DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into amcamina/customize_rbca

Browse source
This commit is contained in:
amcamina 2024-03-12 10:51:16 +01:00 committed by GitHub
commit d81123c9e3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
53 changed files with 204 additions and 58 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.github/workflows/publish.yml vendored
View file

@ -12,6 +12,7 @@ permissions:
jobs: jobs:
publish: publish:
if: github.repository == 'argoproj/argo-helm'
permissions: permissions:
contents: write # for helm/chart-releaser-action to push chart release and create a release contents: write # for helm/chart-releaser-action to push chart release and create a release
packages: write # to push OCI chart package to GitHub Registry packages: write # to push OCI chart package to GitHub Registry

7
.github/workflows/renovate.yaml vendored
View file

@ -12,10 +12,11 @@ permissions:
jobs: jobs:
renovate: renovate:
if: github.repository == 'argoproj/argo-helm'
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Get token - name: Get token
uses: actions/create-github-app-token@e8e39f73bb84fdf315a015fa3104f314c0a258b4 # v1.8.1 uses: actions/create-github-app-token@f2acddfb5195534d487896a656232b016a682f3c # v1.9.0
id: get_token id: get_token
with: with:
app-id: ${{ vars.RENOVATE_APP_ID }} app-id: ${{ vars.RENOVATE_APP_ID }}
@ -25,11 +26,11 @@ jobs:
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Self-hosted Renovate - name: Self-hosted Renovate
uses: renovatebot/github-action@a6e57359b32af9a54d5b3b6603011f50629a0a05 # v40.1.2 uses: renovatebot/github-action@c134f38c01867794a23c35e86660bd9609caf30c # v40.1.4
with: with:
configurationFile: .github/configs/renovate-config.js configurationFile: .github/configs/renovate-config.js
# renovate: datasource=docker depName=ghcr.io/renovatebot/renovate # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate
renovate-version: 37.221.0 renovate-version: 37.222.0
token: '${{ steps.get_token.outputs.token }}' token: '${{ steps.get_token.outputs.token }}'
env: env:
LOG_LEVEL: 'debug' LOG_LEVEL: 'debug'

8
charts/argo-cd/Chart.yaml
View file

@ -1,9 +1,9 @@
apiVersion: v2 apiVersion: v2
appVersion: v2.10.1 appVersion: v2.10.2
kubeVersion: ">=1.23.0-0" kubeVersion: ">=1.23.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd name: argo-cd
version: 6.5.0 version: 6.7.1
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources: sources:
@ -26,5 +26,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: | artifacthub.io/changes: |
- kind: added - kind: changed
description: Support for templating ingress extraPaths and extraRules description: Fixed a bug for TLS host value in GRPC ingress endpoint

2
charts/argo-cd/README.md
View file

@ -1302,6 +1302,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| Key | Type | Default | Description | | Key | Type | Default | Description |
|-----|------|---------|-------------| |-----|------|---------|-------------|
| applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| applicationSet.allowAnyNamespace | bool | `false` | Enable ApplicationSet in any namespace feature |
| applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) |
| applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | | applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate |
| applicationSet.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) | | applicationSet.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) |
@ -1464,6 +1465,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret |
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret |
| notifications.secret.labels | object | `{}` | key:value pairs of labels to be added to the secret | | notifications.secret.labels | object | `{}` | key:value pairs of labels to be added to the secret |
| notifications.secret.name | string | `"argocd-notifications-secret"` | notifications controller Secret name |
| notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
| notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
| notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | | notifications.serviceAccount.create | bool | `true` | Create notifications controller service account |

89
charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml Normal file
View file

@ -0,0 +1,89 @@
{{- if .Values.applicationSet.allowAnyNamespace }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "argo-cd.applicationSet.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
rules:
- apiGroups:
- argoproj.io
resources:
- applications
- applicationsets
- applicationsets/finalizers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- argoproj.io
resources:
- applicationsets/status
verbs:
- get
- patch
- update
- apiGroups:
- argoproj.io
resources:
- appprojects
verbs:
- get
- apiGroups:
- ""
resources:
- events
verbs:
- create
- get
- list
- patch
- watch
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- update
- delete
- get
- list
- patch
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- apps
- extensions
resources:
- deployments
verbs:
- get
- list
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
{{- end }}

