merge 5.27.1
This commit is contained in:
commit
b21dfe08d7
110 changed files with 8663 additions and 1509 deletions
6
.github/workflows/lint-and-test.yml
vendored
6
.github/workflows/lint-and-test.yml
vendored
|
@ -38,8 +38,8 @@ jobs:
|
|||
changed=$(ct --config ./.github/configs/ct-lint.yaml --target-branch ${{ github.base_ref }} list-changed)
|
||||
charts=$(echo "$changed" | tr '\n' ' ' | xargs)
|
||||
if [[ -n "$changed" ]]; then
|
||||
echo "::set-output name=changed::true"
|
||||
echo "::set-output name=changed_charts::$charts"
|
||||
echo "changed=true" >> $GITHUB_OUTPUT
|
||||
echo "changed_charts=$charts" >> $GITHUB_OUTPUT
|
||||
fi
|
||||
|
||||
- name: Run chart-testing (lint)
|
||||
|
@ -58,7 +58,7 @@ jobs:
|
|||
fi
|
||||
|
||||
- name: Create kind cluster
|
||||
uses: helm/kind-action@v1.4.0
|
||||
uses: helm/kind-action@v1.5.0
|
||||
if: steps.list-changed.outputs.changed == 'true'
|
||||
with:
|
||||
config: .github/configs/kind-config.yaml
|
||||
|
|
2
.github/workflows/publish.yml
vendored
2
.github/workflows/publish.yml
vendored
|
@ -40,7 +40,7 @@ jobs:
|
|||
helm package charts/argo-cd -u -d .cr-release-packages/
|
||||
|
||||
- name: Run chart-releaser
|
||||
uses: helm/chart-releaser-action@main
|
||||
uses: helm/chart-releaser-action@v1.5.0
|
||||
with:
|
||||
config: "./.github/configs/cr.yaml"
|
||||
skip_packaging: true
|
||||
|
|
2
.github/workflows/stale.yml
vendored
2
.github/workflows/stale.yml
vendored
|
@ -14,7 +14,7 @@ jobs:
|
|||
pull-requests: write # for actions/stale to close stale PRs
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/stale@v6
|
||||
- uses: actions/stale@v7
|
||||
with:
|
||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
# Number of days of inactivity before an issue becomes stale
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco
|
||||
|
||||
# Argo CD
|
||||
/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth
|
||||
/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil
|
||||
|
||||
# Argo Events
|
||||
/charts/argo-events/ @jbehling @VaibhavPage @pdrastil
|
||||
|
|
153
CONTRIBUTING.md
153
CONTRIBUTING.md
|
@ -2,110 +2,160 @@
|
|||
|
||||
Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently.
|
||||
|
||||
|
||||
# Pull Requests
|
||||
## Pull Requests
|
||||
|
||||
All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project.
|
||||
|
||||
### Pull Request Title Linting
|
||||
|
||||
We lint the title of your pull request to ensure it follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) specification. This is done using GitHub actions and the [action-semantic-pull-request](.github/workflows/pr-title.yml) workflow. We require the scope of the change to be included in the title. The scope should be the name of the chart you are changing. For example, if you are changing the `argo-cd` chart, the title of your pull request should be `fix(argo-cd): Fix typo in values.yaml`.
|
||||
|
||||
## Documentation
|
||||
|
||||
The documentation for each chart is generated with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation.
|
||||
|
||||
We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges):
|
||||
|
||||
```shell
|
||||
./scripts/helm-docs.sh
|
||||
```
|
||||
|
||||
> **Note**
|
||||
> When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file.
|
||||
|
||||
### Updating a chart README.md
|
||||
|
||||
When updating the `README.md.gotmpl` inside a chart directory you must to run the `helm-docs` script to generate the updated `README.md` file. To reiterate, you should not edit the `README.md` file manually. It will be generated by the following command:
|
||||
|
||||
```shell
|
||||
./scripts/helm-docs.sh
|
||||
```
|
||||
|
||||
> **Note**
|
||||
> If you see changes to unrelated chart `README.md` files you may have accidentally updated a `README.md.gotmpl` file in another chart's folder unintentionally or someone else failed to run this script. Please revert those changes if you do not intend them to be a part of your pull request.
|
||||
|
||||
## Versioning
|
||||
|
||||
Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease).
|
||||
Each chart's version follows the [semver standard](https://semver.org/).
|
||||
|
||||
New charts should start at version `1.0.0`, if it's considered stable. If it isn't considered stable, it must be released as `prerelease`.
|
||||
|
||||
Any breaking changes to a chart (backwards incompatible) require:
|
||||
|
||||
* Bump of the current Major version of the chart
|
||||
* State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades))
|
||||
* Bump of the current Major version of the chart
|
||||
* State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl`
|
||||
|
||||
### New Application Versions
|
||||
|
||||
When selecting new application versions ensure you make the following changes:
|
||||
|
||||
* `values.yaml`: Bump all instances of the container image version
|
||||
* `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version`
|
||||
|
||||
Please ensure chart version changes adhere to semantic versioning standards:
|
||||
|
||||
* Major: Large chart rewrites, major non-backwards compatible or destructive changes
|
||||
* Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes
|
||||
* Patch: App version patch updates, backwards compatible optional chart features
|
||||
|
||||
### Immutability
|
||||
|
||||
Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error.
|
||||
|
||||
### Chart Versioning
|
||||
|
||||
Currently we require a chart version bump for every change to a chart, including updating information for older verions. This may change in the future.
|
||||
|
||||
### Artifact Hub Annotations
|
||||
|
||||
Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub.
|
||||
|
||||
* [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/)
|
||||
* [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/)
|
||||
|
||||
#### Changelog
|
||||
|
||||
We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release.
|
||||
|
||||
Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template:
|
||||
Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file).
|
||||
|
||||
A new `artifacthub.io/changes` needs to be written covering only the changes since the previous release.
|
||||
|
||||
Each change requires a new bullet point following the pattern. See more information [Artifact Hub annotations in Helm Chart.yaml file](https://artifacthub.io/docs/topics/annotations/helm/).
|
||||
|
||||
```yaml
|
||||
- kind: {type}
|
||||
description: {description}
|
||||
```
|
||||
|
||||
You can use the following template:
|
||||
|
||||
```yaml
|
||||
name: argo-cd
|
||||
version: 3.4.1
|
||||
version: 5.19.12
|
||||
...
|
||||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- "[Added]: Something New was added"
|
||||
- "[Changed]: Changed Something within this chart"
|
||||
- "[Changed]: Changed Something else within this chart"
|
||||
- "[Deprecated]: Something deprecated"
|
||||
- "[Removed]: Something was removed"
|
||||
- "[Fixed]: Something was fixed"
|
||||
- "[Security]": Some Security Patch was included"
|
||||
- kind: added
|
||||
description: Something New was added
|
||||
- kind: changed
|
||||
description: Changed Something within this chart
|
||||
- kind: changed
|
||||
description: Changed Something else within this chart
|
||||
- kind: deprecated
|
||||
description: Something deprecated
|
||||
- kind: removed
|
||||
description: Something was removed
|
||||
- kind: fixed
|
||||
description: Something was fixed
|
||||
- kind: security
|
||||
description: Some Security Patch was included
|
||||
```
|
||||
|
||||
## Documentation
|
||||
## Testing
|
||||
|
||||
The documentation for each chart is done with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation.
|
||||
|
||||
We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges):
|
||||
|
||||
```
|
||||
bash scripts/helm-docs.sh
|
||||
```
|
||||
|
||||
**NOTE**: When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file.
|
||||
|
||||
|
||||
|
||||
# Testing
|
||||
|
||||
## Testing Argo Workflows Changes
|
||||
### Testing Argo Workflows Changes
|
||||
|
||||
Minimally:
|
||||
|
||||
```
|
||||
```shell
|
||||
helm install charts/argo-workflows -n argo
|
||||
argo version
|
||||
```
|
||||
|
||||
Follow this instructions for running a hello world workflow.
|
||||
Follow [these](https://argoproj.github.io/argo-workflows/quick-start/#submitting-an-example-workflow) instructions for running a hello world workflow.
|
||||
|
||||
## Testing Argo CD Changes
|
||||
### Testing Argo CD Changes
|
||||
|
||||
Clean-up:
|
||||
|
||||
```
|
||||
```shell
|
||||
helm delete argo-cd --purge
|
||||
kubectl delete crd -l app.kubernetes.io/part-of=argocd
|
||||
```
|
||||
|
||||
Pre-requisites:
|
||||
```
|
||||
|
||||
```shell
|
||||
helm repo add redis-ha https://dandydeveloper.github.io/charts/
|
||||
helm dependency update
|
||||
```
|
||||
|
||||
Minimally:
|
||||
|
||||
```
|
||||
```shell
|
||||
helm install argocd argo/argo-cd -n argocd --create-namespace
|
||||
kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443
|
||||
```
|
||||
|
||||
In a new terminal:
|
||||
|
||||
```
|
||||
```shell
|
||||
argocd version --server localhost:8080 --insecure
|
||||
# reset password to 'Password1!'
|
||||
kubectl -n argocd patch secret argocd-secret \
|
||||
-p '{"stringData": {
|
||||
"admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O",
|
||||
"admin.passwordMtime": "'$(date +%FT%T%Z)'"
|
||||
"admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O",
|
||||
"admin.passwordMtime": "'$(date +%FT%T%Z)'"
|
||||
}}'
|
||||
argocd login localhost:8080 --username admin --password 'Password1!'
|
||||
|
||||
|
@ -114,38 +164,25 @@ argocd login localhost:8080 --username admin --password 'Password1!'
|
|||
|
||||
Create and sync app:
|
||||
|
||||
```
|
||||
```shell
|
||||
argocd app create guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --path guestbook --project default --repo https://github.com/argoproj/argocd-example-apps.git
|
||||
argocd app sync guestbook
|
||||
```
|
||||
|
||||
## New Application Versions
|
||||
|
||||
When raising application versions ensure you make the following changes:
|
||||
|
||||
- `values.yaml`: Bump all instances of the container image version
|
||||
- `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version`
|
||||
|
||||
Please ensure chart version changes adhere to semantic versioning standards:
|
||||
|
||||
- Patch: App version patch updates, backwards compatible optional chart features
|
||||
- Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes
|
||||
- Major: Large chart rewrites, major non-backwards compatible or destructive changes
|
||||
|
||||
## Testing Charts
|
||||
### Testing Charts
|
||||
|
||||
As part of the Continuous Integration system we run Helm's [Chart Testing](https://github.com/helm/chart-testing) tool.
|
||||
|
||||
The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames.
|
||||
The checks for Chart Testing are stricter than the standard Helm requirements. For example, fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames.
|
||||
|
||||
Linting configuration can be found in [ct-lint.yaml](./.github/configs/ct-lint.yaml)
|
||||
|
||||
The linting can be invoked manually with the following command:
|
||||
|
||||
```
|
||||
```shell
|
||||
./scripts/lint.sh
|
||||
```
|
||||
|
||||
## Publishing Changes
|
||||
|
||||
Changes are automatically publish whenever a commit is merged to main. The CI job (see `./.github/workflows/publish.yml`).
|
||||
Changes are automatically publish whenever a commit is merged to the `main` branch by the CI job (see `./.github/workflows/publish.yml`).
|
||||
|
|
22
README.md
22
README.md
|
@ -1,5 +1,6 @@
|
|||
# Argo Helm Charts
|
||||
|
||||
[](https://argoproj.github.io/community/join-slack)
|
||||
[](https://opensource.org/licenses/Apache-2.0)
|
||||
[](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml)
|
||||
[](https://artifacthub.io/packages/search?repo=argo)
|
||||
|
@ -7,7 +8,7 @@
|
|||
|
||||
Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command:
|
||||
|
||||
```
|
||||
```bash
|
||||
helm repo add argo https://argoproj.github.io/argo-helm
|
||||
```
|
||||
|
||||
|
@ -15,10 +16,27 @@ helm repo add argo https://argoproj.github.io/argo-helm
|
|||
|
||||
We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details.
|
||||
|
||||
### Custom resource definitions
|
||||
|
||||
Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of the main four charts (argo-cd, argo-workflows, argo-events, argo-rollouts) by using `--set crds.install=false` when installing the chart.
|
||||
|
||||
Helm cannot upgrade custom resource definitions in the `<chart>/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `<chart>/templates` to address this design decision.
|
||||
|
||||
If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:
|
||||
|
||||
Example:
|
||||
|
||||
```bash
|
||||
kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=<appVersion>"
|
||||
|
||||
# Eg. version v2.4.9
|
||||
kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9"
|
||||
```
|
||||
|
||||
### Security Policy
|
||||
|
||||
If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new).
|
||||
|
||||
### Changelog
|
||||
|
||||
Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog).
|
||||
Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog).
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
dependencies:
|
||||
- name: redis-ha
|
||||
repository: https://dandydeveloper.github.io/charts/
|
||||
version: 4.22.3
|
||||
digest: sha256:ef6269e4e073dad10c230ccfb069fc013608111c895c5e7568450bb3967cf195
|
||||
generated: "2022-11-03T12:04:33.673857+09:00"
|
||||
version: 4.22.4
|
||||
digest: sha256:5df60910862b364ebfb82cba2b2f0951c39ad36446647fb3f501bdeadc92fbd7
|
||||
generated: "2022-12-26T22:58:11.561184+09:00"
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
apiVersion: v2
|
||||
appVersion: v2.5.5-cap-CR-16950
|
||||
appVersion: v2.6.0-cap-CR-17237
|
||||
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
|
||||
name: argo-cd
|
||||
version: 5.16.0-2-cap-CR-16950
|
||||
version: 5.27.1-1-cap-CR-17237
|
||||
kubeVersion: ">=1.22.0-0"
|
||||
home: https://github.com/argoproj/argo-helm
|
||||
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
|
||||
|
@ -18,9 +18,10 @@ maintainers:
|
|||
url: https://argoproj.github.io/
|
||||
dependencies:
|
||||
- name: redis-ha
|
||||
version: 4.22.3
|
||||
version: 4.22.4
|
||||
repository: https://dandydeveloper.github.io/charts/
|
||||
condition: redis-ha.enabled
|
||||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- "[Added]: Ability to annotate Deployment and Statefulset objects for all components"
|
||||
- kind: changed
|
||||
description: Upgrade Argo CD to v2.6.6
|
||||
|
|
|
@ -105,14 +105,29 @@ For full list of changes please check ArtifactHub [changelog].
|
|||
|
||||
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
|
||||
|
||||
### 5.24.0
|
||||
|
||||
This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
|
||||
Default `global.affinity` rules can be disabled when `none` value is used for the preset.
|
||||
|
||||
### 5.22.0
|
||||
|
||||
This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.
|
||||
|
||||
### 5.19.0
|
||||
|
||||
This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections.
|
||||
You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories.
|
||||
|
||||
### 5.13.0
|
||||
|
||||
This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter.
|
||||
|
||||
### 5.12.0
|
||||
|
||||
This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server.
|
||||
If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret.
|
||||
If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead.
|
||||
For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`.
|
||||
For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys.
