@ -174,6 +176,8 @@ rules:
- get
- update
- patch
{{- end }}
{{- if .Values.providerRBAC.providers.ambassador }}
# ambassador access needed for Ambassador provider
- apiGroups:
- getambassador.io
@ -188,7 +192,9 @@ rules:
- update
- list
- delete
# Endpoints and TargetGroupBindings needed for ALB target group verification
{{- end }}
{{- if .Values.providerRBAC.providers.awsLoadBalancerController }}
# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller
- apiGroups:
- ""
resources:
@ -202,6 +208,8 @@ rules:
verbs:
- list
- get
{{- end }}
{{- if .Values.providerRBAC.providers.awsAppMesh }}
# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider
- apiGroups:
- appmesh.k8s.aws
@ -224,3 +232,27 @@ rules:
- update
- patch
{{- end }}
{{- if .Values.providerRBAC.providers.traefik }}
# Traefik access needed when using the Traefik provider
- apiGroups:
- traefik.containo.us
resources:
- traefikservices
verbs:
- watch
- get
- update
{{- end }}
{{- if .Values.providerRBAC.providers.apisix }}
# Access needed when using the Apisix provider
- apiGroups:
- apisix.apache.org
resources:
- apisixroutes
verbs:
- watch
- get
- update
{{- end }}
{{- end }}
{{- end }}

View file

@ -83,6 +83,18 @@ spec:
affinity:
{{- toYaml .Values.controller.affinity | nindent 8 }}
{{- end }}
{{- with .Values.controller.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
{{- if not $constraint.labelSelector }}
labelSelector:
matchLabels:
app.kubernetes.io/component: {{ $.Values.controller.component }}
{{- include "argo-rollouts.selectorLabels" $ | nindent 12 }}
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.controller.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}

View file

@ -56,7 +56,19 @@ rules:
- update
- patch
- delete
# deployments and podtemplates read access needed for workload reference support
- apiGroups:
- ""
- apps
resources:
- deployments
- podtemplates
verbs:
- get
- list
- watch
# services patch needed to update selector of canary/stable/active/preview services
# services create needed to create and delete services for experiments
- apiGroups:
- ""
resources:
@ -66,8 +78,18 @@ rules:
- list
- watch
- patch
# secret access to run analysis templates which reference secrets
# configmap access to read notification-engine configuration
- create
- delete
# leases create/get/update needed for leader election
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- get
- update
# secret read access to run analysis templates which reference secrets
- apiGroups:
- ""
resources:
@ -77,9 +99,6 @@ rules:
- get
- list
- watch
- create
- patch
- update
# pod list/update needed for updating ephemeral data
- apiGroups:
- ""
@ -88,6 +107,7 @@ rules:
verbs:
- list
- update
- watch
# pods eviction needed for restart
- apiGroups:
- ""
@ -129,16 +149,22 @@ rules:
- update
- patch
- delete
# virtualservice access needed for using the Istio provider
{{- if .Values.providerRBAC.enabled }}
{{- if .Values.providerRBAC.providers.istio }}
# virtualservice/destinationrule access needed for using the Istio provider
- apiGroups:
- networking.istio.io
resources:
- virtualservices
- destinationrules
verbs:
- watch
- get
- update
- patch
- list
{{- end }}
{{- if .Values.providerRBAC.providers.smi }}
# trafficsplit access needed for using the SMI provider
- apiGroups:
- split.smi-spec.io
@ -151,3 +177,82 @@ rules:
- update
- patch
{{- end }}
{{- if .Values.providerRBAC.providers.ambassador }}
# ambassador access needed for Ambassador provider
- apiGroups:
- getambassador.io
- x.getambassador.io
resources:
- mappings
- ambassadormappings
verbs:
- create
- watch
- get
- update
- list
- delete
{{- end }}
{{- if .Values.providerRBAC.providers.awsLoadBalancerController }}
# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
- apiGroups:
- elbv2.k8s.aws
resources:
- targetgroupbindings
verbs:
- list
- get
{{- end }}
{{- if .Values.providerRBAC.providers.awsAppMesh }}
# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider
- apiGroups:
- appmesh.k8s.aws
resources:
- virtualservices
verbs:
- watch
- get
- list
# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider
- apiGroups:
- appmesh.k8s.aws
resources:
- virtualnodes
- virtualrouters
verbs:
- watch
- get
- list
- update
- patch
{{- end }}
{{- if .Values.providerRBAC.providers.traefik }}
# Traefik access needed when using the Traefik provider
- apiGroups:
- traefik.containo.us
resources:
- traefikservices
verbs:
- watch
- get
- update
{{- end }}
{{- if .Values.providerRBAC.providers.apisix }}
# Access needed when using the Apisix provider
- apiGroups:
- apisix.apache.org
resources:
- apisixroutes
verbs:
- watch
- get
- update
{{- end }}
{{- end }}
{{- end }}

