DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into istio

Browse source 
Signed-off-by: Yevhen Tienkaiev <hronom@gmail.com>
This commit is contained in:
Yevhen Tienkaiev 2023-05-08 01:55:21 +03:00 committed by GitHub
commit c5c75aafe8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
44 changed files with 1530 additions and 106 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.github/workflows/lint-and-test.yml vendored
View file

@ -10,23 +10,23 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
fetch-depth: 0
- name: Set up Helm
uses: azure/setup-helm@v3
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
with:
version: v3.10.1 # Also update in publish.yaml
- name: Set up python
uses: actions/setup-python@v4
uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0
with:
python-version: 3.9
- name: Setup Chart Linting
id: lint
uses: helm/chart-testing-action@v2.4.0
uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0
with:
# Note: Also update in scripts/lint.sh
version: v3.7.1
@ -58,7 +58,7 @@ jobs:
fi
- name: Create kind cluster
uses: helm/kind-action@v1.5.0
uses: helm/kind-action@d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00 # v1.5.0
if: steps.list-changed.outputs.changed == 'true'
with:
config: .github/configs/kind-config.yaml

4
.github/workflows/pr-sizing.yml vendored
View file

@ -12,7 +12,7 @@ jobs:
triage:
runs-on: ubuntu-latest
steps:
- uses: actions/labeler@v4
- uses: actions/labeler@ba790c862c380240c6d5e7427be5ace9a05c754b # v4.0.3
with:
configuration-path: ".github/configs/labeler.yaml"
repo-token: "${{ secrets.GITHUB_TOKEN }}"
@ -22,6 +22,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: size-label
uses: "pascalgn/size-label-action@v0.4.3"
uses: "pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3"
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

3
.github/workflows/pr-title.yml vendored
View file

@ -19,7 +19,7 @@ jobs:
name: Validate PR title
runs-on: ubuntu-latest
steps:
- uses: amannn/action-semantic-pull-request@v5
- uses: amannn/action-semantic-pull-request@c3cd5d1ea3580753008872425915e343e351ab54 # v5.2.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
@ -31,6 +31,7 @@ jobs:
argo-workflows
argocd-image-updater
argocd-apps
deps
github
# Configure that a scope must always be provided.
requireScope: true

6
.github/workflows/publish.yml vendored
View file

@ -15,12 +15,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
fetch-depth: 0
- name: Install Helm
uses: azure/setup-helm@v3
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
with:
version: v3.10.1 # Also update in lint-and-test.yaml
@ -39,7 +39,7 @@ jobs:
git checkout origin/gh-pages index.yaml
- name: Run chart-releaser
uses: helm/chart-releaser-action@v1.5.0
uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0
with:
config: "./.github/configs/cr.yaml"
env:

72
.github/workflows/scorecard.yml vendored Normal file
View file

@ -0,0 +1,72 @@
# This workflow uses actions that are not certified by GitHub. They are provided
# by a third-party and are governed by separate terms of service, privacy
# policy, and support documentation.
name: Scorecard supply-chain security
on:
# For Branch-Protection check. Only the default branch is supported. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
branch_protection_rule:
# To guarantee Maintained check is occasionally updated. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
schedule:
- cron: '21 6 * * 6'
push:
branches: [ "main" ]
# Declare default permissions as read only.
permissions: read-all
jobs:
analysis:
name: Scorecard analysis
runs-on: ubuntu-latest
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Needed to publish results and get a badge (see publish_results below).
id-token: write
# Uncomment the permissions below if installing in a private repository.
# contents: read
# actions: read
steps:
- name: "Checkout code"
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
with:
persist-credentials: false
- name: "Run analysis"
uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
with:
results_file: results.sarif
results_format: sarif
# (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
# - you want to enable the Branch-Protection check on a *public* repository, or
# - you are installing Scorecard on a *private* repository
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
repo_token: ${{ secrets.SCORECARD_TOKEN }}
# Public repositories:
# - Publish results to OpenSSF REST API for easy access by consumers
# - Allows the repository to include the Scorecard badge.
# - See https://github.com/ossf/scorecard-action#publishing-results.
# For private repositories:
# - `publish_results` will always be set to `false`, regardless
# of the value entered here.
publish_results: true
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: SARIF file
path: results.sarif
retention-days: 5
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3
with:
sarif_file: results.sarif