|
||||
|
||||
### 5.10.0
|
||||
|
||||
|
@ -359,12 +374,11 @@ NAME: my-release
|
|||
| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart |
|
||||
| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart |
|
||||
| apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart |
|
||||
| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart |
|
||||
| apiVersionOverrides.pdb | string | `""` | String to override apiVersion of pod disruption budgets rendered by this helm chart |
|
||||
| crds.annotations | object | `{}` | Annotations to be added to all CRDs |
|
||||
| crds.install | bool | `true` | Install and upgrade CRDs |
|
||||
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
|
||||
| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds |
|
||||
| createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources |
|
||||
| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. |
|
||||
| extraObjects | list | `[]` | Array of extra K8s manifests to deploy |
|
||||
| fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` |
|
||||
| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests |
|
||||
|
@ -376,6 +390,9 @@ NAME: my-release
|
|||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| global.additionalLabels | object | `{}` | Common labels for the all resources |
|
||||
| global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity |
|
||||
| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` |
|
||||
| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` |
|
||||
| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments |
|
||||
| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files |
|
||||
| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments |
|
||||
|
@ -386,11 +403,15 @@ NAME: my-release
|
|||
| global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` |
|
||||
| global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components |
|
||||
| global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic |
|
||||
| global.nodeSelector | object | `{}` | Default node selector for all components |
|
||||
| global.podAnnotations | object | `{}` | Annotations for the all deployed pods |
|
||||
| global.podLabels | object | `{}` | Labels for the all deployed pods |
|
||||
| global.priorityClassName | string | `""` | Default priority class for all components |
|
||||
| global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. |
|
||||
| global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. |
|
||||
| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets |
|
||||
| global.tolerations | object | `{}` | Default tolerations for all components |
|
||||
| global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components |
|
||||
|
||||
## Argo CD Configs
|
||||
|
||||
|
@ -401,17 +422,20 @@ NAME: my-release
|
|||
| configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning |
|
||||
| configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI |
|
||||
| configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement |
|
||||
| configs.cm."timeout.hard.reconciliation" | int | `0` | Timeout to refresh application data as well as target manifests cache |
|
||||
| configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache |
|
||||
| configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository |
|
||||
| configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap |
|
||||
| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] |
|
||||
| configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO |
|
||||
| configs.cmp.annotations | object | `{}` | Annotations to be added to argocd-cmp-cm configmap |
|
||||
| configs.cmp.create | bool | `false` | Create the argocd-cmp-cm configmap |
|
||||
| configs.cmp.plugins | object | `{}` | Plugin yaml files to be added to argocd-cmp-cm |
|
||||
| configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos |
|
||||
| configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret |
|
||||
| configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap |
|
||||
| configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring |
|
||||
| configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts |
|
||||
| configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations |
|
||||
| configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability |
|
||||
| configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` |
|
||||
| configs.params."controller.operation.processors" | int | `10` | Number of application operation processors |
|
||||
| configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. |
|
||||
| configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts |
|
||||
|
@ -443,25 +467,31 @@ NAME: my-release
|
|||
| configs.secret.githubSecret | string | `""` | Shared secret for authenticating GitHub webhook events |
|
||||
| configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events |
|
||||
| configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events |
|
||||
| configs.secret.labels | object | `{}` | Labels to be added to argocd-secret |
|
||||
| configs.ssh.annotations | object | `{}` | Annotations to be added to argocd-ssh-known-hosts-cm configmap |
|
||||
| configs.ssh.extraHosts | string | `""` | Additional known hosts for private repositories |
|
||||
| configs.ssh.knownHosts | string | See [values.yaml] | Known hosts to be added to the known host list by default. |
|
||||
| configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. |
|
||||
| configs.tlsCerts | object | See [values.yaml] | TLS certificate |
|
||||
| configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations |
|
||||
| configs.tls.annotations | object | `{}` | Annotations to be added to argocd-tls-certs-cm configmap |
|
||||
| configs.tls.certificates | object | `{}` (See [values.yaml]) | TLS certificates for Git repositories |
|
||||
|
||||
## Argo CD Controller
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
|
||||
| controller.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
|
||||
| controller.args | object | `{}` | DEPRECATED - Application controller commandline flags |
|
||||
| controller.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments |
|
||||
| controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource |
|
||||
| controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource |
|
||||
| controller.containerPort | int | `8082` | Application controller listening port |
|
||||
| controller.containerPorts.metrics | int | `8082` | Metrics container port |
|
||||
| controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context |
|
||||
| controller.dnsConfig | object | `{}` | [DNS configuration] |
|
||||
| controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods |
|
||||
| controller.env | list | `[]` | Environment variables to pass to application controller |
|
||||
| controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller |
|
||||
| controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller |
|
||||
| controller.extraContainers | list | `[]` | Additional containers to be added to the application controller pod |
|
||||
| controller.hostNetwork | bool | `false` | Host Network for application controller pods |
|
||||
| controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller |
|
||||
| controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller |
|
||||
| controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller |
|
||||
|
@ -470,7 +500,11 @@ NAME: my-release
|
|||
| controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric |
|
||||
| controller.metrics.applicationLabels.labels | list | `[]` | Additional labels |
|
||||
| controller.metrics.enabled | bool | `false` | Deploy metrics service |
|
||||
| controller.metrics.rules.additionalLabels | object | `{}` | PrometheusRule labels |
|
||||
| controller.metrics.rules.annotations | object | `{}` | PrometheusRule annotations |
|
||||
| controller.metrics.rules.enabled | bool | `false` | Deploy a PrometheusRule for the application controller |
|
||||
| controller.metrics.rules.namespace | string | `""` | PrometheusRule namespace |
|
||||
| controller.metrics.rules.selector | object | `{}` | PrometheusRule selector |
|
||||
| controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller |
|
||||
| controller.metrics.service.annotations | object | `{}` | Metrics service annotations |
|
||||
| controller.metrics.service.labels | object | `{}` | Metrics service labels |
|
||||
|
@ -487,15 +521,15 @@ NAME: my-release
|
|||
| controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
|
||||
| controller.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
|
||||
| controller.name | string | `"application-controller"` | Application controller name string |
|
||||
| controller.nodeSelector | object | `{}` | [Node selector] |
|
||||
| controller.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
|
||||
| controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb |
|
||||
| controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller |
|
||||
| controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb |
|
||||
| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
|
||||
| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
|
||||
| controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
|
||||
| controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods |
|
||||
| controller.podLabels | object | `{}` | Labels to be added to application controller pods |
|
||||
| controller.priorityClassName | string | `""` | Priority class for the application controller pods |
|
||||
| controller.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the application controller pods |
|
||||
| controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
|
||||
| controller.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
|
||||
| controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
|
||||
|
@ -509,8 +543,8 @@ NAME: my-release
|
|||
| controller.serviceAccount.labels | object | `{}` | Labels applied to created service account |
|
||||
| controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name |
|
||||
| controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet |
|
||||
| controller.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller |
|
||||
| controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
|
||||
| controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller |
|
||||
| controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container |
|
||||
| controller.volumes | list | `[]` | Additional volumes to the application controller pod |
|
||||
|
||||
|
@ -518,7 +552,7 @@ NAME: my-release
|
|||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| repoServer.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
|
||||
| repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
|
||||
| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer |
|
||||
| repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server |
|
||||
| repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] |
|
||||
|
@ -526,21 +560,30 @@ NAME: my-release
|
|||
| repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] |
|
||||
| repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] |
|
||||
| repoServer.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-repo-server-tls secret |
|
||||
| repoServer.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-repo-server-tls secret |
|
||||
| repoServer.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. |
|
||||
| repoServer.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. |
|
||||
| repoServer.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) |
|
||||
| repoServer.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) |
|
||||
| repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret |
|
||||
| repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret |
|
||||
| repoServer.certificateSecret.key | string | `""` | Certificate private key |
|
||||
| repoServer.certificateSecret.key | string | `""` | Certificate private key |
|
||||
| repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret |
|
||||
| repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret |
|
||||
| repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments |
|
||||
| repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource |
|
||||
| repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource |
|
||||
| repoServer.containerPort | int | `8081` | Configures the repo server port |
|
||||
| repoServer.containerPorts.metrics | int | `8084` | Metrics container port |
|
||||
| repoServer.containerPorts.server | int | `8081` | Repo server container port |
|
||||
| repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context |
|
||||
| repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment |
|
||||
| repoServer.dnsConfig | object | `{}` | [DNS configuration] |
|
||||
| repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods |
|
||||
| repoServer.env | list | `[]` | Environment variables to pass to repo server |
|
||||
| repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server |
|
||||
| repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server |
|
||||
| repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod |
|
||||
| repoServer.hostNetwork | bool | `false` | Host Network for Repo server pods |
|
||||
| repoServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the repo server |
|
||||
| repoServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the repo server |
|
||||
| repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server |
|
||||
|
@ -567,15 +610,15 @@ NAME: my-release
|
|||
| repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
|
||||
| repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
|
||||
| repoServer.name | string | `"repo-server"` | Repo server name |
|
||||
| repoServer.nodeSelector | object | `{}` | [Node selector] |
|
||||
| repoServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
|
||||
| repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb |
|
||||
| repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server |
|
||||
| repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb |
|
||||
| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
|
||||
| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
|
||||
| repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
|
||||
| repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods |
|
||||
| repoServer.podLabels | object | `{}` | Labels to be added to repo server pods |
|
||||
| repoServer.priorityClassName | string | `""` | Priority class for the repo server |
|
||||
| repoServer.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the repo server pods |
|
||||
| repoServer.rbac | list | `[]` | Repo server rbac rules |
|
||||
| repoServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
|
||||
| repoServer.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
|
||||
|
@ -593,8 +636,8 @@ NAME: my-release
|
|||
| repoServer.serviceAccount.create | bool | `true` | Create repo server service account |
|
||||
| repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account |
|
||||
| repoServer.serviceAccount.name | string | `""` | Repo server service account name |
|
||||
| repoServer.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| repoServer.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the repo server |
|
||||
| repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
|
||||
| repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server |
|
||||
| repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container |
|
||||
| repoServer.volumes | list | `[]` | Additional volumes to the repo server pod |
|
||||
|
||||
|
@ -608,7 +651,7 @@ NAME: my-release
|
|||
| server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] |
|
||||
| server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate |
|
||||
| server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. |
|
||||
| server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
|
||||
| server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
|
||||
| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer |
|
||||
| server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server |
|
||||
| server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] |
|
||||
|
@ -621,7 +664,7 @@ NAME: my-release
|
|||
| server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) |
|
||||
| server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` |
|
||||
| server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` |
|
||||
| server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` |
|
||||
| server.certificate.issuer.name | string | `""` | Certificate issuer name. Eg. `letsencrypt` |
|
||||
| server.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` |
|
||||
| server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` |
|
||||
| server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` |
|
||||
|
@ -633,20 +676,24 @@ NAME: my-release
|
|||
| server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret |
|
||||
| server.certificateSecret.key | string | `""` | Private Key of the certificate |
|
||||
| server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret |
|
||||
| server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments |
|
||||
| server.containerPort | int | `8080` | Configures the server port |
|
||||
| server.containerPorts.metrics | int | `8083` | Metrics container port |
|
||||
| server.containerPorts.server | int | `8080` | Server container port |
|
||||
| server.containerSecurityContext | object | See [values.yaml] | Server container-level security context |
|
||||
| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment |
|
||||
| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment |
|
||||
| server.dnsConfig | object | `{}` | [DNS configuration] |
|
||||
| server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods |
|
||||
| server.env | list | `[]` | Environment variables to pass to Argo CD server |
|
||||
| server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server |
|
||||
| server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context |
|
||||
| server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions |
|
||||
| server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions |
|
||||
| server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions |
|
||||
| server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image |
|
||||
| server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image |
|
||||
| server.extensions.image.tag | string | `"v0.2.1"` | Tag to use for extensions image |
|
||||
| server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container |
|
||||
| server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server |
|
||||
| server.extraContainers | list | `[]` | Additional containers to be added to the server pod |
|
||||
| server.hostNetwork | bool | `false` | Host Network for Server pods |
|
||||
| server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server |
|
||||
| server.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Argo CD server |
|
||||
| server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server |
|
||||
|
@ -697,15 +744,15 @@ NAME: my-release
|
|||
| server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
|
||||
| server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
|
||||
| server.name | string | `"server"` | Argo CD server name |
|
||||
| server.nodeSelector | object | `{}` | [Node selector] |
|
||||
| server.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
|
||||
| server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb |
|
||||
| server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server |
|
||||
| server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb |
|
||||
| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
|
||||
| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
|
||||
| server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
|
||||
| server.podAnnotations | object | `{}` | Annotations to be added to server pods |
|
||||
| server.podLabels | object | `{}` | Labels to be added to server pods |
|
||||
| server.priorityClassName | string | `""` | Priority class for the Argo CD server |
|
||||
| server.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the Argo CD server pods |
|
||||
| server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
|
||||
| server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
|
||||
| server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
|
||||
|
@ -724,7 +771,6 @@ NAME: my-release
|
|||
| server.service.labels | object | `{}` | Server service labels |
|
||||
| server.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field |
|
||||
| server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from |
|
||||
| server.service.namedTargetPort | bool | `true` | Use named target port for argocd |
|
||||
| server.service.nodePortHttp | int | `30080` | Server service http port for NodePort service type (only if `server.service.type` is set to "NodePort") |
|
||||
| server.service.nodePortHttps | int | `30443` | Server service https port for NodePort service type (only if `server.service.type` is set to "NodePort") |
|
||||
| server.service.servicePortHttp | int | `80` | Server service http port |
|
||||
|
@ -738,8 +784,8 @@ NAME: my-release
|
|||
| server.serviceAccount.create | bool | `true` | Create server service account |
|
||||
| server.serviceAccount.labels | object | `{}` | Labels applied to created service account |
|
||||
| server.serviceAccount.name | string | `"argocd-server"` | Server service account name |
|
||||
| server.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the Argo CD server |
|
||||
| server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
|
||||
| server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server |
|
||||
| server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container |
|
||||
| server.volumes | list | `[]` | Additional volumes to the server pod |
|
||||
|
||||
|
@ -769,18 +815,20 @@ server:
|
|||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
|
||||
| dex.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
|
||||
| dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret |
|
||||
| dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. |
|
||||
| dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) |
|
||||
| dex.certificateSecret.enabled | bool | `false` | Create argocd-dex-server-tls secret |
|
||||
| dex.certificateSecret.key | string | `""` | Certificate private key |
|
||||
| dex.certificateSecret.labels | object | `{}` | Labels to be added to argocd-dex-server-tls secret |
|
||||
| dex.containerPortGrpc | int | `5557` | Container port for gRPC access |
|
||||
| dex.containerPortHttp | int | `5556` | Container port for HTTP access |
|
||||
| dex.containerPortMetrics | int | `5558` | Container port for metrics access |
|
||||
| dex.containerPorts.grpc | int | `5557` | gRPC container port |
|
||||
| dex.containerPorts.http | int | `5556` | HTTP container port |
|
||||
| dex.containerPorts.metrics | int | `5558` | Metrics container port |
|
||||
| dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context |
|
||||
| dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment |
|
||||
| dex.dnsConfig | object | `{}` | [DNS configuration] |
|
||||
| dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods |
|
||||
| dex.enabled | bool | `true` | Enable dex |
|
||||
| dex.env | list | `[]` | Environment variables to pass to the Dex server |
|
||||
| dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server |
|
||||
|
@ -815,7 +863,7 @@ server:
|
|||
| dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
|
||||
| dex.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
|
||||
