DevFW-CICD/argocd-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(argo-cd): Update to Argo CD 2.14 (#3155)

Browse source 
* feat(argo-cd): Update to Argo CD 2.14

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* fix: Add more customization options to commit-server

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* fix: Bump appVersion to v2.14.1

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* fix: Add 'resources' to commit-server

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* chore: Drop commitServer.service.type

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* fix: Add ability to disable the commit-server

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* chore: Drop commitServer.replicas since there are no upstream docs

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* feat: Allow adding extraVolume and mounts

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* chore: Disable commit-server by default

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

* feat: Dedicated metrics service with basic customization options

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>

---------

Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>
This commit is contained in:
Marco Maurer (-Kilchhofer) 2025-02-04 12:25:53 +01:00 committed by GitHub
parent f30bcd682d
commit c77cb712e0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
18 changed files with 2257 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
charts/argo-cd/Chart.yaml
View file

@ -1,9 +1,9 @@
apiVersion: v2
appVersion: v2.13.4
appVersion: v2.14.1
kubeVersion: ">=1.25.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 7.7.23
version: 7.8.0
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources:
@ -26,5 +26,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: fixed
description: Fixed typo in README
- kind: changed
description: Bump argo-cd to v2.14.1

63
charts/argo-cd/README.md
View file

@ -708,7 +708,7 @@ NAME: my-release
| global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` |
| global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components |
| global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic |
| global.nodeSelector | object | `{}` | Default node selector for all components |
| global.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Default node selector for all components |
| global.podAnnotations | object | `{}` | Annotations for the all deployed pods |
| global.podLabels | object | `{}` | Labels for the all deployed pods |
| global.priorityClassName | string | `""` | Default priority class for all components |
@ -1621,6 +1621,65 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
| notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller |
| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent |
## Commit server (Manifest Hydrator)
The Argo CD Commit Server provides push access to git repositories for hydrated manifests.
To read more about this component, please read [Argo CD Manifest Hydrator] and [Manifest Hydrator].
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commitServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| commitServer.automountServiceAccountToken | bool | `false` | Automount API credentials for the Service Account into the pod. |
| commitServer.containerSecurityContext | object | See [values.yaml] | commit server container-level security context |
| commitServer.deploymentAnnotations | object | `{}` | Annotations to be added to commit server Deployment |
| commitServer.deploymentStrategy | object | `{}` | Deployment strategy to be added to the commit server Deployment |
| commitServer.dnsConfig | object | `{}` | [DNS configuration] |
| commitServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for commit server pods |
| commitServer.enabled | bool | `false` | Enable commit server |
| commitServer.extraArgs | list | `[]` | commit server command line flags |
| commitServer.extraEnv | list | `[]` | Environment variables to pass to the commit server |
| commitServer.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the commit server |
| commitServer.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) |
| commitServer.extraVolumes | list | `[]` | List of extra volumes to add |
| commitServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the commit server |
| commitServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the commit server |
| commitServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the commit server |
| commitServer.livenessProbe.enabled | bool | `true` | Enable Kubernetes liveness probe for commit server |
| commitServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| commitServer.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated |
| commitServer.livenessProbe.periodSeconds | int | `30` | How often (in seconds) to perform the [probe] |
| commitServer.livenessProbe.timeoutSeconds | int | `5` | Number of seconds after which the [probe] times out |
| commitServer.metrics.enabled | bool | `false` | Enables prometheus metrics server |
| commitServer.metrics.service.annotations | object | `{}` | Metrics service annotations |
| commitServer.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
| commitServer.metrics.service.labels | object | `{}` | Metrics service labels |
| commitServer.metrics.service.portName | string | `"metrics"` | Metrics service port name |
| commitServer.metrics.service.servicePort | int | `8087` | Metrics service port |
| commitServer.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
| commitServer.name | string | `"commit-server"` | Commit server name |
| commitServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| commitServer.podAnnotations | object | `{}` | Annotations for the commit server pods |
| commitServer.podLabels | object | `{}` | Labels for the commit server pods |
| commitServer.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the commit server pods |
| commitServer.readinessProbe.enabled | bool | `true` | Enable Kubernetes liveness probe for commit server |
| commitServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| commitServer.readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before [probe] is initiated |
| commitServer.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
| commitServer.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
| commitServer.resources | object | `{}` | Resource limits and requests for the commit server pods. |
| commitServer.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the commit server |
| commitServer.service.annotations | object | `{}` | commit server service annotations |
| commitServer.service.labels | object | `{}` | commit server service labels |
| commitServer.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
| commitServer.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
| commitServer.serviceAccount.create | bool | `true` | Create commit server service account |
| commitServer.serviceAccount.labels | object | `{}` | Labels applied to created service account |
| commitServer.serviceAccount.name | string | `"argocd-commit-server"` | commit server service account name |
| commitServer.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook |
| commitServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| commitServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the commit server |
----------------------------------------------
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
@ -1653,3 +1712,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace
[Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice
[Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer
[Argo CD Manifest Hydrator]: https://argo-cd.readthedocs.io/en/stable/proposals/manifest-hydrator/
[Manifest Hydrator]: https://github.com/argoproj/argo-cd/blob/master/docs/proposals/manifest-hydrator.md