2
.github/workflows/stale.yml vendored
View file

@ -14,7 +14,7 @@ jobs:
pull-requests: write # for actions/stale to close stale PRs
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v8
- uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
# Number of days of inactivity before an issue becomes stale

14
CODEOWNERS
View file

@ -1,16 +1,14 @@
# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
# Other and new charts
/charts/ @oliverbaehler
# All
* @mkilchhofer @jmeridth
# Argo Workflows
/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco
/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco
# Argo CD
/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil
/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil
# Argo Events
/charts/argo-events/ @jbehling @VaibhavPage @pdrastil
/charts/argo-events/ @pdrastil @jmeridth
# Argo Rollouts
/charts/argo-rollouts/
/charts/argo-rollouts/ @jmeridth

9
CODE_OF_CONDUCT.md Normal file
View file

@ -0,0 +1,9 @@
# Code of Conduct
We adhere to the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md). Please reference the link for details.
## TL;DR (too long didn't read)
Be kind
Your participation is at the discression of the maintainers of this project.

12
EMERITUS.md Normal file
View file

@ -0,0 +1,12 @@
# Emeritus Approvers
These are the people who have been approvers in the past, and have since retired from the role.
We thank them for their service to the project.
* @oliverbaehler
* @stefansedich
* @paguos
* @yann-soubeyrand
* @davidkarlsen
* @jbehling

9
OWNERS
View file

@ -1,9 +0,0 @@
owners:
- alexec
- alexmt
- jessesuen
approvers:
- alexec
- alexmt
- jessesuen

3
README.md
View file

@ -5,6 +5,7 @@
[![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml)
[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo)
[![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo)
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm)
Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command:
@ -35,7 +36,7 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9"
### Security Policy
If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new).
Please refer to [SECURITY.md](SECURITY.md) for details on how to report security issues.
### Changelog

21
SECURITY.md Normal file
View file

@ -0,0 +1,21 @@
# Security Policy
## Supported Versions and Upstream Reporting
Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy docueent to find out how to report the security issue.
* [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md)
* [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md)
* [Security Policy for Argo Rollouts](https://github.com/argoproj/argo-rollouts/blob/master/docs/security.md)
* [Security Policy for Argo CD](https://github.com/argoproj/argo-cd/blob/master/SECURITY.md)
* [Security Policy for Argo CD Image Updater](https://github.com/argoproj-labs/argocd-image-updater/blob/master/SECURITY.md)
## Reporting a Vulnerability for Argo Helm Charts
We have enabled the ability to privately report security issues through the Security tab above.
[Here are the details on how to file](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) on how to do that
A repository owner/maintainer will respond as fast as possible to coordinate confirmation of issue and remediation.
Thank you for helping to ensure this code stays secure.

8
charts/argo-cd/Chart.yaml
View file

@ -1,9 +1,9 @@
apiVersion: v2
appVersion: v2.6.7
appVersion: v2.7.1
kubeVersion: ">=1.22.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 5.29.1
version: 5.32.0
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources:
@ -23,5 +23,5 @@ dependencies:
condition: redis-ha.enabled
annotations:
artifacthub.io/changes: |
- kind: fixed
description: Namespace field for some namespaced resources needs to be evaluated via helm root scope
- kind: added
description: Allow extraObjects to contain string templates