| dex.name | string | `"dex-server"` | Dex name |
|
||||
| dex.nodeSelector | object | `{}` | [Node selector] |
|
||||
| dex.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
|
||||
| dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb |
|
||||
| dex.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Dex server |
|
||||
| dex.pdb.labels | object | `{}` | Labels to be added to Dex server pdb |
|
||||
|
@ -823,7 +871,7 @@ server:
|
|||
| dex.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
|
||||
| dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods |
|
||||
| dex.podLabels | object | `{}` | Labels to be added to the Dex server pods |
|
||||
| dex.priorityClassName | string | `""` | Priority class for dex |
|
||||
| dex.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the dex pods |
|
||||
| dex.readinessProbe.enabled | bool | `false` | Enable Kubernetes readiness probe for Dex >= 2.28.0 |
|
||||
| dex.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
|
||||
| dex.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
|
||||
|
@ -840,8 +888,8 @@ server:
|
|||
| dex.servicePortHttp | int | `5556` | Service port for HTTP access |
|
||||
| dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access |
|
||||
| dex.servicePortMetrics | int | `5558` | Service port for metrics access |
|
||||
| dex.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| dex.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to dex |
|
||||
| dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
|
||||
| dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex |
|
||||
| dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container |
|
||||
| dex.volumes | list | `[]` | Additional volumes to the dex pod |
|
||||
|
||||
|
@ -851,27 +899,31 @@ server:
|
|||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
|
||||
| redis.containerPort | int | `6379` | Redis container port |
|
||||
| redis.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
|
||||
| redis.containerPorts.metrics | int | `9121` | Metrics container port |
|
||||
| redis.containerPorts.redis | int | `6379` | Redis container port |
|
||||
| redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context |
|
||||
| redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment |
|
||||
| redis.dnsConfig | object | `{}` | [DNS configuration] |
|
||||
| redis.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Redis server pods |
|
||||
| redis.enabled | bool | `true` | Enable redis |
|
||||
| redis.env | list | `[]` | Environment variables to pass to the Redis server |
|
||||
| redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server |
|
||||
| redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context |
|
||||
| redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar |
|
||||
| redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter |
|
||||
| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter |
|
||||
| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter |
|
||||
| redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter |
|
||||
| redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar |
|
||||
| redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server |
|
||||
| redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod |
|
||||
| redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy |
|
||||
| redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy |
|
||||
| redis.image.repository | string | `"quay.io/codefresh/redis"` | Redis repository |
|
||||
| redis.image.tag | string | `"7.0.5-alpine"` | Redis tag |
|
||||
| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag |
|
||||
| redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
|
||||
| redis.initContainers | list | `[]` | Init containers to add to the redis pod |
|
||||
| redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar |
|
||||
| redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context |
|
||||
| redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar |
|
||||
| redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy |
|
||||
| redis.metrics.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository |
|
||||
| redis.metrics.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag |
|
||||
| redis.metrics.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar |
|
||||
| redis.metrics.enabled | bool | `false` | Deploy metrics service |
|
||||
| redis.metrics.service.annotations | object | `{}` | Metrics service annotations |
|
||||
| redis.metrics.service.clusterIP | string | `"None"` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
|
||||
| redis.metrics.service.labels | object | `{}` | Metrics service labels |
|
||||
|
@ -889,7 +941,7 @@ server:
|
|||
| redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
|
||||
| redis.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
|
||||
| redis.name | string | `"redis"` | Redis name |
|
||||
| redis.nodeSelector | object | `{}` | [Node selector] |
|
||||
| redis.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
|
||||
| redis.pdb.annotations | object | `{}` | Annotations to be added to Redis pdb |
|
||||
| redis.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Redis |
|
||||
| redis.pdb.labels | object | `{}` | Labels to be added to Redis pdb |
|
||||
|
@ -897,7 +949,7 @@ server:
|
|||
| redis.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
|
||||
| redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods |
|
||||
| redis.podLabels | object | `{}` | Labels to be added to the Redis server pods |
|
||||
| redis.priorityClassName | string | `""` | Priority class for redis |
|
||||
| redis.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for redis pods |
|
||||
| redis.resources | object | `{}` | Resource limits and requests for redis |
|
||||
| redis.securityContext | object | See [values.yaml] | Redis pod-level security context |
|
||||
| redis.service.annotations | object | `{}` | Redis service annotations |
|
||||
|
@ -907,8 +959,8 @@ server:
|
|||
| redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod |
|
||||
| redis.serviceAccount.name | string | `""` | Service account name for redis pod |
|
||||
| redis.servicePort | int | `6379` | Redis service port |
|
||||
| redis.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| redis.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to redis |
|
||||
| redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
|
||||
| redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis |
|
||||
| redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container |
|
||||
| redis.volumes | list | `[]` | Additional volumes to the redis pod |
|
||||
|
||||
|
@ -921,11 +973,13 @@ The main options are listed here:
|
|||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment |
|
||||
| redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled |
|
||||
| redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar |
|
||||
| redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter |
|
||||
| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter |
|
||||
| redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy |
|
||||
| redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping |
|
||||
| redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag |
|
||||
| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes |
|
||||
| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag |
|
||||
| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes |
|
||||
| redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) |
|
||||
| redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled |
|
||||
| redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated |
|
||||
|
@ -1028,45 +1082,29 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
|
|||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| notifications.affinity | object | `{}` | Assign custom [affinity] rules |
|
||||
| notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
|
||||
| notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates |
|
||||
| notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules |
|
||||
| notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context |
|
||||
| notifications.bots.slack.enabled | bool | `false` | Enable slack bot |
|
||||
| notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot |
|
||||
| notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot |
|
||||
| notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot |
|
||||
| notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
|
||||
| notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] |
|
||||
| notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb |
|
||||
| notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot |
|
||||
| notifications.bots.slack.pdb.labels | object | `{}` | Labels to be added to Slack bot pdb |
|
||||
| notifications.bots.slack.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
|
||||
| notifications.bots.slack.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
|
||||
| notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot |
|
||||
| notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot |
|
||||
| notifications.bots.slack.service.port | int | `80` | Service port for Slack bot |
|
||||
| notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot |
|
||||
| notifications.bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
|
||||
| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
|
||||
| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. |
|
||||
| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| notifications.cm.create | bool | `true` | Whether helm chart creates controller config map |
|
||||
| notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map |
|
||||
| notifications.containerPorts.metrics | int | `9001` | Metrics container port |
|
||||
| notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context |
|
||||
| notifications.context | object | `{}` | Define user-defined context |
|
||||
| notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment |
|
||||
| notifications.dnsConfig | object | `{}` | [DNS configuration] |
|
||||
| notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods |
|
||||
| notifications.enabled | bool | `false` | Enable notifications controller |
|
||||
| notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller |
|
||||
| notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller |
|
||||
| notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod |
|
||||
| notifications.extraEnv | list | `[]` | Additional container environment variables |
|
||||
| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller |
|
||||
| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller |
|
||||
| notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) |
|
||||
| notifications.extraVolumes | list | `[]` | List of extra volumes to add |
|
||||
| notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller |
|
||||
| notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller |
|
||||
| notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller |
|
||||
| notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
|
||||
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Application controller log format. Either `text` or `json` |
|
||||
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Application controller log level. One of: `debug`, `info`, `warn`, `error` |
|
||||
| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod |
|
||||
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` |
|
||||
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` |
|
||||
| notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server |
|
||||
| notifications.metrics.port | int | `9001` | Metrics port |
|
||||
| notifications.metrics.service.annotations | object | `{}` | Metrics service annotations |
|
||||
|
@ -1075,31 +1113,35 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
|
|||
| notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
|
||||
| notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
|
||||
| notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
|
||||
| notifications.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion |
|
||||
| notifications.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping |
|
||||
| notifications.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme |
|
||||
| notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
|
||||
| notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
|
||||
| notifications.name | string | `"notifications-controller"` | Notifications controller name string |
|
||||
| notifications.nodeSelector | object | `{}` | [Node selector] |
|
||||
| notifications.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
|
||||
| notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook |
|
||||
| notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb |
|
||||
| notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller |
|
||||
| notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb |
|
||||
| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
|
||||
| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
|
||||
| notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
|
||||
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods |
|
||||
| notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods |
|
||||
| notifications.priorityClassName | string | `""` | Priority class for the controller pods |
|
||||
| notifications.resources | object | `{}` | Resource limits and requests for the controller |
|
||||
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods |
|
||||
| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods |
|
||||
| notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods |
|
||||
| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller |
|
||||
| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret |
|
||||
| notifications.secret.create | bool | `true` | Whether helm chart creates controller secret |
|
||||
| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret |
|
||||
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret |
|
||||
| notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
|
||||
| notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
|
||||
| notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
|
||||
| notifications.serviceAccount.create | bool | `true` | Create notifications controller service account |
|
||||
| notifications.serviceAccount.labels | object | `{}` | Labels applied to created service account |
|
||||
| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. |
|
||||
| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name |
|
||||
| notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions |
|
||||
| notifications.templates | object | `{}` | The notification template is used to generate the notification content |
|
||||
| notifications.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
|
||||
| notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller |
|
||||
| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent |
|
||||
|
||||
----------------------------------------------
|
||||
|
@ -1110,6 +1152,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
|
|||
[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom
|
||||
[CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/
|
||||
[changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog
|
||||
[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
|
||||
[external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters
|
||||
[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters
|
||||
[declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup
|
||||
|
|
|
@ -104,14 +104,29 @@ For full list of changes please check ArtifactHub [changelog].
|
|||
|
||||
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
|
||||
|
||||
### 5.24.0
|
||||
|
||||
This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
|
||||
Default `global.affinity` rules can be disabled when `none` value is used for the preset.
|
||||
|
||||
### 5.22.0
|
||||
|
||||
This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.
|
||||
|
||||
### 5.19.0
|
||||
|
||||
This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections.
|
||||
You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories.
|
||||
|
||||
### 5.13.0
|
||||
|
||||
This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter.
|
||||
|
||||
### 5.12.0
|
||||
|
||||
This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server.
|
||||
If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret.
|
||||
If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead.
|
||||
For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`.
|
||||
For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys.
|
||||
|
||||
### 5.10.0
|
||||
|
||||
|
@ -515,6 +530,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
|
|||
[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom
|
||||
[CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/
|
||||
[changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog
|
||||
[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
|
||||
[external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters
|
||||
[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters
|
||||
[declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup
|
||||
|
|
|
@ -52,6 +52,42 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys
|
|||
{{- if .Values.configs.gpgKeysAnnotations }}
|
||||
DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations
|
||||
{{- end }}
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
{{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }}
|
||||
DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles
|
||||
{{- end }}
|
||||
{{- if hasKey (.Values.server.clusterAdminAccess | default dict) "enabled" }}
|
||||
DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles
|
||||
{{- end }}
|
||||
{{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }}
|
||||
DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles
|
||||
{{- end }}
|
||||
{{- if .Values.configs.knownHostsAnnotations }}
|
||||
DEPRECATED option configs.knownHostsAnnotations - Use configs.ssh.annotations
|
||||
{{- end }}
|
||||
{{- if hasKey .Values.configs "knownHosts" }}
|
||||
DEPRECATED option configs.knownHosts.data.ssh_known_hosts - Use configs.ssh.knownHosts
|
||||
{{- end }}
|
||||
{{- if .Values.configs.tlsCertsAnnotations }}
|
||||
DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations
|
||||
{{- end }}
|
||||
{{- if hasKey .Values.configs "tlsCerts" }}
|
||||
DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates
|
||||
{{- end }}
|
||||
{{- if .Values.applicationSet.logFormat }}
|
||||
DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format
|
||||
{{- end }}
|
||||
{{- if .Values.applicationSet.logLevel }}
|
||||
DEPRECATED option applicationSet.logLevel - Use configs.params.applicationsetcontroller.log.level
|
||||
{{- end }}
|
||||
{{- if .Values.applicationSet.args.policy }}
|
||||
DEPRECATED option applicationSet.args.policy - Use configs.params.applicationsetcontroller.policy
|
||||
{{- end }}
|
||||
{{- if .Values.applicationSet.args.dryRun }}
|
||||
DEPRECATED option applicationSet.args.dryRun - Use configs.params.applicationsetcontroller.dryRun
|
||||
{{- end }}
|
||||
>>>>>>> argo-cd-5.27.1
|
||||
{{- if .Values.controller.service }}
|
||||
REMOVED option controller.service - Use controller.metrics
|
||||
{{- end }}
|
||||
|
@ -64,6 +100,30 @@ REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug
|
|||
{{- if .Values.applicationSet.args.enableLeaderElection }}
|
||||
REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas
|
||||
{{- end }}
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
{{- if .Values.controller.containerPort }}
|
||||
REMOVED option controller.containerPort - Use controller.containerPorts
|
||||
{{- end }}
|
||||
{{- if .Values.server.containerPort }}
|
||||
REMOVED option server.containerPort - Use server.containerPorts
|
||||
{{- end }}
|
||||
{{- if .Values.repoServer.containerPort }}
|
||||
REMOVED option repoServer.containerPort - Use repoServer.containerPorts
|
||||
{{- end }}
|
||||
{{- if .Values.applicationSet.args.metricsAddr }}
|
||||
REMOVED option applicationSet.args.metricsAddr - Use applicationSet.containerPorts
|
||||
{{- end }}
|
||||
{{- if .Values.applicationSet.args.probeBindAddr }}
|
||||
REMOVED option applicationSet.args.probeBindAddr - Use applicationSet.containerPorts
|
||||
{{- end }}
|
||||
{{- if .Values.redis.containerPort }}
|
||||
REMOVED option redis.containerPort - Use redis.containerPorts
|
||||
{{- end }}
|
||||
{{- if .Values.redis.metrics.containerPort }}
|
||||
REMOVED option redis.metrics.containerPort - Use redis.containerPorts
|
||||
{{- end }}
|
||||
>>>>>>> argo-cd-5.27.1
|
||||
|
||||
In order to access the server UI you have the following options:
|
||||
|
||||
|
|
|
@ -63,3 +63,60 @@ app.kubernetes.io/instance: {{ .context.Release.Name }}
|
|||
app.kubernetes.io/component: {{ .component }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common affinity definition
|
||||
Pod affinity
|
||||
- Soft prefers different nodes
|
||||
- Hard requires different nodes and prefers different availibility zones
|
||||
Node affinity
|
||||
- Soft prefers given user expressions
|
||||
- Hard requires given user expressions
|
||||
*/}}
|
||||
{{- define "argo-cd.affinity" -}}
|
||||
{{- with .component.affinity -}}
|
||||
{{- toYaml . -}}
|
||||
{{- else -}}
|
||||
{{- $preset := .context.Values.global.affinity -}}
|
||||
{{- if (eq $preset.podAntiAffinity "soft") }}
|
||||
podAntiAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- weight: 100
|
||||
podAffinityTerm:
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
|
||||
topologyKey: kubernetes.io/hostname
|
||||
{{- else if (eq $preset.podAntiAffinity "hard") }}
|
||||
podAntiAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- weight: 100
|
||||
podAffinityTerm:
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
|
||||
topologyKey: topology.kubernetes.io/zone
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
- labelSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
|
||||
topologyKey: kubernetes.io/hostname
|
||||
{{- end }}
|
||||
{{- with $preset.nodeAffinity.matchExpressions }}
|
||||
{{- if (eq $preset.nodeAffinity.type "soft") }}
|
||||
nodeAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- weight: 1
|
||||
preference:
|
||||
matchExpressions:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- else if (eq $preset.nodeAffinity.type "hard") }}
|
||||
nodeAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
nodeSelectorTerms:
|
||||
- matchExpressions:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
|
|
@ -8,6 +8,17 @@ to 63 chars and it includes 10 chars of hash and a separating '-'.
|
|||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 52 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the controller service account to use
|
||||
*/}}
|
||||
{{- define "argo-cd.controllerServiceAccountName" -}}
|
||||
{{- if .Values.controller.serviceAccount.create -}}
|
||||
{{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.controller.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create dex name and version as used by the chart label.
|
||||
*/}}
|
||||
|
@ -26,6 +37,17 @@ Create Dex server endpoint
|
|||
{{- printf "%s://%s:%d" $scheme $host $port }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the dex service account to use
|
||||
*/}}
|
||||
{{- define "argo-cd.dexServiceAccountName" -}}
|
||||
{{- if .Values.dex.serviceAccount.create -}}
|
||||
{{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.dex.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create redis name and version as used by the chart label.
