DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'origin/main' into feature/gateway-api

Browse source 
# Conflicts:
#	charts/argo-cd/Chart.yaml
This commit is contained in:
Tristan Duverger 2024-10-04 12:46:49 +02:00
commit cd7f4804df
36 changed files with 157 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.github/configs/renovate-config.js vendored
View file

@ -1,6 +1,7 @@
module.exports = {
platform: 'github',
gitAuthor: 'renovate[bot] <renovate[bot]@users.noreply.github.com>',
// This ensures that the gitAuthor and gitSignOff fields match
gitAuthor: 'argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com>',
autodiscover: false,
allowPostUpgradeCommandTemplating: true,
allowedPostUpgradeCommands: [".*"],

4
.github/workflows/lint-and-test.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
options: --user 1001
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Run ah lint
working-directory: ./charts
run: ah lint
@ -22,7 +22,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
fetch-depth: 0

2
.github/workflows/publish.yml vendored
View file

@ -19,7 +19,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
fetch-depth: 0

6
.github/workflows/renovate.yaml vendored
View file

@ -16,17 +16,17 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Get token
uses: actions/create-github-app-token@3378cda945da322a8db4b193e19d46352ebe2de5 # v1.10.4
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
id: get_token
with:
app-id: ${{ vars.RENOVATE_APP_ID }}
private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }}
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Self-hosted Renovate
uses: renovatebot/github-action@630a255a1f2f56c8d8ce160bed3e3ca577ca53e2 # v40.2.7
uses: renovatebot/github-action@a1ed1d0adddfdf138192d1fbe3150a80094dee6a # v40.3.1
with:
configurationFile: .github/configs/renovate-config.js
# renovate: datasource=docker depName=ghcr.io/renovatebot/renovate

4
.github/workflows/scorecard.yml vendored
View file

@ -33,7 +33,7 @@ jobs:
steps:
- name: "Checkout code"
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
persist-credentials: false
@ -68,6 +68,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9
with:
sarif_file: results.sarif

6
charts/argo-cd/Chart.yaml
View file

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: v2.12.3
appVersion: v2.12.4
kubeVersion: ">=1.25.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
@ -26,8 +26,8 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: fixed
description: Certificate template was wrong leading to null
- kind: added
description: Set affinity in redis secret-init job.
- kind: added
description: Capability to deploy gateway
- kind: added

