Merge branch 'master' into feat-argo-events-service-account-annotations

2021-04-23 11:53:45 +02:00 · 2021-04-23 11:53:45 +02:00 · c7cc5a15f8
commit c7cc5a15f8
parent 7c06060a93 8f7d9ff0d8
30 changed files with 154 additions and 53 deletions
--- a/2
+++ b/2
@ -4,7 +4,7 @@
 /charts/argo @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler
 # Argo CD
-/charts/argo-cd @seanson @spencergilbert @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler
+/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler
 # Argo Events
 /charts/argo-events @jbehling @VaibhavPage @oliverbaehler
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: 2.0.0
 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 3.1.1
+version: 3.2.0
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 keywords:
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@ -227,12 +227,14 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i
 | server.ingress.enabled | Enable an ingress resource for the server | `false` |
 | server.ingress.hosts | List of ingress hosts | `[]` |
 | server.ingress.labels | Additional ingress labels. | `{}` |
 | server.ingress.ingressClassName | Defines which ingress controller will implement the resource | `""` |
 | server.ingress.tls | Ingress TLS configuration. | `[]` |
 | server.ingress.https | Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` | `false` |
 | server.ingressGrpc.annotations | Additional ingress annotations for dedicated [gRPC-ingress] | `{}` |
 | server.ingressGrpc.enabled | Enable an ingress resource for the server for dedicated [gRPC-ingress] | `false` |
 | server.ingressGrpc.hosts | List of ingress hosts for dedicated [gRPC-ingress] | `[]` |
 | server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` |
 | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` |
 | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` |
 | server.route.enabled | Enable a OpenShift route for the server | `false` |
 | server.route.hostname | Hostname of OpenShift route | `""` |
--- a/charts/argo-cd/templates/_helpers.tpl
+++ b/charts/argo-cd/templates/_helpers.tpl
@ -139,3 +139,16 @@ app.kubernetes.io/instance: {{ .context.Release.Name }}
 app.kubernetes.io/component: {{ .component }}
 {{- end }}
 {{- end }}
 {{/*
 Return the appropriate apiVersion for ingress
 */}}
 {{- define "argo-cd.ingress.apiVersion" -}}
 {{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 {{- print "extensions/v1beta1" -}}
 {{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.GitVersion -}}
 {{- print "networking.k8s.io/v1beta1" -}}
 {{- else -}}
 {{- print "networking.k8s.io/v1" -}}
 {{- end -}}
 {{- end -}}
--- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
@ -3,11 +3,7 @@
 {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
 {{- $paths := .Values.server.ingressGrpc.paths -}}
 {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}}
-{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
+apiVersion: {{ include "argo-cd.ingress.apiVersion" . }}
 apiVersion: networking.k8s.io/v1beta1
 {{ else }}
 apiVersion: extensions/v1beta1
 {{ end -}}
 kind: Ingress
 metadata:
 {{- if .Values.server.ingressGrpc.annotations }}
@ -19,10 +15,15 @@ metadata:
  name: {{ template "argo-cd.server.fullname" . }}-grpc
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
-{{- if .Values.server.ingressGrpc.labels }}
+    {{- if .Values.server.ingressGrpc.labels }}
-{{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }}
+    {{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }}
-{{- end }}
+    {{- end }}
 spec:
  {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
  {{- with .Values.server.ingress.ingressClassName }}
  ingressClassName: {{ . }}
  {{- end }}
  {{- end }}
  rules:
  {{- if .Values.server.ingressGrpc.hosts }}
    {{- range $host := .Values.server.ingressGrpc.hosts }}
@ -34,9 +35,23 @@ spec:
          {{- end -}}
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: Prefix
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ $serviceName }}
                port:
                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
                  {{- else }}
                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ $serviceName }}
              servicePort: {{ $servicePort }}
              {{- end }}
          {{- end -}}
    {{- end -}}
  {{- else }}
@ -47,13 +62,27 @@ spec:
          {{- end -}}
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: Prefix
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ $serviceName }}
                port:
                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
                  {{- else }}
                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ $serviceName }}
              servicePort: {{ $servicePort }}
              {{- end }}
          {{- end -}}
  {{- end -}}
  {{- if .Values.server.ingressGrpc.tls }}
  tls:
-{{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }}
+    {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }}
  {{- end -}}
 {{- end -}}
--- a/charts/argo-cd/templates/argocd-server/ingress.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress.yaml