|
||||
*/}}
|
||||
|
@ -53,56 +75,6 @@ Return Redis server endpoint
|
|||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd server name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.server.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd repo-server name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.repoServer.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd application set name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.applicationSet.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd notifications name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.notifications.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the controller service account to use
|
||||
*/}}
|
||||
{{- define "argo-cd.controllerServiceAccountName" -}}
|
||||
{{- if .Values.controller.serviceAccount.create -}}
|
||||
{{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.controller.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the dex service account to use
|
||||
*/}}
|
||||
{{- define "argo-cd.dexServiceAccountName" -}}
|
||||
{{- if .Values.dex.serviceAccount.create -}}
|
||||
{{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.dex.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the redis service account to use
|
||||
*/}}
|
||||
|
@ -114,6 +86,13 @@ Create the name of the redis service account to use
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd server name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.server.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the Argo CD server service account to use
|
||||
*/}}
|
||||
|
@ -125,6 +104,13 @@ Create the name of the Argo CD server service account to use
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd repo-server name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.repoServer.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the repo-server service account to use
|
||||
*/}}
|
||||
|
@ -136,6 +122,13 @@ Create the name of the repo-server service account to use
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd application set name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.applicationSet.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the application set service account to use
|
||||
*/}}
|
||||
|
@ -147,6 +140,13 @@ Create the name of the application set service account to use
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd notifications name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.notifications.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the notifications service account to use
|
||||
*/}}
|
||||
|
@ -158,17 +158,6 @@ Create the name of the notifications service account to use
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the notifications bots slack service account to use
|
||||
*/}}
|
||||
{{- define "argo-cd.notificationsBotsSlackServiceAccountName" -}}
|
||||
{{- if .Values.notifications.bots.slack.serviceAccount.create -}}
|
||||
{{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.bots.slack.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.notifications.bots.slack.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Argo Configuration Preset Values (Incluenced by Values configuration)
|
||||
*/}}
|
||||
|
@ -185,7 +174,10 @@ Merge Argo Configuration with Preset Configuration
|
|||
{{- $config := (mergeOverwrite (deepCopy (omit .Values.configs.cm "create" "annotations")) (.Values.server.config | default dict)) -}}
|
||||
{{- $preset := include "argo-cd.config.cm.presets" . | fromYaml | default dict -}}
|
||||
{{- range $key, $value := mergeOverwrite $preset $config }}
|
||||
{{ $key }}: {{ toString $value | toYaml }}
|
||||
{{- $fmted := $value | toString }}
|
||||
{{- if not (eq $fmted "") }}
|
||||
{{ $key }}: {{ $fmted | toYaml }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
|
@ -202,10 +194,13 @@ redis.server: {{ . | quote }}
|
|||
server.dex.server: {{ include "argo-cd.dex.server" . | quote }}
|
||||
server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }}
|
||||
{{- end }}
|
||||
{{- range $component := tuple "controller" "server" "reposerver" }}
|
||||
{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" }}
|
||||
{{ $component }}.log.format: {{ $.Values.global.logging.format | quote }}
|
||||
{{ $component }}.log.level: {{ $.Values.global.logging.level | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.applicationSet.enabled }}
|
||||
applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.replicaCount | int64) 1 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
@ -19,34 +19,6 @@ Return the appropriate apiVersion for autoscaling
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for ingress
|
||||
*/}}
|
||||
{{- define "argo-cd.apiVersion.ingress" -}}
|
||||
{{- if .Values.apiVersionOverrides.ingress -}}
|
||||
{{- print .Values.apiVersionOverrides.ingress -}}
|
||||
{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" .) -}}
|
||||
{{- print "extensions/v1beta1" -}}
|
||||
{{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" .) -}}
|
||||
{{- print "networking.k8s.io/v1beta1" -}}
|
||||
{{- else -}}
|
||||
{{- print "networking.k8s.io/v1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for pod disruption budget
|
||||
*/}}
|
||||
{{- define "argo-cd.apiVersion.pdb" -}}
|
||||
{{- if .Values.apiVersionOverrides.pdb -}}
|
||||
{{- print .Values.apiVersionOverrides.pdb -}}
|
||||
{{- else if semverCompare "<1.21-0" (include "argo-cd.kubeVersion" .) -}}
|
||||
{{- print "policy/v1beta1" -}}
|
||||
{{- else -}}
|
||||
{{- print "policy/v1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for cert-manager
|
||||
*/}}
|
||||
|
@ -55,6 +27,8 @@ Return the appropriate apiVersion for cert-manager
|
|||
{{- print .Values.apiVersionOverrides.certmanager -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}}
|
||||
{{- print "cert-manager.io/v1" -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}}
|
||||
{{- print "cert-manager.io/v1beta1" -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}}
|
||||
{{- print "cert-manager.io/v1alpha3" -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}}
|
||||
|
|
|
@ -11,7 +11,12 @@ rules:
|
|||
- argoproj.io
|
||||
resources:
|
||||
- applications
|
||||
{{- if .Values.applicationSet.enabled }}
|
||||
- applicationsets
|
||||
{{- end }}
|
||||
{{- if .Values.server.extensions.enabled }}
|
||||
- argocdextensions
|
||||
{{- end }}
|
||||
- appprojects
|
||||
verbs:
|
||||
- get
|
||||
|
@ -31,7 +36,12 @@ rules:
|
|||
- argoproj.io
|
||||
resources:
|
||||
- applications
|
||||
{{- if .Values.applicationSet.enabled }}
|
||||
- applicationsets
|
||||
{{- end }}
|
||||
{{- if .Values.server.extensions.enabled }}
|
||||
- argocdextensions
|
||||
{{- end }}
|
||||
- appprojects
|
||||
verbs:
|
||||
- create
|
||||
|
@ -56,7 +66,12 @@ rules:
|
|||
- argoproj.io
|
||||
resources:
|
||||
- applications
|
||||
{{- if .Values.applicationSet.enabled }}
|
||||
- applicationsets
|
||||
{{- end }}
|
||||
{{- if .Values.server.extensions.enabled }}
|
||||
- argocdextensions
|
||||
{{- end }}
|
||||
- appprojects
|
||||
verbs:
|
||||
- create
|
||||
|
|
|
@ -1,23 +1,24 @@
|
|||
{{- if .Values.controller.clusterAdminAccess.enabled }}
|
||||
{{- $config := .Values.controller.clusterAdminAccess | default dict -}}
|
||||
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
name: {{ include "argo-cd.controller.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
|
||||
rules:
|
||||
{{- if .Values.controller.clusterRoleRules.enabled }}
|
||||
{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 0 }}
|
||||
{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }}
|
||||
{{- else }}
|
||||
- apiGroups:
|
||||
- '*'
|
||||
resources:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
- nonResourceURLs:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
- apiGroups:
|
||||
- '*'
|
||||
resources:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
- nonResourceURLs:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -1,16 +1,17 @@
|
|||
{{- if .Values.controller.clusterAdminAccess.enabled }}
|
||||
{{- $config := .Values.controller.clusterAdminAccess | default dict -}}
|
||||
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
name: {{ include "argo-cd.controller.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
name: {{ include "argo-cd.controller.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.controllerServiceAccountName" . }}
|
||||
name: {{ include "argo-cd.controllerServiceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if .Values.controller.pdb.enabled }}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "argo-cd.controller.fullname" . }}
|
||||
|
|
|
@ -14,6 +14,10 @@ metadata:
|
|||
{{- if .Values.controller.metrics.rules.additionalLabels }}
|
||||
{{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.metrics.rules.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
groups:
|
||||
- name: argocd
|
||||
|
|
|
@ -37,13 +37,28 @@ spec:
|
|||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }}
|
||||
containers:
|
||||
- command:
|
||||
- argocd-application-controller
|
||||
- --metrics-port={{ .Values.controller.containerPorts.metrics }}
|
||||
{{- if .Values.controller.metrics.applicationLabels.enabled }}
|
||||
{{- range .Values.controller.metrics.applicationLabels.labels }}
|
||||
- --metrics-application-labels
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.args.statusProcessors }}
|
||||
- --status-processors
|
||||
- {{ . | quote }}
|
||||
|
@ -76,12 +91,6 @@ spec:
|
|||
- --loglevel
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.applicationLabels.enabled }}
|
||||
{{- range .Values.controller.metrics.applicationLabels.labels }}
|
||||
- --metrics-application-labels
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.extraArgs }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
|
@ -232,7 +241,7 @@ spec:
|
|||
{{- end }}
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: {{ .Values.controller.containerPort }}
|
||||
containerPort: {{ .Values.controller.containerPorts.metrics }}
|
||||
protocol: TCP
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
|
@ -257,21 +266,25 @@ spec:
|
|||
- mountPath: /home/argocd
|
||||
name: argocd-home
|
||||
{{- with .Values.controller.extraContainers }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.nodeSelector }}
|
||||
{{- with .Values.controller.initContainers }}
|
||||
initContainers:
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.controller) }}
|
||||
affinity:
|
||||
{{- trim . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.nodeSelector | default .Values.global.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.tolerations }}
|
||||
{{- with .Values.controller.tolerations | default .Values.global.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.topologySpreadConstraints }}
|
||||
{{- with .Values.controller.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- range $constraint := . }}
|
||||
- {{ toYaml $constraint | nindent 8 | trim }}
|
||||
|
@ -282,11 +295,6 @@ spec:
|
|||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- with .Values.controller.volumes }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
|
@ -304,10 +312,9 @@ spec:
|
|||
path: tls.key
|
||||
- key: ca.crt
|
||||
path: ca.crt
|
||||
{{- with .Values.controller.initContainers }}
|
||||
initContainers:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
hostNetwork: {{ .Values.controller.hostNetwork }}
|
||||
{{- with .Values.controller.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
dnsPolicy: {{ .Values.controller.dnsPolicy }}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if and .Values.applicationSet.enabled .Values.applicationSet.pdb.enabled }}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "argo-cd.applicationSet.fullname" . }}
|
||||
|
|
|
@ -1,89 +1,72 @@
|
|||
{{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}}
|
||||
{{- $serviceName := include "argo-cd.applicationSet.fullname" . -}}
|
||||
{{- $servicePort := .Values.applicationSet.service.portName -}}
|
||||
{{- $paths := .Values.applicationSet.webhook.ingress.paths -}}
|
||||
{{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}}
|
||||
{{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.ingress" . }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
{{- if .Values.applicationSet.webhook.ingress.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.applicationSet.webhook.ingress.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
name: {{ template "argo-cd.applicationSet.fullname" . }}
|
||||
name: {{ include "argo-cd.applicationSet.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
|
||||
{{- if .Values.applicationSet.webhook.ingress.labels }}
|
||||
{{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }}
|
||||
{{- with .Values.applicationSet.webhook.ingress.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.applicationSet.webhook.ingress.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := . }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
{{- with .Values.applicationSet.webhook.ingress.ingressClassName }}
|
||||
ingressClassName: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- if .Values.applicationSet.webhook.ingress.hosts }}
|
||||
{{- range $host := .Values.applicationSet.webhook.ingress.hosts }}
|
||||
- host: {{ $host }}
|
||||
http:
|
||||
paths:
|
||||
{{- if $extraPaths }}
|
||||
{{- toYaml $extraPaths | nindent 10 }}
|
||||
{{- with $extraPaths }}
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- range $p := $paths }}
|
||||
- path: {{ $p }}
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
pathType: {{ $pathType }}
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $serviceName }}
|
||||
name: {{ include "argo-cd.applicationSet.fullname" $ }}
|
||||
port:
|
||||
{{- if kindIs "float64" $servicePort }}
|
||||
number: {{ $servicePort }}
|
||||
{{- else }}
|
||||
name: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
serviceName: {{ $serviceName }}
|
||||
servicePort: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- else }}
|
||||
- http:
|
||||
paths:
|
||||
{{- if $extraPaths }}
|
||||
{{- toYaml $extraPaths | nindent 10 }}
|
||||
{{- with $extraPaths }}
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- range $p := $paths }}
|
||||
- path: {{ $p }}
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
pathType: {{ $pathType }}
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $serviceName }}
|
||||
name: {{ include "argo-cd.applicationSet.fullname" $ }}
|
||||
port:
|
||||
{{- if kindIs "float64" $servicePort }}
|
||||
number: {{ $servicePort }}
|
||||
{{- else }}
|
||||
name: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
serviceName: {{ $serviceName }}
|
||||
servicePort: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.applicationSet.webhook.ingress.tls }}
|
||||
{{- with .Values.applicationSet.webhook.ingress.tls }}
|
||||
tls:
|
||||
{{- toYaml .Values.applicationSet.webhook.ingress.tls | nindent 4 }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
|
24
charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml
Normal file
24
charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml
Normal file
|
@ -0,0 +1,24 @@
|
|||
{{- if .Values.configs.cmp.create }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: argocd-cmp-cm
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "cmp-cm") | nindent 4 }}
|
||||
{{- with .Values.configs.cmp.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := . }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
data:
|
||||
{{- range $cmp_plugin, $cmp_plugin_config := .Values.configs.cmp.plugins }}
|
||||
{{ $cmp_plugin }}.yaml: |
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: ConfigManagementPlugin
|
||||
metadata:
|
||||
name: {{ $cmp_plugin }}
|
||||
spec:
|
||||
{{- toYaml $cmp_plugin_config | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -1,4 +1,4 @@
|
|||
{{- if and .Values.repoServer.enabled .Values.repoServer.certificateSecret.enabled }}
|
||||
{{- if .Values.repoServer.certificateSecret.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
|
|
@ -5,6 +5,9 @@ metadata:
|
|||
name: argocd-secret
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }}
|
||||
{{- with .Values.configs.secret.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.configs.secret.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := . }}
|
||||
|
|
|
@ -3,11 +3,20 @@ kind: ConfigMap
|
|||
metadata:
|
||||
name: argocd-ssh-known-hosts-cm
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "ssh-known-hosts-cm") | nindent 4 }}
|
||||
{{- with .Values.configs.knownHostsAnnotations }}
|
||||
{{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }}
|
||||
{{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) }}
|
||||
annotations:
|
||||
{{- range $key, $value := . }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- toYaml .Values.configs.knownHosts | nindent 0 }}
|
||||
data:
|
||||
ssh_known_hosts: |
|
||||
{{- if hasKey .Values.configs "knownHosts" }}
|
||||
{{- .Values.configs.knownHosts.data.ssh_known_hosts | nindent 4 }}
|
||||
{{- else }}
|
||||
{{- .Values.configs.ssh.knownHosts | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.configs.ssh.extraHosts }}
|
||||
{{- . | nindent 4 }}
|
||||
{{- end }}
|
||||
|
|
|
@ -3,13 +3,20 @@ kind: ConfigMap
|
|||
metadata:
|
||||
name: argocd-tls-certs-cm
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "tls-certs-cm") | nindent 4 }}
|
||||
{{- with .Values.configs.tlsCertsAnnotations }}
|
||||
{{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }}
|
||||
{{- with (mergeOverwrite (deepCopy .Values.configs.tls.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) }}
|
||||
annotations:
|
||||
{{- range $key, $value := . }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.configs.tlsCerts }}
|
||||
{{- toYaml . | nindent 0 }}
|
||||
{{- if hasKey .Values.configs "tlsCerts" }}
|
||||
{{- with .Values.configs.tlsCerts }}
|
||||
{{- toYaml . | nindent 0 }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
{{- with .Values.configs.tls.certificates }}
|
||||
data:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -26,6 +26,9 @@ stringData:
|
|||
clusterResources: {{ .clusterResources | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .project }}
|
||||
project: {{ .project | quote }}
|
||||
{{- end }}
|
||||
config: |
|
||||
{{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toRawJson | nindent 4 }}
|
||||
{{- end }}
|
||||
|
|
|
@ -1,26 +0,0 @@
|
|||
{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "argo-cd.notifications.fullname" . }}-bot
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
|
||||
{{- with .Values.notifications.bots.slack.pdb.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.bots.slack.pdb.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := . }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- with .Values.notifications.bots.slack.pdb.maxUnavailable }}
|
||||
maxUnavailable: {{ . }}
|
||||
{{- else }}
|
||||
minAvailable: {{ .Values.notifications.bots.slack.pdb.minAvailable | default 0 }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }}
|
||||
{{- end }}
|
|
@ -1,27 +0,0 @@
|
|||
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "argo-cd.notifications.fullname" . }}-bot
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
- configmaps
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- argoproj.io
|
||||
resources:
|
||||
- applications
|
||||
- appprojects
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- update
|
||||
- patch
|
||||
{{ end }}
|
|
@ -1,13 +0,0 @@
|
|||
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.notifications.fullname" . }}-bot
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: {{ template "argo-cd.notifications.fullname" . }}-bot
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }}
|
||||
{{ end }}
|
|
@ -1,19 +0,0 @@
|
|||
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "argo-cd.notifications.fullname" . }}-bot
|
||||
{{- if .Values.notifications.bots.slack.service.annotations }}
|
||||
annotations:
|
||||
{{- toYaml .Values.notifications.bots.slack.service.annotations | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: {{ .Values.notifications.bots.slack.service.port }}
|
||||
protocol: TCP
|
||||
targetPort: http
|
||||
selector:
|
||||
{{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }}
|
||||
type: {{ .Values.notifications.bots.slack.service.type }}
|
||||
{{ end }}
|
|
@ -1,15 +0,0 @@
|
|||
{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.serviceAccount.create }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
automountServiceAccountToken: {{ .Values.notifications.bots.slack.serviceAccount.automountServiceAccountToken }}
|
||||
metadata:
|
||||
name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }}
|
||||
{{- if .Values.notifications.bots.slack.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.notifications.bots.slack.serviceAccount.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
|
||||
{{- end }}
|
|
@ -37,10 +37,17 @@ spec:
|
|||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }}
|
||||
containers:
|
||||
- name: {{ .Values.notifications.name }}
|
||||
|
@ -48,9 +55,9 @@ spec:
|
|||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }}
|
||||
command:
|
||||
- argocd-notifications
|
||||
- --metrics-port={{ .Values.notifications.containerPorts.metrics }}
|
||||
- --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }}
|
||||
- --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }}
|
||||
- --metrics-port={{ .Values.notifications.metrics.port }}
|
||||
- --namespace={{ .Release.Namespace }}
|
||||
- --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
|
||||
{{- range .Values.notifications.extraArgs }}
|
||||
|
@ -66,7 +73,7 @@ spec:
|
|||
{{- end }}
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: {{ .Values.notifications.metrics.port }}
|
||||
containerPort: {{ .Values.notifications.containerPorts.metrics }}
|
||||
protocol: TCP
|
||||
resources:
|
||||
{{- toYaml .Values.notifications.resources | nindent 12 }}
|
||||
|
@ -81,12 +88,47 @@ spec:
|
|||
{{- with .Values.notifications.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.extraContainers }}
|
||||
{{- tpl (toYaml . ) $ | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.initContainers }}
|
||||
initContainers:
|
||||
{{- tpl (toYaml . ) $ | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) }}
|
||||
affinity:
|
||||
{{- trim . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.nodeSelector | default .Values.global.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.tolerations | default .Values.global.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- range $constraint := . }}
|
||||
- {{ toYaml $constraint | nindent 8 | trim }}
|
||||
{{- if not $constraint.labelSelector }}
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
{{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.notifications.name) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- configMap:
|
||||
{{- with .Values.notifications.extraVolumes }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
- name: tls-certs
|
||||
configMap:
|
||||
name: argocd-tls-certs-cm
|
||||
name: tls-certs
|
||||
- name: argocd-repo-server-tls
|
||||
secret:
|
||||
secretName: argocd-repo-server-tls
|
||||
optional: true
|
||||
items:
|
||||
- key: tls.crt
|
||||
path: tls.crt
|
||||
|
@ -94,24 +136,9 @@ spec:
|
|||
path: tls.key
|
||||
- key: ca.crt
|
||||
path: ca.crt
|
||||
optional: true
|
||||
secretName: argocd-repo-server-tls
|
||||
{{- with .Values.notifications.extraVolumes }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- with .Values.notifications.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
dnsPolicy: {{ .Values.notifications.dnsPolicy }}
|
||||
{{- end }}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if and .Values.notifications.enabled .Values.notifications.pdb.enabled }}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "argo-cd.notifications.fullname" . }}
|
||||
|
|
|
@ -35,6 +35,14 @@ spec:
|
|||
tlsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.metrics.serviceMonitor.relabelings }}
|
||||
relabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.notifications.metrics.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Release.Namespace }}
|
||||
|
|
|
@ -1,23 +1,24 @@
|
|||
{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }}
|
||||
{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}}
|
||||
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
name: {{ include "argo-cd.repoServer.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
|
||||
rules:
|
||||
{{- if .Values.repoServer.clusterRoleRules.enabled }}
|
||||
{{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 0 }}
|
||||
{{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 2 }}
|
||||
{{- else }}
|
||||
- apiGroups:
|
||||
- '*'
|
||||
resources:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
- nonResourceURLs:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
- apiGroups:
|
||||
- '*'
|
||||
resources:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
- nonResourceURLs:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -1,16 +1,17 @@
|
|||
{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }}
|
||||
{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}}
|
||||
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