18
charts/argo-cd/README.md.gotmpl
View file

@ -672,7 +672,7 @@ NAME: my-release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
{{- range .Values }}
{{- if not (or (hasPrefix "global" .Key) (hasPrefix "configs" .Key) (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) ) }}
{{- if not (or (hasPrefix "global" .Key) (hasPrefix "configs" .Key) (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) (hasPrefix "commitServer" .Key) ) }}
| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} |
{{- end }}
{{- end }}
@ -813,6 +813,20 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
{{- end }}
{{- end }}
## Commit server (Manifest Hydrator)
The Argo CD Commit Server provides push access to git repositories for hydrated manifests.
To read more about this component, please read [Argo CD Manifest Hydrator] and [Manifest Hydrator].
| Key | Type | Default | Description |
|-----|------|---------|-------------|
{{- range .Values }}
{{- if hasPrefix "commitServer" .Key }}
| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} |
{{- end }}
{{- end }}
----------------------------------------------
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
@ -845,3 +859,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace
[Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice
[Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer
[Argo CD Manifest Hydrator]: https://argo-cd.readthedocs.io/en/stable/proposals/manifest-hydrator/
[Manifest Hydrator]: https://github.com/argoproj/argo-cd/blob/master/docs/proposals/manifest-hydrator.md

3
charts/argo-cd/ci/with-commit-server-values.yaml Normal file
View file

@ -0,0 +1,3 @@
# Test Argo CD with optional component "commit-server"
commitServer:
enabled: true

18
charts/argo-cd/templates/_helpers.tpl
View file

@ -177,6 +177,24 @@ Create the name of the notifications service account to use
{{- end -}}
{{- end -}}
{{/*
Create argocd commit-server name and version as used by the chart label.
*/}}
{{- define "argo-cd.commitServer.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.commitServer.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the commit-server service account to use
*/}}
{{- define "argo-cd.commitServer.serviceAccountName" -}}
{{- if .Values.commitServer.serviceAccount.create -}}
{{ default (include "argo-cd.commitServer.fullname" .) .Values.commitServer.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.commitServer.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Argo Configuration Preset Values (Influenced by Values configuration)
*/}}

24
charts/argo-cd/templates/argocd-application-controller/deployment.yaml
View file

@ -175,6 +175,12 @@ spec:
name: argocd-cmd-params-cm
key: controller.self.heal.backoff.cap.seconds
optional: true
- name: ARGOCD_APPLICATION_CONTROLLER_SYNC_TIMEOUT
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: controller.sync.timeout.seconds
optional: true
- name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT
valueFrom:
configMapKeyRef:
@ -311,6 +317,24 @@ spec:
name: argocd-cmd-params-cm
key: controller.ignore.normalizer.jq.timeout
optional: true
- name: ARGOCD_HYDRATOR_ENABLED
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: hydrator.enabled
optional: true
- name: ARGOCD_CLUSTER_CACHE_BATCH_EVENTS_PROCESSING
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: controller.cluster.cache.batch.events.processing
optional: true
- name: ARGOCD_CLUSTER_CACHE_EVENTS_PROCESSING_INTERVAL
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: controller.cluster.cache.events.processing.interval
optional: true
{{- with .Values.controller.envFrom }}
envFrom:
{{- toYaml . | nindent 10 }}

30
charts/argo-cd/templates/argocd-application-controller/statefulset.yaml
View file

@ -174,6 +174,12 @@ spec:
name: argocd-cmd-params-cm
key: controller.self.heal.backoff.cap.seconds
optional: true
- name: ARGOCD_APPLICATION_CONTROLLER_SYNC_TIMEOUT
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: controller.sync.timeout.seconds
optional: true
- name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT
valueFrom:
configMapKeyRef:
@ -310,6 +316,26 @@ spec:
name: argocd-cmd-params-cm
key: controller.ignore.normalizer.jq.timeout
optional: true
- name: ARGOCD_HYDRATOR_ENABLED
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: hydrator.enabled
optional: true
- name: ARGOCD_CLUSTER_CACHE_BATCH_EVENTS_PROCESSING
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: controller.cluster.cache.batch.events.processing
optional: true
- name: ARGOCD_CLUSTER_CACHE_EVENTS_PROCESSING_INTERVAL
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: controller.cluster.cache.events.processing.interval
optional: true
- name: KUBECACHEDIR
value: /tmp/kubecache
{{- with .Values.controller.envFrom }}
envFrom:
{{- toYaml . | nindent 10 }}
@ -344,6 +370,8 @@ spec:
name: argocd-home
- name: argocd-cmd-params-cm
mountPath: /home/argocd/params
- name: argocd-application-controller-tmp
mountPath: /tmp
{{- with .Values.controller.extraContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
@ -385,6 +413,8 @@ spec:
{{- else }}
emptyDir: {}
{{- end }}
- emptyDir: {}
name: argocd-application-controller-tmp
- name: argocd-repo-server-tls
secret:
secretName: argocd-repo-server-tls

12
charts/argo-cd/templates/argocd-applicationset/deployment.yaml
View file

@ -151,6 +151,12 @@ spec:
key: applicationsetcontroller.enable.progressive.syncs
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_TOKENREF_STRICT_MODE
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.enable.tokenref.strict.mode
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING
valueFrom:
configMapKeyRef:
@ -211,6 +217,12 @@ spec:
name: argocd-cmd-params-cm
key: applicationsetcontroller.webhook.parallelism.limit
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_REQUEUE_AFTER
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.requeue.after
name: argocd-cmd-params-cm
optional: true
{{- with .Values.applicationSet.extraEnvFrom }}
envFrom:
{{- toYaml . | nindent 12 }}

238
charts/argo-cd/templates/argocd-commit-server/deployment.yaml Normal file
View file

@ -0,0 +1,238 @@
{{- if .Values.commitServer.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
{{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.commitServer.deploymentAnnotations) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ template "argo-cd.commitServer.fullname" . }}
namespace: {{ include "argo-cd.namespace" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 4 }}
spec:
{{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.commitServer.deploymentStrategy) }}
strategy:
{{- trim . | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }}
selector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 6 }}
template:
metadata:
annotations:
{{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.commitServer.podAnnotations) }}
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 8 }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.commitServer.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.commitServer.runtimeClassName | default .Values.global.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.commitServer.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.commitServer.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
{{- with .Values.commitServer.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.commitServer.serviceAccountName" . }}
automountServiceAccountToken: {{ .Values.commitServer.automountServiceAccountToken }}
containers:
- name: {{ .Values.commitServer.name }}
image: {{ default .Values.global.image.repository .Values.commitServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.commitServer.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.commitServer.image.imagePullPolicy }}
args:
- /usr/local/bin/argocd-commit-server
{{- with .Values.commitServer.extraArgs }}
{{- toYaml . | nindent 8 }}
{{- end }}
env:
{{- with (concat .Values.global.env .Values.commitServer.extraEnv) }}
{{- toYaml . | nindent 10 }}
{{- end }}
- name: ARGOCD_COMMIT_SERVER_LISTEN_ADDRESS
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: commitserver.listen.address
optional: true
- name: ARGOCD_COMMIT_SERVER_METRICS_LISTEN_ADDRESS
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: commitserver.metrics.listen.address
optional: true
- name: ARGOCD_COMMIT_SERVER_LOGFORMAT
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: commitserver.log.format
optional: true
- name: ARGOCD_COMMIT_SERVER_LOGLEVEL
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: commitserver.log.level
optional: true
- name: ARGOCD_LOG_FORMAT_TIMESTAMP
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: log.format.timestamp
optional: true
{{- with .Values.commitServer.envFrom }}
envFrom:
{{- toYaml . | nindent 10 }}
{{- end }}
ports:
- containerPort: 8086
name: server
protocol: TCP
- containerPort: 8087
name: metrics
protocol: TCP
{{- if .Values.commitServer.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /healthz?full=true
port: 8087
initialDelaySeconds: {{ .Values.commitServer.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.commitServer.livenessProbe.periodSeconds }}
failureThreshold: {{ .Values.commitServer.livenessProbe.failureThreshold }}
timeoutSeconds: {{ .Values.commitServer.livenessProbe.timeoutSeconds }}
{{- end }}
{{- if .Values.commitServer.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /healthz
port: 8087
initialDelaySeconds: {{ .Values.commitServer.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.commitServer.readinessProbe.periodSeconds }}
failureThreshold: {{ .Values.commitServer.readinessProbe.failureThreshold }}
timeoutSeconds: {{ .Values.commitServer.readinessProbe.timeoutSeconds }}
{{- end }}
resources:
{{- toYaml .Values.commitServer.resources | nindent 10 }}
{{- with .Values.commitServer.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.commitServer.lifecycle }}
lifecycle:
{{- toYaml . | nindent 10 }}
{{- end }}
volumeMounts:
{{- with .Values.commitServer.extraVolumeMounts }}
{{- toYaml . | nindent 8 }}
{{- end }}
- name: ssh-known-hosts
mountPath: /app/config/ssh
- name: tls-certs
mountPath: /app/config/tls
- name: gpg-keys
mountPath: /app/config/gpg/source
- name: gpg-keyring
mountPath: /app/config/gpg/keys
# We need a writeable temp directory for the askpass socket file.
- name: tmp
mountPath: /tmp
initContainers:
- command:
- /bin/cp
- -n
- /usr/local/bin/argocd
- /var/run/argocd/argocd-cmp-server
image: {{ default .Values.global.image.repository .Values.commitServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.commitServer.image.tag }}
name: copyutil
resources:
{{- toYaml .Values.commitServer.resources | nindent 10 }}
{{- with .Values.commitServer.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 10 }}
{{- end }}
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
volumes:
{{- with .Values.commitServer.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
- name: ssh-known-hosts
configMap:
name: argocd-ssh-known-hosts-cm
- name: tls-certs
configMap:
name: argocd-tls-certs-cm
- name: gpg-keys
configMap:
name: argocd-gpg-keys-cm
- name: gpg-keyring
emptyDir: {}
- name: tmp
emptyDir: {}
- name: argocd-commit-server-tls
secret:
secretName: argocd-commit-server-tls
optional: true
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
- key: ca.crt
path: ca.crt
- emptyDir: {}
name: var-files
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.commitServer) }}
affinity:
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.commitServer.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.commitServer.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.commitServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
{{- if not $constraint.labelSelector }}
labelSelector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 12 }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.commitServer.hostNetwork }}
hostNetwork: {{ .Values.commitServer.hostNetwork }}
{{- end }}
{{- with .Values.commitServer.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
dnsPolicy: {{ .Values.commitServer.dnsPolicy }}
{{- end }}

35
charts/argo-cd/templates/argocd-commit-server/metrics.yaml Normal file
View file

@ -0,0 +1,35 @@
{{- if and .Values.commitServer.enabled .Values.commitServer.metrics.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "argo-cd.commitServer.fullname" . }}-metrics
namespace: {{ include "argo-cd.namespace" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" "metrics") | nindent 4 }}
{{- with .Values.commitServer.metrics.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if or .Values.commitServer.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
annotations:
{{- if .Values.global.addPrometheusAnnotations }}
prometheus.io/port: {{ .Values.commitServer.metrics.service.servicePort | quote }}
prometheus.io/scrape: "true"
{{- end }}
{{- range $key, $value := .Values.commitServer.metrics.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.commitServer.metrics.service.type }}
{{- if and .Values.commitServer.metrics.service.clusterIP (eq .Values.commitServer.metrics.service.type "ClusterIP") }}
clusterIP: {{ .Values.commitServer.metrics.service.clusterIP }}
{{- end }}
{{- include "argo-cd.dualStack" . | indent 2 }}
ports:
- name: {{ .Values.commitServer.metrics.service.portName }}
protocol: TCP
port: {{ .Values.commitServer.metrics.service.servicePort }}
targetPort: 8087
selector:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 4 }}
{{- end }}

25
charts/argo-cd/templates/argocd-commit-server/networkpolicy.yaml Normal file
View file

@ -0,0 +1,25 @@
{{- if and .Values.commitServer.enabled .Values.global.networkPolicy.create }}
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: {{ template "argo-cd.commitServer.fullname" . }}
namespace: {{ include "argo-cd.namespace" . }}
spec:
podSelector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 6 }}
policyTypes:
- Ingress
ingress:
- from:
- podSelector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 14 }}
ports:
- protocol: TCP
port: 8086
- from:
- namespaceSelector: { }
ports:
- port: 8087
{{- end }}

26
charts/argo-cd/templates/argocd-commit-server/service.yaml Normal file
View file

@ -0,0 +1,26 @@
{{- if .Values.commitServer.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "argo-cd.commitServer.fullname" . }}
namespace: {{ include "argo-cd.namespace" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 4 }}
{{- with .Values.commitServer.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.commitServer.service.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
ports:
- name: server
protocol: TCP
port: 8086
targetPort: 8086
selector:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 4 }}
{{- end }}

19
charts/argo-cd/templates/argocd-commit-server/serviceaccount.yaml Normal file
View file

@ -0,0 +1,19 @@
{{- if and .Values.commitServer.enabled .Values.commitServer.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.commitServer.serviceAccount.automountServiceAccountToken }}
metadata:
name: {{ include "argo-cd.commitServer.serviceAccountName" . }}
namespace: {{ include "argo-cd.namespace" . }}
{{- with .Values.commitServer.serviceAccount.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 4 }}
{{- with .Values.commitServer.serviceAccount.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

6
charts/argo-cd/templates/argocd-repo-server/deployment.yaml
View file

@ -239,6 +239,12 @@ spec:
name: argocd-cmd-params-cm
key: reposerver.plugin.tar.exclusions
optional: true
- name: ARGOCD_REPO_SERVER_PLUGIN_USE_MANIFEST_GENERATE_PATHS
valueFrom:
configMapKeyRef:
key: reposerver.plugin.use.manifest.generate.paths
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS
valueFrom:
configMapKeyRef:

6
charts/argo-cd/templates/argocd-server/deployment.yaml
View file

@ -373,6 +373,12 @@ spec:
name: argocd-cmd-params-cm
key: applicationsetcontroller.enable.scm.providers
optional: true
- name: ARGOCD_HYDRATOR_ENABLED
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: hydrator.enabled
optional: true
{{- with .Values.server.envFrom }}
envFrom:
{{- toYaml . | nindent 10 }}

387
charts/argo-cd/templates/crds/crd-application.yaml
View file

@ -319,6 +319,14 @@ spec:
description: SkipCrds skips custom resource definition
installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema validation
(Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value files
to use when generating a template
@ -466,6 +474,10 @@ spec:
to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is displayed
in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git repository,
and is only valid for applications sourced from Git.
@ -685,6 +697,14 @@ spec:
description: SkipCrds skips custom resource definition
installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema
validation (Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value files
to use when generating a template
@ -834,6 +854,10 @@ spec:
to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is displayed
in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git repository,
and is only valid for applications sourced from Git.
@ -1166,6 +1190,14 @@ spec:
description: SkipCrds skips custom resource definition installation
step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema validation
(Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation step
(Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value files to
use when generating a template
@ -1312,6 +1344,10 @@ spec:
use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is displayed
in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git repository,
and is only valid for applications sourced from Git.
@ -1378,6 +1414,64 @@ spec:
required:
- repoURL
type: object
sourceHydrator:
description: SourceHydrator provides a way to push hydrated manifests
back to git before syncing them to the cluster.
properties:
drySource:
description: DrySource specifies where the dry "don't repeat yourself"
manifest source lives.
properties:
path:
description: Path is a directory path within the Git repository
where the manifests are located
type: string
repoURL:
description: RepoURL is the URL to the git repository that
contains the application manifests
type: string
targetRevision:
description: TargetRevision defines the revision of the source
to hydrate
type: string
required:
- path
- repoURL
- targetRevision
type: object
hydrateTo:
description: |-
HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then
have to move manifests to the SyncSource, e.g. by pull request.
properties:
targetBranch:
description: TargetBranch is the branch to which hydrated
manifests should be committed
type: string
required:
- targetBranch
type: object
syncSource:
description: SyncSource specifies where to sync hydrated manifests
from.
properties:
path:
description: |-
Path is a directory path within the git repository where hydrated manifests should be committed to and synced
from. If hydrateTo is set, this is just the path from which hydrated manifests will be synced.
type: string
targetBranch:
description: TargetBranch is the branch to which hydrated
manifests should be committed
type: string
required:
- path
- targetBranch
type: object
required:
- drySource
- syncSource
type: object
sources:
description: Sources is a reference to the location of the application's
manifests or chart
@ -1523,6 +1617,14 @@ spec:
description: SkipCrds skips custom resource definition installation
step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema validation
(Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value files to
use when generating a template
@ -1670,6 +1772,10 @@ spec:
to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is displayed
in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git repository,
and is only valid for applications sourced from Git.
@ -1848,6 +1954,11 @@ spec:
description: Health contains information about the application's current
health status
properties:
lastTransitionTime:
description: LastTransitionTime is the time the HealthStatus was
set or updated
format: date-time
type: string
message:
description: Message is a human-readable informational message
describing the health status
@ -2045,6 +2156,14 @@ spec:
description: SkipCrds skips custom resource definition
installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema
validation (Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value files
to use when generating a template
@ -2194,6 +2313,10 @@ spec:
to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is displayed
in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git repository,
and is only valid for applications sourced from Git.
@ -2414,6 +2537,14 @@ spec:
description: SkipCrds skips custom resource definition
installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema
validation (Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value files
to use when generating a template
@ -2565,6 +2696,10 @@ spec:
to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is
displayed in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git repository,
and is only valid for applications sourced from Git.
@ -2933,6 +3068,14 @@ spec:
description: SkipCrds skips custom resource definition
installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema
validation (Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value
files to use when generating a template
@ -3085,6 +3228,11 @@ spec:
Kustomize to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and
is displayed in the UI. It is used in multi-source
Applications.
type: string
path:
description: Path is a directory path within the Git
repository, and is only valid for applications sourced
@ -3320,6 +3468,14 @@ spec:
description: SkipCrds skips custom resource
definition installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON
schema validation (Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value
files to use when generating a template
@ -3475,6 +3631,11 @@ spec:
of Kustomize to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and
is displayed in the UI. It is used in multi-source
Applications.
type: string
path:
description: Path is a directory path within the
Git repository, and is only valid for applications
@ -3824,6 +3985,14 @@ spec:
description: SkipCrds skips custom resource definition
installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema
validation (Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value files
to use when generating a template
@ -3975,6 +4144,10 @@ spec:
to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is
displayed in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git repository,
and is only valid for applications sourced from Git.
@ -4205,6 +4378,14 @@ spec:
description: SkipCrds skips custom resource definition
installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema
validation (Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value
files to use when generating a template
@ -4357,6 +4538,10 @@ spec:
to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is
displayed in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git
repository, and is only valid for applications sourced
@ -4463,6 +4648,11 @@ spec:
description: HealthStatus contains information about the currently
observed health state of an application or resource
properties:
lastTransitionTime:
description: LastTransitionTime is the time the HealthStatus
was set or updated
format: date-time
type: string
message:
description: Message is a human-readable informational message
describing the health status
@ -4480,6 +4670,8 @@ spec:
type: string
namespace:
type: string
requiresDeletionConfirmation:
type: boolean
requiresPruning:
type: boolean
status:
@ -4493,6 +4685,177 @@ spec:
type: string
type: object
type: array
sourceHydrator:
description: SourceHydrator stores information about the current state
of source hydration
properties:
currentOperation:
description: CurrentOperation holds the status of the hydrate
operation
properties:
drySHA:
description: DrySHA holds the resolved revision (sha) of the
dry source as of the most recent reconciliation
type: string
finishedAt:
description: FinishedAt indicates when the hydrate operation
finished
format: date-time
type: string
hydratedSHA:
description: HydratedSHA holds the resolved revision (sha)
of the hydrated source as of the most recent reconciliation
type: string
message:
description: Message contains a message describing the current
status of the hydrate operation
type: string
phase:
description: Phase indicates the status of the hydrate operation
enum:
- Hydrating
- Failed
- Hydrated
type: string
sourceHydrator:
description: SourceHydrator holds the hydrator config used
for the hydrate operation
properties:
drySource:
description: DrySource specifies where the dry "don't
repeat yourself" manifest source lives.
properties:
path:
description: Path is a directory path within the Git
repository where the manifests are located
type: string
repoURL:
description: RepoURL is the URL to the git repository
that contains the application manifests
type: string
targetRevision:
description: TargetRevision defines the revision of
the source to hydrate
type: string
required:
- path
- repoURL
- targetRevision
type: object
hydrateTo:
description: |-
HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then
have to move manifests to the SyncSource, e.g. by pull request.
properties:
targetBranch:
description: TargetBranch is the branch to which hydrated
manifests should be committed
type: string
required:
- targetBranch
type: object
syncSource:
description: SyncSource specifies where to sync hydrated
manifests from.
properties:
path:
description: |-
Path is a directory path within the git repository where hydrated manifests should be committed to and synced
from. If hydrateTo is set, this is just the path from which hydrated manifests will be synced.
type: string
targetBranch:
description: TargetBranch is the branch to which hydrated
manifests should be committed
type: string
required:
- path
- targetBranch
type: object
required:
- drySource
- syncSource
type: object
startedAt:
description: StartedAt indicates when the hydrate operation
started
format: date-time
type: string
required:
- message
- phase
type: object
lastSuccessfulOperation:
description: LastSuccessfulOperation holds info about the most
recent successful hydration
properties:
drySHA:
description: DrySHA holds the resolved revision (sha) of the
dry source as of the most recent reconciliation
type: string
hydratedSHA:
description: HydratedSHA holds the resolved revision (sha)
of the hydrated source as of the most recent reconciliation
type: string
sourceHydrator:
description: SourceHydrator holds the hydrator config used
for the hydrate operation
properties:
drySource:
description: DrySource specifies where the dry "don't
repeat yourself" manifest source lives.
properties:
path:
description: Path is a directory path within the Git
repository where the manifests are located
type: string
repoURL:
description: RepoURL is the URL to the git repository
that contains the application manifests
type: string
targetRevision:
description: TargetRevision defines the revision of
the source to hydrate
type: string
required:
- path
- repoURL
- targetRevision
type: object
hydrateTo:
description: |-
HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then
have to move manifests to the SyncSource, e.g. by pull request.
properties:
targetBranch:
description: TargetBranch is the branch to which hydrated
manifests should be committed
type: string
required:
- targetBranch
type: object
syncSource:
description: SyncSource specifies where to sync hydrated
manifests from.
properties:
path:
description: |-
Path is a directory path within the git repository where hydrated manifests should be committed to and synced
from. If hydrateTo is set, this is just the path from which hydrated manifests will be synced.
type: string
targetBranch:
description: TargetBranch is the branch to which hydrated
manifests should be committed
type: string
required:
- path
- targetBranch
type: object
required:
- drySource
- syncSource
type: object
type: object
type: object
sourceType:
description: SourceType specifies the type of this application
type: string
@ -4730,6 +5093,14 @@ spec:
description: SkipCrds skips custom resource definition
installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema
validation (Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value files
to use when generating a template
@ -4881,6 +5252,10 @@ spec:
to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is
displayed in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git repository,
and is only valid for applications sourced from Git.
@ -5111,6 +5486,14 @@ spec:
description: SkipCrds skips custom resource definition
installation step (Helm's --skip-crds)
type: boolean
skipSchemaValidation:
description: SkipSchemaValidation skips JSON schema
validation (Helm's --skip-schema-validation)
type: boolean
skipTests:
description: SkipTests skips test manifest installation
step (Helm's --skip-tests).
type: boolean
valueFiles:
description: ValuesFiles is a list of Helm value
files to use when generating a template
@ -5263,6 +5646,10 @@ spec:
to use for rendering manifests
type: string
type: object
name:
description: Name is used to refer to a source and is
displayed in the UI. It is used in multi-source Applications.
type: string
path:
description: Path is a directory path within the Git
repository, and is only valid for applications sourced

1163
charts/argo-cd/templates/crds/crd-applicationset.yaml
View file

File diff suppressed because it is too large Load diff

183
charts/argo-cd/values.yaml
View file

@ -119,7 +119,8 @@ global:
priorityClassName: ""
# -- Default node selector for all components
nodeSelector: {}
nodeSelector:
kubernetes.io/os: linux
# -- Default tolerations for all components
tolerations: []
@ -3749,3 +3750,183 @@ notifications:
# For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/triggers/#default-triggers
# defaultTriggers: |
# - on-sync-status-unknown
commitServer:
# -- Enable commit server
enabled: false
# -- Commit server name
name: commit-server
# -- Runtime class name for the commit server
# @default -- `""` (defaults to global.runtimeClassName)
runtimeClassName: ""
## commit server controller image
image:
# -- Repository to use for the commit server
# @default -- `""` (defaults to global.image.repository)
repository: ""
# -- Tag to use for the commit server
# @default -- `""` (defaults to global.image.tag)
tag: ""
# -- Image pull policy for the commit server
# @default -- `""` (defaults to global.image.imagePullPolicy)
imagePullPolicy: ""
# -- commit server command line flags
extraArgs: []
# -- Environment variables to pass to the commit server
extraEnv: []
# - name: "MY_VAR"
# value: "value"
# -- envFrom to pass to the commit server
# @default -- `[]` (See [values.yaml])
extraEnvFrom: []
# - configMapRef:
# name: config-map-name
# - secretRef:
# name: secret-name
# -- List of extra mounts to add (normally used with extraVolumes)
extraVolumeMounts: []
# -- List of extra volumes to add
extraVolumes: []
metrics:
# -- Enables prometheus metrics server
enabled: false
service:
# -- Metrics service type
type: ClusterIP
# -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
clusterIP: ""
# -- Metrics service annotations
annotations: {}
# -- Metrics service labels
labels: {}
# -- Metrics service port
servicePort: 8087
# -- Metrics service port name
portName: metrics
## commit server service configuration
service:
# -- commit server service annotations
annotations: {}
# -- commit server service labels
labels: {}
# -- Automount API credentials for the Service Account into the pod.
automountServiceAccountToken: false
serviceAccount:
# -- Create commit server service account
create: true
# -- commit server service account name
name: argocd-commit-server
# -- Annotations applied to created service account
annotations: {}
# -- Labels applied to created service account
labels: {}
# -- Automount API credentials for the Service Account
automountServiceAccountToken: true
# -- Annotations to be added to commit server Deployment
deploymentAnnotations: {}
# -- Annotations for the commit server pods
podAnnotations: {}
# -- Labels for the commit server pods
podLabels: {}
# -- Resource limits and requests for the commit server pods.
resources: {}
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# -- [DNS configuration]
dnsConfig: {}
# -- Alternative DNS policy for commit server pods
dnsPolicy: "ClusterFirst"
# -- commit server container-level security context
# @default -- See [values.yaml]
containerSecurityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
## Probes for commit server (optional)
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
readinessProbe:
# -- Enable Kubernetes liveness probe for commit server
enabled: true
# -- Number of seconds after the container has started before [probe] is initiated
initialDelaySeconds: 5
# -- How often (in seconds) to perform the [probe]
periodSeconds: 10
# -- Number of seconds after which the [probe] times out
timeoutSeconds: 1
# -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded
failureThreshold: 3
livenessProbe:
# -- Enable Kubernetes liveness probe for commit server
enabled: true
# -- Number of seconds after the container has started before [probe] is initiated
initialDelaySeconds: 30
# -- How often (in seconds) to perform the [probe]
periodSeconds: 30
# -- Number of seconds after which the [probe] times out
timeoutSeconds: 5
# -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded
failureThreshold: 3
# -- terminationGracePeriodSeconds for container lifecycle hook
terminationGracePeriodSeconds: 30
# -- [Node selector]
# @default -- `{}` (defaults to global.nodeSelector)
nodeSelector: {}
# -- [Tolerations] for use with node taints
# @default -- `[]` (defaults to global.tolerations)
tolerations: []
# -- Assign custom [affinity] rules
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the commit server
# @default -- `[]` (defaults to global.topologySpreadConstraints)
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- Deployment strategy to be added to the commit server Deployment
deploymentStrategy: {}
# type: RollingUpdate
# rollingUpdate:
# maxSurge: 25%
# maxUnavailable: 25%
# -- Priority class for the commit server pods
# @default -- `""` (defaults to global.priorityClassName)
priorityClassName: ""