14
charts/argo-cd/README.md
View file

@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog].
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
### 5.31.0
The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility.
This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later.
In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start.
### 5.24.0
This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
@ -395,8 +400,6 @@ NAME: my-release
| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` |
| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments |
| global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments |
| global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. |
| global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly |
| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files |
| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments |
| global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments |
@ -835,7 +838,7 @@ server:
| dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod |
| dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy |
| dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository |
| dex.image.tag | string | `"v2.35.3"` | Dex image tag |
| dex.image.tag | string | `"v2.36.0"` | Dex image tag |
| dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
| dex.initContainers | list | `[]` | Init containers to add to the dex pod |
| dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy |
@ -921,7 +924,7 @@ server:
| redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod |
| redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy |
| redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository |
| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag |
| redis.image.tag | string | `"7.0.11-alpine"` | Redis tag |
| redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
| redis.initContainers | list | `[]` | Init containers to add to the redis pod |
| redis.metrics.enabled | bool | `false` | Deploy metrics service |
@ -979,7 +982,7 @@ The main options are listed here:
| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter |
| redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy |
| redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping |
| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag |
| redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag |
| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes |
| redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) |
| redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled |
@ -1184,3 +1187,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md
[tini]: https://github.com/argoproj/argo-cd/pull/12707

6
charts/argo-cd/README.md.gotmpl
View file

@ -104,6 +104,11 @@ For full list of changes please check ArtifactHub [changelog].
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
### 5.31.0
The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility.
This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later.
In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start.
### 5.24.0
This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
@ -546,3 +551,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md
[tini]: https://github.com/argoproj/argo-cd/pull/12707

4
charts/argo-cd/templates/argocd-application-controller/statefulset.yaml
View file

@ -51,8 +51,8 @@ spec:
{{- end }}
serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }}
containers:
- command:
- argocd-application-controller
- args:
- /usr/local/bin/argocd-application-controller
- --metrics-port={{ .Values.controller.containerPorts.metrics }}
{{- if .Values.controller.metrics.applicationLabels.enabled }}
{{- range .Values.controller.metrics.applicationLabels.labels }}

6
charts/argo-cd/templates/argocd-applicationset/deployment.yaml
View file

@ -56,12 +56,8 @@ spec:
- name: {{ .Values.applicationSet.name }}
image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }}
{{- if not .Values.global.entrypoint.useImplicit }}
command:
- {{ .Values.global.entrypoint.entrypoint | quote }}
{{- end }}
args:
- argocd-applicationset-controller
- /usr/local/bin/argocd-applicationset-controller
- --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }}
- --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }}
- --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }}

4
charts/argo-cd/templates/argocd-notifications/deployment.yaml
View file

@ -56,8 +56,8 @@ spec:
- name: {{ .Values.notifications.name }}
image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }}
command:
- argocd-notifications
args:
- /usr/local/bin/argocd-notifications
- --metrics-port={{ .Values.notifications.containerPorts.metrics }}
- --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }}
- --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }}

8
charts/argo-cd/templates/argocd-repo-server/deployment.yaml
View file

@ -61,12 +61,8 @@ spec:
- name: {{ .Values.repoServer.name }}
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
{{- if not .Values.global.entrypoint.useImplicit }}
command:
- {{ .Values.global.entrypoint.entrypoint | quote }}
{{- end }}
args:
- argocd-repo-server
- /usr/local/bin/argocd-repo-server
- --port={{ .Values.repoServer.containerPorts.server }}
- --metrics-port={{ .Values.repoServer.containerPorts.metrics }}
{{- with .Values.repoServer.logFormat }}
@ -284,7 +280,7 @@ spec:
{{- end }}
initContainers:
- command:
- cp
- /bin/cp
- -n
- /usr/local/bin/argocd
- /var/run/argocd/argocd-cmp-server

4
charts/argo-cd/templates/argocd-server/deployment.yaml
View file

@ -58,8 +58,8 @@ spec:
- name: {{ .Values.server.name }}
image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
command:
- argocd-server
args:
- /usr/local/bin/argocd-server
- --port={{ .Values.server.containerPorts.server }}
- --metrics-port={{ .Values.server.containerPorts.metrics }}
{{- with .Values.server.logFormat }}

333
charts/argo-cd/templates/crds/crd-application.yaml
View file

@ -310,6 +310,10 @@ spec:
description: CommonAnnotations is a list of additional
annotations to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies whether
to apply env variables substitution for annotation values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -341,6 +345,29 @@ spec:
description: NameSuffix is a suffix appended to resources
for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize
adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas
override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize
to use for rendering manifests
@ -572,6 +599,11 @@ spec:
description: CommonAnnotations is a list of additional
annotations to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies whether
to apply env variables substitution for annotation
values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -604,6 +636,29 @@ spec:
description: NameSuffix is a suffix appended to resources
for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize
adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas
override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize
to use for rendering manifests
@ -950,6 +1005,10 @@ spec:
description: CommonAnnotations is a list of additional annotations
to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies whether to
apply env variables substitution for annotation values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -980,6 +1039,29 @@ spec:
description: NameSuffix is a suffix appended to resources
for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize adds
to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas override
specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize to
use for rendering manifests
@ -1203,6 +1285,10 @@ spec:
description: CommonAnnotations is a list of additional annotations
to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies whether
to apply env variables substitution for annotation values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -1234,6 +1320,29 @@ spec:
description: NameSuffix is a suffix appended to resources
for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize
adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas override
specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize
to use for rendering manifests
@ -1604,6 +1713,11 @@ spec:
description: CommonAnnotations is a list of additional
annotations to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies whether
to apply env variables substitution for annotation
values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -1636,6 +1750,29 @@ spec:
description: NameSuffix is a suffix appended to resources
for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize
adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas
override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize
to use for rendering manifests
@ -1869,6 +2006,11 @@ spec:
description: CommonAnnotations is a list of additional
annotations to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies whether
to apply env variables substitution for annotation
values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -1901,6 +2043,29 @@ spec:
description: NameSuffix is a suffix appended to resources
for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize
adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas
override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize
to use for rendering manifests
@ -2279,6 +2444,11 @@ spec:
description: CommonAnnotations is a list of additional
annotations to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies
whether to apply env variables substitution
for annotation values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -2311,6 +2481,29 @@ spec:
description: NameSuffix is a suffix appended to
resources for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that
Kustomize adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas
override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of
Kustomize to use for rendering manifests
@ -2562,6 +2755,11 @@ spec:
additional annotations to add to rendered
manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies
whether to apply env variables substitution
for annotation values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -2594,6 +2792,29 @@ spec:
description: NameSuffix is a suffix appended
to resources for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that
Kustomize adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize
Replicas override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version
of Kustomize to use for rendering manifests
@ -2945,6 +3166,11 @@ spec:
description: CommonAnnotations is a list of additional
annotations to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies whether
to apply env variables substitution for annotation
values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -2977,6 +3203,29 @@ spec:
description: NameSuffix is a suffix appended to resources
for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize
adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas
override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize
to use for rendering manifests
@ -3221,6 +3470,11 @@ spec:
description: CommonAnnotations is a list of additional
annotations to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies
whether to apply env variables substitution for
annotation values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -3253,6 +3507,29 @@ spec:
description: NameSuffix is a suffix appended to
resources for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize
adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas
override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize
to use for rendering manifests
@ -3602,6 +3879,11 @@ spec:
description: CommonAnnotations is a list of additional
annotations to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies whether
to apply env variables substitution for annotation
values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -3634,6 +3916,29 @@ spec:
description: NameSuffix is a suffix appended to resources
for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize
adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas
override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize
to use for rendering manifests
@ -3878,6 +4183,11 @@ spec:
description: CommonAnnotations is a list of additional
annotations to add to rendered manifests
type: object
commonAnnotationsEnvsubst:
description: CommonAnnotationsEnvsubst specifies
whether to apply env variables substitution for
annotation values
type: boolean
commonLabels:
additionalProperties:
type: string
@ -3910,6 +4220,29 @@ spec:
description: NameSuffix is a suffix appended to
resources for Kustomize apps
type: string
namespace:
description: Namespace sets the namespace that Kustomize
adds to all resources
type: string
replicas:
description: Replicas is a list of Kustomize Replicas
override specifications
items:
properties:
count:
anyOf:
- type: integer
- type: string
description: Number of replicas
x-kubernetes-int-or-string: true
name:
description: Name of Deployment or StatefulSet
type: string
required:
- count
- name
type: object
type: array
version:
description: Version controls which version of Kustomize
to use for rendering manifests

811
charts/argo-cd/templates/crds/crd-applicationset.yaml
View file

File diff suppressed because it is too large Load diff

4
charts/argo-cd/templates/dex/deployment.yaml
View file

@ -136,8 +136,8 @@ spec:
- name: copyutil
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
command:
- cp
args:
- /bin/cp
- -n
- /usr/local/bin/argocd
- /shared/argocd-dex

6
charts/argo-cd/templates/extra-manifests.yaml
View file

@ -1,4 +1,8 @@
{{ range .Values.extraObjects }}
---
{{ tpl (toYaml .) $ }}
{{- if typeIs "string" . }}
{{- tpl . $ }}
{{- else }}
{{- tpl (toYaml .) $ }}
{{- end }}
{{ end }}

14
charts/argo-cd/values.yaml
View file

@ -132,14 +132,6 @@ global:
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# POD entrypoint configuration
entrypoint:
# -- Implicitly use the docker image's entrypoint. This requires the image to have
# ENTRYPOINT set properly
useImplicit: false
# -- The entrypoint to use for the containers.
entrypoint: "entrypoint.sh"
# -- Deployment strategy for the all deployed Deployments
deploymentStrategy: {}
# type: RollingUpdate
@ -915,7 +907,7 @@ dex:
# -- Dex image repository
repository: ghcr.io/dexidp/dex
# -- Dex image tag
tag: v2.35.3
tag: v2.36.0
# -- Dex imagePullPolicy
# @default -- `""` (defaults to global.image.imagePullPolicy)
imagePullPolicy: ""
@ -1141,7 +1133,7 @@ redis:
# -- Redis repository
repository: public.ecr.aws/docker/library/redis
# -- Redis tag
tag: 7.0.7-alpine
tag: 7.0.11-alpine
# -- Redis image pull policy
# @default -- `""` (defaults to global.image.imagePullPolicy)
imagePullPolicy: ""
@ -1384,7 +1376,7 @@ redis-ha:
enabled: true
image:
# -- Redis tag
tag: 7.0.7-alpine
tag: 7.0.11-alpine
## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
topologySpreadConstraints:

8
charts/argo-events/Chart.yaml
View file

@ -2,9 +2,9 @@ apiVersion: v2
appVersion: v1.7.6
description: A Helm chart for Argo Events, the event-driven workflow automation framework
name: argo-events
version: 2.2.0
version: 2.3.1
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-events/assets/logo.png
icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4
keywords:
- argoproj
- argo-events
@ -15,5 +15,5 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- kind: fixed
description: add namespace field for namespace scoped resources
- kind: chore
description: Update chart icon

6
charts/argo-events/templates/extra-manifests.yaml
View file

@ -1,4 +1,8 @@
{{ range .Values.extraObjects }}
---
{{ tpl (toYaml .) $ }}
{{- if typeIs "string" . }}
{{- tpl . $ }}
{{- else }}
{{- tpl (toYaml .) $ }}
{{- end }}
{{ end }}

6
charts/argo-rollouts/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
appVersion: v1.4.1
description: A Helm chart for Argo Rollouts
name: argo-rollouts
version: 2.25.0
version: 2.27.0
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
keywords:
@ -15,7 +15,9 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- kind: added
description: Allow extraObjects to contain string templates
- kind: added
description: Ability to configure metrics and healthz ports
- kind: added
description: Ability to provide additional volumes and volumeMounts
description: Ability to provide additional volumes and volumeMounts

2
charts/argo-rollouts/README.md
View file

@ -94,6 +94,8 @@ For full list of changes please check ArtifactHub [changelog].
| controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor |
| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor |
| controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
| controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | MetricRelabelConfigs to apply to samples before ingestion |
| controller.metrics.serviceMonitor.relabelings | list | `[]` | RelabelConfigs to apply to samples before scraping |
| controller.nodeSelector | object | `{}` | [Node selector] |
| controller.pdb.annotations | object | `{}` | Annotations to be added to controller [Pod Disruption Budget] |
| controller.pdb.enabled | bool | `false` | Deploy a [Pod Disruption Budget] for the controller |

8
charts/argo-rollouts/templates/controller/servicemonitor.yaml
View file

@ -17,6 +17,14 @@ metadata:
spec:
endpoints:
- port: {{ .Values.controller.metrics.service.portName }}
{{- with .Values.controller.metrics.serviceMonitor.relabelings }}
relabelings:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.controller.metrics.serviceMonitor.metricRelabelings }}
metricRelabelings:
{{- toYaml . | nindent 6 }}
{{- end }}
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}

8
charts/argo-rollouts/templates/dashboard/clusterrole.yaml
View file

@ -71,4 +71,12 @@ rules:
verbs:
- list
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- get
- update
{{- end }}

6
charts/argo-rollouts/templates/extra-manifests.yaml
View file

@ -1,4 +1,8 @@
{{ range .Values.extraObjects }}
---
{{ tpl (toYaml .) $ }}
{{- if typeIs "string" . }}
{{- tpl . $ }}
{{- else }}
{{- tpl (toYaml .) $ }}
{{- end }}
{{ end }}

4
charts/argo-rollouts/values.yaml
View file

@ -124,6 +124,10 @@ controller:
additionalLabels: {}
# -- Annotations to be added to the ServiceMonitor
additionalAnnotations: {}
# -- RelabelConfigs to apply to samples before scraping
relabelings: []
# -- MetricRelabelConfigs to apply to samples before ingestion
metricRelabelings: []
# -- Configure liveness [probe] for the controller
# @default -- See [values.yaml]

8
charts/argo-workflows/Chart.yaml
View file

@ -3,8 +3,8 @@ appVersion: v3.4.7
name: argo-workflows
description: A Helm chart for Argo Workflows
type: application
version: 0.24.1
icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png
version: 0.26.1
icon: https://argoproj.github.io/argo-workflows/assets/logo.png
home: https://github.com/argoproj/argo-helm
sources:
- https://github.com/argoproj/argo-workflows
@ -13,5 +13,5 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- kind: added
description: Add option for workflow controller to read all secrets.
- kind: chore
description: Update Chart icon

12
charts/argo-workflows/README.md
View file

@ -153,13 +153,16 @@ Fields to note:
| controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) |
| controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server |
| controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. |
| controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion |
| controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory |
| controller.metricsConfig.path | string | `"/metrics"` | Path is the path where metrics are emitted. Must start with a "/". |
| controller.metricsConfig.port | int | `9090` | Port is the port where metrics are emitted |
| controller.metricsConfig.portName | string | `"metrics"` | Container metrics port name |
| controller.metricsConfig.relabelings | list | `[]` | ServiceMonitor relabel configs to apply to samples before scraping |
| controller.metricsConfig.secure | bool | `false` | Flag that use a self-signed cert for TLS |
| controller.metricsConfig.servicePort | int | `8080` | Service metrics port |
| controller.metricsConfig.servicePortName | string | `"metrics"` | Service metrics port name |
| controller.metricsConfig.targetLabels | list | `[]` | ServiceMonitor will add labels from the service to the Prometheus metric |
| controller.name | string | `"workflow-controller"` | Workflow controller name string |
| controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace |
| controller.navColor | string | `""` | Set ui navigation bar background color |
@ -237,6 +240,12 @@ Fields to note:
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| server.affinity | object | `{}` | Assign custom [affinity] rules |
| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer |
| server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server |
| server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] |
| server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo Server [HPA] |
| server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo Server [HPA] |
| server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo Server [HPA] |
| server.baseHref | string | `"/"` | Value for base href in index.html. Used if the server is running behind reverse proxy under subpath different from /. |
| server.clusterWorkflowTemplates.enableEditing | bool | `true` | Give the server permissions to edit ClusterWorkflowTemplates. |
| server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. |
@ -299,8 +308,7 @@ Fields to note:
| artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage |
| artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store |
| artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store |
| customArtifactRepository | object | `{}` | The section of custom artifact repository. Will be added to the config in case useDefaultArtifactRepo is set to false |
| useDefaultArtifactRepo | bool | `false` | Influences the creation of the ConfigMap for the workflow-controller itself. |
| customArtifactRepository | object | `{}` | The section of custom artifact repository. Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) |
| useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) |
## Breaking changes from the deprecated `argo` chart

13
charts/argo-workflows/templates/_helpers.tpl
View file

@ -153,3 +153,16 @@ Return full image name including or excluding registry based on existence
{{ .image.repository }}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for autoscaling
*/}}
{{- define "argo-workflows.apiVersion.autoscaling" -}}
{{- if .Values.apiVersionOverrides.autoscaling -}}
{{- print .Values.apiVersionOverrides.autoscaling -}}
{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}}
{{- print "autoscaling/v2beta1" -}}
{{- else -}}
{{- print "autoscaling/v2" -}}
{{- end -}}
{{- end -}}

7
charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
View file

@ -55,7 +55,6 @@ data:
securityContext: {{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
{{- if .Values.useDefaultArtifactRepo }}
artifactRepository:
{{- if .Values.artifactRepository.archiveLogs }}
archiveLogs: {{ .Values.artifactRepository.archiveLogs }}
@ -96,10 +95,8 @@ data:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- end }}
{{- else }}
{{- if .Values.customArtifactRepository }}
artifactRepository: {{- toYaml .Values.customArtifactRepository | nindent 6 }}
{{- end }}
{{- if .Values.customArtifactRepository }}
{{- toYaml .Values.customArtifactRepository | nindent 6 }}
{{- end }}
{{- if .Values.controller.metricsConfig.enabled }}
metricsConfig:

20
charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
View file

@ -15,11 +15,31 @@ spec:
- port: metrics
path: {{ .Values.controller.metricsConfig.path }}
interval: 30s
{{- with .Values.controller.metricsConfig.relabelings }}
relabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.metricsConfig.metricRelabelings }}
metricRelabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
{{- if .Values.controller.telemetryConfig.enabled }}
- port: telemetry
path: {{ .Values.controller.telemetryConfig.path }}
interval: 30s
{{- with .Values.controller.metricsConfig.relabelings }}
relabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.metricsConfig.metricRelabelings }}
metricRelabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
{{- with .Values.controller.metricsConfig.targetLabels }}
targetLabels:
{{- toYaml . | nindent 8 }}
{{- end }}
namespaceSelector:
matchNames:

45
charts/argo-workflows/templates/server/server-deployment-hpa.yaml Normal file
View file

@ -0,0 +1,45 @@
{{- if and .Values.server.enabled .Values.server.autoscaling.enabled }}
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: {{ template "argo-workflows.server.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ template "argo-workflows.server.fullname" . }}
minReplicas: {{ .Values.server.autoscaling.minReplicas }}
maxReplicas: {{ .Values.server.autoscaling.maxReplicas }}
metrics:
{{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
{{- if eq (include "argo-workflows.apiVersion.autoscaling" $) "autoscaling/v2beta1" }}
targetAverageUtilization: {{ . }}
{{- else }}
target:
averageUtilization: {{ . }}
type: Utilization
{{- end }}
{{- end }}
{{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
{{- if eq (include "argo-workflows.apiVersion.autoscaling" $) "autoscaling/v2beta1" }}
targetAverageUtilization: {{ . }}
{{- else }}
target:
averageUtilization: {{ . }}
type: Utilization
{{- end }}
{{- end }}
{{- with .Values.server.autoscaling.behavior }}
behavior:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

2
charts/argo-workflows/templates/server/server-deployment.yaml
View file

@ -12,7 +12,9 @@ metadata:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if not .Values.server.autoscaling.enabled }}
replicas: {{ .Values.server.replicas }}
{{- end }}
selector:
matchLabels:
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }}

57
charts/argo-workflows/values.yaml
View file

@ -111,6 +111,15 @@ controller:
servicePort: 8080
# -- Service metrics port name
servicePortName: metrics
# -- ServiceMonitor relabel configs to apply to samples before scraping
## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
relabelings: []
# -- ServiceMonitor metric relabel configs to apply to samples before ingestion
## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
metricRelabelings: []
# -- ServiceMonitor will add labels from the service to the Prometheus metric
## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitorspec
targetLabels: []
# -- the controller container's securityContext
securityContext:
readOnlyRootFilesystem: true
@ -431,6 +440,32 @@ server:
resources: {}
# -- The number of server pods to run
replicas: 1
## Argo Server Horizontal Pod Autoscaler
autoscaling:
# -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server
enabled: false
# -- Minimum number of replicas for the Argo Server [HPA]
minReplicas: 1
# -- Maximum number of replicas for the Argo Server [HPA]
maxReplicas: 5
# -- Average CPU utilization percentage for the Argo Server [HPA]
targetCPUUtilizationPercentage: 50
# -- Average memory utilization percentage for the Argo Server [HPA]
targetMemoryUtilizationPercentage: 50
# -- Configures the scaling behavior of the target in both Up and Down directions.
# This is only available on HPA apiVersion `autoscaling/v2beta2` and newer
behavior: {}
# scaleDown:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 1
# periodSeconds: 180
# scaleUp:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 2
pdb:
# -- Configure [Pod Disruption Budget] for the server pods
enabled: false
@ -604,8 +639,6 @@ extraObjects: []
# secretName: argo-server-sso-secrets-store
# type: Opaque
# -- Influences the creation of the ConfigMap for the workflow-controller itself.
useDefaultArtifactRepo: false
# -- Use static credentials for S3 (eg. when not using AWS IRSA)
useStaticCredentials: true
artifactRepository:
@ -667,18 +700,16 @@ artifactRepository:
# key: account-access-key
# -- The section of custom artifact repository.
# Will be added to the config in case useDefaultArtifactRepo is set to false
# Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure)
customArtifactRepository: {}
# customArtifactRepository:
# archiveLogs: true
# artifactory:
# repoUrl: https://artifactory.example.com/raw
# usernameSecret:
# name: artifactory-creds
# key: username
# passwordSecret:
# name: artifactory-creds
# key: password
# artifactory:
# repoUrl: https://artifactory.example.com/raw
# usernameSecret:
# name: artifactory-creds
# key: username
# passwordSecret:
# name: artifactory-creds
# key: password
emissary:
# -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used.

6
charts/argocd-apps/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
name: argocd-apps
description: A Helm chart for managing additional Argo CD Applications and Projects
type: application
version: 0.0.9
version: 1.0.0
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
keywords:
@ -14,5 +14,5 @@ maintainers:
url: https://argoproj.github.io/
annotations:
artifacthub.io/changes: |
- kind: added
description: Multiple sources for Application and ApplicationSet
- kind: fixed
description: Changed the project field of the applicationset from a tpl function to a string.

29
charts/argocd-apps/ci/applicationsets-values.yaml
View file

@ -42,3 +42,32 @@ applicationsets:
syncPolicy:
# Set Application finalizer
preserveResourcesOnDeletion: false
- name: applicationset-list-generator
generators:
- list:
elements:
- cluster: engineering-dev
url: https://kubernetes.default.svc
template:
metadata: {}
spec:
project: '{{cluster}}'
source:
targetRevision: HEAD
repoURL: https://github.com/argoproj/argo-cd.git
# New path value is generated here:
path: 'applicationset/examples/template-override/{{cluster}}-override'
destination: {}
template:
metadata:
name: '{{cluster}}-guestbook'
spec:
project: '{{cluster}}'
source:
repoURL: https://github.com/argoproj/argo-cd.git
targetRevision: HEAD
# This 'default' value is not used: it is is replaced by the generator's template path, above
path: applicationset/examples/template-override/default
destination:
server: '{{url}}'
namespace: guestbook

2
charts/argocd-apps/templates/applicationsets.yaml
View file

@ -51,7 +51,7 @@ spec:
{{- end }}
{{- with .spec }}
spec:
project: {{ tpl .project $ }}
project: {{ .project | squote }}
{{- with .source }}
source:
{{- toYaml . | nindent 8 }}