name: {{ include "argo-cd.repoServer.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
name: {{ include "argo-cd.repoServer.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.repoServerServiceAccountName" . }}
|
||||
name: {{ include "argo-cd.repoServerServiceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
||||
|
|
|
@ -40,11 +40,18 @@ spec:
|
|||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }}
|
||||
containers:
|
||||
- name: {{ .Values.repoServer.name }}
|
||||
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
|
||||
|
@ -53,6 +60,8 @@ spec:
|
|||
- entrypoint.sh
|
||||
args:
|
||||
- argocd-repo-server
|
||||
- --port={{ .Values.repoServer.containerPorts.server }}
|
||||
- --metrics-port={{ .Values.repoServer.containerPorts.metrics }}
|
||||
{{- with .Values.repoServer.logFormat }}
|
||||
- --logformat
|
||||
- {{ . | quote }}
|
||||
|
@ -236,10 +245,10 @@ spec:
|
|||
name: tmp
|
||||
ports:
|
||||
- name: repo-server
|
||||
containerPort: {{ .Values.repoServer.containerPort }}
|
||||
containerPort: {{ .Values.repoServer.containerPorts.server }}
|
||||
protocol: TCP
|
||||
- name: metrics
|
||||
containerPort: 8084
|
||||
containerPort: {{ .Values.repoServer.containerPorts.metrics }}
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
|
@ -264,21 +273,44 @@ spec:
|
|||
securityContext:
|
||||
{{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }}
|
||||
{{- with .Values.repoServer.extraContainers }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.nodeSelector }}
|
||||
initContainers:
|
||||
- command:
|
||||
- cp
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
|
||||
name: copyutil
|
||||
{{- with .Values.repoServer.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.containerSecurityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- mountPath: /var/run/argocd
|
||||
name: var-files
|
||||
{{- with .Values.repoServer.initContainers }}
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) }}
|
||||
affinity:
|
||||
{{- trim . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.nodeSelector | default .Values.global.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.tolerations }}
|
||||
{{- with .Values.repoServer.tolerations | default .Values.global.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.topologySpreadConstraints }}
|
||||
{{- with .Values.repoServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- range $constraint := . }}
|
||||
- {{ toYaml $constraint | nindent 8 | trim }}
|
||||
|
@ -289,11 +321,6 @@ spec:
|
|||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- with .Values.repoServer.volumes }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
|
@ -328,29 +355,9 @@ spec:
|
|||
path: tls.key
|
||||
- key: ca.crt
|
||||
path: ca.crt
|
||||
initContainers:
|
||||
- command:
|
||||
- cp
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
|
||||
name: copyutil
|
||||
{{- with .Values.repoServer.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.containerSecurityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- mountPath: /var/run/argocd
|
||||
name: var-files
|
||||
{{- with .Values.repoServer.initContainers }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
hostNetwork: {{ .Values.repoServer.hostNetwork }}
|
||||
{{- with .Values.repoServer.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
dnsPolicy: {{ .Values.repoServer.dnsPolicy }}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if .Values.repoServer.pdb.enabled }}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "argo-cd.repoServer.fullname" . }}
|
||||
|
|
|
@ -12,11 +12,11 @@ spec:
|
|||
- name: {{ .Values.server.service.servicePortHttpName }}
|
||||
protocol: TCP
|
||||
port: {{ .Values.server.service.servicePortHttp }}
|
||||
targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
|
||||
targetPort: server
|
||||
- name: {{ .Values.server.service.servicePortHttpsName }}
|
||||
protocol: TCP
|
||||
port: {{ .Values.server.service.servicePortHttps }}
|
||||
targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
|
||||
targetPort: server
|
||||
selector:
|
||||
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }}
|
||||
sessionAffinity: None
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{{- if .Values.server.clusterAdminAccess.enabled }}
|
||||
{{- $config := .Values.server.clusterAdminAccess | default dict -}}
|
||||
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
|
|
|
@ -1,16 +1,17 @@
|
|||
{{- if .Values.server.clusterAdminAccess.enabled }}
|
||||
{{- $config := .Values.server.clusterAdminAccess | default dict -}}
|
||||
{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
name: {{ include "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
name: {{ include "argo-cd.server.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.serverServiceAccountName" . }}
|
||||
name: {{ include "argo-cd.serverServiceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -37,16 +37,26 @@ spec:
|
|||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }}
|
||||
containers:
|
||||
- name: {{ .Values.server.name }}
|
||||
image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
|
||||
command:
|
||||
- argocd-server
|
||||
- --port={{ .Values.server.containerPorts.server }}
|
||||
- --metrics-port={{ .Values.server.containerPorts.metrics }}
|
||||
{{- with .Values.server.logFormat }}
|
||||
- --logformat
|
||||
- {{ . | quote }}
|
||||
|
@ -260,6 +270,12 @@ spec:
|
|||
name: argocd-cmd-params-cm
|
||||
key: application.namespaces
|
||||
optional: true
|
||||
- name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: argocd-cmd-params-cm
|
||||
key: server.enable.proxy.extension
|
||||
optional: true
|
||||
{{- with .Values.server.envFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
|
@ -287,16 +303,16 @@ spec:
|
|||
name: extensions
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: {{ .Values.server.name }}
|
||||
containerPort: {{ .Values.server.containerPort }}
|
||||
- name: server
|
||||
containerPort: {{ .Values.server.containerPorts.server }}
|
||||
protocol: TCP
|
||||
- name: metrics
|
||||
containerPort: 8083
|
||||
containerPort: {{ .Values.server.containerPorts.metrics }}
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz?full=true
|
||||
port: {{ .Values.server.containerPort }}
|
||||
port: server
|
||||
initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }}
|
||||
|
@ -305,7 +321,7 @@ spec:
|
|||
readinessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: {{ .Values.server.containerPort }}
|
||||
port: server
|
||||
initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }}
|
||||
|
@ -319,9 +335,6 @@ spec:
|
|||
lifecycle:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.extraContainers }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if .Values.server.extensions.enabled }}
|
||||
- name: argocd-extensions
|
||||
image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }}
|
||||
|
@ -336,19 +349,26 @@ spec:
|
|||
- name: tmp
|
||||
mountPath: /tmp
|
||||
{{- end }}
|
||||
{{- with .Values.server.nodeSelector }}
|
||||
{{- with .Values.server.extraContainers }}
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.initContainers }}
|
||||
initContainers:
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.server) }}
|
||||
affinity:
|
||||
{{- trim . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.nodeSelector | default .Values.global.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.tolerations }}
|
||||
{{- with .Values.server.tolerations | default .Values.global.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.topologySpreadConstraints }}
|
||||
{{- with .Values.server.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- range $constraint := . }}
|
||||
- {{ toYaml $constraint | nindent 8 | trim }}
|
||||
|
@ -359,11 +379,6 @@ spec:
|
|||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- with .Values.server.volumes }}
|
||||
{{- toYaml . | nindent 6}}
|
||||
|
@ -406,10 +421,9 @@ spec:
|
|||
path: tls.crt
|
||||
- key: ca.crt
|
||||
path: ca.crt
|
||||
{{- with .Values.server.initContainers }}
|
||||
initContainers:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
hostNetwork: {{ .Values.server.hostNetwork }}
|
||||
{{- with .Values.server.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
dnsPolicy: {{ .Values.server.dnsPolicy }}
|
||||
|
|
|
@ -1,89 +1,72 @@
|
|||
{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}}
|
||||
{{- $serviceName := include "argo-cd.server.fullname" . -}}
|
||||
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
|
||||
{{- $paths := .Values.server.ingressGrpc.paths -}}
|
||||
{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}}
|
||||
{{- $pathType := .Values.server.ingressGrpc.pathType -}}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.ingress" . }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
{{- if .Values.server.ingressGrpc.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.server.ingressGrpc.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
name: {{ template "argo-cd.server.fullname" . }}-grpc
|
||||
name: {{ include "argo-cd.server.fullname" . }}-grpc
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
|
||||
{{- if .Values.server.ingressGrpc.labels }}
|
||||
{{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }}
|
||||
{{- with .Values.server.ingressGrpc.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.ingressGrpc.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := . }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
{{- with .Values.server.ingressGrpc.ingressClassName }}
|
||||
ingressClassName: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- if .Values.server.ingressGrpc.hosts }}
|
||||
{{- range $host := .Values.server.ingressGrpc.hosts }}
|
||||
- host: {{ $host }}
|
||||
http:
|
||||
paths:
|
||||
{{- if $extraPaths }}
|
||||
{{- toYaml $extraPaths | nindent 10 }}
|
||||
{{- end -}}
|
||||
{{- with $extraPaths }}
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- range $p := $paths }}
|
||||
- path: {{ $p }}
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
pathType: {{ $pathType }}
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $serviceName }}
|
||||
name: {{ include "argo-cd.server.fullname" $ }}
|
||||
port:
|
||||
{{- if kindIs "float64" $servicePort }}
|
||||
number: {{ $servicePort }}
|
||||
{{- else }}
|
||||
name: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
serviceName: {{ $serviceName }}
|
||||
servicePort: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- else }}
|
||||
- http:
|
||||
paths:
|
||||
{{- if $extraPaths }}
|
||||
{{- toYaml $extraPaths | nindent 10 }}
|
||||
{{- end -}}
|
||||
{{- with $extraPaths }}
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- range $p := $paths }}
|
||||
- path: {{ $p }}
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
pathType: {{ $pathType }}
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $serviceName }}
|
||||
name: {{ include "argo-cd.server.fullname" $ }}
|
||||
port:
|
||||
{{- if kindIs "float64" $servicePort }}
|
||||
number: {{ $servicePort }}
|
||||
{{- else }}
|
||||
name: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
serviceName: {{ $serviceName }}
|
||||
servicePort: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.server.ingressGrpc.tls }}
|
||||
{{- with .Values.server.ingressGrpc.tls }}
|
||||
tls:
|
||||
{{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
|
|
@ -1,51 +1,45 @@
|
|||
{{- if .Values.server.ingress.enabled -}}
|
||||
{{- $serviceName := include "argo-cd.server.fullname" . -}}
|
||||
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}}
|
||||
{{- $paths := .Values.server.ingress.paths -}}
|
||||
{{- $extraPaths := .Values.server.ingress.extraPaths -}}
|
||||
{{- $pathType := .Values.server.ingress.pathType -}}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.ingress" . }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
{{- if .Values.server.ingress.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.server.ingress.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }}
|
||||
alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: |
|
||||
[{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}]
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
name: {{ include "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
|
||||
{{- if .Values.server.ingress.labels }}
|
||||
{{- toYaml .Values.server.ingress.labels | nindent 4 }}
|
||||
{{- with .Values.server.ingress.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.server.ingress.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.server.ingress.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }}
|
||||
alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: |
|
||||
[{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}]
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
{{- with .Values.server.ingress.ingressClassName }}
|
||||
ingressClassName: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- if .Values.server.ingress.hosts }}
|
||||
{{- range $host := .Values.server.ingress.hosts }}
|
||||
- host: {{ $host }}
|
||||
- host: {{ $host | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- if $extraPaths }}
|
||||
{{- toYaml $extraPaths | nindent 10 }}
|
||||
{{- with $extraPaths }}
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- range $p := $paths }}
|
||||
{{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }}
|
||||
- path: {{ $p }}
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
pathType: Prefix
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ template "argo-cd.server.fullname" $ }}-grpc
|
||||
port:
|
||||
|
@ -54,60 +48,42 @@ spec:
|
|||
{{- else }}
|
||||
name: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc
|
||||
servicePort: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- path: {{ $p }}
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
pathType: {{ $pathType }}
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $serviceName }}
|
||||
name: {{ include "argo-cd.server.fullname" $ }}
|
||||
port:
|
||||
{{- if kindIs "float64" $servicePort }}
|
||||
number: {{ $servicePort }}
|
||||
{{- else }}
|
||||
name: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
serviceName: {{ $serviceName }}
|
||||
servicePort: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- else }}
|
||||
- http:
|
||||
paths:
|
||||
{{- if $extraPaths }}
|
||||
{{- toYaml $extraPaths | nindent 10 }}
|
||||
{{- with $extraPaths }}
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- range $p := $paths }}
|
||||
- path: {{ $p }}
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
pathType: {{ $pathType }}
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $serviceName }}
|
||||
name: {{ include "argo-cd.server.fullname" $ }}
|
||||
port:
|
||||
{{- if kindIs "float64" $servicePort }}
|
||||
number: {{ $servicePort }}
|
||||
{{- else }}
|
||||
name: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
serviceName: {{ $serviceName }}
|
||||
servicePort: {{ $servicePort }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.server.ingress.tls }}
|
||||
{{- with .Values.server.ingress.tls }}
|
||||
tls:
|
||||
{{- toYaml .Values.server.ingress.tls | nindent 4 }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if .Values.server.pdb.enabled }}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "argo-cd.server.fullname" . }}
|
||||
|
|
|
@ -42,3 +42,11 @@ rules:
|
|||
verbs:
|
||||
- create
|
||||
- list
|
||||
{{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }}
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- pods/exec
|
||||
verbs:
|
||||
- create
|
||||
{{- end }}
|
||||
|
|
|
@ -19,14 +19,14 @@ spec:
|
|||
- name: {{ .Values.server.service.servicePortHttpName }}
|
||||
protocol: TCP
|
||||
port: {{ .Values.server.service.servicePortHttp }}
|
||||
targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
|
||||
targetPort: {{ .Values.server.containerPorts.server }}
|
||||
{{- if eq .Values.server.service.type "NodePort" }}
|
||||
nodePort: {{ .Values.server.service.nodePortHttp }}
|
||||
{{- end }}
|
||||
- name: {{ .Values.server.service.servicePortHttpsName }}
|
||||
protocol: TCP
|
||||
port: {{ .Values.server.service.servicePortHttps }}
|
||||
targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
|
||||
targetPort: {{ .Values.server.containerPorts.server }}
|
||||
{{- if eq .Values.server.service.type "NodePort" }}
|
||||
nodePort: {{ .Values.server.service.nodePortHttps }}
|
||||
{{- end }}
|
||||
|
@ -49,4 +49,4 @@ spec:
|
|||
{{- end }}
|
||||
{{- with .Values.server.service.sessionAffinity }}
|
||||
sessionAffinity: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
|
@ -39,31 +39,18 @@ spec:
|
|||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with.Values.global.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
initContainers:
|
||||
- name: copyutil
|
||||
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
|
||||
command:
|
||||
- cp
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
volumeMounts:
|
||||
- mountPath: /shared
|
||||
name: static-files
|
||||
- mountPath: /tmp
|
||||
name: dexconfig
|
||||
resources:
|
||||
{{- toYaml .Values.dex.resources | nindent 10 }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
|
||||
{{- with .Values.dex.initContainers }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
|
||||
containers:
|
||||
- name: {{ .Values.dex.name }}
|
||||
image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
|
||||
|
@ -91,13 +78,13 @@ spec:
|
|||
{{- end }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.dex.containerPortHttp }}
|
||||
containerPort: {{ .Values.dex.containerPorts.http }}
|
||||
protocol: TCP
|
||||
- name: grpc
|
||||
containerPort: {{ .Values.dex.containerPortGrpc }}
|
||||
containerPort: {{ .Values.dex.containerPorts.grpc }}
|
||||
protocol: TCP
|
||||
- name: metrics
|
||||
containerPort: {{ .Values.dex.containerPortMetrics }}
|
||||
containerPort: {{ .Values.dex.containerPorts.metrics }}
|
||||
protocol: TCP
|
||||
{{- if .Values.dex.livenessProbe.enabled }}
|
||||
livenessProbe:
|
||||
|
@ -136,21 +123,42 @@ spec:
|
|||
- name: argocd-dex-server-tls
|
||||
mountPath: /tls
|
||||
{{- with .Values.dex.extraContainers }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dex.nodeSelector }}
|
||||
initContainers:
|
||||
- name: copyutil
|
||||
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
|
||||
command:
|
||||
- cp
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
volumeMounts:
|
||||
- mountPath: /shared
|
||||
name: static-files
|
||||
- mountPath: /tmp
|
||||
name: dexconfig
|
||||
resources:
|
||||
{{- toYaml .Values.dex.resources | nindent 10 }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
|
||||
{{- with .Values.dex.initContainers }}
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.dex) }}
|
||||
affinity:
|
||||
{{- trim . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dex.nodeSelector | default .Values.global.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dex.tolerations }}
|
||||
{{- with .Values.dex.tolerations | default .Values.global.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dex.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dex.topologySpreadConstraints }}
|
||||
{{- with .Values.dex.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- range $constraint := . }}
|
||||
- {{ toYaml $constraint | nindent 8 | trim }}
|
||||
|
@ -161,11 +169,6 @@ spec:
|
|||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: static-files
|
||||
emptyDir: {}
|
||||
|
@ -185,7 +188,9 @@ spec:
|
|||
{{- with .Values.dex.volumes }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dex.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- with .Values.dex.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
dnsPolicy: {{ .Values.dex.dnsPolicy }}
|
||||
{{- end }}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if and .Values.dex.enabled .Values.dex.pdb.enabled }}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "argo-cd.dex.fullname" . }}
|
||||
|
|
|
@ -36,15 +36,18 @@ spec:
|
|||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }}
|
||||
{{- with .Values.redis.initContainers }}
|
||||
initContainers:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }}
|
||||
containers:
|
||||
- name: {{ .Values.redis.name }}
|
||||
image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
|
||||
|
@ -67,7 +70,7 @@ spec:
|
|||
{{- end }}
|
||||
ports:
|
||||
- name: redis
|
||||
containerPort: {{ .Values.redis.containerPort }}
|
||||
containerPort: {{ .Values.redis.containerPorts.redis }}
|
||||
protocol: TCP
|
||||
resources:
|
||||
{{- toYaml .Values.redis.resources | nindent 10 }}
|
||||
|
@ -77,40 +80,47 @@ spec:
|
|||
volumeMounts:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.redis.metrics.enabled }}
|
||||
{{- if .Values.redis.exporter.enabled }}
|
||||
- name: metrics
|
||||
image: {{ .Values.redis.metrics.image.repository }}:{{ .Values.redis.metrics.image.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.metrics.image.imagePullPolicy }}
|
||||
image: {{ .Values.redis.exporter.image.repository }}:{{ .Values.redis.exporter.image.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.exporter.image.imagePullPolicy }}
|
||||
env:
|
||||
- name: REDIS_ADDR
|
||||
value: {{ printf "redis://localhost:%v" .Values.redis.containerPort }}
|
||||
value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }}
|
||||
- name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS
|
||||
value: {{ printf "0.0.0.0:%v" .Values.redis.metrics.containerPort }}
|
||||
value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }}
|
||||
{{- with .Values.redis.exporter.env }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: {{ .Values.redis.metrics.containerPort }}
|
||||
containerPort: {{ .Values.redis.containerPorts.metrics }}
|
||||
protocol: TCP
|
||||
resources:
|
||||
{{- toYaml .Values.redis.metrics.resources | nindent 10 }}
|
||||
{{- toYaml .Values.redis.exporter.resources | nindent 10 }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }}
|
||||
{{- toYaml .Values.redis.exporter.containerSecurityContext | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.extraContainers }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.nodeSelector }}
|
||||
{{- with .Values.redis.initContainers }}
|
||||
initContainers:
|
||||
{{- tpl (toYaml .) $ | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.nodeSelector | default .Values.global.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.tolerations }}
|
||||
{{- with .Values.redis.tolerations | default .Values.global.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.affinity }}
|
||||
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.redis) }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- trim . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.topologySpreadConstraints }}
|
||||
{{- with .Values.redis.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- range $constraint := . }}
|
||||
- {{ toYaml $constraint | nindent 8 | trim }}
|
||||
|
@ -121,11 +131,13 @@ spec:
|
|||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.volumes }}
|
||||
volumes:
|
||||
{{- toYaml . | nindent 8}}
|
||||
{{- end }}
|
||||
{{- with .Values.redis.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
dnsPolicy: {{ .Values.redis.dnsPolicy }}
|
||||
{{- end }}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{{- $redisHa := index .Values "redis-ha" -}}
|
||||
{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.pdb.enabled }}
|
||||
apiVersion: {{ include "argo-cd.apiVersion.pdb" . }}
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "argo-cd.redis.fullname" . }}
|
||||
|
@ -16,7 +16,7 @@ metadata:
|
|||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- with .Values.dex.pdb.maxUnavailable }}
|
||||
{{- with .Values.redis.pdb.maxUnavailable }}
|
||||
maxUnavailable: {{ . }}
|
||||
{{- else }}
|
||||
minAvailable: {{ .Values.redis.pdb.minAvailable | default 0 }}
|
||||
|
|
|
@ -19,7 +19,7 @@ spec:
|
|||
ports:
|
||||
- name: redis
|
||||
port: {{ .Values.redis.servicePort }}
|
||||
targetPort: {{ .Values.redis.containerPort }}
|
||||
targetPort: redis
|
||||
selector:
|
||||
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 4 }}
|
||||
{{- end }}
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,8 +1,8 @@
|
|||
apiVersion: v2
|
||||
appVersion: v1.7.3
|
||||
appVersion: v1.7.6
|
||||
description: A Helm chart for Argo Events, the event-driven workflow automation framework
|
||||
name: argo-events
|
||||
version: 2.0.6
|
||||
version: 2.1.4
|
||||
home: https://github.com/argoproj/argo-helm
|
||||
icon: https://argoproj.github.io/argo-events/assets/logo.png
|
||||
keywords:
|
||||
|
@ -15,4 +15,5 @@ maintainers:
|
|||
url: https://argoproj.github.io/
|
||||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- "[Changed]: Upgrade Argo events controller to v1.7.3"
|
||||
- kind: added
|
||||
description: Add install guide on README
|
||||
|
|
|
@ -17,6 +17,19 @@ To regenerate this document, please run:
|
|||
./scripts/helm-docs.sh
|
||||
```
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
To install the chart with the release name `my-release`:
|
||||
|
||||
```console
|
||||
$ helm repo add argo https://argoproj.github.io/argo-helm
|
||||
"argo" has been added to your repositories
|
||||
|
||||
$ helm install my-release argo/argo-events
|
||||
NAME: my-release
|
||||
...