11
charts/argo-cd/README.md
View file

@ -713,6 +713,7 @@ NAME: my-release
| global.podLabels | object | `{}` | Labels for the all deployed pods |
| global.priorityClassName | string | `""` | Default priority class for all components |
| global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. |
| global.runtimeClassName | string | `""` | Runtime class name for all components |
| global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. |
| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets |
| global.tolerations | list | `[]` | Default tolerations for all components |
@ -741,6 +742,7 @@ NAME: my-release
| configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring |
| configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] |
| configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability |
| configs.params."applicationsetcontroller.namespaces" | string | `""` (default is only the ns where the controller is installed) | A list of glob patterns specifying where to look for ApplicationSet resources. (e.g. `"argocd,argocd-appsets-*"`) |
| configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` |
| configs.params."controller.ignore.normalizer.jq.timeout" | string | `"1s"` | JQ Path expression timeout |
| configs.params."controller.operation.processors" | int | `10` | Number of application operation processors |
@ -752,6 +754,7 @@ NAME: my-release
| configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / |
| configs.params."server.disable.auth" | bool | `false` | Disable Argo CD RBAC for user authentication |
| configs.params."server.enable.gzip" | bool | `true` | Enable GZIP compression |
| configs.params."server.enable.proxy.extension" | bool | `false` | Enable proxy extension feature. (proxy extension is in Alpha phase) |
| configs.params."server.insecure" | bool | `false` | Run server without TLS |
| configs.params."server.rootpath" | string | `""` | Used if Argo CD is running behind reverse proxy under subpath different from / |
| configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets |
@ -856,6 +859,7 @@ NAME: my-release
| controller.replicas | int | `1` | The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. |
| controller.resources | object | `{}` | Resource limits and requests for the application controller pods |
| controller.revisionHistoryLimit | int | `5` | Maximum number of controller revisions that will be maintained in StatefulSet history |
| controller.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the application controller |
| controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
| controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
| controller.serviceAccount.create | bool | `true` | Create a service account for the application controller |
@ -950,6 +954,7 @@ NAME: my-release
| repoServer.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
| repoServer.replicas | int | `1` | The number of repo server pods to run |
| repoServer.resources | object | `{}` | Resource limits and requests for the repo server pods |
| repoServer.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the repo server |
| repoServer.service.annotations | object | `{}` | Repo server service annotations |
| repoServer.service.labels | object | `{}` | Repo server service labels |
| repoServer.service.port | int | `8081` | Repo server service port |
@ -1131,6 +1136,7 @@ NAME: my-release
| server.route.hostname | string | `""` | Hostname of OpenShift Route |
| server.route.termination_policy | string | `"None"` | Termination policy of Openshift Route |
| server.route.termination_type | string | `"passthrough"` | Termination type of Openshift Route |
| server.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the Argo CD server |
| server.service.annotations | object | `{}` | Server service annotations |
| server.service.externalIPs | list | `[]` | Server service external IPs |
| server.service.externalTrafficPolicy | string | `"Cluster"` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints |
@ -1238,6 +1244,7 @@ NAME: my-release
| dex.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
| dex.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
| dex.resources | object | `{}` | Resource limits and requests for dex |
| dex.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for Dex |
| dex.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
| dex.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
| dex.serviceAccount.create | bool | `true` | Create dex service account |
@ -1336,6 +1343,7 @@ NAME: my-release
| redis.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
| redis.readinessProbe.timeoutSeconds | int | `15` | Number of seconds after which the [probe] times out |
| redis.resources | object | `{}` | Resource limits and requests for redis |
| redis.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for redis |
| redis.securityContext | object | See [values.yaml] | Redis pod-level security context |
| redis.service.annotations | object | `{}` | Redis service annotations |
| redis.service.labels | object | `{}` | Additional redis service labels |
@ -1414,6 +1422,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| redisSecretInit.affinity | object | `{}` | Assign custom [affinity] rules to the Redis secret-init Job |
| redisSecretInit.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context |
| redisSecretInit.enabled | bool | `true` | Enable Redis secret initialization. If disabled, secret must be provisioned by alternative methods |
| redisSecretInit.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis secret-init Job |
@ -1528,6 +1537,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
| applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
| applicationSet.replicas | int | `1` | The number of ApplicationSet controller pods to run |
| applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. |
| applicationSet.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the ApplicationSet controller |
| applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations |
| applicationSet.service.labels | object | `{}` | ApplicationSet service labels |
| applicationSet.service.port | int | `7000` | ApplicationSet service port |
@ -1611,6 +1621,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
| notifications.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
| notifications.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller |
| notifications.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the notifications controller |
| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret |
| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret |
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret |

3
charts/argo-cd/templates/argocd-application-controller/deployment.yaml
View file

@ -36,6 +36,9 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.controller.runtimeClassName | default .Values.global.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}

3
charts/argo-cd/templates/argocd-application-controller/statefulset.yaml
View file

@ -37,6 +37,9 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.controller.runtimeClassName | default .Values.global.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}

1
charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml
View file

@ -3,7 +3,6 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "argo-cd.applicationSet.fullname" . }}
namespace: {{ include "argo-cd.namespace" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
rules:

1
charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml
View file

@ -3,7 +3,6 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "argo-cd.applicationSet.fullname" . }}
namespace: {{ include "argo-cd.namespace" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
roleRef:

3
charts/argo-cd/templates/argocd-applicationset/deployment.yaml
View file

@ -36,6 +36,9 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.applicationSet.runtimeClassName | default .Values.global.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.applicationSet.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}

3
charts/argo-cd/templates/argocd-notifications/deployment.yaml
View file

@ -36,6 +36,9 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.notifications.runtimeClassName | default .Values.global.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.notifications.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}

3
charts/argo-cd/templates/argocd-repo-server/deployment.yaml
View file

@ -47,6 +47,9 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.repoServer.runtimeClassName | default .Values.global.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.repoServer.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}

3
charts/argo-cd/templates/argocd-server/deployment.yaml
View file

@ -41,6 +41,9 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.server.runtimeClassName | default .Values.global.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.server.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}

3
charts/argo-cd/templates/dex/deployment.yaml
View file

@ -43,6 +43,9 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.dex.runtimeClassName | default .Values.global.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.dex.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}

8
charts/argo-cd/templates/redis-secret-init/job.yaml
View file

@ -28,9 +28,9 @@ spec:
{{- end }}
{{- end }}
spec:
{{- with .Values.global.imagePullSecrets }}
{{- with .Values.redisSecretInit.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{ toYaml . | nindent 8 }}
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- command:
@ -54,6 +54,10 @@ spec:
priorityClassName: {{ . }}
{{- end }}
restartPolicy: OnFailure
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.redisSecretInit) }}
affinity:
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.redisSecretInit.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