@ -3,11 +3,7 @@
 {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}}
 {{- $paths := .Values.server.ingress.paths -}}
 {{- $extraPaths := .Values.server.ingress.extraPaths -}}
-{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
+apiVersion: {{ include "argo-cd.ingress.apiVersion" . }}
 apiVersion: networking.k8s.io/v1beta1
 {{ else }}
 apiVersion: extensions/v1beta1
 {{ end -}}
 kind: Ingress
 metadata:
 {{- if .Values.server.ingress.annotations }}
@ -19,10 +15,15 @@ metadata:
  name: {{ template "argo-cd.server.fullname" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
-{{- if .Values.server.ingress.labels }}
+    {{- if .Values.server.ingress.labels }}
-{{- toYaml .Values.server.ingress.labels | nindent 4 }}
+    {{- toYaml .Values.server.ingress.labels | nindent 4 }}
-{{- end }}
+    {{- end }}
 spec:
  {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
  {{- with .Values.server.ingress.ingressClassName }}
  ingressClassName: {{ . }}
  {{- end }}
  {{- end }}
  rules:
  {{- if .Values.server.ingress.hosts }}
    {{- range $host := .Values.server.ingress.hosts }}
@ -34,9 +35,23 @@ spec:
          {{- end }}
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: Prefix
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ $serviceName }}
                port:
                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
                  {{- else }}
                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ $serviceName }}
              servicePort: {{ $servicePort }}
              {{- end }}
          {{- end -}}
    {{- end -}}
  {{- else }}
@ -47,13 +62,27 @@ spec:
          {{- end }}
          {{- range $p := $paths }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: Prefix
            {{- end }}
            backend:
              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
              service:
                name: {{ $serviceName }}
                port:
                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
                  {{- else }}
                  name: {{ $servicePort }}
                  {{- end }}
              {{- else }}
              serviceName: {{ $serviceName }}
              servicePort: {{ $servicePort }}
              {{- end }}
          {{- end -}}
  {{- end -}}
  {{- if .Values.server.ingress.tls }}
  tls:
-{{- toYaml .Values.server.ingress.tls | nindent 4 }}
+    {{- toYaml .Values.server.ingress.tls | nindent 4 }}
  {{- end -}}
 {{- end -}}
--- a/charts/argo-cd/templates/dex/serviceaccount.yaml
+++ b/charts/argo-cd/templates/dex/serviceaccount.yaml
@ -1,4 +1,4 @@
-{{- if .Values.dex.serviceAccount.create }}
+{{- if and .Values.dex.enabled .Values.dex.serviceAccount.create }}
 apiVersion: v1
 kind: ServiceAccount
 automountServiceAccountToken: {{ .Values.dex.serviceAccount.automountServiceAccountToken }}
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@ -493,6 +493,7 @@ server:
    enabled: false
    annotations: {}
    labels: {}
    ingressClassName: ""
    ## Argo Ingress.
    ## Hostnames must be provided if Ingress is enabled.
@ -521,6 +522,7 @@ server:
    enabled: false
    annotations: {}
    labels: {}
    ingressClassName: ""
    ## Argo Ingress.
    ## Hostnames must be provided if Ingress is enabled.
--- a/charts/argo-events/Chart.yaml
+++ b/charts/argo-events/Chart.yaml
@ -1,7 +1,7 @@
 apiVersion: v2
 description: A Helm chart to install Argo-Events in k8s Cluster
 name: argo-events
-version: 1.2.5
+version: 1.3.2
 keywords:
  - argo-events
  - sensor-controller
--- a/charts/argo-events/templates/argo-events-roles.yaml
+++ b/charts/argo-events/templates/argo-events-roles.yaml
@ -49,10 +49,13 @@ rules:
      - workflowtemplates/finalizers
      - sensors
      - sensors/finalizers
      - sensors/status
      - eventsources
      - eventsources/finalizers
      - eventsources/status
      - eventbus
      - eventbus/finalizers
      - eventbus/status
  - apiGroups:
      - ""
    resources:
--- a/charts/argo-events/templates/eventbus-controller-deployment.yaml
+++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml
@ -18,6 +18,9 @@ spec:
      labels:
        app: {{ .Release.Name }}-{{ .Values.eventbusController.name }}
        release: {{ .Release.Name }}
      {{- with .Values.eventbusController.podAnnotations }}
      annotations: {{- toYaml . | nindent 8 }}
      {{- end }}
    spec:
      serviceAccountName: {{ .Values.serviceAccount }}
      containers:
--- a/charts/argo-events/templates/eventsource-controller-deployment.yaml
+++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml
@ -18,6 +18,9 @@ spec:
      labels:
        app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }}
        release: {{ .Release.Name }}
      {{- with .Values.eventsourceController.podAnnotations }}
      annotations: {{- toYaml . | nindent 8 }}
      {{- end }}
    spec:
      serviceAccountName: {{ .Values.serviceAccount }}
      containers:
--- a/charts/argo-events/templates/sensor-controller-deployment.yaml
+++ b/charts/argo-events/templates/sensor-controller-deployment.yaml
@ -18,6 +18,9 @@ spec:
      labels:
        app: {{ .Release.Name }}-{{ .Values.sensorController.name }}
        release: {{ .Release.Name }}
      {{- with .Values.sensorController.podAnnotations }}
      annotations: {{- toYaml . | nindent 8 }}
      {{- end }}
    spec:
      serviceAccountName: {{ .Values.serviceAccount }}
      containers:
--- a/charts/argo-events/values.yaml
+++ b/charts/argo-events/values.yaml
@ -51,6 +51,7 @@ sensorController:
  tag: v1.2.3
  replicaCount: 1
  sensorImage: sensor
  podAnnotations: {}
  nodeSelector: {}
  tolerations: {}
  affinity: {}
@ -61,6 +62,7 @@ eventsourceController:
  tag: v1.2.3
  replicaCount: 1
  eventsourceImage: eventsource
  podAnnotations: {}
  nodeSelector: {}
  tolerations: {}
  affinity: {}
@ -70,6 +72,7 @@ eventbusController:
  image: eventbus-controller
  tag: v1.2.3
  replicaCount: 1
  podAnnotations: {}
  nodeSelector: {}
  tolerations: {}
  affinity: {}
--- a/charts/argocd-applicationset/.helmignore
+++ b/charts/argocd-applicationset/.helmignore
--- a/charts/argocd-applicationset/Chart.yaml
+++ b/charts/argocd-applicationset/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 name: argocd-applicationset
 description: A Helm chart for installing ArgoCD ApplicationSet
 type: application
-version: 0.1.2
+version: 0.1.3
 appVersion: "v0.1.0"
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
--- a/charts/argocd-applicationset/README.md
+++ b/charts/argocd-applicationset/README.md
@ -18,7 +18,7 @@ To install the chart with the release name `my-release`:
 $ helm repo add argo https://argoproj.github.io/argo-helm
 "argo" has been added to your repositories
-$ helm install --name my-release argo/argo-applicationset
+$ helm install --name my-release argo/argocd-applicationset
 NAME: my-release
 ...
 ```
@ -61,7 +61,7 @@ ct install --namespace argocd
 | mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume |
 | mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume |
 | mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` |
-| nameOverride | string | `""` | Provide a name in place of `argo-applicationset` |
+| nameOverride | string | `""` | Provide a name in place of `argocd-applicationset` |
 | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) |
 | podAnnotations | object | `{}` | Annotations for the controller pods |
 | podSecurityContext | object | `{}` | Pod Security Context |
--- a/charts/argocd-applicationset/ci/default-values.yaml
+++ b/charts/argocd-applicationset/ci/default-values.yaml
--- a/charts/argocd-applicationset/ci/leader-election-values.yaml
+++ b/charts/argocd-applicationset/ci/leader-election-values.yaml
--- a/charts/argocd-applicationset/crds/crd-applicationset.yaml
+++ b/charts/argocd-applicationset/crds/crd-applicationset.yaml
--- a/charts/argocd-applicationset/templates/_helpers.tpl
+++ b/charts/argocd-applicationset/templates/_helpers.tpl
--- a/charts/argocd-applicationset/templates/crds.yaml
+++ b/charts/argocd-applicationset/templates/crds.yaml
--- a/charts/argocd-applicationset/templates/deployment.yaml
+++ b/charts/argocd-applicationset/templates/deployment.yaml
--- a/charts/argocd-applicationset/templates/psp.yaml
+++ b/charts/argocd-applicationset/templates/psp.yaml
--- a/charts/argocd-applicationset/templates/rbac.yaml
+++ b/charts/argocd-applicationset/templates/rbac.yaml
--- a/charts/argocd-applicationset/templates/serviceaccount.yaml
+++ b/charts/argocd-applicationset/templates/serviceaccount.yaml
--- a/charts/argocd-applicationset/values.yaml
+++ b/charts/argocd-applicationset/values.yaml
--- a/charts/argocd-notifications/Chart.yaml
+++ b/charts/argocd-notifications/Chart.yaml
@ -3,7 +3,7 @@ appVersion: 1.1.1
 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD.
 name: argocd-notifications
 type: application
-version: 1.1.1
+version: 1.1.2
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 keywords:
--- a/charts/argocd-notifications/templates/deployment.yaml
+++ b/charts/argocd-notifications/templates/deployment.yaml
@ -26,8 +26,9 @@ spec:
        {{- toYaml . | nindent 8 }}
    {{- end }}
      serviceAccountName: {{ include "argocd-notifications.serviceAccountName" . }}
-      securityContext:
+      {{- if .Values.securityContext }}
-        runAsNonRoot: true
+      securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
      {{- end }}
      containers:
        - name: {{ include "argocd-notifications.name" . }}-controller
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
@ -51,6 +52,9 @@ spec:
            name: metrics
            protocol: TCP
          {{- end }}
          {{- if .Values.containerSecurityContext }}
          securityContext: {{- toYaml .Values.containerSecurityContext | nindent 12 }}
          {{- end }}
          {{- with .Values.extraEnv }}
          env: {{ toYaml . | nindent 12 }}
          {{- end }}
--- a/charts/argocd-notifications/values.yaml
+++ b/charts/argocd-notifications/values.yaml
@ -65,6 +65,13 @@ notifiers:
 podAnnotations: {}
 ## Pod Security Context
 securityContext:
  runAsNonRoot: true
 ## Container Security Context
 containerSecurityContext: {}
 resources: {}
  # limits:
  #   cpu: 100m