View file

@ -2742,6 +2742,9 @@ spec:
type: array
insecure:
type: boolean
jsonBody:
type: object
x-kubernetes-preserve-unknown-fields: true
jsonPath:
type: string
method:

View file

@ -2738,6 +2738,9 @@ spec:
type: array
insecure:
type: boolean
jsonBody:
type: object
x-kubernetes-preserve-unknown-fields: true
jsonPath:
type: string
method:

View file

@ -2738,6 +2738,9 @@ spec:
type: array
insecure:
type: boolean
jsonBody:
type: object
x-kubernetes-preserve-unknown-fields: true
jsonPath:
type: string
method:

View file

@ -89,6 +89,12 @@ spec:
revisionHistoryLimit:
format: int32
type: integer
rollbackWindow:
properties:
revisions:
format: int32
type: integer
type: object
selector:
properties:
matchExpressions:
@ -397,6 +403,9 @@ spec:
- type: integer
- type: string
x-kubernetes-int-or-string: true
minPodsPerReplicaSet:
format: int32
type: integer
pingPong:
properties:
pingService:
@ -713,6 +722,20 @@ spec:
required:
- mappings
type: object
apisix:
properties:
route:
properties:
name:
type: string
rules:
items:
type: string
type: array
required:
- name
type: object
type: object
appMesh:
properties:
virtualNodeGroup:
@ -770,6 +793,14 @@ spec:
items:
type: string
type: array
tcpRoutes:
items:
properties:
port:
format: int64
type: integer
type: object
type: array
tlsRoutes:
items:
properties:
@ -794,6 +825,14 @@ spec:
items:
type: string
type: array
tcpRoutes:
items:
properties:
port:
format: int64
type: integer
type: object
type: array
tlsRoutes:
items:
properties:

View file

@ -44,17 +44,18 @@ rules:
- get
- list
- watch
# deployments and podtemplates read access needed for workload reference support
- apiGroups:
- ""
- apps
resources:
- deployments
- podtemplates
verbs:
- get
- list
- watch
{{- if not .Values.dashboard.readonly }}
- update
- patch
{{- end }}
- apiGroups:
- apps
resources:

View file

@ -65,6 +65,18 @@ spec:
affinity:
{{- toYaml .Values.dashboard.affinity | nindent 8 }}
{{- end }}
{{- with .Values.dashboard.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
{{- if not $constraint.labelSelector }}
labelSelector:
matchLabels:
{{- include "argo-rollouts.selectorLabels" $ | nindent 12 }}
app.kubernetes.io/component: {{ $.Values.dashboard.component }}
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.dashboard.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}

View file

@ -47,6 +47,15 @@ controller:
tolerations: []
# -- Assign custom [affinity] rules to the deployment
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the controller
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- [priorityClassName] for the controller
priorityClassName: ""
# -- The number of controller pods to run
@ -181,6 +190,26 @@ podLabels: {}
imagePullSecrets: []
# - name: argo-pull-secret
providerRBAC:
# -- Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole
enabled: true
# providerRBAC.enabled must be true in order to toggle the individual providers
providers:
# -- Adds RBAC rules for the Istio provider
istio: true
# -- Adds RBAC rules for the SMI provider
smi: true
# -- Adds RBAC rules for the Ambassador provider
ambassador: true
# -- Adds RBAC rules for the AWS Load Balancer Controller provider
awsLoadBalancerController: true
# -- Adds RBAC rules for the AWS App Mesh provider
awsAppMesh: true
# -- Adds RBAC rules for the Traefik provider
traefik: true
# -- Adds RBAC rules for the Apisix provider
apisix: true
dashboard:
# -- Deploy dashboard server
enabled: false
@ -194,6 +223,15 @@ dashboard:
tolerations: []
# -- Assign custom [affinity] rules to the deployment
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the dashboard server
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- [priorityClassName] for the dashboard server
priorityClassName: ""