17
charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml Normal file
View file

@ -0,0 +1,17 @@
{{- if .Values.applicationSet.allowAnyNamespace }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "argo-cd.applicationSet.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "argo-cd.applicationSet.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "argo-cd.applicationSet.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}

2
charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml
View file

@ -2,7 +2,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: argocd-notifications-secret name: {{ .Values.notifications.secret.name }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ .Release.Namespace | quote }}
labels: labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}

4
charts/argo-cd/templates/argocd-notifications/clusterrole.yaml
View file

@ -38,14 +38,12 @@ rules:
verbs: verbs:
- get - get
{{- end }} {{- end }}
{{- if .Values.notifications.secret.create }}
- apiGroups: - apiGroups:
- "" - ""
resourceNames: resourceNames:
- argocd-notifications-secret - {{ .Values.notifications.secret.name }}
resources: resources:
- secrets - secrets
verbs: verbs:
- get - get
{{- end }}
{{- end }} {{- end }}

1
charts/argo-cd/templates/argocd-notifications/deployment.yaml
View file

@ -66,6 +66,7 @@ spec:
- --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }}
- --namespace={{ .Release.Namespace }} - --namespace={{ .Release.Namespace }}
- --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
- --secret-name={{ .Values.notifications.secret.name }}
{{- range .Values.notifications.extraArgs }} {{- range .Values.notifications.extraArgs }}
- {{ . | squote }} - {{ . | squote }}
{{- end }} {{- end }}

2
charts/argo-cd/templates/argocd-notifications/role.yaml
View file

@ -37,7 +37,7 @@ rules:
- apiGroups: - apiGroups:
- "" - ""
resourceNames: resourceNames:
- argocd-notifications-secret - {{ .Values.notifications.secret.name }}
resources: resources:
- secrets - secrets
verbs: verbs:

2
charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
View file

@ -53,7 +53,7 @@ spec:
tls: tls:
{{- if .Values.server.ingressGrpc.tls }} {{- if .Values.server.ingressGrpc.tls }}
- hosts: - hosts:
- {{ $hostname }} - {{ .Values.server.ingressGrpc.hostname | default $hostname }}
secretName: argocd-server-grpc-tls secretName: argocd-server-grpc-tls
{{- end }} {{- end }}
{{- with .Values.server.ingressGrpc.extraTls }} {{- with .Values.server.ingressGrpc.extraTls }}

7
charts/argo-cd/values.yaml
View file

@ -2928,7 +2928,8 @@ applicationSet:
# - secretName: argocd-applicationset-tls # - secretName: argocd-applicationset-tls
# hosts: # hosts:
# - argocd-applicationset.example.com # - argocd-applicationset.example.com
# -- Enable ApplicationSet in any namespace feature
allowAnyNamespace: false
## Notifications controller ## Notifications controller
notifications: notifications:
# -- Enable notifications controller # -- Enable notifications controller
@ -3016,8 +3017,12 @@ notifications:
secret: secret:
# -- Whether helm chart creates notifications controller secret # -- Whether helm chart creates notifications controller secret
## If true, will create a secret with the name below. Otherwise, will assume existence of a secret with that name.
create: true create: true
# -- notifications controller Secret name
name: "argocd-notifications-secret"
# -- key:value pairs of annotations to be added to the secret # -- key:value pairs of annotations to be added to the secret
annotations: {} annotations: {}