3
charts/argo-cd/templates/redis/deployment.yaml
View file

@ -33,6 +33,9 @@ spec:
{{- end }}
{{- end }}
spec:
{{- with .Values.redis.runtimeClassName | default .Values.global.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.redis.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}

59
charts/argo-cd/values.yaml
View file

@ -44,6 +44,9 @@ global:
## Used for ingresses, certificates, SSO, notifications, etc.
domain: argocd.example.com
# -- Runtime class name for all components
runtimeClassName: ""
# -- Common labels for the all resources
additionalLabels: {}
# app: argo-cd
@ -225,6 +228,25 @@ configs:
# - profile
# - email
# Extension Configuration
## Ref: https://argo-cd.readthedocs.io/en/latest/developer-guide/extensions/proxy-extensions/
# extension.config: |
# extensions:
# - name: httpbin
# backend:
# connectionTimeout: 2s
# keepAlive: 15s
# idleConnectionTimeout: 60s
# maxIdleConnections: 30
# services:
# - url: http://httpbin.org
# headers:
# - name: some-header
# value: '$some.argocd.secret.key'
# cluster:
# name: some-cluster
# server: https://some-cluster
# Argo CD configuration parameters
## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cmd-params-cm.yaml
params:
@ -263,6 +285,8 @@ configs:
server.disable.auth: false
# -- Enable GZIP compression
server.enable.gzip: true
# -- Enable proxy extension feature. (proxy extension is in Alpha phase)
server.enable.proxy.extension: false
# -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "".
server.x.frame.options: sameorigin
@ -275,6 +299,10 @@ configs:
applicationsetcontroller.policy: sync
# -- Enables use of the Progressive Syncs capability
applicationsetcontroller.enable.progressive.syncs: false
# -- A list of glob patterns specifying where to look for ApplicationSet resources. (e.g. `"argocd,argocd-appsets-*"`)
# @default -- `""` (default is only the ns where the controller is installed)
## For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Appset-Any-Namespace/
applicationsetcontroller.namespaces: ""
# -- Enables [Applications in any namespace]
## List of additional namespaces where applications may be created in and reconciled from.
@ -619,6 +647,10 @@ controller:
## like round-robin, then the shards will be well-balanced.
dynamicClusterDistribution: false
# -- Runtime class name for the application controller
# @default -- `""` (defaults to global.runtimeClassName)
runtimeClassName: ""
# -- Application controller heartbeat time
# Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution/#working-of-dynamic-distribution
heartbeatTime: 10
@ -919,6 +951,10 @@ dex:
# -- Additional command line arguments to pass to the Dex server
extraArgs: []
# -- Runtime class name for Dex
# @default -- `""` (defaults to global.runtimeClassName)
runtimeClassName: ""
metrics:
# -- Deploy metrics service
enabled: false
@ -1213,6 +1249,10 @@ redis:
# -- Redis name
name: redis
# -- Runtime class name for redis
# @default -- `""` (defaults to global.runtimeClassName)
runtimeClassName: ""
## Redis Pod Disruption Budget
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
pdb:
@ -1685,6 +1725,9 @@ redisSecretInit:
# @default -- `""` (defaults to global.priorityClassName)
priorityClassName: ""
# -- Assign custom [affinity] rules to the Redis secret-init Job
affinity: {}
# -- Node selector to be added to the Redis secret-init Job
# @default -- `{}` (defaults to global.nodeSelector)
nodeSelector: {}
@ -1701,6 +1744,10 @@ server:
# -- The number of server pods to run
replicas: 1
# -- Runtime class name for the Argo CD server
# @default -- `""` (defaults to global.runtimeClassName)
runtimeClassName: ""
## Argo CD server Horizontal Pod Autoscaler
autoscaling:
# -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server
@ -2504,6 +2551,10 @@ repoServer:
# -- The number of repo server pods to run
replicas: 1
# -- Runtime class name for the repo server
# @default -- `""` (defaults to global.runtimeClassName)
runtimeClassName: ""
## Repo server Horizontal Pod Autoscaler
autoscaling:
# -- Enable Horizontal Pod Autoscaler ([HPA]) for the repo server
@ -2892,6 +2943,10 @@ applicationSet:
# -- The number of ApplicationSet controller pods to run
replicas: 1
# -- Runtime class name for the ApplicationSet controller
# @default -- `""` (defaults to global.runtimeClassName)
runtimeClassName: ""
## ApplicationSet controller Pod Disruption Budget
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
pdb:
@ -3259,6 +3314,10 @@ notifications:
# @default -- `""` (defaults to https://`global.domain`)
argocdUrl: ""
# -- Runtime class name for the notifications controller
# @default -- `""` (defaults to global.runtimeClassName)
runtimeClassName: ""
## Notifications controller Pod Disruption Budget
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
pdb:

4
charts/argo-events/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
appVersion: v1.9.2
description: A Helm chart for Argo Events, the event-driven workflow automation framework
name: argo-events
version: 2.4.7
version: 2.4.8
home: https://github.com/argoproj/argo-helm
icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4
keywords:
@ -19,4 +19,4 @@ annotations:
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: fixed
description: Update Jetstream versions as following upstream
description: events-webhook Service using non-default port

2
charts/argo-events/templates/argo-events-webhook/service.yaml
View file

@ -8,7 +8,7 @@ metadata:
{{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }}
spec:
ports:
- port: 443
- port: {{ int .Values.webhook.port }}
targetPort: webhook
selector:
{{- include "argo-events.selectorLabels" (dict "context" $ "name" $.Values.webhook.name) | nindent 4 }}

6
charts/argo-rollouts/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
appVersion: v1.7.2
description: A Helm chart for Argo Rollouts
name: argo-rollouts
version: 2.37.6
version: 2.37.7
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
keywords:
@ -18,5 +18,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: changed
description: add loadBalancerClass field for Service resources
- kind: added
description: add description for manual secret creation

2
charts/argo-rollouts/README.md
View file

@ -60,7 +60,7 @@ For full list of changes please check ArtifactHub [changelog].
| notifications.configmap.create | bool | `true` | Whether to create notifications configmap |
| notifications.notifiers | object | `{}` | Configures notification services |
| notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret |
| notifications.secret.create | bool | `false` | Whether to create notifications secret |
| notifications.secret.create | bool | `false` | Whether to create notifications secret. |
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret |
| notifications.subscriptions | list | `[]` | The subscriptions define the subscriptions to the triggers in a general way for all rollouts |
| notifications.templates | object | `{}` | Notification templates |

3
charts/argo-rollouts/values.yaml
View file

@ -456,7 +456,8 @@ notifications:
create: true
secret:
# -- Whether to create notifications secret
# -- Whether to create notifications secret.
## If you want to manually create secret, do not forget to add proper label to it: "app.kubernetes.io/component: {{ .Values.controller.component }}".
create: false
# -- Generic key:value pairs to be inserted into the notifications secret
items: {}

8
charts/argo-workflows/Chart.yaml
View file

@ -1,9 +1,9 @@
apiVersion: v2
appVersion: v3.5.10
appVersion: v3.5.11
name: argo-workflows
description: A Helm chart for Argo Workflows
type: application
version: 0.42.1
version: 0.42.5
icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png
home: https://github.com/argoproj/argo-helm
sources:
@ -16,5 +16,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: changed
description: add loadBalancerClass field for Service resources
- kind: fixed
description: Avoid to create ClusterRole for cluster template when singleNamespace

3
charts/argo-workflows/README.md
View file

@ -175,7 +175,9 @@ Fields to note:
| controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) |
| controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server |
| controller.metricsConfig.headlessService | bool | `false` | Flag to enable headless service |
| controller.metricsConfig.honorLabels | bool | `false` | When true, honorLabels preserves the metrics labels when they collide with the targets labels. |
| controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. |
| controller.metricsConfig.interval | string | `"30s"` | Frequency at which prometheus scrapes metrics |
| controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion |
| controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory |
| controller.metricsConfig.path | string | `"/metrics"` | Path is the path where metrics are emitted. Must start with a "/". |
@ -223,6 +225,7 @@ Fields to note:
| controller.serviceType | string | `"ClusterIP"` | Service type of the controller Service |
| controller.telemetryConfig.enabled | bool | `false` | Enables prometheus telemetry server |
| controller.telemetryConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. |
| controller.telemetryConfig.interval | string | `"30s"` | Frequency at which prometheus scrapes telemetry data |
| controller.telemetryConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory |
| controller.telemetryConfig.path | string | `"/telemetry"` | telemetry path |
| controller.telemetryConfig.port | int | `8081` | telemetry container port |

2
charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
View file

@ -198,7 +198,7 @@ rules:
- watch
{{- end }}
{{- if .Values.controller.clusterWorkflowTemplates.enabled }}
{{- if and .Values.controller.clusterWorkflowTemplates.enabled (not .Values.singleNamespace) }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole

6
charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
View file

@ -15,7 +15,7 @@ spec:
{{- if .Values.controller.metricsConfig.enabled }}
- port: {{ .Values.controller.metricsConfig.servicePortName }}
path: {{ .Values.controller.metricsConfig.path }}
interval: 30s
interval: {{ .Values.controller.metricsConfig.interval }}
{{- with .Values.controller.metricsConfig.relabelings }}
relabelings:
{{- toYaml . | nindent 8 }}
@ -24,11 +24,12 @@ spec:
metricRelabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
honorLabels: {{ .Values.controller.metricsConfig.honorLabels }}
{{- end }}
{{- if .Values.controller.telemetryConfig.enabled }}
- port: telemetry
path: {{ .Values.controller.telemetryConfig.path }}
interval: 30s
interval: {{ .Values.controller.telemetryConfig.interval }}
{{- with .Values.controller.metricsConfig.relabelings }}
relabelings:
{{- toYaml . | nindent 8 }}
@ -37,6 +38,7 @@ spec:
metricRelabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
honorLabels: {{ .Values.controller.metricsConfig.honorLabels }}
{{- end }}
{{- with .Values.controller.metricsConfig.targetLabels }}
targetLabels:

2
charts/argo-workflows/templates/server/server-cluster-roles.yaml
View file

@ -118,7 +118,7 @@ rules:
- patch
- delete
{{- if .Values.server.clusterWorkflowTemplates.enabled }}
{{- if and .Values.server.clusterWorkflowTemplates.enabled (not .Values.singleNamespace) }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole

7
charts/argo-workflows/values.yaml
View file

@ -127,6 +127,8 @@ controller:
enabled: false
# -- Path is the path where metrics are emitted. Must start with a "/".
path: /metrics
# -- Frequency at which prometheus scrapes metrics
interval: 30s
# -- Port is the port where metrics are emitted
port: 9090
# -- How often custom metrics are cleared from memory
@ -143,6 +145,9 @@ controller:
servicePortName: metrics
# -- Flag to enable headless service
headlessService: false
# -- When true, honorLabels preserves the metrics labels when they collide with the targets labels.
## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#honorlabels
honorLabels: false
# -- ServiceMonitor relabel configs to apply to samples before scraping
## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
relabelings: []
@ -231,6 +236,8 @@ controller:
enabled: false
# -- telemetry path
path: /telemetry
# -- Frequency at which prometheus scrapes telemetry data
interval: 30s
# -- telemetry container port
port: 8081
# -- How often custom metrics are cleared from memory

4
charts/argocd-apps/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
name: argocd-apps
description: A Helm chart for managing additional Argo CD Applications and Projects
type: application
version: 2.0.0
version: 2.0.2
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
keywords:
@ -18,4 +18,4 @@ annotations:
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: added
description: make the chart use maps instead of lists
description: allow setting applicationset finalizers

2
charts/argocd-apps/ci/applicationsets-values.yaml
View file

@ -4,6 +4,8 @@ applicationsets:
applicationset:
additionalLabels: {}
additionalAnnotations: {}
finalizers:
- resources-finalizer.argocd.argoproj.io
# See PR #10026 (ArgoCD v2.5 or later)
# goTemplate: false
generators:

4
charts/argocd-apps/templates/applicationsets.yaml
View file

@ -17,6 +17,10 @@ metadata:
{{- with $appSetData.namespace }}
namespace: {{ . }}
{{- end }}
{{- with $appSetData.finalizers }}
finalizers:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if hasKey $appSetData "goTemplate" }}
goTemplate: {{ $appSetData.goTemplate }}

4
charts/argocd-apps/templates/projects.yaml
View file

@ -25,7 +25,9 @@ spec:
{{- with $projectData.permitOnlyProjectScopedClusters }}
permitOnlyProjectScopedClusters: {{ . }}
{{- end }}
description: {{ $projectData.description }}
{{- with $projectData.description }}
description: {{ . }}
{{- end }}
{{- with $projectData.sourceRepos }}
sourceRepos:
{{- toYaml . | nindent 4 }}

2
charts/argocd-apps/values.yaml
View file

@ -97,6 +97,8 @@ applicationsets: {}
# namespace: argocd
# additionalLabels: {}
# additionalAnnotations: {}
# finalizers:
# - resources-finalizer.argocd.argoproj.io
# # See PR #10026 (ArgoCD v2.5 or later)
# # goTemplate: false
# generators:

3
renovate.json
View file

@ -5,7 +5,8 @@
},
"extends": [
"config:recommended",
"docker:enableMajor"
"docker:enableMajor",
":gitSignOff"
],
"labels": ["renovate"],
"includePaths": [