View file

@ -1,9 +1,9 @@
apiVersion: v2
appVersion: v3.4.4
appVersion: v3.4.5
name: argo-workflows
description: A Helm chart for Argo Workflows
type: application
version: 0.20.12
version: 0.22.14
icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png
home: https://github.com/argoproj/argo-helm
sources:
@ -13,4 +13,5 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- "[Changed]: Update Argo Workflows to v3.4.4"
- kind: added
description: Add install guide on README.

View file

@ -13,6 +13,38 @@ A few options are:
- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec
- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
### Custom resource definitions
Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart.
Helm cannot upgrade custom resource definitions in the `<chart>/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `<chart>/templates` to address this design decision.
If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:
```bash
kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=<appVersion>"
# Eg. version v3.3.9
kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9"
```
## Installing the Chart
To install the chart with the release name `my-release`:
```console
$ helm repo add argo https://argoproj.github.io/argo-helm
"argo" has been added to your repositories
$ helm install my-release argo/argo-workflows
NAME: my-release
...
```
## Changelog
For full list of changes, please check ArtifactHub [changelog].
## Usage Notes
### Workflow controller
@ -45,6 +77,7 @@ Fields to note:
| crds.install | bool | `true` | Install and upgrade CRDs |
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
| createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds |
| emissary.images | list | `[]` | The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. |
| extraObjects | list | `[]` | Array of extra K8s manifests to deploy |
| fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template |
| images.pullPolicy | string | `"Always"` | imagePullPolicy to apply to all containers |
@ -82,9 +115,11 @@ Fields to note:
| controller.instanceID.enabled | bool | `false` | Configures the controller to filter workflow submissions to only those which have a matching instanceID attribute. |
| controller.instanceID.explicitID | string | `""` | Use a custom instanceID |
| controller.instanceID.useReleaseName | bool | `false` | Use ReleaseName as instanceID |
| controller.kubeConfig | object | `{}` (See [values.yaml]) | Configure when workflow controller runs in a different k8s cluster with the workflow workloads, or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. |
| controller.links | list | `[]` | Configure Argo Server to show custom [links] |
| controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller |
| controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
| controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) |
| controller.logging.globallevel | string | `"0"` | Set the glog logging level |
| controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) |
| controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server |
@ -99,11 +134,14 @@ Fields to note:
| controller.name | string | `"workflow-controller"` | Workflow controller name string |
| controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace |
| controller.navColor | string | `""` | Set ui navigation bar background color |
| controller.nodeEvents.enabled | bool | `true` | Enable to emit events on node completion. |
| controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] |
| controller.parallelism | string | `nil` | parallelism dictates how many workflows can be running at the same time |
| controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods |
| controller.persistence | object | `{}` | enable persistence using postgres |
| controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods |
| controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. |
| controller.podGCGracePeriodSeconds | string | `30` seconds (Kubernetes default) | Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. |
| controller.podLabels | object | `{}` | Optional labels to add to the controller pods |
| controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods |
| controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. |
@ -146,6 +184,7 @@ Fields to note:
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| mainContainer.env | list | `[]` | Adds environment variables for the Workflow main container |
| mainContainer.envFrom | list | `[]` | Adds reference environment variables for the Workflow main container |
| mainContainer.imagePullPolicy | string | `""` | imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. |
| mainContainer.resources | object | `{}` | Resource limits and requests for the Workflow main container |
| mainContainer.securityContext | object | `{}` | sets security context for the Workflow main container |
@ -189,6 +228,9 @@ Fields to note:
| server.ingress.tls | list | `[]` | Ingress TLS configuration |
| server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` |
| server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
| server.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) |
| server.logging.globallevel | string | `"0"` | Set the glog logging level |
| server.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) |
| server.name | string | `"server"` | Server name string |
| server.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] |
| server.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the server pods |
@ -257,3 +299,4 @@ Fields to note:
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog

View file

@ -13,6 +13,38 @@ A few options are:
- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec
- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
### Custom resource definitions
Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart.
Helm cannot upgrade custom resource definitions in the `<chart>/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `<chart>/templates` to address this design decision.
If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:
```bash
kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=<appVersion>"
# Eg. version v3.3.9
kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9"
```
## Installing the Chart
To install the chart with the release name `my-release`:
```console
$ helm repo add argo https://argoproj.github.io/argo-helm
"argo" has been added to your repositories
$ helm install my-release argo/argo-workflows
NAME: my-release
...
```
## Changelog
For full list of changes, please check ArtifactHub [changelog].
## Usage Notes
### Workflow controller
@ -135,3 +167,4 @@ Fields to note:
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog

View file

@ -45,6 +45,32 @@ Create chart name and version as used by the chart label.
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create kubernetes friendly chart version label for the controller.
Examples:
image.tag = v3.4.4
output = v3.4.4
image.tag = v3.4.4@sha256:d06860f1394a94ac3ff8401126ef32ba28915aa6c3c982c7e607ea0b4dadb696
output = v3.4.4
*/}}
{{- define "argo-workflows.controller_chart_version_label" -}}
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag) "") "" | trunc 63 | quote -}}
{{- end -}}
{{/*
Create kubernetes friendly chart version label for the server.
Examples:
image.tag = v3.4.4
output = v3.4.4
image.tag = v3.4.4@sha256:d06860f1394a94ac3ff8401126ef32ba28915aa6c3c982c7e607ea0b4dadb696
output = v3.4.4
*/}}
{{- define "argo-workflows.server_chart_version_label" -}}
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-workflows.defaultTag" .) .Values.server.image.tag) "") "" | trunc 63 | quote -}}
{{- end -}}
{{/*
Common labels
*/}}
@ -103,17 +129,6 @@ Return the appropriate apiVersion for ingress
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for pod disruption budget
*/}}
{{- define "argo-workflows.podDisruptionBudget.apiVersion" -}}
{{- if semverCompare "<1.21-0" (include "argo-workflows.kubeVersion" $) -}}
{{- print "policy/v1beta1" -}}
{{- else -}}
{{- print "policy/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the target Kubernetes version
*/}}
@ -127,3 +142,14 @@ Return the default Argo Workflows app version
{{- define "argo-workflows.defaultTag" -}}
{{- default .Chart.AppVersion .Values.images.tag }}
{{- end -}}
{{/*
Return full image name including or excluding registry based on existence
*/}}
{{- define "argo-workflows.image" -}}
{{- if and .image.registry .image.repository -}}
{{ .image.registry }}/{{ .image.repository }}
{{- else -}}
{{ .image.repository }}
{{- end -}}
{{- end -}}

View file

@ -14,7 +14,6 @@ rules:
- ""
resources:
- pods
- pods/exec
verbs:
- create
- get
@ -23,6 +22,12 @@ rules:
- update
- patch
- delete
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
- apiGroups:
- ""
resources:

View file

@ -25,7 +25,7 @@ data:
{{- with .Values.controller.initialDelay }}
initialDelay: {{ . }}
{{- end }}
{{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.securityContext}}
{{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.envFrom .Values.mainContainer.securityContext}}
mainContainer:
imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.mainContainer.imagePullPolicy }}
{{- with .Values.mainContainer.resources }}
@ -34,6 +34,9 @@ data:
{{- with .Values.mainContainer.env }}
env: {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.mainContainer.envFrom }}
envFrom: {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.mainContainer.securityContext }}
securityContext: {{- toYaml . | nindent 8 }}
{{- end }}
@ -170,3 +173,20 @@ data:
{{- with .Values.controller.retentionPolicy }}
retentionPolicy: {{- toYaml . | nindent 6 }}
{{- end }}
<<<<<<< HEAD
=======
{{- with .Values.emissary.images }}
images: {{- toYaml . | nindent 6 }}
{{- end }}
nodeEvents:
enabled: {{ .Values.controller.nodeEvents.enabled }}
{{- with .Values.controller.kubeConfig }}
kubeConfig: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.controller.podGCGracePeriodSeconds }}
podGCGracePeriodSeconds: {{ . }}
{{- end }}
{{- with .Values.controller.podGCDeleteDelayDuration }}
podGCDeleteDelayDuration: {{ . }}
{{- end }}
>>>>>>> argo-cd-5.27.1

View file

@ -1,5 +1,5 @@
{{- if .Values.controller.pdb.enabled }}
apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ template "argo-workflows.controller.fullname" . }}

View file

@ -4,7 +4,7 @@ metadata:
name: {{ template "argo-workflows.controller.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }}
app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }}
{{- with .Values.controller.deploymentAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
@ -18,7 +18,7 @@ spec:
metadata:
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }}
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }}
app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }}
{{- with.Values.controller.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
@ -34,18 +34,20 @@ spec:
{{- end }}
containers:
- name: controller
image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}"
image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}"
imagePullPolicy: {{ .Values.images.pullPolicy }}
command: [ "workflow-controller" ]
args:
- "--configmap"
- "{{ template "argo-workflows.controller.fullname" . }}-configmap"
- "--executor-image"
- "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}"
- "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}"
- "--loglevel"
- "{{ .Values.controller.logging.level }}"
- "--gloglevel"
- "{{ .Values.controller.logging.globallevel }}"
- "--log-format"
- "{{ .Values.controller.logging.format }}"
{{- if .Values.singleNamespace }}
- "--namespaced"
{{- end }}

View file

@ -42,6 +42,7 @@ rules:
- argoproj.io
resources:
- workflowtasksets
- workflowartifactgctasks
verbs:
- list
- watch
@ -49,8 +50,7 @@ rules:
- argoproj.io
resources:
- workflowtasksets/status
{{/* TODO: This resource is for app version <= v3.2, so please remove it when app version v3.2 is no more used. */}}
- workflowtasksets
- workflowartifactgctasks/status
verbs:
- patch
{{- end }}

View file

@ -23,13 +23,21 @@ rules:
- ""
resources:
- pods
- pods/exec
- pods/log
verbs:
- get
- list
- watch
- delete
<<<<<<< HEAD
=======
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- list
>>>>>>> argo-cd-5.27.1
{{- if .Values.server.sso }}
- apiGroups:
- ""

View file

@ -1,5 +1,5 @@
{{- if and .Values.server.enabled .Values.server.pdb.enabled -}}
apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ template "argo-workflows.server.fullname" . }}

View file

@ -5,7 +5,7 @@ metadata:
name: {{ template "argo-workflows.server.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }}
app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }}
{{- with .Values.server.deploymentAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
@ -19,7 +19,7 @@ spec:
metadata:
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }}
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }}
app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }}
{{- with .Values.server.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
@ -35,7 +35,7 @@ spec:
{{- end }}
containers:
- name: argo-server
image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}"
image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.server.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}"
imagePullPolicy: {{ .Values.images.pullPolicy }}
securityContext:
{{- toYaml .Values.server.securityContext | nindent 12 }}
@ -49,6 +49,12 @@ spec:
{{- if .Values.singleNamespace }}
- "--namespaced"
{{- end }}
- "--loglevel"
- "{{ .Values.server.logging.level }}"
- "--gloglevel"
- "{{ .Values.server.logging.globallevel }}"
- "--log-format"
- "{{ .Values.server.logging.format }}"
ports:
- name: web
containerPort: 2746

View file

@ -5,7 +5,7 @@ metadata:
name: {{ template "argo-workflows.server.fullname" . }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }}
app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }}
{{- with .Values.server.serviceAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}

View file

@ -216,6 +216,8 @@ controller:
level: info
# -- Set the glog logging level
globallevel: "0"
# -- Set the logging format (one of: `text`, `json`)
format: "text"
# -- Service type of the controller Service
serviceType: ClusterIP
@ -297,6 +299,33 @@ controller:
# failed: 3
# errored: 3
nodeEvents:
# -- Enable to emit events on node completion.
## This can take up a lot of space in k8s (typically etcd) resulting in errors when trying to create new events:
## "Unable to create audit event: etcdserver: mvcc: database space exceeded"
enabled: true
# -- Configure when workflow controller runs in a different k8s cluster with the workflow workloads,
# or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret.
# @default -- `{}` (See [values.yaml])
kubeConfig: {}
# # name of the kubeconfig secret, may not be empty when kubeConfig specified
# secretName: kubeconfig-secret
# # key of the kubeconfig secret, may not be empty when kubeConfig specified
# secretKey: kubeconfig
# # mounting path of the kubeconfig secret, default to /kube/config
# mountPath: /kubeconfig/mount/path
# # volume name when mounting the secret, default to kubeconfig
# volumeName: kube-config-volume
# -- Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately.
# @default -- `30` seconds (Kubernetes default)
podGCGracePeriodSeconds:
# -- The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately.
# @default -- `5s` (Argo Workflows default)
podGCDeleteDelayDuration: ""
# mainContainer adds default config for main container that could be overriden in workflows template
mainContainer:
# -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`.
@ -305,6 +334,8 @@ mainContainer:
resources: {}
# -- Adds environment variables for the Workflow main container
env: []
# -- Adds reference environment variables for the Workflow main container
envFrom: []
# -- sets security context for the Workflow main container
securityContext: {}
@ -440,6 +471,14 @@ server:
# extraArgs:
# - --auth-mode=server
logging:
# -- Set the logging level (one of: `debug`, `info`, `warn`, `error`)
level: info
# -- Set the glog logging level
globallevel: "0"
# -- Set the logging format (one of: `text`, `json`)
format: "text"
# -- Additional volume mounts to the server main container.
volumeMounts: []
# -- Additional volumes to the server pod.
@ -630,3 +669,12 @@ customArtifactRepository: {}
# passwordSecret:
# name: artifactory-creds
# key: password
emissary:
# -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used.
## See more: https://argoproj.github.io/argo-workflows/workflow-executors/#emissary-emissary
images: []
# argoproj/argosay:v2:
# cmd: [/argosay]
# docker/whalesay:latest:
# cmd: [/bin/bash]

View file

@ -2,7 +2,7 @@ apiVersion: v2
name: argocd-apps
description: A Helm chart for managing additional Argo CD Applications and Projects
type: application
version: 0.0.3
version: 0.0.9
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
keywords:
@ -14,4 +14,5 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- "[Added]: Add Extensions"
- kind: added
description: Multiple sources for Application and ApplicationSet

View file

@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late
- CRDs (Application and AppProject)
- You need to install them via [argo-cd Helm chart](../argo-cd) or upstream.
## Changelog
For full list of changes, please check ArtifactHub [changelog].
## Installation
```console
@ -31,3 +35,5 @@ $ helm install my-release argo/argocd-apps
----------------------------------------------
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog

View file

@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late
- CRDs (Application and AppProject)
- You need to install them via [argo-cd Helm chart](../argo-cd) or upstream.
## Changelog
For full list of changes, please check ArtifactHub [changelog].
## Installation
```console
@ -24,3 +28,5 @@ $ helm install my-release argo/argocd-apps
----------------------------------------------
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog

View file

@ -0,0 +1,28 @@
# Test with multi-source applications
applications:
- name: argocd-application-multiple-sources
additionalLabels: {}
additionalAnnotations: {}
finalizers:
- resources-finalizer.argocd.argoproj.io
project: default
sources:
- chart: elasticsearch
repoURL: https://helm.elastic.co
targetRevision: 8.5.1
- repoURL: https://github.com/argoproj/argocd-example-apps.git
path: guestbook
targetRevision: HEAD
destination:
server: https://kubernetes.default.svc
namespace: default
syncPolicy:
automated:
prune: false
selfHeal: false
ignoreDifferences:
- group: apps
kind: Deployment
jsonPointers:
- /spec/replicas

Some files were not shown because too many files have changed in this diff Show more