6
charts/argo-workflows/Chart.yaml
View file

@ -3,7 +3,7 @@ appVersion: v3.5.5
name: argo-workflows name: argo-workflows
description: A Helm chart for Argo Workflows description: A Helm chart for Argo Workflows
type: application type: application
version: 0.40.12 version: 0.40.14
icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
sources: sources:
@ -16,5 +16,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: | artifacthub.io/changes: |
- kind: changed - kind: added
description: Bump argo-workflows to v3.5.5 description: Support namespaceOverride

1
charts/argo-workflows/README.md
View file

@ -124,6 +124,7 @@ Fields to note:
| images.tag | string | `""` | Common tag for Argo Workflows images. Defaults to `.Chart.AppVersion`. | | images.tag | string | `""` | Common tag for Argo Workflows images. Defaults to `.Chart.AppVersion`. |
| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests |
| nameOverride | string | `nil` | String to partially override "argo-workflows.fullname" template | | nameOverride | string | `nil` | String to partially override "argo-workflows.fullname" template |
| namespaceOverride | string | `.Release.Namespace` | Override the namespace |
| singleNamespace | bool | `false` | Restrict Argo to operate only in a single namespace (the namespace of the Helm release) by apply Roles and RoleBindings instead of the Cluster equivalents, and start workflow-controller with the --namespaced flag. Use it in clusters with strict access policy. | | singleNamespace | bool | `false` | Restrict Argo to operate only in a single namespace (the namespace of the Helm release) by apply Roles and RoleBindings instead of the Cluster equivalents, and start workflow-controller with the --namespaced flag. Use it in clusters with strict access policy. |
### Workflow ### Workflow

8
charts/argo-workflows/templates/_helpers.tpl
View file

@ -189,3 +189,11 @@ Return the appropriate apiVersion for GKE resources
{{- print "cloud.google.com/v1beta1" -}} {{- print "cloud.google.com/v1beta1" -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{/*
Expand the namespace of the release.
Allows overriding it for multi-namespace deployments in combined charts.
*/}}
{{- define "argo-workflows.namespace" -}}
{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}}
{{- end }}

2
charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml
View file

@ -4,7 +4,7 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: {{ $cm_name }} name: {{ $cm_name }}
namespace: {{ $.Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" $ | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $cm_name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $cm_name) | nindent 4 }}
{{- with $cm_val.annotations }} {{- with $cm_val.annotations }}

2
charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
View file

@ -8,7 +8,7 @@ kind: ClusterRole
metadata: metadata:
name: {{ template "argo-workflows.controller.fullname" . }} name: {{ template "argo-workflows.controller.fullname" . }}
{{- if .Values.singleNamespace }} {{- if .Values.singleNamespace }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
{{- end }} {{- end }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}

2
charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
View file

@ -3,7 +3,7 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: {{ template "argo-workflows.controller.config-map.name" . }} name: {{ template "argo-workflows.controller.config-map.name" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }}
data: data:

6
charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
View file

@ -8,7 +8,7 @@ kind: ClusterRoleBinding
metadata: metadata:
name: {{ template "argo-workflows.controller.fullname" . }} name: {{ template "argo-workflows.controller.fullname" . }}
{{- if .Values.singleNamespace }} {{- if .Values.singleNamespace }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
{{- end }} {{- end }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
@ -23,7 +23,7 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: {{ template "argo-workflows.controllerServiceAccountName" . }} name: {{ template "argo-workflows.controllerServiceAccountName" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
{{- if .Values.controller.clusterWorkflowTemplates.enabled }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }}
--- ---
@ -40,6 +40,6 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: {{ template "argo-workflows.controllerServiceAccountName" . }} name: {{ template "argo-workflows.controllerServiceAccountName" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
{{- end }} {{- end }}
{{- end }} {{- end }}

2
charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml
View file

@ -3,7 +3,7 @@ apiVersion: policy/v1
kind: PodDisruptionBudget kind: PodDisruptionBudget
metadata: metadata:
name: {{ template "argo-workflows.controller.fullname" . }} name: {{ template "argo-workflows.controller.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
spec: spec:

6
charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml
View file

@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: {{ template "argo-workflows.controller.fullname" . }} name: {{ template "argo-workflows.controller.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }}
@ -89,6 +89,10 @@ spec:
fieldRef: fieldRef:
apiVersion: v1 apiVersion: v1
fieldPath: metadata.name fieldPath: metadata.name
{{- if eq (int .Values.controller.replicas) 1 }}
- name: LEADER_ELECTION_DISABLE
value: "true"
{{- end }}
{{- with .Values.controller.extraEnv }} {{- with .Values.controller.extraEnv }}
{{- toYaml . | nindent 12 }} {{- toYaml . | nindent 12 }}
{{- end }} {{- end }}

2
charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
View file

@ -3,7 +3,7 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: {{ template "argo-workflows.controllerServiceAccountName" . }} name: {{ template "argo-workflows.controllerServiceAccountName" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
{{- with .Values.controller.serviceAccount.labels }} {{- with .Values.controller.serviceAccount.labels }}

2
charts/argo-workflows/templates/controller/workflow-controller-service.yaml
View file

@ -3,7 +3,7 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ template "argo-workflows.controller.fullname" . }} name: {{ template "argo-workflows.controller.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }}

4
charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
View file

@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor kind: ServiceMonitor
metadata: metadata:
name: {{ template "argo-workflows.controller.fullname" . }} name: {{ template "argo-workflows.controller.fullname" . }}
namespace: {{ default .Release.Namespace .Values.controller.serviceMonitor.namespace | quote }} namespace: {{ default (include "argo-workflows.namespace" .) .Values.controller.serviceMonitor.namespace | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
{{- with .Values.controller.serviceMonitor.additionalLabels }} {{- with .Values.controller.serviceMonitor.additionalLabels }}
@ -43,7 +43,7 @@ spec:
{{- end }} {{- end }}
namespaceSelector: namespaceSelector:
matchNames: matchNames:
- {{ .Release.Namespace | quote }} - {{ include "argo-workflows.namespace" . | quote }}
selector: selector:
matchLabels: matchLabels:
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }}

2
charts/argo-workflows/templates/controller/workflow-rb.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.workflow.rbac.create -}} {{- if .Values.workflow.rbac.create -}}
{{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }}
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding

2
charts/argo-workflows/templates/controller/workflow-role.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.workflow.rbac.create -}} {{- if .Values.workflow.rbac.create -}}
{{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }}
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role

2
charts/argo-workflows/templates/controller/workflow-sa.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.workflow.serviceAccount.create -}} {{- if .Values.workflow.serviceAccount.create -}}
{{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }}
--- ---
apiVersion: v1 apiVersion: v1
kind: ServiceAccount kind: ServiceAccount

2
charts/argo-workflows/templates/server/gke/backendconfig.yaml
View file

@ -3,7 +3,7 @@ apiVersion: {{ include "argo-workflows.apiVersions.cloudgoogle" . }}
kind: BackendConfig kind: BackendConfig
metadata: metadata:
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
spec: spec:

2
charts/argo-workflows/templates/server/gke/frontendconfig.yaml
View file

@ -3,7 +3,7 @@ apiVersion: networking.gke.io/v1beta1
kind: FrontendConfig kind: FrontendConfig
metadata: metadata:
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
spec: spec:

2
charts/argo-workflows/templates/server/gke/managedcertificate.yaml
View file

@ -3,7 +3,7 @@ apiVersion: networking.gke.io/v1
kind: ManagedCertificate kind: ManagedCertificate
metadata: metadata:
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
spec: spec:
domains: domains:
{{- with .Values.server.GKEmanagedCertificate.domains }} {{- with .Values.server.GKEmanagedCertificate.domains }}

2
charts/argo-workflows/templates/server/server-cluster-roles.yaml
View file

@ -8,7 +8,7 @@ kind: ClusterRole
metadata: metadata:
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
{{- if .Values.singleNamespace }} {{- if .Values.singleNamespace }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
{{- end }} {{- end }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}

6
charts/argo-workflows/templates/server/server-crb.yaml
View file

@ -8,7 +8,7 @@ kind: ClusterRoleBinding
metadata: metadata:
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
{{- if .Values.singleNamespace }} {{- if .Values.singleNamespace }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
{{- end }} {{- end }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
@ -23,7 +23,7 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: {{ template "argo-workflows.serverServiceAccountName" . }} name: {{ template "argo-workflows.serverServiceAccountName" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
{{- if .Values.server.clusterWorkflowTemplates.enabled }} {{- if .Values.server.clusterWorkflowTemplates.enabled }}
--- ---
@ -40,6 +40,6 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: {{ template "argo-workflows.serverServiceAccountName" . }} name: {{ template "argo-workflows.serverServiceAccountName" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}

2
charts/argo-workflows/templates/server/server-deployment-hpa.yaml
View file

@ -3,7 +3,7 @@ apiVersion: {{ include "argo-workflows.apiVersion.autoscaling" . }}
kind: HorizontalPodAutoscaler kind: HorizontalPodAutoscaler
metadata: metadata:
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
spec: spec:

2
charts/argo-workflows/templates/server/server-deployment-pdb.yaml
View file

@ -3,7 +3,7 @@ apiVersion: policy/v1
kind: PodDisruptionBudget kind: PodDisruptionBudget
metadata: metadata:
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
spec: spec:

2
charts/argo-workflows/templates/server/server-deployment.yaml
View file

@ -3,7 +3,7 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }}

2
charts/argo-workflows/templates/server/server-ingress.yaml
View file

@ -14,7 +14,7 @@ metadata:
{{- end }} {{- end }}
{{- end }} {{- end }}
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
{{- if .Values.server.ingress.labels }} {{- if .Values.server.ingress.labels }}

2
charts/argo-workflows/templates/server/server-sa.yaml
View file

@ -3,7 +3,7 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: {{ template "argo-workflows.serverServiceAccountName" . }} name: {{ template "argo-workflows.serverServiceAccountName" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
{{- with .Values.server.serviceAccount.labels }} {{- with .Values.server.serviceAccount.labels }}

2
charts/argo-workflows/templates/server/server-service.yaml
View file

@ -3,7 +3,7 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ template "argo-workflows.server.fullname" . }} name: {{ template "argo-workflows.server.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argo-workflows.namespace" . | quote }}
labels: labels:
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }}

4
charts/argo-workflows/values.yaml
View file

@ -26,6 +26,10 @@ nameOverride:
# -- String to fully override "argo-workflows.fullname" template # -- String to fully override "argo-workflows.fullname" template
fullnameOverride: fullnameOverride:
# -- Override the namespace
# @default -- `.Release.Namespace`
namespaceOverride: ""
# -- Labels to set on all resources # -- Labels to set on all resources
commonLabels: {} commonLabels: {}

4
charts/argocd-image-updater/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
name: argocd-image-updater name: argocd-image-updater
description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD
type: application type: application
version: 0.9.4 version: 0.9.5
appVersion: v0.12.2 appVersion: v0.12.2
home: https://github.com/argoproj-labs/argocd-image-updater home: https://github.com/argoproj-labs/argocd-image-updater
icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png
@ -19,4 +19,4 @@ annotations:
url: https://argoproj.github.io/argo-helm/pgp_keys.asc url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: | artifacthub.io/changes: |
- kind: added - kind: added
description: Allow defining additional labels to Service Account description: Allow overriding of .Release.Namespace with .Values.namespaceOverride

1
charts/argocd-image-updater/README.md
View file

@ -105,6 +105,7 @@ The `config.registries` value can be used exactly as it looks in the documentati
| metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | | metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping |
| metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| nameOverride | string | `""` | Global name (argocd-image-updater.name in _helpers.tpl) override | | nameOverride | string | `""` | Global name (argocd-image-updater.name in _helpers.tpl) override |
| namespaceOverride | string | `""` | Global namespace (argocd-image-updater.namespace in _helpers.tpl) override |
| nodeSelector | object | `{}` | Kubernetes nodeSelector settings for the deployment | | nodeSelector | object | `{}` | Kubernetes nodeSelector settings for the deployment |
| podAnnotations | object | `{}` | Pod Annotations for the deployment | | podAnnotations | object | `{}` | Pod Annotations for the deployment |
| podLabels | object | `{}` | Pod Labels for the deployment | | podLabels | object | `{}` | Pod Labels for the deployment |

7
charts/argocd-image-updater/templates/_helpers.tpl
View file

@ -24,6 +24,13 @@ If release name contains chart name it will be used as a full name.
{{- end }} {{- end }}
{{- end }} {{- end }}
{{/*
Override .Release.Namespace
*/}}
{{- define "argocd-image-updater.namespace" -}}
{{- default .Release.Namespace .Values.namespaceOverride }}
{{- end }}
{{/* {{/*
Create chart name and version as used by the chart label. Create chart name and version as used by the chart label.
*/}} */}}

2
charts/argocd-image-updater/templates/configmap-authscripts.yaml
View file

@ -5,7 +5,7 @@ metadata:
labels: labels:
{{- include "argocd-image-updater.labels" . | nindent 4 }} {{- include "argocd-image-updater.labels" . | nindent 4 }}
name: argocd-image-updater-authscripts name: argocd-image-updater-authscripts
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argocd-image-updater.namespace" . | quote }}
data: data:
{{- toYaml .Values.authScripts.scripts | nindent 2}} {{- toYaml .Values.authScripts.scripts | nindent 2}}
{{- end }} {{- end }}

2
charts/argocd-image-updater/templates/configmap-sshconfig.yaml
View file

@ -4,7 +4,7 @@ metadata:
labels: labels:
{{- include "argocd-image-updater.labels" . | nindent 4 }} {{- include "argocd-image-updater.labels" . | nindent 4 }}
name: argocd-image-updater-ssh-config name: argocd-image-updater-ssh-config
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argocd-image-updater.namespace" . | quote }}
data: data:
{{- with .Values.config.sshConfig }} {{- with .Values.config.sshConfig }}
{{- toYaml . | nindent 2 }} {{- toYaml . | nindent 2 }}

2
charts/argocd-image-updater/templates/configmap.yaml
View file

@ -5,7 +5,7 @@ metadata:
labels: labels:
{{- include "argocd-image-updater.labels" . | nindent 4 }} {{- include "argocd-image-updater.labels" . | nindent 4 }}
name: argocd-image-updater-config name: argocd-image-updater-config
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argocd-image-updater.namespace" . | quote }}
data: data:
{{- with .Values.config.applicationsAPIKind }} {{- with .Values.config.applicationsAPIKind }}
applications_api: {{ . }} applications_api: {{ . }}

2
charts/argocd-image-updater/templates/deployment.yaml
View file

@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: {{ include "argocd-image-updater.fullname" . }} name: {{ include "argocd-image-updater.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argocd-image-updater.namespace" . | quote }}
labels: labels:
{{- include "argocd-image-updater.labels" . | nindent 4 }} {{- include "argocd-image-updater.labels" . | nindent 4 }}
spec: spec:

2
charts/argocd-image-updater/templates/metrics-service.yaml
View file

@ -14,7 +14,7 @@ metadata:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}
{{- end }} {{- end }}
name: {{ include "argocd-image-updater.fullname" . }}-metrics name: {{ include "argocd-image-updater.fullname" . }}-metrics
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argocd-image-updater.namespace" . | quote }}
spec: spec:
ports: ports:
- name: metrics - name: metrics

5
charts/argocd-image-updater/templates/rbac.yaml
View file

@ -6,7 +6,7 @@ metadata:
labels: labels:
{{ include "argocd-image-updater.labels" . | nindent 4 }} {{ include "argocd-image-updater.labels" . | nindent 4 }}
name: {{ include "argocd-image-updater.fullname" . }} name: {{ include "argocd-image-updater.fullname" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argocd-image-updater.namespace" . | quote }}
rules: rules:
- apiGroups: - apiGroups:
- '' - ''
@ -39,6 +39,7 @@ metadata:
labels: labels:
{{ include "argocd-image-updater.labels" . | nindent 4 }} {{ include "argocd-image-updater.labels" . | nindent 4 }}
name: {{ include "argocd-image-updater.fullname" . }} name: {{ include "argocd-image-updater.fullname" . }}
namespace: {{ include "argocd-image-updater.namespace" . | quote }}
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role
@ -46,5 +47,5 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: {{ include "argocd-image-updater.serviceAccountName" . }} name: {{ include "argocd-image-updater.serviceAccountName" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argocd-image-updater.namespace" . | quote }}
{{- end }} {{- end }}

2
charts/argocd-image-updater/templates/secret.yaml
View file

@ -3,7 +3,7 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: argocd-image-updater-secret name: argocd-image-updater-secret
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argocd-image-updater.namespace" . | quote }}
labels: labels:
{{- include "argocd-image-updater.labels" . | nindent 4 }} {{- include "argocd-image-updater.labels" . | nindent 4 }}
type: Opaque type: Opaque

2
charts/argocd-image-updater/templates/serviceaccount.yaml
View file

@ -3,7 +3,7 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: {{ include "argocd-image-updater.serviceAccountName" . }} name: {{ include "argocd-image-updater.serviceAccountName" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ include "argocd-image-updater.namespace" . | quote }}
labels: labels:
{{- include "argocd-image-updater.labels" . | nindent 4 }} {{- include "argocd-image-updater.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.labels }} {{- with .Values.serviceAccount.labels }}

4
charts/argocd-image-updater/templates/servicemonitor.yaml
View file

@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor kind: ServiceMonitor
metadata: metadata:
name: {{ include "argocd-image-updater.fullname" . }}-metrics name: {{ include "argocd-image-updater.fullname" . }}-metrics
namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} namespace: {{ default (include "argocd-image-updater.namespace" .) .Values.metrics.serviceMonitor.namespace | quote }}
labels: labels:
{{- include "argocd-image-updater.labels" . | nindent 4 }} {{- include "argocd-image-updater.labels" . | nindent 4 }}
{{- with .Values.metrics.serviceMonitor.selector }} {{- with .Values.metrics.serviceMonitor.selector }}
@ -29,7 +29,7 @@ spec:
{{- end }} {{- end }}
namespaceSelector: namespaceSelector:
matchNames: matchNames:
- {{ .Release.Namespace }} - {{ include "argocd-image-updater.namespace" . | quote }}
selector: selector:
matchLabels: matchLabels:
{{- include "argocd-image-updater.selectorLabels" . | nindent 6 }} {{- include "argocd-image-updater.selectorLabels" . | nindent 6 }}

2
charts/argocd-image-updater/values.yaml
View file

@ -17,6 +17,8 @@ imagePullSecrets: []
nameOverride: "" nameOverride: ""
# -- Global fullname (argocd-image-updater.fullname in _helpers.tpl) override # -- Global fullname (argocd-image-updater.fullname in _helpers.tpl) override
fullnameOverride: "" fullnameOverride: ""
# -- Global namespace (argocd-image-updater.namespace in _helpers.tpl) override
namespaceOverride: ""
# -- Extra arguments for argocd-image-updater not defined in `config.argocd`. # -- Extra arguments for argocd-image-updater not defined in `config.argocd`.
# If a flag contains both key and value, they need to be split to a new entry # If a flag contains both key and value, they need to be split to a new entry

4
renovate.json
View file

@ -98,6 +98,10 @@
{ {
"matchPackagePatterns": ["redis-ha"], "matchPackagePatterns": ["redis-ha"],
"enabled": false "enabled": false
},
{
"matchPackageNames": ["ghcr.io/renovatebot/renovate"],
"extends": ["schedule:monthly"]
} }
] ]
} }