|
||||
```
|
||||
|
||||
## Upgrading
|
||||
|
||||
### Custom resource definitions
|
||||
|
@ -57,11 +70,12 @@ done
|
|||
| configs.jetstream.versions[0].natsImage | string | `"nats:latest"` | |
|
||||
| configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | |
|
||||
| configs.jetstream.versions[0].version | string | `"latest"` | |
|
||||
| configs.nats.versions | list | `[{"metricsExporterImage":"natsio/prometheus-nats-exporter:latest","natsStreamingImage":"nats-streaming:latest","version":"latest"}]` | Supported versions of NATS event bus |
|
||||
| configs.nats.versions | list | See [values.yaml] | Supported versions of NATS event bus |
|
||||
| crds.annotations | object | `{}` | Annotations to be added to all CRDs |
|
||||
| crds.install | bool | `true` | Install and upgrade CRDs |
|
||||
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
|
||||
| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-events crds Only applies for cluster-wide installation (`controller.rbac.namespaced: false`) |
|
||||
| extraObjects | list | `[]` | Array of extra K8s manifests to deploy |
|
||||
| fullnameOverride | string | `""` | String to fully override "argo-events.fullname" template |
|
||||
| global.additionalLabels | object | `{}` | Additional labels to add to all resources |
|
||||
| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files |
|
||||
|
@ -155,6 +169,7 @@ done
|
|||
| webhook.pdb.labels | object | `{}` | Labels to be added to admission webhook pdb |
|
||||
| webhook.podAnnotations | object | `{}` | Annotations to be added to event controller pods |
|
||||
| webhook.podLabels | object | `{}` | Labels to be added to event controller pods |
|
||||
| webhook.port | int | `443` | Port to listen on |
|
||||
| webhook.priorityClassName | string | `""` | Priority class for the event controller pods |
|
||||
| webhook.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
|
||||
| webhook.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
|
||||
|
|
|
@ -17,6 +17,19 @@ To regenerate this document, please run:
|
|||
./scripts/helm-docs.sh
|
||||
```
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
To install the chart with the release name `my-release`:
|
||||
|
||||
```console
|
||||
$ helm repo add argo https://argoproj.github.io/argo-helm
|
||||
"argo" has been added to your repositories
|
||||
|
||||
$ helm install my-release argo/argo-events
|
||||
NAME: my-release
|
||||
...
|
||||
```
|
||||
|
||||
## Upgrading
|
||||
|
||||
### Custom resource definitions
|
||||
|
|
|
@ -68,6 +68,34 @@ Create chart name and version as used by the chart label.
|
|||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create kubernetes friendly chart version label for the controller.
|
||||
|
||||
Examples:
|
||||
image.tag = v1.7.3
|
||||
output = v1.7.3
|
||||
|
||||
image.tag = v1.7.3@sha256:a40f4f3ea20d354f00ab469a9f73102668fa545c4d632e1a8e11a206ad3093f3
|
||||
output = v1.7.3
|
||||
*/}}
|
||||
{{- define "argo-events.controller_chart_version_label" -}}
|
||||
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-events.defaultTag" .) .Values.controller.image.tag) "") "" | trunc 63 | quote -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create kubernetes friendly chart version label for the events webhook.
|
||||
|
||||
Examples:
|
||||
image.tag = v1.7.3
|
||||
output = v1.7.3
|
||||
|
||||
image.tag = v1.7.3@sha256:a40f4f3ea20d354f00ab469a9f73102668fa545c4d632e1a8e11a206ad3093f3
|
||||
output = v1.7.3
|
||||
*/}}
|
||||
{{- define "argo-events.webhook_chart_version_label" -}}
|
||||
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-events.defaultTag" .) .Values.webhook.image.tag) "") "" | trunc 63 | quote -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
|
@ -97,3 +125,14 @@ Return the default Argo Events app version
|
|||
{{- define "argo-events.defaultTag" -}}
|
||||
{{- default .Chart.AppVersion .Values.global.image.tag }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Define Pdb apiVersion
|
||||
*/}}
|
||||
{{- define "argo-events.pdb.apiVersion" -}}
|
||||
{{- if .Capabilities.APIVersions.Has "policy/v1" }}
|
||||
{{- printf "policy/v1" -}}
|
||||
{{- else }}
|
||||
{{- printf "policy/v1beta1" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -4,7 +4,7 @@ metadata:
|
|||
name: {{ include "argo-events.controller.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
|
||||
app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
|
@ -22,7 +22,7 @@ spec:
|
|||
{{- end }}
|
||||
labels:
|
||||
{{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }}
|
||||
app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }}
|
||||
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.controller.podLabels) }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if .Values.controller.pdb.enabled }}
|
||||
apiVersion: policy/v1beta1
|
||||
apiVersion: {{ template "argo-events.pdb.apiVersion" . }}
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ template "argo-events.controller.fullname" . }}
|
||||
|
|
|
@ -71,7 +71,6 @@ rules:
|
|||
- pods
|
||||
- pods/exec
|
||||
- configmaps
|
||||
- secrets
|
||||
- services
|
||||
- persistentvolumeclaims
|
||||
verbs:
|
||||
|
@ -82,6 +81,17 @@ rules:
|
|||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- list
|
||||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- apps
|
||||
resources:
|
||||
|
|
|
@ -5,7 +5,7 @@ metadata:
|
|||
name: events-webhook
|
||||
labels:
|
||||
{{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }}
|
||||
app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
|
@ -22,7 +22,7 @@ spec:
|
|||
{{- end }}
|
||||
labels:
|
||||
{{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 8 }}
|
||||
app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }}
|
||||
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.webhook.podLabels) }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
|
@ -37,7 +37,7 @@ spec:
|
|||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Values.webhook.name }}
|
||||
image: {{ default .Values.global.image.repository .Values.webhook.image.repository }}:{{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag }}
|
||||
image: {{ default .Values.global.image.repository .Values.webhook.image.repository }}:{{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.webhook.image.imagePullPolicy }}
|
||||
args:
|
||||
- webhook-service
|
||||
|
@ -50,6 +50,8 @@ spec:
|
|||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: PORT
|
||||
value: "{{ .Values.webhook.port }}"
|
||||
{{- with .Values.webhook.env }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
|
@ -63,7 +65,7 @@ spec:
|
|||
{{- end }}
|
||||
ports:
|
||||
- name: webhook
|
||||
containerPort: 443
|
||||
containerPort: {{ .Values.webhook.port }}
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if and .Values.webhook.enabled .Values.webhook.pdb.enabled (not .Values.controller.rbac.namespaced) }}
|
||||
apiVersion: policy/v1beta1
|
||||
apiVersion: {{ template "argo-events.pdb.apiVersion" . }}
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ template "argo-events.webhook.fullname" . }}
|
||||
|
|
4
charts/argo-events/templates/extra-manifests.yaml
Normal file
4
charts/argo-events/templates/extra-manifests.yaml
Normal file
|
@ -0,0 +1,4 @@
|
|||
{{ range .Values.extraObjects }}
|
||||
---
|
||||
{{ tpl (toYaml .) $ }}
|
||||
{{ end }}
|
|
@ -62,10 +62,14 @@ configs:
|
|||
## NATS event bus
|
||||
nats:
|
||||
# -- Supported versions of NATS event bus
|
||||
# @default -- See [values.yaml]
|
||||
versions:
|
||||
- version: latest
|
||||
natsStreamingImage: nats-streaming:latest
|
||||
metricsExporterImage: natsio/prometheus-nats-exporter:latest
|
||||
- version: 0.22.1
|
||||
natsStreamingImage: nats-streaming:0.22.1
|
||||
metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0
|
||||
|
||||
## JetStream event bus
|
||||
jetstream:
|
||||
|
@ -95,6 +99,35 @@ configs:
|
|||
configReloaderImage: natsio/nats-server-config-reloader:latest
|
||||
startCommand: /nats-server
|
||||
|
||||
# -- Array of extra K8s manifests to deploy
|
||||
## Note: Supports use of custom Helm templates
|
||||
extraObjects: []
|
||||
# - apiVersion: secrets-store.csi.x-k8s.io/v1
|
||||
# kind: SecretProviderClass
|
||||
# metadata:
|
||||
# name: argo-events-secrets-store
|
||||
# spec:
|
||||
# provider: aws
|
||||
# parameters:
|
||||
# objects: |
|
||||
# - objectName: "argo-events"
|
||||
# objectType: "secretsmanager"
|
||||
# jmesPath:
|
||||
# - path: "client_id"
|
||||
# objectAlias: "client_id"
|
||||
# - path: "client_secret"
|
||||
# objectAlias: "client_secret"
|
||||
# secretObjects:
|
||||
# - data:
|
||||
# - key: client_id
|
||||
# objectName: client_id
|
||||
# - key: client_secret
|
||||
# objectName: client_secret
|
||||
# secretName: argo-events-secrets-store
|
||||
# type: Opaque
|
||||
# labels:
|
||||
# app.kubernetes.io/part-of: argocd
|
||||
|
||||
## Argo Events controller
|
||||
controller:
|
||||
# -- Argo Events controller name string
|
||||
|
@ -315,6 +348,9 @@ webhook:
|
|||
# -- Labels to be added to event controller pods
|
||||
podLabels: {}
|
||||
|
||||
# -- Port to listen on
|
||||
port: 443
|
||||
|
||||
# -- Event controller container-level security context
|
||||
containerSecurityContext: {}
|
||||
# capabilities:
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
apiVersion: v2
|
||||
appVersion: v1.3.1
|
||||
appVersion: v1.4.1
|
||||
description: A Helm chart for Argo Rollouts
|
||||
name: argo-rollouts
|
||||
version: 2.21.1
|
||||
version: 2.22.3
|
||||
home: https://github.com/argoproj/argo-helm
|
||||
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
|
||||
keywords:
|
||||
|
@ -15,4 +15,7 @@ maintainers:
|
|||
url: https://argoproj.github.io/
|
||||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- "[Changed]: Upgrade ArgoRollouts to v1.3.1"
|
||||
- kind: changed
|
||||
description: Upgrade Argo Rollouts to v.1.4.1
|
||||
- kind: added
|
||||
description: Put Changelog URL on README.md
|
||||
|
|
|
@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
|
|||
|:---------------------------------------------------------------------------|
|
||||
| The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). |
|
||||
|
||||
## Changelog
|
||||
|
||||
For full list of changes please check ArtifactHub [changelog].
|
||||
|
||||
## Chart Values
|
||||
|
||||
### General parameters
|
||||
|
@ -55,6 +59,14 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
|
|||
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret |
|
||||
| notifications.templates | object | `{}` | Notification templates |
|
||||
| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent |
|
||||
| providerRBAC.enabled | bool | `true` | Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole |
|
||||
| providerRBAC.providers.ambassador | bool | `true` | Adds RBAC rules for the Ambassador provider |
|
||||
| providerRBAC.providers.apisix | bool | `true` | Adds RBAC rules for the Apisix provider |
|
||||
| providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider |
|
||||
| providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider |
|
||||
| providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider |
|
||||
| providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider |
|
||||
| providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider |
|
||||
|
||||
### Controller
|
||||
|
||||
|
@ -88,6 +100,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
|
|||
| controller.replicas | int | `2` | The number of controller pods to run |
|
||||
| controller.resources | object | `{}` | Resource limits and requests for the controller pods. |
|
||||
| controller.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller |
|
||||
| podAnnotations | object | `{}` | Annotations to be added to the Rollout pods |
|
||||
| podLabels | object | `{}` | Labels to be added to the Rollout pods |
|
||||
| podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level |
|
||||
|
@ -145,6 +158,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
|
|||
| dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created |
|
||||
| dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
|
||||
| dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server |
|
||||
|
||||
## Upgrading
|
||||
|
||||
|
@ -174,6 +188,8 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
|
|||
[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/
|
||||
[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
||||
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
||||
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
||||
[priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
|
||||
[Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets
|
||||
[values.yaml]: values.yaml
|
||||
[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog
|
||||
|
|
|
@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r
|
|||
|:---------------------------------------------------------------------------|
|
||||
| The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). |
|
||||
|
||||
## Changelog
|
||||
|
||||
For full list of changes please check ArtifactHub [changelog].
|
||||
|
||||
## Chart Values
|
||||
|
||||
### General parameters
|
||||
|
@ -96,6 +100,8 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
|
|||
[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/
|
||||
[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
||||
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
||||
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
||||
[priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
|
||||
[Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets
|
||||
[values.yaml]: values.yaml
|
||||
[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog
|
||||
|
|
|
@ -31,6 +31,20 @@ Create chart name and version as used by the chart label.
|
|||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create kubernetes friendly chart version label.
