feat(argo-cd): Add probes for Dex server (#890)

* Add probes for Dex server >= 2.28.0 Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Enable metrics port and allow user to configure only retries Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update README Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Place probe configuration on top-level Signed-off-by: Petr Drastil <petr.drastil@gmail.com>
2021-08-24 14:37:34 +02:00 · 2021-08-24 14:37:34 +02:00 · da73ab6a69
commit da73ab6a69
parent 3a4baae95d
4 changed files with 54 additions and 9 deletions
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: 2.1.0
 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 3.13.2
+version: 3.14.0
 home: https://github.com/argoproj/argo-helm
 icon: https://argoproj.github.io/argo-cd/assets/logo.png
 keywords:
@ -21,4 +21,4 @@ dependencies:
    condition: redis-ha.enabled
 annotations:
  artifacthub.io/changes: |
-    - "[Changed]: Parameterized dex service port names for istio-ingress 403 error"
+    - "[Added]: Probe configuration for Dex server"
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@ -391,6 +391,18 @@ NAME: my-release
 | dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
 | dex.podAnnotations | Annotations for the Dex server pods | `{}` |
 | dex.podLabels | Labels for the Dex server pods | `{}` |
+| dex.livenessProbe.enabled | Enable Kubernetes liveness probe for Dex >= 2.28.0 | `false` |
+| dex.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
+| dex.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` |
+| dex.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
+| dex.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
+| dex.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
+| dex.readinessProbe.enabled | Enable Kubernetes readiness probe for Dex >= 2.28.0 | `false` |
+| dex.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
+| dex.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` |
+| dex.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
+| dex.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
+| dex.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
 | dex.priorityClassName | Priority class for dex | `""` |
 | dex.resources | Resource limits and requests for dex | `{}` |
 | dex.serviceAccount.automountServiceAccountToken | Automount API credentials for the Service Account | `true` |
--- a/charts/argo-cd/templates/dex/deployment.yaml
+++ b/charts/argo-cd/templates/dex/deployment.yaml
@ -73,10 +73,26 @@ spec:
        - name: grpc
          containerPort: {{ .Values.dex.containerPortGrpc }}
          protocol: TCP
-        {{- if .Values.dex.metrics.enabled }}
        - name: metrics
          containerPort: {{ .Values.dex.containerPortMetrics }}
          protocol: TCP
+        {{- if .Values.dex.livenessProbe.enabled }}
+        livenessProbe:
+          httpGet:
+            path: /healthz/live
+            port: metrics
+          {{- with .Values.dex.livenessProbe }}
+            {{- omit . "enabled" | toYaml | nindent 10 }}
+          {{- end }}
+        {{- end }}
+        {{- if .Values.dex.readinessProbe.enabled }}
+        readinessProbe:
+          httpGet:
+            path: /healthz/ready
+            port: metrics
+          {{- with .Values.dex.readinessProbe }}
+            {{- omit . "enabled" | toYaml | nindent 10 }}
+          {{- end }}
        {{- end }}
        volumeMounts:
        - mountPath: /tmp
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@ -259,6 +259,23 @@ dex:
  ##
  podLabels: {}

+  ## Probes for Dex server
+  ## Supported from Dex >= 2.28.0
+  livenessProbe:
+    enabled: false
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+  readinessProbe:
+    enabled: false
+    failureThreshold: 3
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 1
+
  serviceAccount:
    create: true
    name: argocd-dex-server