|
||||
|
||||
Examples:
|
||||
image.tag = v1.3.1
|
||||
output = v1.3.1
|
||||
|
||||
image.tag = v1.3.1@sha256:38828e693b02e6f858d89fa22a9d9811d3d7a2430a1d4c7d687b6f509775c6ce
|
||||
output = v1.3.1
|
||||
*/}}
|
||||
{{- define "argo-rollouts.chart_version_label" -}}
|
||||
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default .Chart.AppVersion $.Values.controller.image.tag) "") "" | trunc 63 | quote -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
|
@ -38,7 +52,7 @@ Common labels
|
|||
helm.sh/chart: {{ include "argo-rollouts.chart" . }}
|
||||
{{ include "argo-rollouts.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ default .Chart.AppVersion $.Values.controller.image.tag | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-rollouts.chart_version_label" . }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argo-rollouts
|
||||
|
|
|
@ -89,7 +89,7 @@ rules:
|
|||
- create
|
||||
- get
|
||||
- update
|
||||
# secret access to run analysis templates which reference secrets, allow init containers to manipulate secrets
|
||||
# secret read access to run analysis templates which reference secrets
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
|
@ -99,9 +99,6 @@ rules:
|
|||
- get
|
||||
- list
|
||||
- watch
|
||||
- create
|
||||
- patch
|
||||
- update
|
||||
# pod list/update needed for updating ephemeral data
|
||||
- apiGroups:
|
||||
- ""
|
||||
|
@ -110,6 +107,7 @@ rules:
|
|||
verbs:
|
||||
- list
|
||||
- update
|
||||
- watch
|
||||
# pods eviction needed for restart
|
||||
- apiGroups:
|
||||
- ""
|
||||
|
@ -151,6 +149,8 @@ rules:
|
|||
- update
|
||||
- patch
|
||||
- delete
|
||||
{{- if .Values.providerRBAC.enabled }}
|
||||
{{- if .Values.providerRBAC.providers.istio }}
|
||||
# virtualservice/destinationrule access needed for using the Istio provider
|
||||
- apiGroups:
|
||||
- networking.istio.io
|
||||
|
@ -163,6 +163,8 @@ rules:
|
|||
- update
|
||||
- patch
|
||||
- list
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.smi }}
|
||||
# trafficsplit access needed for using the SMI provider
|
||||
- apiGroups:
|
||||
- split.smi-spec.io
|
||||
|
@ -174,6 +176,8 @@ rules:
|
|||
- get
|
||||
- update
|
||||
- patch
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.ambassador }}
|
||||
# ambassador access needed for Ambassador provider
|
||||
- apiGroups:
|
||||
- getambassador.io
|
||||
|
@ -188,7 +192,9 @@ rules:
|
|||
- update
|
||||
- list
|
||||
- delete
|
||||
# Endpoints and TargetGroupBindings needed for ALB target group verification
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.awsLoadBalancerController }}
|
||||
# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
|
@ -202,6 +208,8 @@ rules:
|
|||
verbs:
|
||||
- list
|
||||
- get
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.awsAppMesh }}
|
||||
# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider
|
||||
- apiGroups:
|
||||
- appmesh.k8s.aws
|
||||
|
@ -224,3 +232,27 @@ rules:
|
|||
- update
|
||||
- patch
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.traefik }}
|
||||
# Traefik access needed when using the Traefik provider
|
||||
- apiGroups:
|
||||
- traefik.containo.us
|
||||
resources:
|
||||
- traefikservices
|
||||
verbs:
|
||||
- watch
|
||||
- get
|
||||
- update
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.apisix }}
|
||||
# Access needed when using the Apisix provider
|
||||
- apiGroups:
|
||||
- apisix.apache.org
|
||||
resources:
|
||||
- apisixroutes
|
||||
verbs:
|
||||
- watch
|
||||
- get
|
||||
- update
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -83,6 +83,18 @@ spec:
|
|||
affinity:
|
||||
{{- toYaml .Values.controller.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- range $constraint := . }}
|
||||
- {{ toYaml $constraint | nindent 8 | trim }}
|
||||
{{- if not $constraint.labelSelector }}
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/component: {{ $.Values.controller.component }}
|
||||
{{- include "argo-rollouts.selectorLabels" $ | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
|
|
|
@ -56,7 +56,19 @@ rules:
|
|||
- update
|
||||
- patch
|
||||
- delete
|
||||
# deployments and podtemplates read access needed for workload reference support
|
||||
- apiGroups:
|
||||
- ""
|
||||
- apps
|
||||
resources:
|
||||
- deployments
|
||||
- podtemplates
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
# services patch needed to update selector of canary/stable/active/preview services
|
||||
# services create needed to create and delete services for experiments
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
|
@ -66,8 +78,18 @@ rules:
|
|||
- list
|
||||
- watch
|
||||
- patch
|
||||
# secret access to run analysis templates which reference secrets
|
||||
# configmap access to read notification-engine configuration
|
||||
- create
|
||||
- delete
|
||||
# leases create/get/update needed for leader election
|
||||
- apiGroups:
|
||||
- coordination.k8s.io
|
||||
resources:
|
||||
- leases
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- update
|
||||
# secret read access to run analysis templates which reference secrets
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
|
@ -77,9 +99,6 @@ rules:
|
|||
- get
|
||||
- list
|
||||
- watch
|
||||
- create
|
||||
- patch
|
||||
- update
|
||||
# pod list/update needed for updating ephemeral data
|
||||
- apiGroups:
|
||||
- ""
|
||||
|
@ -88,6 +107,7 @@ rules:
|
|||
verbs:
|
||||
- list
|
||||
- update
|
||||
- watch
|
||||
# pods eviction needed for restart
|
||||
- apiGroups:
|
||||
- ""
|
||||
|
@ -129,16 +149,22 @@ rules:
|
|||
- update
|
||||
- patch
|
||||
- delete
|
||||
# virtualservice access needed for using the Istio provider
|
||||
{{- if .Values.providerRBAC.enabled }}
|
||||
{{- if .Values.providerRBAC.providers.istio }}
|
||||
# virtualservice/destinationrule access needed for using the Istio provider
|
||||
- apiGroups:
|
||||
- networking.istio.io
|
||||
resources:
|
||||
- virtualservices
|
||||
- destinationrules
|
||||
verbs:
|
||||
- watch
|
||||
- get
|
||||
- update
|
||||
- patch
|
||||
- list
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.smi }}
|
||||
# trafficsplit access needed for using the SMI provider
|
||||
- apiGroups:
|
||||
- split.smi-spec.io
|
||||
|
@ -151,3 +177,82 @@ rules:
|
|||
- update
|
||||
- patch
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.ambassador }}
|
||||
# ambassador access needed for Ambassador provider
|
||||
- apiGroups:
|
||||
- getambassador.io
|
||||
- x.getambassador.io
|
||||
resources:
|
||||
- mappings
|
||||
- ambassadormappings
|
||||
verbs:
|
||||
- create
|
||||
- watch
|
||||
- get
|
||||
- update
|
||||
- list
|
||||
- delete
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.awsLoadBalancerController }}
|
||||
# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- endpoints
|
||||
verbs:
|
||||
- get
|
||||
- apiGroups:
|
||||
- elbv2.k8s.aws
|
||||
resources:
|
||||
- targetgroupbindings
|
||||
verbs:
|
||||
- list
|
||||
- get
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.awsAppMesh }}
|
||||
# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider
|
||||
- apiGroups:
|
||||
- appmesh.k8s.aws
|
||||
resources:
|
||||
- virtualservices
|
||||
verbs:
|
||||
- watch
|
||||
- get
|
||||
- list
|
||||
# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider
|
||||
- apiGroups:
|
||||
- appmesh.k8s.aws
|
||||
resources:
|
||||
- virtualnodes
|
||||
- virtualrouters
|
||||
verbs:
|
||||
- watch
|
||||
- get
|
||||
- list
|
||||
- update
|
||||
- patch
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.traefik }}
|
||||
# Traefik access needed when using the Traefik provider
|
||||
- apiGroups:
|
||||
- traefik.containo.us
|
||||
resources:
|
||||
- traefikservices
|
||||
verbs:
|
||||
- watch
|
||||
- get
|
||||
- update
|
||||
{{- end }}
|
||||
{{- if .Values.providerRBAC.providers.apisix }}
|
||||
# Access needed when using the Apisix provider
|
||||
- apiGroups:
|
||||
- apisix.apache.org
|
||||
resources:
|
||||
- apisixroutes
|
||||
verbs:
|
||||
- watch
|
||||
- get
|
||||
- update
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -2742,6 +2742,9 @@ spec:
|
|||
type: array
|
||||
insecure:
|
||||
type: boolean
|
||||
jsonBody:
|
||||
type: object
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
jsonPath:
|
||||
type: string
|
||||
method:
|
||||
|
|
|
@ -2738,6 +2738,9 @@ spec:
|
|||
type: array
|
||||
insecure:
|
||||
type: boolean
|
||||
jsonBody:
|
||||
type: object
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
jsonPath:
|
||||
type: string
|
||||
method:
|
||||
|
|
|
@ -2738,6 +2738,9 @@ spec:
|
|||
type: array
|
||||
insecure:
|
||||
type: boolean
|
||||
jsonBody:
|
||||
type: object
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
jsonPath:
|
||||
type: string
|
||||
method:
|
||||
|
|
|
@ -89,6 +89,12 @@ spec:
|
|||
revisionHistoryLimit:
|
||||
format: int32
|
||||
type: integer
|
||||
rollbackWindow:
|
||||
properties:
|
||||
revisions:
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
selector:
|
||||
properties:
|
||||
matchExpressions:
|
||||
|
@ -397,6 +403,9 @@ spec:
|
|||
- type: integer
|
||||
- type: string
|
||||
x-kubernetes-int-or-string: true
|
||||
minPodsPerReplicaSet:
|
||||
format: int32
|
||||
type: integer
|
||||
pingPong:
|
||||
properties:
|
||||
pingService:
|
||||
|
@ -713,6 +722,20 @@ spec:
|
|||
required:
|
||||
- mappings
|
||||
type: object
|
||||
apisix:
|
||||
properties:
|
||||
route:
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
rules:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
type: object
|
||||
appMesh:
|
||||
properties:
|
||||
virtualNodeGroup:
|
||||
|
@ -770,6 +793,14 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
tcpRoutes:
|
||||
items:
|
||||
properties:
|
||||
port:
|
||||
format: int64
|
||||
type: integer
|
||||
type: object
|
||||
type: array
|
||||
tlsRoutes:
|
||||
items:
|
||||
properties:
|
||||
|
@ -794,6 +825,14 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
tcpRoutes:
|
||||
items:
|
||||
properties:
|
||||
port:
|
||||
format: int64
|
||||
type: integer
|
||||
type: object
|
||||
type: array
|
||||
tlsRoutes:
|
||||
items:
|
||||
properties:
|
||||
|
|
|
@ -44,17 +44,18 @@ rules:
|
|||
- get
|
||||
- list
|
||||
- watch
|
||||
# deployments and podtemplates read access needed for workload reference support
|
||||
- apiGroups:
|
||||
- ""
|
||||
- apps
|
||||
resources:
|
||||
- deployments
|
||||
- podtemplates
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
{{- if not .Values.dashboard.readonly }}
|
||||
- update
|
||||
- patch
|
||||
{{- end }}
|
||||
- apiGroups:
|
||||
- apps
|
||||
resources:
|
||||
|
|
|
@ -65,6 +65,18 @@ spec:
|
|||
affinity:
|
||||
{{- toYaml .Values.dashboard.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dashboard.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- range $constraint := . }}
|
||||
- {{ toYaml $constraint | nindent 8 | trim }}
|
||||
{{- if not $constraint.labelSelector }}
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
{{- include "argo-rollouts.selectorLabels" $ | nindent 12 }}
|
||||
app.kubernetes.io/component: {{ $.Values.dashboard.component }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.dashboard.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
|
|
|
@ -47,6 +47,15 @@ controller:
|
|||
tolerations: []
|
||||
# -- Assign custom [affinity] rules to the deployment
|
||||
affinity: {}
|
||||
|
||||
# -- Assign custom [TopologySpreadConstraints] rules to the controller
|
||||
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
||||
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
|
||||
topologySpreadConstraints: []
|
||||
# - maxSkew: 1
|
||||
# topologyKey: topology.kubernetes.io/zone
|
||||
# whenUnsatisfiable: DoNotSchedule
|
||||
|
||||
# -- [priorityClassName] for the controller
|
||||
priorityClassName: ""
|
||||
# -- The number of controller pods to run
|
||||
|
@ -181,6 +190,26 @@ podLabels: {}
|
|||
imagePullSecrets: []
|
||||
# - name: argo-pull-secret
|
||||
|
||||
providerRBAC:
|
||||
# -- Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole
|
||||
enabled: true
|
||||
# providerRBAC.enabled must be true in order to toggle the individual providers
|
||||
providers:
|
||||
# -- Adds RBAC rules for the Istio provider
|
||||
istio: true
|
||||
# -- Adds RBAC rules for the SMI provider
|
||||
smi: true
|
||||
# -- Adds RBAC rules for the Ambassador provider
|
||||
ambassador: true
|
||||
# -- Adds RBAC rules for the AWS Load Balancer Controller provider
|
||||
awsLoadBalancerController: true
|
||||
# -- Adds RBAC rules for the AWS App Mesh provider
|
||||
awsAppMesh: true
|
||||
# -- Adds RBAC rules for the Traefik provider
|
||||
traefik: true
|
||||
# -- Adds RBAC rules for the Apisix provider
|
||||
apisix: true
|
||||
|
||||
dashboard:
|
||||
# -- Deploy dashboard server
|
||||
enabled: false
|
||||
|
@ -194,6 +223,15 @@ dashboard:
|
|||
tolerations: []
|
||||
# -- Assign custom [affinity] rules to the deployment
|
||||
affinity: {}
|
||||
|
||||
# -- Assign custom [TopologySpreadConstraints] rules to the dashboard server
|
||||
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
||||
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
|
||||
topologySpreadConstraints: []
|
||||
# - maxSkew: 1
|
||||
# topologyKey: topology.kubernetes.io/zone
|
||||
# whenUnsatisfiable: DoNotSchedule
|
||||
|
||||
# -- [priorityClassName] for the dashboard server
|
||||
priorityClassName: ""
|
||||
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
apiVersion: v2
|
||||
appVersion: v3.4.4
|
||||
appVersion: v3.4.5
|
||||
name: argo-workflows
|
||||
description: A Helm chart for Argo Workflows
|
||||
type: application
|
||||
version: 0.20.12
|
||||
version: 0.22.14
|
||||
icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png
|
||||
home: https://github.com/argoproj/argo-helm
|
||||
sources:
|
||||
|
@ -13,4 +13,5 @@ maintainers:
|
|||
url: https://argoproj.github.io/
|
||||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- "[Changed]: Update Argo Workflows to v3.4.4"
|
||||
- kind: added
|
||||
description: Add install guide on README.
|
||||
|
|
|
@ -13,6 +13,38 @@ A few options are:
|
|||
- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec
|
||||
- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
|
||||
|
||||
### Custom resource definitions
|
||||
|
||||
Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart.
|
||||
|
||||
Helm cannot upgrade custom resource definitions in the `<chart>/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `<chart>/templates` to address this design decision.
|
||||
|
||||
If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:
|
||||
|
||||
```bash
|
||||
kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=<appVersion>"
|
||||
|
||||
# Eg. version v3.3.9
|
||||
kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9"
|
||||
```
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
To install the chart with the release name `my-release`:
|
||||
|
||||
```console
|
||||
$ helm repo add argo https://argoproj.github.io/argo-helm
|
||||
"argo" has been added to your repositories
|
||||
|
||||
$ helm install my-release argo/argo-workflows
|
||||
NAME: my-release
|
||||
...
|
||||
```
|
||||
|
||||
## Changelog
|
||||
|
||||
For full list of changes, please check ArtifactHub [changelog].
|
||||
|
||||
## Usage Notes
|
||||
|
||||
### Workflow controller
|
||||
|
@ -45,6 +77,7 @@ Fields to note:
|
|||
| crds.install | bool | `true` | Install and upgrade CRDs |
|
||||
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
|
||||
| createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds |
|
||||
| emissary.images | list | `[]` | The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. |
|
||||
| extraObjects | list | `[]` | Array of extra K8s manifests to deploy |
|
||||
| fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template |
|
||||
| images.pullPolicy | string | `"Always"` | imagePullPolicy to apply to all containers |
|
||||
|
@ -82,9 +115,11 @@ Fields to note:
|
|||
| controller.instanceID.enabled | bool | `false` | Configures the controller to filter workflow submissions to only those which have a matching instanceID attribute. |
|
||||
| controller.instanceID.explicitID | string | `""` | Use a custom instanceID |
|
||||
| controller.instanceID.useReleaseName | bool | `false` | Use ReleaseName as instanceID |
|
||||
| controller.kubeConfig | object | `{}` (See [values.yaml]) | Configure when workflow controller runs in a different k8s cluster with the workflow workloads, or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. |
|
||||
| controller.links | list | `[]` | Configure Argo Server to show custom [links] |
|
||||
| controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller |
|
||||
| controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
|
||||
| controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) |
|
||||
| controller.logging.globallevel | string | `"0"` | Set the glog logging level |
|
||||
| controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) |
|
||||
| controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server |
|
||||
|
@ -99,11 +134,14 @@ Fields to note:
|
|||
| controller.name | string | `"workflow-controller"` | Workflow controller name string |
|
||||
| controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace |
|
||||
| controller.navColor | string | `""` | Set ui navigation bar background color |
|
||||
| controller.nodeEvents.enabled | bool | `true` | Enable to emit events on node completion. |
|
||||
| controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] |
|
||||
| controller.parallelism | string | `nil` | parallelism dictates how many workflows can be running at the same time |
|
||||
| controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods |
|
||||
| controller.persistence | object | `{}` | enable persistence using postgres |
|
||||
| controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods |
|
||||
| controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. |
|
||||
| controller.podGCGracePeriodSeconds | string | `30` seconds (Kubernetes default) | Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. |
|
||||
| controller.podLabels | object | `{}` | Optional labels to add to the controller pods |
|
||||
| controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods |
|
||||
| controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. |
|
||||
|
@ -146,6 +184,7 @@ Fields to note:
|
|||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| mainContainer.env | list | `[]` | Adds environment variables for the Workflow main container |
|
||||
| mainContainer.envFrom | list | `[]` | Adds reference environment variables for the Workflow main container |
|
||||
| mainContainer.imagePullPolicy | string | `""` | imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. |
|
||||
| mainContainer.resources | object | `{}` | Resource limits and requests for the Workflow main container |
|
||||
| mainContainer.securityContext | object | `{}` | sets security context for the Workflow main container |
|
||||
|
@ -189,6 +228,9 @@ Fields to note:
|
|||
| server.ingress.tls | list | `[]` | Ingress TLS configuration |
|
||||
| server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` |
|
||||
| server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
|
||||
| server.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) |
|
||||
| server.logging.globallevel | string | `"0"` | Set the glog logging level |
|
||||
| server.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) |
|
||||
| server.name | string | `"server"` | Server name string |
|
||||
| server.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] |
|
||||
| server.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the server pods |
|
||||
|
@ -257,3 +299,4 @@ Fields to note:
|
|||
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
||||
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
||||
[values.yaml]: values.yaml
|
||||
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog
|
||||
|
|
|
@ -13,6 +13,38 @@ A few options are:
|
|||
- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec
|
||||
- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions
|
||||
|
||||
### Custom resource definitions
|
||||
|
||||
Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart.
|
||||
|
||||
Helm cannot upgrade custom resource definitions in the `<chart>/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `<chart>/templates` to address this design decision.
|
||||
|
||||
If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:
|
||||
|
||||
```bash
|
||||
kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=<appVersion>"
|
||||
|
||||
# Eg. version v3.3.9
|
||||
kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9"
|
||||
```
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
To install the chart with the release name `my-release`:
|
||||
|
||||
```console
|
||||
$ helm repo add argo https://argoproj.github.io/argo-helm
|
||||
"argo" has been added to your repositories
|
||||
|
||||
$ helm install my-release argo/argo-workflows
|
||||
NAME: my-release
|
||||
...
|
||||
```
|
||||
|
||||
## Changelog
|
||||
|
||||
For full list of changes, please check ArtifactHub [changelog].
|
||||
|
||||
## Usage Notes
|
||||
|
||||
### Workflow controller
|
||||
|
@ -135,3 +167,4 @@ Fields to note:
|
|||
[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
||||
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
||||
[values.yaml]: values.yaml
|
||||
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog
|
||||
|
|
|
@ -45,6 +45,32 @@ Create chart name and version as used by the chart label.
|
|||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create kubernetes friendly chart version label for the controller.
|
||||
Examples:
|
||||
image.tag = v3.4.4
|
||||
output = v3.4.4
|
||||
|
||||
image.tag = v3.4.4@sha256:d06860f1394a94ac3ff8401126ef32ba28915aa6c3c982c7e607ea0b4dadb696
|
||||
output = v3.4.4
|
||||
*/}}
|
||||
{{- define "argo-workflows.controller_chart_version_label" -}}
|
||||
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag) "") "" | trunc 63 | quote -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create kubernetes friendly chart version label for the server.
|
||||
Examples:
|
||||
image.tag = v3.4.4
|
||||
output = v3.4.4
|
||||
|
||||
image.tag = v3.4.4@sha256:d06860f1394a94ac3ff8401126ef32ba28915aa6c3c982c7e607ea0b4dadb696
|
||||
output = v3.4.4
|
||||
*/}}
|
||||
{{- define "argo-workflows.server_chart_version_label" -}}
|
||||
{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-workflows.defaultTag" .) .Values.server.image.tag) "") "" | trunc 63 | quote -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
|
@ -103,17 +129,6 @@ Return the appropriate apiVersion for ingress
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for pod disruption budget
|
||||
*/}}
|
||||
{{- define "argo-workflows.podDisruptionBudget.apiVersion" -}}
|
||||
{{- if semverCompare "<1.21-0" (include "argo-workflows.kubeVersion" $) -}}
|
||||
{{- print "policy/v1beta1" -}}
|
||||
{{- else -}}
|
||||
{{- print "policy/v1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the target Kubernetes version
|
||||
*/}}
|
||||
|
@ -127,3 +142,14 @@ Return the default Argo Workflows app version
|
|||
{{- define "argo-workflows.defaultTag" -}}
|
||||
{{- default .Chart.AppVersion .Values.images.tag }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return full image name including or excluding registry based on existence
|
||||
*/}}
|
||||
{{- define "argo-workflows.image" -}}
|
||||
{{- if and .image.registry .image.repository -}}
|
||||
{{ .image.registry }}/{{ .image.repository }}
|
||||
{{- else -}}
|
||||
{{ .image.repository }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
|
|
@ -14,7 +14,6 @@ rules:
|
|||
- ""
|
||||
resources:
|
||||
- pods
|
||||
- pods/exec
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
|
@ -23,6 +22,12 @@ rules:
|
|||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- pods/exec
|
||||
verbs:
|
||||
- create
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
|
|
|
@ -25,7 +25,7 @@ data:
|
|||
{{- with .Values.controller.initialDelay }}
|
||||
initialDelay: {{ . }}
|
||||
{{- end }}
|
||||
{{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.securityContext}}
|
||||
{{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.envFrom .Values.mainContainer.securityContext}}
|
||||
mainContainer:
|
||||
imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.mainContainer.imagePullPolicy }}
|
||||
{{- with .Values.mainContainer.resources }}
|
||||
|
@ -34,6 +34,9 @@ data:
|
|||
{{- with .Values.mainContainer.env }}
|
||||
env: {{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.mainContainer.envFrom }}
|
||||
envFrom: {{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.mainContainer.securityContext }}
|
||||
securityContext: {{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
|
@ -170,3 +173,20 @@ data:
|
|||
{{- with .Values.controller.retentionPolicy }}
|
||||
retentionPolicy: {{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
{{- with .Values.emissary.images }}
|
||||
images: {{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
nodeEvents:
|
||||
enabled: {{ .Values.controller.nodeEvents.enabled }}
|
||||
{{- with .Values.controller.kubeConfig }}
|
||||
kubeConfig: {{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.podGCGracePeriodSeconds }}
|
||||
podGCGracePeriodSeconds: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.podGCDeleteDelayDuration }}
|
||||
podGCDeleteDelayDuration: {{ . }}
|
||||
{{- end }}
|
||||
>>>>>>> argo-cd-5.27.1
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if .Values.controller.pdb.enabled }}
|
||||
apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }}
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ template "argo-workflows.controller.fullname" . }}
|
||||
|
|
|
@ -4,7 +4,7 @@ metadata:
|
|||
name: {{ template "argo-workflows.controller.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
|
||||
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }}
|
||||
{{- with .Values.controller.deploymentAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
|
@ -18,7 +18,7 @@ spec:
|
|||
metadata:
|
||||
labels:
|
||||
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }}
|
||||
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }}
|
||||
{{- with.Values.controller.podLabels }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
|
@ -34,18 +34,20 @@ spec:
|
|||
{{- end }}
|
||||
containers:
|
||||
- name: controller
|
||||
image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}"
|
||||
image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.images.pullPolicy }}
|
||||
command: [ "workflow-controller" ]
|
||||
args:
|
||||
- "--configmap"
|
||||
- "{{ template "argo-workflows.controller.fullname" . }}-configmap"
|
||||
- "--executor-image"
|
||||
- "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}"
|
||||
- "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}"
|
||||
- "--loglevel"
|
||||
- "{{ .Values.controller.logging.level }}"
|
||||
- "--gloglevel"
|
||||
- "{{ .Values.controller.logging.globallevel }}"
|
||||
- "--log-format"
|
||||
- "{{ .Values.controller.logging.format }}"
|
||||
{{- if .Values.singleNamespace }}
|
||||
- "--namespaced"
|
||||
{{- end }}
|
||||
|
|
|
@ -42,6 +42,7 @@ rules:
|
|||
- argoproj.io
|
||||
resources:
|
||||
- workflowtasksets
|
||||
- workflowartifactgctasks
|
||||
verbs:
|
||||
- list
|
||||
- watch
|
||||
|
@ -49,8 +50,7 @@ rules:
|
|||
- argoproj.io
|
||||
resources:
|
||||
- workflowtasksets/status
|
||||
{{/* TODO: This resource is for app version <= v3.2, so please remove it when app version v3.2 is no more used. */}}
|
||||
- workflowtasksets
|
||||
- workflowartifactgctasks/status
|
||||
verbs:
|
||||
- patch
|
||||
{{- end }}
|
||||
|
|
|
@ -23,13 +23,21 @@ rules:
|
|||
- ""
|
||||
resources:
|
||||
- pods
|
||||
- pods/exec
|
||||
- pods/log
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- delete
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- pods/log
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
>>>>>>> argo-cd-5.27.1
|
||||
{{- if .Values.server.sso }}
|
||||
- apiGroups:
|
||||
- ""
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if and .Values.server.enabled .Values.server.pdb.enabled -}}
|
||||
apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }}
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ template "argo-workflows.server.fullname" . }}
|
||||
|
|
|
@ -5,7 +5,7 @@ metadata:
|
|||
name: {{ template "argo-workflows.server.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
|
||||
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }}
|
||||
{{- with .Values.server.deploymentAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
|
@ -19,7 +19,7 @@ spec:
|
|||
metadata:
|
||||
labels:
|
||||
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }}
|
||||
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }}
|
||||
{{- with .Values.server.podLabels }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
|
@ -35,7 +35,7 @@ spec:
|
|||
{{- end }}
|
||||
containers:
|
||||
- name: argo-server
|
||||
image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}"
|
||||
image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.server.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.images.pullPolicy }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.server.securityContext | nindent 12 }}
|
||||
|
@ -49,6 +49,12 @@ spec:
|
|||
{{- if .Values.singleNamespace }}
|
||||
- "--namespaced"
|
||||
{{- end }}
|
||||
- "--loglevel"
|
||||
- "{{ .Values.server.logging.level }}"
|
||||
- "--gloglevel"
|
||||
- "{{ .Values.server.logging.globallevel }}"
|
||||
- "--log-format"
|
||||
- "{{ .Values.server.logging.format }}"
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 2746
|
||||
|
|
|
@ -5,7 +5,7 @@ metadata:
|
|||
name: {{ template "argo-workflows.server.fullname" . }}
|
||||
labels:
|
||||
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
|
||||
app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }}
|
||||
app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }}
|
||||
{{- with .Values.server.serviceAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
|
|
|
@ -216,6 +216,8 @@ controller:
|
|||
level: info
|
||||
# -- Set the glog logging level
|
||||
globallevel: "0"
|
||||
# -- Set the logging format (one of: `text`, `json`)
|
||||
format: "text"
|
||||
|
||||
# -- Service type of the controller Service
|
||||
serviceType: ClusterIP
|
||||
|
@ -297,6 +299,33 @@ controller:
|
|||
# failed: 3
|
||||
# errored: 3
|
||||
|
||||
nodeEvents:
|
||||
# -- Enable to emit events on node completion.
|
||||
## This can take up a lot of space in k8s (typically etcd) resulting in errors when trying to create new events:
|
||||
## "Unable to create audit event: etcdserver: mvcc: database space exceeded"
|
||||
enabled: true
|
||||
|
||||
# -- Configure when workflow controller runs in a different k8s cluster with the workflow workloads,
|
||||
# or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret.
|
||||
# @default -- `{}` (See [values.yaml])
|
||||
kubeConfig: {}
|
||||
# # name of the kubeconfig secret, may not be empty when kubeConfig specified
|
||||
# secretName: kubeconfig-secret
|
||||
# # key of the kubeconfig secret, may not be empty when kubeConfig specified
|
||||
# secretKey: kubeconfig
|
||||
# # mounting path of the kubeconfig secret, default to /kube/config
|
||||
# mountPath: /kubeconfig/mount/path
|
||||
# # volume name when mounting the secret, default to kubeconfig
|
||||
# volumeName: kube-config-volume
|
||||
|
||||
# -- Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately.
|
||||
# @default -- `30` seconds (Kubernetes default)
|
||||
podGCGracePeriodSeconds:
|
||||
|
||||
# -- The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately.
|
||||
# @default -- `5s` (Argo Workflows default)
|
||||
podGCDeleteDelayDuration: ""
|
||||
|
||||
# mainContainer adds default config for main container that could be overriden in workflows template
|
||||
mainContainer:
|
||||
# -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`.
|
||||
|
@ -305,6 +334,8 @@ mainContainer:
|
|||
resources: {}
|
||||
# -- Adds environment variables for the Workflow main container
|
||||
env: []
|
||||
# -- Adds reference environment variables for the Workflow main container
|
||||
envFrom: []
|
||||
# -- sets security context for the Workflow main container
|
||||
securityContext: {}
|
||||
|
||||
|
@ -440,6 +471,14 @@ server:
|
|||
# extraArgs:
|
||||
# - --auth-mode=server
|
||||
|
||||
logging:
|
||||
# -- Set the logging level (one of: `debug`, `info`, `warn`, `error`)
|
||||
level: info
|
||||
# -- Set the glog logging level
|
||||
globallevel: "0"
|
||||
# -- Set the logging format (one of: `text`, `json`)
|
||||
format: "text"
|
||||
|
||||
# -- Additional volume mounts to the server main container.
|
||||
volumeMounts: []
|
||||
# -- Additional volumes to the server pod.
|
||||
|
@ -630,3 +669,12 @@ customArtifactRepository: {}
|
|||
# passwordSecret:
|
||||
# name: artifactory-creds
|
||||
# key: password
|
||||
|
||||
emissary:
|
||||
# -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used.
|
||||
## See more: https://argoproj.github.io/argo-workflows/workflow-executors/#emissary-emissary
|
||||
images: []
|
||||
# argoproj/argosay:v2:
|
||||
# cmd: [/argosay]
|
||||
# docker/whalesay:latest:
|
||||
# cmd: [/bin/bash]
|
||||
|
|
|
@ -2,7 +2,7 @@ apiVersion: v2
|
|||
name: argocd-apps
|
||||
description: A Helm chart for managing additional Argo CD Applications and Projects
|
||||
type: application
|
||||
version: 0.0.3
|
||||
version: 0.0.9
|
||||
home: https://github.com/argoproj/argo-helm
|
||||
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
|
||||
keywords:
|
||||
|
@ -14,4 +14,5 @@ maintainers:
|
|||
url: https://argoproj.github.io/
|
||||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- "[Added]: Add Extensions"
|
||||
- kind: added
|
||||
description: Multiple sources for Application and ApplicationSet
|
||||
|
|
|
@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late
|
|||
- CRDs (Application and AppProject)
|
||||
- You need to install them via [argo-cd Helm chart](../argo-cd) or upstream.
|
||||
|
||||
## Changelog
|
||||
|
||||
For full list of changes, please check ArtifactHub [changelog].
|
||||
|
||||
## Installation
|
||||
|
||||
```console
|
||||
|
@ -31,3 +35,5 @@ $ helm install my-release argo/argocd-apps
|
|||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
|
||||
|
||||
[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog
|
||||
|
|
|
@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late
|
|||
- CRDs (Application and AppProject)
|
||||
- You need to install them via [argo-cd Helm chart](../argo-cd) or upstream.
|
||||
|
||||
## Changelog
|
||||
|
||||
For full list of changes, please check ArtifactHub [changelog].
|
||||
|
||||
## Installation
|
||||
|
||||
```console
|
||||
|
@ -24,3 +28,5 @@ $ helm install my-release argo/argocd-apps
|
|||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
|
||||
|
||||
[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
# Test with multi-source applications
|
||||
|
||||
applications:
|
||||
- name: argocd-application-multiple-sources
|
||||
additionalLabels: {}
|
||||
additionalAnnotations: {}
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
project: default
|
||||
sources:
|
||||
- chart: elasticsearch
|
||||
repoURL: https://helm.elastic.co
|
||||
targetRevision: 8.5.1
|
||||
- repoURL: https://github.com/argoproj/argocd-example-apps.git
|
||||
path: guestbook
|
||||
targetRevision: HEAD
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: default
|
||||
syncPolicy:
|
||||
automated:
|
||||
prune: false
|
||||
selfHeal: false
|
||||
ignoreDifferences:
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jsonPointers:
|
||||
- /spec/replicas
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue