From f5c5c141c55242b9953e7853d1852b4db61f0242 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 10 Dec 2022 23:50:31 +0900 Subject: [PATCH 01/35] feat(argocd-apps): Support sourceNamespaces for AppProject (#1698) Signed-off-by: yu-croco --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/templates/projects.yaml | 4 ++++ charts/argocd-apps/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 1227df58..7a5840b7 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.4 +version: 0.0.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Projects templates" + - "[Added]: Support sourceNamespaces for AppProject" diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml index f3d24f4f..f747d1b6 100644 --- a/charts/argocd-apps/templates/projects.yaml +++ b/charts/argocd-apps/templates/projects.yaml @@ -63,4 +63,8 @@ spec: signatureKeys: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .sourceNamespaces }} + sourceNamespaces: + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 3e0a07f4..b3eaa5d2 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -74,6 +74,8 @@ projects: [] # manualSync: true # signatureKeys: # - keyID: ABCDEF1234567890 +# sourceNamespaces: +# - argocd # -- Deploy Argo CD ApplicationSets within this helm release # @default -- `[]` (See [values.yaml]) From bc70281ca4302db25dcbe4036d14092f727a0eee Mon Sep 17 00:00:00 2001 From: Jellyfrog Date: Tue, 13 Dec 2022 07:19:17 +0100 Subject: [PATCH 02/35] feat(argo-cd): Add annotations to PrometheusRule (#1700) --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/prometheusrule.yaml | 4 ++++ charts/argo-cd/values.yaml | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ed5ed350..d5216722 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.2 +version: 5.16.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update ArgoCD to v2.5.4" + - "[Added]: Add annotations to PrometheusRule" diff --git a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml index 485ed1aa..c44a63f5 100644 --- a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml @@ -14,6 +14,10 @@ metadata: {{- if .Values.controller.metrics.rules.additionalLabels }} {{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }} {{- end }} + {{- with .Values.controller.metrics.rules.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: groups: - name: argocd diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index aa524ebd..041221d8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -705,6 +705,7 @@ controller: # prometheus: kube-prometheus # namespace: monitoring # additionalLabels: {} + # annotations: {} ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. clusterAdminAccess: From 3644e714d812ee0c37a4b53be6677521e8a593fa Mon Sep 17 00:00:00 2001 From: Viacheslav Vasilyev Date: Tue, 13 Dec 2022 23:31:00 +0200 Subject: [PATCH 03/35] fix(argo-cd): Prevent could not parse 0 warning (#1704) Prevent could not parse 0 warning Signed-off-by: Viacheslav Vasilyev Signed-off-by: Viacheslav Vasilyev --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d5216722..9ab58783 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.3 +version: 5.16.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add annotations to PrometheusRule" + - "[Fixed]: Prevent could not parse 0 warning" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6226c73f..b65562d7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -401,7 +401,7 @@ NAME: my-release | configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | -| configs.cm."timeout.hard.reconciliation" | int | `0` | Timeout to refresh application data as well as target manifests cache | +| configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | | configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 041221d8..29ac4419 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -133,7 +133,7 @@ configs: timeout.reconciliation: 180s # -- Timeout to refresh application data as well as target manifests cache - timeout.hard.reconciliation: 0 + timeout.hard.reconciliation: 0s # Dex configuration # dex.config: | From e9495d3c1080b0946ea62374eb9a3b420c10ac30 Mon Sep 17 00:00:00 2001 From: Marco Lecheler Date: Wed, 14 Dec 2022 22:12:57 +0100 Subject: [PATCH 04/35] docs(argo-cd): Fix Argo CD value description typos for AppSet and Notification controllers (#1706) * docs(argo-cd): rename 'application set' to 'ApplicationSet' * docs(argo-cd): add ApplicationSet prefix for controller * docs(argo-cd): fix ApplicationSet to PascalCase * docs(argo-cd): fix notification controller description for logFormat/logLevel * docs(argo-cd): add notification prefix to values file description * chore(argo-cd): bump chart version * chore(argo-cd): add changelog * chore: generate helm-docs Signed-off-by: Marco Lecheler --- charts/argo-cd/Chart.yaml | 5 ++-- charts/argo-cd/README.md | 50 ++++++++++++++++++------------------ charts/argo-cd/values.yaml | 52 +++++++++++++++++++------------------- 3 files changed, 54 insertions(+), 53 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9ab58783..66852cca 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.4 +version: 5.16.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Prevent could not parse 0 warning" + - "[Docs]: Updated ApplicationSet value documentation" + - "[Docs]: Updated notification value documentation" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b65562d7..99108a06 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -965,14 +965,14 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | -| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | -| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the controller | -| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | +| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | +| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the ApplicationSet controller | +| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the ApplicationSet controller | | applicationSet.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | applicationSet.extraVolumes | list | `[]` | List of extra volumes to add | -| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application set controller | -| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application set controller | -| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application set controller | +| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the ApplicationSet controller | +| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller | +| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | | applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | @@ -997,15 +997,15 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | -| applicationSet.name | string | `"applicationset-controller"` | Application Set controller name string | +| applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string | | applicationSet.nodeSelector | object | `{}` | [Node selector] | | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | | applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | -| applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods | -| applicationSet.podLabels | object | `{}` | Labels for the controller pods | +| applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | +| applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | | applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | | applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | @@ -1014,11 +1014,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | -| applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. | -| applicationSet.service.annotations | object | `{}` | Application set service annotations | -| applicationSet.service.labels | object | `{}` | Application set service labels | -| applicationSet.service.port | int | `7000` | Application set service port | -| applicationSet.service.portName | string | `"webhook"` | Application set service port name | +| applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. | +| applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations | +| applicationSet.service.labels | object | `{}` | ApplicationSet service labels | +| applicationSet.service.port | int | `7000` | ApplicationSet service port | +| applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | | applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | @@ -1028,7 +1028,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | | applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | | applicationSet.webhook.ingress.hosts | list | `[]` | List of ingress hosts | -| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | +| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | | applicationSet.webhook.ingress.labels | object | `{}` | Additional ingress labels | | applicationSet.webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | | applicationSet.webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths | @@ -1061,22 +1061,22 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | | notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | -| notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | +| notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.enabled | bool | `true` | Enable notifications controller | -| notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | +| notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | | notifications.extraEnv | list | `[]` | Additional container environment variables | -| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | +| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller | | notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | notifications.extraVolumes | list | `[]` | List of extra volumes to add | | notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller | | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| notifications.logFormat | string | `""` (defaults to global.logging.format) | Application controller log format. Either `text` or `json` | -| notifications.logLevel | string | `""` (defaults to global.logging.level) | Application controller log level. One of: `debug`, `info`, `warn`, `error` | +| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` | +| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | | notifications.metrics.port | int | `9001` | Metrics port | | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | @@ -1096,12 +1096,12 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb | | notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | | notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | -| notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods | -| notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods | -| notifications.priorityClassName | string | `""` | Priority class for the controller pods | -| notifications.resources | object | `{}` | Resource limits and requests for the controller | +| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | +| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | +| notifications.priorityClassName | string | `""` | Priority class for the notifications controller pods | +| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller | | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | -| notifications.secret.create | bool | `true` | Whether helm chart creates controller secret | +| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 29ac4419..776eb9f8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2132,7 +2132,7 @@ applicationSet: # -- Enable ApplicationSet controller enabled: true - # -- Application Set controller name string + # -- ApplicationSet controller name string name: applicationset-controller # -- The number of ApplicationSet controller pods to run @@ -2156,13 +2156,13 @@ applicationSet: ## ApplicationSet controller image image: - # -- Repository to use for the application set controller + # -- Repository to use for the ApplicationSet controller # @default -- `""` (defaults to global.image.repository) repository: "" - # -- Tag to use for the application set controller + # -- Tag to use for the ApplicationSet controller # @default -- `""` (defaults to global.image.tag) tag: "" - # -- Image pull policy for the application set controller + # -- Image pull policy for the ApplicationSet controller # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -2187,7 +2187,7 @@ applicationSet: # @default -- `""` (defaults to global.logging.level) logLevel: "" - # -- Additional containers to be added to the applicationset controller pod + # -- Additional containers to be added to the ApplicationSet controller pod extraContainers: [] ## Metrics service configuration @@ -2227,15 +2227,15 @@ applicationSet: # -- Prometheus ServiceMonitor annotations annotations: {} - ## Application set service configuration + ## ApplicationSet service configuration service: - # -- Application set service annotations + # -- ApplicationSet service annotations annotations: {} - # -- Application set service labels + # -- ApplicationSet service labels labels: {} - # -- Application set service port + # -- ApplicationSet service port port: 7000 - # -- Application set service port name + # -- ApplicationSet service port name portName: webhook serviceAccount: @@ -2252,10 +2252,10 @@ applicationSet: # -- Annotations to be added to ApplicationSet controller Deployment deploymentAnnotations: {} - # -- Annotations for the controller pods + # -- Annotations for the ApplicationSet controller pods podAnnotations: {} - # -- Labels for the controller pods + # -- Labels for the ApplicationSet controller pods podLabels: {} # -- ApplicationSet controller container-level security context @@ -2300,7 +2300,7 @@ applicationSet: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 - # -- Resource limits and requests for the controller pods. + # -- Resource limits and requests for the ApplicationSet controller pods. resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -2338,12 +2338,12 @@ applicationSet: # -- List of extra cli args to add extraArgs: [] - # -- Environment variables to pass to the controller + # -- Environment variables to pass to the ApplicationSet controller extraEnv: [] # - name: "MY_VAR" # value: "value" - # -- envFrom to pass to the controller + # -- envFrom to pass to the ApplicationSet controller # @default -- `[]` (See [values.yaml]) extraEnvFrom: [] # - configMapRef: @@ -2361,7 +2361,7 @@ applicationSet: annotations: {} # -- Additional ingress labels labels: {} - # -- Defines which ingress controller will implement the resource + # -- Defines which ingress ApplicationSet controller will implement the resource ingressClassName: "" # -- List of ingress hosts @@ -2452,7 +2452,7 @@ notifications: # environmentName: staging secret: - # -- Whether helm chart creates controller secret + # -- Whether helm chart creates notifications controller secret create: true # -- key:value pairs of annotations to be added to the secret @@ -2474,20 +2474,20 @@ notifications: # email-password: # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ - # -- Application controller log format. Either `text` or `json` + # -- Notifications controller log format. Either `text` or `json` # @default -- `""` (defaults to global.logging.format) logFormat: "" - # -- Application controller log level. One of: `debug`, `info`, `warn`, `error` + # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error` # @default -- `""` (defaults to global.logging.level) logLevel: "" - # -- Extra arguments to provide to the controller + # -- Extra arguments to provide to the notifications controller extraArgs: [] # -- Additional container environment variables extraEnv: [] - # -- envFrom to pass to the controller + # -- envFrom to pass to the notifications controller # @default -- `[]` (See [values.yaml]) extraEnvFrom: [] # - configMapRef: @@ -2545,10 +2545,10 @@ notifications: # -- Annotations to be applied to the notifications controller Deployment deploymentAnnotations: {} - # -- Annotations to be applied to the controller Pods + # -- Annotations to be applied to the notifications controller Pods podAnnotations: {} - # -- Labels to be applied to the controller Pods + # -- Labels to be applied to the notifications controller Pods podLabels: {} # -- Notification controller container-level security Context @@ -2563,10 +2563,10 @@ notifications: drop: - ALL - # -- Priority class for the controller pods + # -- Priority class for the notifications controller pods priorityClassName: "" - # -- Resource limits and requests for the controller + # -- Resource limits and requests for the notifications controller resources: {} # limits: # cpu: 100m @@ -2589,7 +2589,7 @@ notifications: # -- Labels applied to created service account labels: {} cm: - # -- Whether helm chart creates controller config map + # -- Whether helm chart creates notifications controller config map create: true # -- Contains centrally managed global application subscriptions From ed24a954677708636c1fbd2edefc3ae8e94b787a Mon Sep 17 00:00:00 2001 From: Nolan Emirot Date: Wed, 14 Dec 2022 22:03:15 -0800 Subject: [PATCH 05/35] chore(argo-cd): add new api version for cert-manager (#1713) chore: add new api version for cert-manager Signed-off-by: Nolan Emirot --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/templates/_versions.tpl | 2 ++ 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 66852cca..8f6e7b45 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.5 +version: 5.16.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Docs]: Updated ApplicationSet value documentation" - - "[Docs]: Updated notification value documentation" + - "[chore]: Update new api-version for cert-manager" diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 8e108bfe..2f2c61f9 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -55,6 +55,8 @@ Return the appropriate apiVersion for cert-manager {{- print .Values.apiVersionOverrides.certmanager -}} {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}} {{- print "cert-manager.io/v1" -}} +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}} +{{- print "cert-manager.io/v1beta1" -}} {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}} {{- print "cert-manager.io/v1alpha3" -}} {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}} From 9e523b0538e353628818d983e133d6b72abdf161 Mon Sep 17 00:00:00 2001 From: Vadim Grek Date: Thu, 15 Dec 2022 10:33:36 +0200 Subject: [PATCH 06/35] chore(argo-events): use policy/v1 for poddisruptionbudgets, when available (#1710) * Use policy/v1 for poddisruptionbudgets, when available Signed-off-by: Vadim Grek --- charts/argo-events/Chart.yaml | 6 ++---- charts/argo-events/templates/_helpers.tpl | 11 +++++++++++ .../templates/argo-events-controller/pdb.yaml | 2 +- .../templates/argo-events-webhook/pdb.yaml | 2 +- 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 55cd3a95..39bf0659 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.3 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.7 +version: 2.0.8 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,6 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63) - - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller/webhook .image.tag with a SHA digest" - - "[Fixed]: webhook.image.tag value now overrides the tag in the webhook deployment" + - "[Fixed]: use policy/v1 for poddisruptionbudgets, when available diff --git a/charts/argo-events/templates/_helpers.tpl b/charts/argo-events/templates/_helpers.tpl index c3110b3f..d18f2ca9 100644 --- a/charts/argo-events/templates/_helpers.tpl +++ b/charts/argo-events/templates/_helpers.tpl @@ -125,3 +125,14 @@ Return the default Argo Events app version {{- define "argo-events.defaultTag" -}} {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} + +{{/* +Define Pdb apiVersion +*/}} +{{- define "argo-events.pdb.apiVersion" -}} +{{- if .Capabilities.APIVersions.Has "policy/v1" }} +{{- printf "policy/v1" -}} +{{- else }} +{{- printf "policy/v1beta1" -}} +{{- end }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/pdb.yaml b/charts/argo-events/templates/argo-events-controller/pdb.yaml index 576fcfcf..f1a7b721 100644 --- a/charts/argo-events/templates/argo-events-controller/pdb.yaml +++ b/charts/argo-events/templates/argo-events-controller/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: policy/v1beta1 +apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.controller.fullname" . }} diff --git a/charts/argo-events/templates/argo-events-webhook/pdb.yaml b/charts/argo-events/templates/argo-events-webhook/pdb.yaml index 3bf08225..15bf97bf 100644 --- a/charts/argo-events/templates/argo-events-webhook/pdb.yaml +++ b/charts/argo-events/templates/argo-events-webhook/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.webhook.enabled .Values.webhook.pdb.enabled (not .Values.controller.rbac.namespaced) }} -apiVersion: policy/v1beta1 +apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.webhook.fullname" . }} From 69feaadde74e46bf9fa412b451d00f2c3849976f Mon Sep 17 00:00:00 2001 From: Chris Reiche <35380634+creiche@users.noreply.github.com> Date: Fri, 16 Dec 2022 19:45:25 -0500 Subject: [PATCH 07/35] feat(argo-events): Add the ability to change the port for argo-events webhook (#1712) --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/README.md | 1 + .../argo-events/templates/argo-events-webhook/deployment.yaml | 4 +++- charts/argo-events/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 39bf0659..fa40f90f 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.3 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.8 +version: 2.0.9 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: use policy/v1 for poddisruptionbudgets, when available + - "[Added]: Ability to specify port for webhook deployment" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 9a66aa06..30f26f30 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -155,6 +155,7 @@ done | webhook.pdb.labels | object | `{}` | Labels to be added to admission webhook pdb | | webhook.podAnnotations | object | `{}` | Annotations to be added to event controller pods | | webhook.podLabels | object | `{}` | Labels to be added to event controller pods | +| webhook.port | int | `443` | Port to listen on | | webhook.priorityClassName | string | `""` | Priority class for the event controller pods | | webhook.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | webhook.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index b030bc7c..2f0478af 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -50,6 +50,8 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: PORT + value: "{{ .Values.webhook.port }}" {{- with .Values.webhook.env }} {{- toYaml . | nindent 8 }} {{- end }} @@ -63,7 +65,7 @@ spec: {{- end }} ports: - name: webhook - containerPort: 443 + containerPort: {{ .Values.webhook.port }} protocol: TCP livenessProbe: tcpSocket: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 87c6ccf0..094a3638 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -315,6 +315,9 @@ webhook: # -- Labels to be added to event controller pods podLabels: {} + # -- Port to listen on + port: 443 + # -- Event controller container-level security context containerSecurityContext: {} # capabilities: From 5047f3c11973e74321288f1ceb41a65aa608ba9c Mon Sep 17 00:00:00 2001 From: Yannay Hammer Date: Sat, 17 Dec 2022 13:35:55 +0200 Subject: [PATCH 08/35] chore(argo-cd): Update ArgoCD to v2.5.5 (#1715) Signed-off-by: Yannay Hammer Signed-off-by: Yannay Hammer --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8f6e7b45..b1591a5f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.4 +appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.6 +version: 5.16.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[chore]: Update new api-version for cert-manager" + - "[chore]: Update ArgoCD to v2.5.5" From 3dcd161bf185edcaac94c7a6c0657870ce16ea85 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 18 Dec 2022 10:12:59 +0900 Subject: [PATCH 09/35] chore(github): bump helm/kind-action from 1.4.0 to 1.5.0 (#1714) chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index f9f19d6a..33942db0 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -58,7 +58,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@v1.4.0 + uses: helm/kind-action@v1.5.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 3c8ad7be8973cafb8a05f127503f0511f619599d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 19 Dec 2022 08:41:56 +0900 Subject: [PATCH 10/35] feat(argo-workflows): Support images property to workflow-controller-configmap for emissary executor (#1708) * feat(argo-workflows): Support images property to workflow-controller-configmap for emissary executor Signed-off-by: yu-croco * chore(argo-workflows): adopt concise name Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 ++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 9 +++++++++ 4 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 870bef4b..68a28c43 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.1 +version: 0.22.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63) - - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller/server/executor.image.tag with a SHA digest" + - "[Added]: Support images property to workflow-controller-configmap for emissary executor" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 711a1f52..571ef659 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -45,6 +45,7 @@ Fields to note: | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | | createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| emissary.images | list | `[]` | The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template | | images.pullPolicy | string | `"Always"` | imagePullPolicy to apply to all containers | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 0f29b576..fc223926 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -170,3 +170,6 @@ data: {{- with .Values.controller.retentionPolicy }} retentionPolicy: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.emissary.images }} + images: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 18d28ad4..95d1351f 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -630,3 +630,12 @@ customArtifactRepository: {} # passwordSecret: # name: artifactory-creds # key: password + +emissary: + # -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. + ## See more: https://argoproj.github.io/argo-workflows/workflow-executors/#emissary-emissary + images: [] + # argoproj/argosay:v2: + # cmd: [/argosay] + # docker/whalesay:latest: + # cmd: [/bin/bash] From 56f3b77fd1a059fff8a80587c4c54d1555d49779 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 19 Dec 2022 18:07:44 +0900 Subject: [PATCH 11/35] chore(argo-workflows): Support missing configurations to workflow controller cm (#1716) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 +++-- charts/argo-workflows/README.md | 2 ++ .../workflow-controller-config-map.yaml | 5 +++++ charts/argo-workflows/values.yaml | 19 +++++++++++++++++++ 4 files changed, 29 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 68a28c43..ff38bb28 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.2 +version: 0.22.3 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support images property to workflow-controller-configmap for emissary executor" + - "[Added]: Support nodeEvents property to workflow-controller-configmap" + - "[Added]: Support kubeConfig property to workflow-controller-configmap" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 571ef659..b775c939 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -83,6 +83,7 @@ Fields to note: | controller.instanceID.enabled | bool | `false` | Configures the controller to filter workflow submissions to only those which have a matching instanceID attribute. | | controller.instanceID.explicitID | string | `""` | Use a custom instanceID | | controller.instanceID.useReleaseName | bool | `false` | Use ReleaseName as instanceID | +| controller.kubeConfig | object | `{}` (See [values.yaml]) | Configure when workflow controller runs in a different k8s cluster with the workflow workloads, or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. | | controller.links | list | `[]` | Configure Argo Server to show custom [links] | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | @@ -100,6 +101,7 @@ Fields to note: | controller.name | string | `"workflow-controller"` | Workflow controller name string | | controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace | | controller.navColor | string | `""` | Set ui navigation bar background color | +| controller.nodeEvents.enabled | bool | `true` | Enable to emit events on node completion. | | controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | | controller.parallelism | string | `nil` | parallelism dictates how many workflows can be running at the same time | | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index fc223926..ea4660e0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -173,3 +173,8 @@ data: {{- with .Values.emissary.images }} images: {{- toYaml . | nindent 6 }} {{- end }} + nodeEvents: + enabled: {{ .Values.controller.nodeEvents.enabled }} + {{- with .Values.controller.kubeConfig }} + kubeConfig: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 95d1351f..3f643906 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -297,6 +297,25 @@ controller: # failed: 3 # errored: 3 + nodeEvents: + # -- Enable to emit events on node completion. + ## This can take up a lot of space in k8s (typically etcd) resulting in errors when trying to create new events: + ## "Unable to create audit event: etcdserver: mvcc: database space exceeded" + enabled: true + + # -- Configure when workflow controller runs in a different k8s cluster with the workflow workloads, + # or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. + # @default -- `{}` (See [values.yaml]) + kubeConfig: {} + # # name of the kubeconfig secret, may not be empty when kubeConfig specified + # secretName: kubeconfig-secret + # # key of the kubeconfig secret, may not be empty when kubeConfig specified + # secretKey: kubeconfig + # # mounting path of the kubeconfig secret, default to /kube/config + # mountPath: /kubeconfig/mount/path + # # volume name when mounting the secret, default to kubeconfig + # volumeName: kube-config-volume + # mainContainer adds default config for main container that could be overriden in workflows template mainContainer: # -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. From c04ff27b341f6ffaf6323ab82788eaf44b22c9e0 Mon Sep 17 00:00:00 2001 From: Karl Parry <88431088+karlparry@users.noreply.github.com> Date: Tue, 20 Dec 2022 11:53:54 +0000 Subject: [PATCH 12/35] fix(argo-cd): remove incorrect flag for repoServer TLS secret (#1719) Signed-off-by: Karl Parry Signed-off-by: Karl Parry --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-configs/argocd-repo-server-tls-secret.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b1591a5f..2cd56118 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.7 +version: 5.16.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[chore]: Update ArgoCD to v2.5.5" + - "[fixed]: remove incorrect enabled flag for repoServer TLS secret " diff --git a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml index 7efa2051..b0f35aa2 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.repoServer.enabled .Values.repoServer.certificateSecret.enabled }} +{{- if .Values.repoServer.certificateSecret.enabled }} apiVersion: v1 kind: Secret metadata: From 7e45f5f03fd1606ecb6cfebdc7d094456245ed04 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 20 Dec 2022 22:18:07 +0900 Subject: [PATCH 13/35] chore(argo-cd): Support relabelings and metricRelabelings to Notification's ServiceMonitor (#1720) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ .../templates/argocd-notifications/servicemonitor.yaml | 8 ++++++++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2cd56118..bd3982a7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.8 +version: 5.16.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[fixed]: remove incorrect enabled flag for repoServer TLS secret " + - "[Added]: Support relabelings and metricRelabelings to Notification's ServiceMonitor" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 99108a06..02a3a9a8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1085,6 +1085,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| notifications.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| notifications.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | | notifications.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 7f11d08f..2dd280bf 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -35,6 +35,14 @@ spec: tlsConfig: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.notifications.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 776eb9f8..fbf42932 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2534,6 +2534,10 @@ notifications: scheme: "" # -- Prometheus ServiceMonitor tlsConfig tlsConfig: {} + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] # -- Configures notification services such as slack, email or custom webhook # @default -- See [values.yaml] From 4ada750a8479882f7049e66cef85fdc22cf9aec8 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 22 Dec 2022 22:00:38 +0900 Subject: [PATCH 14/35] chore(argo-workflows): Add changelog link on README (#1726) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 ++--- charts/argo-workflows/README.md | 5 +++++ charts/argo-workflows/README.md.gotmpl | 5 +++++ 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ff38bb28..c775ebc5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.3 +version: 0.22.4 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support nodeEvents property to workflow-controller-configmap" - - "[Added]: Support kubeConfig property to workflow-controller-configmap" + - "[Added]: Changelog link on README" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b775c939..4c172f29 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -13,6 +13,10 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Usage Notes ### Workflow controller @@ -260,3 +264,4 @@ Fields to note: [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 28ee4fdc..a263139b 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -13,6 +13,10 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Usage Notes ### Workflow controller @@ -135,3 +139,4 @@ Fields to note: [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog From 00ed90f524a98cd48c4cfcbcf2dd30e31c457efc Mon Sep 17 00:00:00 2001 From: Aleksandr Lossenko Date: Sat, 24 Dec 2022 20:41:02 +0100 Subject: [PATCH 15/35] chore(argo-events): upgrade argo-events to app version 1.7.4 (#1730) Signed-off-by: Aleksandr Lossenko --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index fa40f90f..91b74800 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.3 +appVersion: v1.7.4 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.9 +version: 2.0.10 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Ability to specify port for webhook deployment" + - "[Changed]: Upgrade Argo events controller to v1.7.4" From 37484603eb7462258506545da678054d460892f3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 25 Dec 2022 20:06:09 +0900 Subject: [PATCH 16/35] chore(github): bump actions/stale from 6 to 7 (#1729) chore(deps): bump actions/stale from 6 to 7 Bumps [actions/stale](https://github.com/actions/stale) from 6 to 7. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3637ed8f..3a8e77d1 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v6 + - uses: actions/stale@v7 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From c4d8b37fe49cfcfd09cbd693032ba54a0bc21403 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 25 Dec 2022 22:56:33 +0900 Subject: [PATCH 17/35] chore(argocd-apps): Add changelog link on README (#1731) Signed-off-by: yu-croco --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/README.md | 6 ++++++ charts/argocd-apps/README.md.gotmpl | 6 ++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 7a5840b7..4f2d82be 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.5 +version: 0.0.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support sourceNamespaces for AppProject" + - "[Added]: Changelog link on README" diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index fc994888..bc0d0685 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late - CRDs (Application and AppProject) - You need to install them via [argo-cd Helm chart](../argo-cd) or upstream. +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Installation ```console @@ -31,3 +35,5 @@ $ helm install my-release argo/argocd-apps ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog diff --git a/charts/argocd-apps/README.md.gotmpl b/charts/argocd-apps/README.md.gotmpl index 8d628693..e8cb1c17 100644 --- a/charts/argocd-apps/README.md.gotmpl +++ b/charts/argocd-apps/README.md.gotmpl @@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late - CRDs (Application and AppProject) - You need to install them via [argo-cd Helm chart](../argo-cd) or upstream. +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Installation ```console @@ -24,3 +28,5 @@ $ helm install my-release argo/argocd-apps ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog From 2204f028b9ff0a17be888c923bbf7892f0458343 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 27 Dec 2022 21:12:04 +0900 Subject: [PATCH 18/35] chore(argo-cd): Update redis-ha to v4.22.4 (#1732) Signed-off-by: yu-croco --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 7a069ce9..a2a5011e 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.3 -digest: sha256:ef6269e4e073dad10c230ccfb069fc013608111c895c5e7568450bb3967cf195 -generated: "2022-11-03T12:04:33.673857+09:00" + version: 4.22.4 +digest: sha256:5df60910862b364ebfb82cba2b2f0951c39ad36446647fb3f501bdeadc92fbd7 +generated: "2022-12-26T22:58:11.561184+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bd3982a7..e8695ca3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.9 +version: 5.16.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,9 +18,9 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.3 + version: 4.22.4 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support relabelings and metricRelabelings to Notification's ServiceMonitor" + - "[Changed]: Update redis-ha to v4.22.4" From fbc8cb263c7b6f53bb73fcab908a13c67b09b617 Mon Sep 17 00:00:00 2001 From: Boris Gershanik Date: Thu, 29 Dec 2022 13:49:10 +0200 Subject: [PATCH 19/35] feat(argo-cd): Add hostAliases to ApplicationSet Deployment (#1737) Signed-off-by: Boris Gershanik Signed-off-by: Boris Gershanik --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e8695ca3..236c39c6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.10 +version: 5.16.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update redis-ha to v4.22.4" + - "[Added]: Added HostAliases to ApplicationSet Deployment" diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6c48fefb..ce4cd821 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -40,6 +40,10 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 6 }} + {{- end }} containers: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} From f6c884a0969ebe07e81b1204811dc1b4efc1511d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Dec 2022 16:47:29 +0100 Subject: [PATCH 20/35] chore(argo-cd): Remove legacy API versions for PDBs (#1740) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/_versions.tpl | 13 ------------- .../argocd-application-controller/pdb.yaml | 2 +- .../templates/argocd-applicationset/pdb.yaml | 2 +- .../argocd-notifications/bots/slack/pdb.yaml | 2 +- .../argo-cd/templates/argocd-notifications/pdb.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/pdb.yaml | 2 +- charts/argo-cd/templates/argocd-server/pdb.yaml | 2 +- charts/argo-cd/templates/dex/pdb.yaml | 2 +- charts/argo-cd/templates/redis/pdb.yaml | 2 +- charts/argo-cd/values.yaml | 2 -- 12 files changed, 10 insertions(+), 26 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 236c39c6..7e7b4d50 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.11 +version: 5.16.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Added HostAliases to ApplicationSet Deployment" + - "[Removed]: API override for PDB" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 02a3a9a8..49527754 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -360,7 +360,6 @@ NAME: my-release | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | -| apiVersionOverrides.pdb | string | `""` | String to override apiVersion of pod disruption budgets rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 2f2c61f9..b3aa6a41 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -34,19 +34,6 @@ Return the appropriate apiVersion for ingress {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for pod disruption budget -*/}} -{{- define "argo-cd.apiVersion.pdb" -}} -{{- if .Values.apiVersionOverrides.pdb -}} -{{- print .Values.apiVersionOverrides.pdb -}} -{{- else if semverCompare "<1.21-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "policy/v1" -}} -{{- end -}} -{{- end -}} - {{/* Return the appropriate apiVersion for cert-manager */}} diff --git a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml index 8f2531ff..b6804c54 100644 --- a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.controller.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml index d101d576..51974356 100644 --- a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.applicationSet.enabled .Values.applicationSet.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml index 458af6f7..60df983e 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }}-bot diff --git a/charts/argo-cd/templates/argocd-notifications/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/pdb.yaml index 711495a2..f1f32715 100644 --- a/charts/argo-cd/templates/argocd-notifications/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.notifications.enabled .Values.notifications.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml index 7202bd39..318671f0 100644 --- a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.repoServer.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.repoServer.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-server/pdb.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml index 81d3367b..89c54c65 100644 --- a/charts/argo-cd/templates/argocd-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-server/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.server.fullname" . }} diff --git a/charts/argo-cd/templates/dex/pdb.yaml b/charts/argo-cd/templates/dex/pdb.yaml index caa2ab29..45bd0050 100644 --- a/charts/argo-cd/templates/dex/pdb.yaml +++ b/charts/argo-cd/templates/dex/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.dex.enabled .Values.dex.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.dex.fullname" . }} diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 57fb94b3..8be05f93 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -1,6 +1,6 @@ {{- $redisHa := index .Values "redis-ha" -}} {{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.redis.fullname" . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fbf42932..063f215b 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,8 +20,6 @@ apiVersionOverrides: autoscaling: "" # autoscaling/v2 # -- String to override apiVersion of ingresses rendered by this helm chart ingress: "" # networking.k8s.io/v1beta1 - # -- String to override apiVersion of pod disruption budgets rendered by this helm chart - pdb: "" # policy/v1 # -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles From 9c71f1cbabae17b365212377f7148b1484716d03 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Dec 2022 16:54:28 +0100 Subject: [PATCH 21/35] chore(argo-cd): Add pdrastil as Argo CD codeowner (#1743) Add pdrastil as Argo CD codeowner Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index c161dac3..aea8942f 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,7 +7,7 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth +/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil # Argo Events /charts/argo-events/ @jbehling @VaibhavPage @pdrastil From def1e657dabec9ed32704306354a209ee2044d83 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Dec 2022 17:26:36 +0100 Subject: [PATCH 22/35] chore(argo-cd): Remove legacy API versions for Ingresses (#1742) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/_versions.tpl | 15 ---- .../webhook-ingress.yaml | 53 +++++---------- .../templates/argocd-server/ingress-grpc.yaml | 57 ++++++---------- .../templates/argocd-server/ingress.yaml | 68 ++++++------------- charts/argo-cd/values.yaml | 30 ++------ 7 files changed, 68 insertions(+), 160 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7e7b4d50..4867e68c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.12 +version: 5.16.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: API override for PDB" + - "[Removed]: Legacy API versions for Ingresses" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 49527754..03d9e7f7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -359,7 +359,6 @@ NAME: my-release | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | -| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index b3aa6a41..8240c4b0 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -19,21 +19,6 @@ Return the appropriate apiVersion for autoscaling {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for ingress -*/}} -{{- define "argo-cd.apiVersion.ingress" -}} -{{- if .Values.apiVersionOverrides.ingress -}} -{{- print .Values.apiVersionOverrides.ingress -}} -{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - {{/* Return the appropriate apiVersion for cert-manager */}} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml index affeec86..5285c6f2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml @@ -1,89 +1,72 @@ {{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}} -{{- $serviceName := include "argo-cd.applicationSet.fullname" . -}} {{- $servicePort := .Values.applicationSet.service.portName -}} {{- $paths := .Values.applicationSet.webhook.ingress.paths -}} {{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}} {{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}} -apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: -{{- if .Values.applicationSet.webhook.ingress.annotations }} - annotations: - {{- range $key, $value := .Values.applicationSet.webhook.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - name: {{ template "argo-cd.applicationSet.fullname" . }} + name: {{ include "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} - {{- if .Values.applicationSet.webhook.ingress.labels }} - {{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }} + {{- with .Values.applicationSet.webhook.ingress.labels }} + {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.applicationSet.webhook.ingress.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.applicationSet.webhook.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} - {{- end }} rules: {{- if .Values.applicationSet.webhook.ingress.hosts }} {{- range $host := .Values.applicationSet.webhook.ingress.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.applicationSet.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.applicationSet.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} - {{- if .Values.applicationSet.webhook.ingress.tls }} + {{- with .Values.applicationSet.webhook.ingress.tls }} tls: - {{- toYaml .Values.applicationSet.webhook.ingress.tls | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 54304007..b728a11b 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,89 +1,72 @@ {{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}} -{{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} {{- $pathType := .Values.server.ingressGrpc.pathType -}} -apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: -{{- if .Values.server.ingressGrpc.annotations }} - annotations: - {{- range $key, $value := .Values.server.ingressGrpc.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - name: {{ template "argo-cd.server.fullname" . }}-grpc + name: {{ include "argo-cd.server.fullname" . }}-grpc labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- if .Values.server.ingressGrpc.labels }} - {{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }} + {{- with .Values.server.ingressGrpc.labels }} + {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.server.ingressGrpc.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingressGrpc.ingressClassName }} ingressClassName: {{ . }} {{- end }} - {{- end }} rules: {{- if .Values.server.ingressGrpc.hosts }} {{- range $host := .Values.server.ingressGrpc.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end -}} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end -}} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} - {{- if .Values.server.ingressGrpc.tls }} + {{- with .Values.server.ingressGrpc.tls }} tls: - {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index aeb60d24..52269d0a 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -1,51 +1,45 @@ {{- if .Values.server.ingress.enabled -}} -{{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} {{- $pathType := .Values.server.ingress.pathType -}} -apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: -{{- if .Values.server.ingress.annotations }} - annotations: - {{- range $key, $value := .Values.server.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} - alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | - [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] - {{- end }} -{{- end }} - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- if .Values.server.ingress.labels }} - {{- toYaml .Values.server.ingress.labels | nindent 4 }} + {{- with .Values.server.ingress.labels }} + {{- toYaml . | nindent 4 }} {{- end }} + {{- if .Values.server.ingress.annotations }} + annotations: + {{- range $key, $value := .Values.server.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} + alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | + [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] + {{- end }} + {{- end }} spec: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} - {{- end }} rules: {{- if .Values.server.ingress.hosts }} {{- range $host := .Values.server.ingress.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: Prefix - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ template "argo-cd.server.fullname" $ }}-grpc port: @@ -54,60 +48,42 @@ spec: {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc - servicePort: {{ $servicePort }} - {{- end }} {{- end }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} - {{- if .Values.server.ingress.tls }} + {{- with .Values.server.ingress.tls }} tls: - {{- toYaml .Values.server.ingress.tls | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 063f215b..8228f29e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -18,8 +18,6 @@ apiVersionOverrides: cloudgoogle: "" # cloud.google.com/v1 # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 - # -- String to override apiVersion of ingresses rendered by this helm chart - ingress: "" # networking.k8s.io/v1beta1 # -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles @@ -1590,8 +1588,7 @@ server: ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace - hosts: - [] + hosts: [] # - argocd.example.com # -- List of ingress paths @@ -1600,13 +1597,7 @@ server: # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix # -- Additional ingress paths - extraPaths: - [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + extraPaths: [] # - path: /* # pathType: Prefix # backend: @@ -1616,8 +1607,7 @@ server: # name: use-annotation # -- Ingress TLS configuration - tls: - [] + tls: [] # - secretName: your-certificate-name # hosts: # - argocd.example.com @@ -1656,8 +1646,7 @@ server: ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace ## - hosts: - [] + hosts: [] # - argocd.example.com # -- List of ingress paths for dedicated [gRPC-ingress] @@ -1666,13 +1655,7 @@ server: # -- Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix # -- Additional ingress paths for dedicated [gRPC-ingress] - extraPaths: - [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + extraPaths: [] # - path: /* # pathType: Prefix # backend: @@ -1682,8 +1665,7 @@ server: # name: use-annotation # -- Ingress TLS configuration for dedicated [gRPC-ingress] - tls: - [] + tls: [] # - secretName: your-certificate-name # hosts: # - argocd.example.com From 10e3af1bcfea41c12e6894400e8f098a98f45c1c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 30 Dec 2022 01:31:39 +0900 Subject: [PATCH 23/35] chore(argo-workflows): Remove legacy API versions for PDBs (#1741) Signed-off-by: yu-croco Co-authored-by: Petr Drastil --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/_helpers.tpl | 11 ----------- .../workflow-controller-deployment-pdb.yaml | 2 +- .../templates/server/server-deployment-pdb.yaml | 2 +- 4 files changed, 4 insertions(+), 15 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c775ebc5..32108003 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.4 +version: 0.22.5 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Changelog link on README" + - "[Removed]: legacy API versions for PDBs" diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index a3ce8934..057ed5f9 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -129,17 +129,6 @@ Return the appropriate apiVersion for ingress {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for pod disruption budget -*/}} -{{- define "argo-workflows.podDisruptionBudget.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "argo-workflows.kubeVersion" $) -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "policy/v1" -}} -{{- end -}} -{{- end -}} - {{/* Return the target Kubernetes version */}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml index deef3de1..4e7545c7 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.controller.fullname" . }} diff --git a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml index 47be0dd1..d92a4083 100644 --- a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.server.enabled .Values.server.pdb.enabled -}} -apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.server.fullname" . }} From daba66b68c69d37db2fe878f9df4a902978ff479 Mon Sep 17 00:00:00 2001 From: Ramin A Date: Thu, 29 Dec 2022 09:55:31 -0800 Subject: [PATCH 24/35] fix(argo-events): Added missing NATS version in values.yaml (#1735) Signed-off-by: Ramin Akhbari Co-authored-by: Petr Drastil --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/README.md | 2 +- charts/argo-events/values.yaml | 4 ++++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 91b74800..ece10ef8 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.4 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.10 +version: 2.0.11 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Argo events controller to v1.7.4" + - "[Fixed]: Added missing NATS version in values.yaml" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 30f26f30..39b46bf5 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -57,7 +57,7 @@ done | configs.jetstream.versions[0].natsImage | string | `"nats:latest"` | | | configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | | | configs.jetstream.versions[0].version | string | `"latest"` | | -| configs.nats.versions | list | `[{"metricsExporterImage":"natsio/prometheus-nats-exporter:latest","natsStreamingImage":"nats-streaming:latest","version":"latest"}]` | Supported versions of NATS event bus | +| configs.nats.versions | list | See [values.yaml] | Supported versions of NATS event bus | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 094a3638..c2436851 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -62,10 +62,14 @@ configs: ## NATS event bus nats: # -- Supported versions of NATS event bus + # @default -- See [values.yaml] versions: - version: latest natsStreamingImage: nats-streaming:latest metricsExporterImage: natsio/prometheus-nats-exporter:latest + - version: 0.22.1 + natsStreamingImage: nats-streaming:0.22.1 + metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 ## JetStream event bus jetstream: From 5bd70fbd24f7303c58e388370144a5cb8f64964d Mon Sep 17 00:00:00 2001 From: huiwq1990 Date: Fri, 30 Dec 2022 13:20:47 +0800 Subject: [PATCH 25/35] feat(argo-workflows): add envFrom for main container (#1736) Signed-off-by: huiwq1990 Signed-off-by: huiwq1990 --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../templates/controller/workflow-controller-config-map.yaml | 5 ++++- charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 32108003..c317d053 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.5 +version: 0.22.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Removed]: legacy API versions for PDBs" + - "[Added]: Suuport envFrom for main container" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 4c172f29..42a1e51c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -153,6 +153,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | mainContainer.env | list | `[]` | Adds environment variables for the Workflow main container | +| mainContainer.envFrom | list | `[]` | Adds reference environment variables for the Workflow main container | | mainContainer.imagePullPolicy | string | `""` | imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. | | mainContainer.resources | object | `{}` | Resource limits and requests for the Workflow main container | | mainContainer.securityContext | object | `{}` | sets security context for the Workflow main container | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index ea4660e0..1193163a 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -25,7 +25,7 @@ data: {{- with .Values.controller.initialDelay }} initialDelay: {{ . }} {{- end }} - {{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.securityContext}} + {{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.envFrom .Values.mainContainer.securityContext}} mainContainer: imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.mainContainer.imagePullPolicy }} {{- with .Values.mainContainer.resources }} @@ -34,6 +34,9 @@ data: {{- with .Values.mainContainer.env }} env: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.mainContainer.envFrom }} + envFrom: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.mainContainer.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 3f643906..034c662a 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -324,6 +324,8 @@ mainContainer: resources: {} # -- Adds environment variables for the Workflow main container env: [] + # -- Adds reference environment variables for the Workflow main container + envFrom: [] # -- sets security context for the Workflow main container securityContext: {} From 4b8703db7571b4131262640be1e0fa3efbfcffb6 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 3 Jan 2023 10:46:01 +0900 Subject: [PATCH 26/35] chore(argo-workflows): Support podGCDeleteDelayDuration and podGCGracePeriodSeconds (#1728) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-config-map.yaml | 6 ++++++ charts/argo-workflows/values.yaml | 8 ++++++++ 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c317d053..61c78e11 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.6 +version: 0.22.7 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Suuport envFrom for main container" + - "[Added]: Support podGCDeleteDelayDuration and podGCGracePeriodSeconds" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 42a1e51c..19bc0ee2 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -111,6 +111,8 @@ Fields to note: | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | | controller.persistence | object | `{}` | enable persistence using postgres | | controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | +| controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. | +| controller.podGCGracePeriodSeconds | string | `30` seconds (Kubernetes default) | Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. | | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 1193163a..125f48d3 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -181,3 +181,9 @@ data: {{- with .Values.controller.kubeConfig }} kubeConfig: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.podGCGracePeriodSeconds }} + podGCGracePeriodSeconds: {{ . }} + {{- end }} + {{- with .Values.controller.podGCDeleteDelayDuration }} + podGCDeleteDelayDuration: {{ . }} + {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 034c662a..bb102c8b 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -316,6 +316,14 @@ controller: # # volume name when mounting the secret, default to kubeconfig # volumeName: kube-config-volume + # -- Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. + # @default -- `30` seconds (Kubernetes default) + podGCGracePeriodSeconds: + + # -- The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. + # @default -- `5s` (Argo Workflows default) + podGCDeleteDelayDuration: "" + # mainContainer adds default config for main container that could be overriden in workflows template mainContainer: # -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. From 45861fadb78bc79456b97f636a5ab05bf1b8890a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 4 Jan 2023 10:49:30 +0100 Subject: [PATCH 27/35] docs(argo-cd): Improve documentation for extra containers (#1747) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 675 +++++++++++++++++-------------------- 3 files changed, 318 insertions(+), 365 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4867e68c..a3f338f0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.13 +version: 5.16.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: Legacy API versions for Ingresses" + - "[Docs]: Added sample how to provide K8s credentials plugin" + - "[Docs]: Added sample how to provide Argo config management plugin" + - "[Docs]: Removed samples that injects tools into incorrect controllers" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 03d9e7f7..f71184f3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -639,7 +639,7 @@ NAME: my-release | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | | server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | -| server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions | +| server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | | server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8228f29e..010d7cbe 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -520,14 +520,6 @@ controller: # # -- define the application controller `--repo-server-timeout-seconds` # repoServerTimeoutSeconds: "60" - # DEPRECATED - Use configs.params to override - # -- Application controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - # logFormat: "" - # -- Application controller log level. One of: `debug`, `info`, `warn` or `error` - # @default -- `""` (defaults to global.logging.level) - # logLevel: "" - # -- Additional command line arguments to pass to application controller extraArgs: [] @@ -542,6 +534,35 @@ controller: # - secretRef: # name: secret-name + # -- Additional containers to be added to the application controller pod + extraContainers: [] + + # -- Init containers to add to the application controller pod + ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin + ## you could use this (and the same in the server pod) to provide such executable + ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + initContainers: [] + # - name: download-tools + # image: alpine:3 + # command: [sh, -c] + # args: + # - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip && + # unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + + # -- Additional volumeMounts to the application controller main container + volumeMounts: [] + # - mountPath: /usr/local/bin/kubelogin + # name: custom-tools + # subPath: kubelogin + + # -- Additional volumes to the application controller pod + volumes: [] + # - name: custom-tools + # emptyDir: {} + # -- Annotations for the application controller StatefulSet statefulsetAnnotations: {} @@ -551,6 +572,15 @@ controller: # -- Labels to be added to application controller pods podLabels: {} + # -- Resource limits and requests for the application controller pods + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + # -- Application controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -580,12 +610,6 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - # -- Additional volumeMounts to the application controller main container - volumeMounts: [] - - # -- Additional volumes to the application controller pod - volumes: [] - # -- [Node selector] nodeSelector: {} @@ -606,15 +630,6 @@ controller: # -- Priority class for the application controller pods priorityClassName: "" - # -- Resource limits and requests for the application controller pods - resources: {} - # limits: - # cpu: 500m - # memory: 512Mi - # requests: - # cpu: 250m - # memory: 256Mi - serviceAccount: # -- Create a service account for the application controller create: true @@ -716,28 +731,6 @@ controller: # -- List of custom rules for the application controller's ClusterRole resource rules: [] - # -- Additional containers to be added to the application controller pod - extraContainers: [] - - # -- Init containers to add to the application controller pod - ## If your target Kubernetes cluster(s) require a custom auth provider executable - ## you could use this (and the same in the server pod) to bootstrap - ## that executable into your Argo CD container - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - ## Dex dex: # -- Enable dex @@ -835,6 +828,18 @@ dex: # - secretRef: # name: secret-name + # -- Additional containers to be added to the dex pod + extraContainers: [] + + # -- Init containers to add to the dex pod + initContainers: [] + + # -- Additional volumeMounts to the dex main container + volumeMounts: [] + + # -- Additional volumes to the dex pod + volumes: [] + # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-dex-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart Dex automatically without extra controllers. @@ -861,6 +866,15 @@ dex: # -- Labels to be added to the Dex server pods podLabels: {} + # -- Resource limits and requests for dex + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + # -- Dex container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -912,12 +926,6 @@ dex: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # -- Additional volumeMounts to the dex main container - volumeMounts: [] - - # -- Additional volumes to the dex pod - volumes: [] - # -- Container port for HTTP access containerPortHttp: 5556 # -- Service port for HTTP access @@ -953,34 +961,6 @@ dex: # -- Priority class for dex priorityClassName: "" - # -- Resource limits and requests for dex - resources: {} - # limits: - # cpu: 50m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi - - # -- Additional containers to be added to the dex pod - extraContainers: [] - - # -- Init containers to add to the dex pod - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - ## Redis redis: # -- Enable redis @@ -1022,11 +1002,6 @@ redis: # - --bind # - "0.0.0.0" - # -- Redis container port - containerPort: 6379 - # -- Redis service port - servicePort: 6379 - # -- Environment variables to pass to the Redis server env: [] @@ -1038,6 +1013,18 @@ redis: # - secretRef: # name: secret-name + # -- Additional containers to be added to the redis pod + extraContainers: [] + + # -- Init containers to add to the redis pod + initContainers: [] + + # -- Additional volumeMounts to the redis container + volumeMounts: [] + + # -- Additional volumes to the redis pod + volumes: [] + # -- Annotations to be added to the Redis server Deployment deploymentAnnotations: {} @@ -1047,6 +1034,15 @@ redis: # -- Labels to be added to the Redis server pods podLabels: {} + # -- Resource limits and requests for redis + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + # -- Redis pod-level security context # @default -- See [values.yaml] securityContext: @@ -1063,10 +1059,17 @@ redis: drop: - ALL + # -- Redis container port + containerPort: 6379 + # -- Redis service port + servicePort: 6379 + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} @@ -1091,39 +1094,6 @@ redis: # -- Automount API credentials for the Service Account automountServiceAccountToken: false - # -- Resource limits and requests for redis - resources: {} - # limits: - # cpu: 200m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 64Mi - - # -- Additional volumeMounts to the redis container - volumeMounts: [] - # -- Additional volumes to the redis pod - volumes: [] - - # -- Additional containers to be added to the redis pod - extraContainers: [] - - # -- Init containers to add to the redis pod - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - service: # -- Redis service annotations annotations: {} @@ -1200,7 +1170,6 @@ redis: # -- Prometheus ServiceMonitor annotations annotations: {} - # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted # Check the redis-ha chart for more properties @@ -1347,13 +1316,93 @@ server: # -- Specify postStart and preStop lifecycle hooks for your argo-cd-server container lifecycle: {} - # DEPRECATED - Use configs.params to override - # -- Argo CD server log format: Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - # logFormat: "" - # -- Argo CD server log level. One of: `debug`, `info`, `warn` or `error` - # @default -- `""` (defaults to global.logging.level) - # logLevel: "" + ## Argo UI extensions + ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. + ## Ref: https://github.com/argoproj-labs/argocd-extensions + extensions: + # -- Enable support for Argo UI extensions + enabled: false + + ## Argo UI extensions image + image: + # -- Repository to use for extensions image + repository: "ghcr.io/argoproj-labs/argocd-extensions" + # -- Tag to use for extensions image + tag: "v0.1.0" + # -- Image pull policy for extensions + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- Server UI extensions container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + + # -- Resource limits and requests for the argocd-extensions container + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + + # -- Additional containers to be added to the server pod + ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + extraContainers: [] + # - name: my-sidecar + # image: nginx:latest + # - name: lemonldap-ng-controller + # image: lemonldapng/lemonldap-ng-controller:0.2.0 + # args: + # - /lemonldap-ng-controller + # - --alsologtostderr + # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration + # env: + # - name: POD_NAME + # valueFrom: + # fieldRef: + # fieldPath: metadata.name + # - name: POD_NAMESPACE + # valueFrom: + # fieldRef: + # fieldPath: metadata.namespace + # volumeMounts: + # - name: copy-portal-skins + # mountPath: /srv/var/lib/lemonldap-ng/portal/skins + + # -- Init containers to add to the server pod + ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin + ## you could use this (and the same in the application controller pod) to provide such executable + ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + initContainers: [] + # - name: download-tools + # image: alpine:3 + # command: [sh, -c] + # args: + # - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip && + # unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + + # -- Additional volumeMounts to the server main container + volumeMounts: [] + # - mountPath: /usr/local/bin/kubelogin + # name: custom-tools + # subPath: kubelogin + + # -- Additional volumes to the server pod + volumes: [] + # - name: custom-tools + # emptyDir: {} # -- Annotations to be added to server Deployment deploymentAnnotations: {} @@ -1364,6 +1413,15 @@ server: # -- Labels to be added to server pods podLabels: {} + # -- Resource limits and requests for the Argo CD server + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + # -- Configures the server port containerPort: 8080 @@ -1392,12 +1450,6 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - # -- Additional volumeMounts to the server main container - volumeMounts: [] - - # -- Additional volumes to the server pod - volumes: [] - # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -1428,15 +1480,6 @@ server: drop: - ALL - # -- Resource limits and requests for the Argo CD server - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 50m - # memory: 64Mi - # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: @@ -1727,86 +1770,6 @@ server: # enabled: true # responseCodeName: RESPONSE_CODE - # -- Additional containers to be added to the server pod - ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. - extraContainers: [] - # - name: my-sidecar - # image: nginx:latest - # - name: lemonldap-ng-controller - # image: lemonldapng/lemonldap-ng-controller:0.2.0 - # args: - # - /lemonldap-ng-controller - # - --alsologtostderr - # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration - # env: - # - name: POD_NAME - # valueFrom: - # fieldRef: - # fieldPath: metadata.name - # - name: POD_NAMESPACE - # valueFrom: - # fieldRef: - # fieldPath: metadata.namespace - # volumeMounts: - # - name: copy-portal-skins - # mountPath: /srv/var/lib/lemonldap-ng/portal/skins - - # -- Init containers to add to the server pod - ## If your target Kubernetes cluster(s) require a custom auth provider executable - ## you could use this (and the same in the application controller pod) to bootstrap - ## that executable into your Argo CD container - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - - ## Argo UI extensions - ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. - ## Ref: https://github.com/argoproj-labs/argocd-extensions - extensions: - # -- Enable support for Argo UI extensions - enabled: false - - ## Argo UI extensions image - image: - # -- Repository to use for extensions image - repository: "ghcr.io/argoproj-labs/argocd-extensions" - # -- Tag to use for extensions image - tag: "v0.1.0" - # -- Image pull policy for extensions - imagePullPolicy: IfNotPresent - - # -- Server UI extensions container-level security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - # -- Resource limits and requests for the argocd-extensions container - resources: {} - # limits: - # cpu: 50m - # memory: 128Mi - # requests: - # cpu: 10m - # memory: 64Mi - ## Repo Server repoServer: # -- Repo server name @@ -1863,13 +1826,13 @@ repoServer: image: # -- Repository to use for the repo server # @default -- `""` (defaults to global.image.repository) - repository: "" # defaults to global.image.repository + repository: "" # -- Tag to use for the repo server # @default -- `""` (defaults to global.image.tag) - tag: "" # defaults to global.image.tag + tag: "" # -- Image pull policy for the repo server # @default -- `""` (defaults to global.image.imagePullPolicy) - imagePullPolicy: "" # IfNotPresent + imagePullPolicy: "" # -- Secrets with credentials to pull images from a private registry # @default -- `[]` (defaults to global.imagePullSecrets) @@ -1889,13 +1852,43 @@ repoServer: # - secretRef: # name: secret-name - # DEPRECATED - Use configs.params to override - # -- Repo server log format: Either `text` or `json` - # @default -- `""` (defaults to global.logging.level) - # logFormat: "" - # -- Repo server log level. One of: `debug`, `info`, `warn` or `error` - # @default -- `""` (defaults to global.logging.format) - # logLevel: "" + # -- Additional containers to be added to the repo server pod + ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ + extraContainers: [] + # - name: cmp + # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server + # command: [/var/run/argocd/argocd-cmp-server] + # image: busybox # This can be off-the-shelf or custom-built image + # securityContext: + # runAsNonRoot: true + # runAsUser: 999 + # volumeMounts: + # - mountPath: /var/run/argocd + # name: var-files + # - mountPath: /home/argocd/cmp-server/plugins + # name: plugins + # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. + # - mountPath: /home/argocd/cmp-server/config/plugin.yaml + # subPath: plugin.yaml + # name: cmp-plugin + # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps + # # mitigate path traversal attacks. + # - mountPath: /tmp + # name: cmp-tmp + + # -- Init containers to add to the repo server pods + initContainers: [] + + # -- Additional volumeMounts to the repo server main container + volumeMounts: [] + + # -- Additional volumes to the repo server pod + volumes: [] + # - name: cmp-plugin + # configMap: + # name: cmp-plugin + # - name: cmp-tmp + # emptyDir: {} # -- Annotations to be added to repo server Deployment deploymentAnnotations: {} @@ -1906,6 +1899,15 @@ repoServer: # -- Labels to be added to repo server pods podLabels: {} + # -- Resource limits and requests for the repo server pods + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + # -- Configures the repo server port containerPort: 8081 @@ -1934,17 +1936,6 @@ repoServer: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - # -- Additional volumeMounts to the repo server main container - volumeMounts: [] - - # -- Additional volumes to the repo server pod - volumes: [] - ## Use init containers to configure custom tooling - ## https://argo-cd.readthedocs.io/en/stable/operator-manual/custom_tools/ - ## When using the volumes & volumeMounts section bellow, please comment out those above. - # - name: custom-tools - # emptyDir: {} - # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -1975,15 +1966,6 @@ repoServer: drop: - ALL - # -- Resource limits and requests for the repo server pods - resources: {} - # limits: - # cpu: 50m - # memory: 128Mi - # requests: - # cpu: 10m - # memory: 64Mi - # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. @@ -2077,9 +2059,6 @@ repoServer: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # -- Additional containers to be added to the repo server pod - extraContainers: [] - # -- Repo server rbac rules rbac: [] # - apiGroups: @@ -2091,22 +2070,6 @@ repoServer: # - list # - watch - # -- Init containers to add to the repo server pods - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - ## ApplicationSet controller applicationSet: # -- Enable ApplicationSet controller @@ -2150,6 +2113,13 @@ applicationSet: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] + # -- ApplicationSet controller log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + args: # -- The default metric address metricsAddr: :8080 @@ -2160,16 +2130,31 @@ applicationSet: # -- Enable dry run mode dryRun: false - # -- ApplicationSet controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" + # -- List of extra cli args to add + extraArgs: [] + + # -- Environment variables to pass to the ApplicationSet controller + extraEnv: [] + # - name: "MY_VAR" + # value: "value" + + # -- envFrom to pass to the ApplicationSet controller + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name # -- Additional containers to be added to the ApplicationSet controller pod extraContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + + # -- List of extra volumes to add + extraVolumes: [] + ## Metrics service configuration metrics: # -- Deploy metrics service @@ -2238,6 +2223,15 @@ applicationSet: # -- Labels for the ApplicationSet controller pods podLabels: {} + # -- Resource limits and requests for the ApplicationSet controller pods. + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + # -- ApplicationSet controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -2280,19 +2274,6 @@ applicationSet: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 - # -- Resource limits and requests for the ApplicationSet controller pods. - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - # -- [Node selector] nodeSelector: {} @@ -2305,32 +2286,6 @@ applicationSet: # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. priorityClassName: "" - # -- List of extra mounts to add (normally used with extraVolumes) - extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - - # -- List of extra volumes to add - extraVolumes: [] - # - name: foobar - # emptyDir: {} - - # -- List of extra cli args to add - extraArgs: [] - - # -- Environment variables to pass to the ApplicationSet controller - extraEnv: [] - # - name: "MY_VAR" - # value: "value" - - # -- envFrom to pass to the ApplicationSet controller - # @default -- `[]` (See [values.yaml]) - extraEnvFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name - ## Webhook for the Git Generator ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) webhook: @@ -2384,9 +2339,6 @@ notifications: # -- Notifications controller name string name: notifications-controller - # -- Assign custom [affinity] rules - affinity: {} - # -- Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates argocdUrl: @@ -2422,8 +2374,32 @@ notifications: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # -- [Node selector] - nodeSelector: {} + # -- Notifications controller log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + + # -- Extra arguments to provide to the notifications controller + extraArgs: [] + + # -- Additional container environment variables + extraEnv: [] + + # -- envFrom to pass to the notifications controller + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + + # -- List of extra volumes to add + extraVolumes: [] # -- Define user-defined context ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/#defining-user-defined-context @@ -2454,37 +2430,6 @@ notifications: # email-password: # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ - # -- Notifications controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" - - # -- Extra arguments to provide to the notifications controller - extraArgs: [] - - # -- Additional container environment variables - extraEnv: [] - - # -- envFrom to pass to the notifications controller - # @default -- `[]` (See [values.yaml]) - extraEnvFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name - - # -- List of extra mounts to add (normally used with extraVolumes) - extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - - # -- List of extra volumes to add - extraVolumes: [] - # - name: foobar - # emptyDir: {} - metrics: # -- Enables prometheus metrics server enabled: false @@ -2535,6 +2480,15 @@ notifications: # -- Labels to be applied to the notifications controller Pods podLabels: {} + # -- Resource limits and requests for the notifications controller + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + # -- Notification controller container-level security Context # @default -- See [values.yaml] containerSecurityContext: @@ -2547,18 +2501,18 @@ notifications: drop: - ALL + # -- [Node selector] + nodeSelector: {} + + # -- [Tolerations] for use with node taints + tolerations: [] + + # -- Assign custom [affinity] rules + affinity: {} + # -- Priority class for the notifications controller pods priorityClassName: "" - # -- Resource limits and requests for the notifications controller - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - serviceAccount: # -- Specifies whether a service account should be created create: true @@ -2809,9 +2763,6 @@ notifications: # ] # }] - # -- [Tolerations] for use with node taints - tolerations: [] - # -- The trigger defines the condition when the notification should be sent ## For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/ triggers: {} From 7992b5d04b9ea0d13a3ae7799e042cf9056eb6cd Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 9 Jan 2023 18:03:26 -0600 Subject: [PATCH 28/35] feat(argo-workflows): Add helper function to determine image value, minus tag (#1754) We have a situation where we want to exclude the registry so that images can be pulled from in-network mirrors. Currently when you exclude the registry, you get stuck with a prefixing forward slash. Had to keep the tags in the manifest files because helm template requires a colon in the image value. Otherwise I'd move it into the helper function. image entries changed: server, controller, executor Signed-off-by: jmeridth Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/_helpers.tpl | 11 +++++++++++ .../controller/workflow-controller-deployment.yaml | 4 ++-- .../templates/server/server-deployment.yaml | 2 +- 4 files changed, 16 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 61c78e11..25aa9fd6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.7 +version: 0.22.8 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support podGCDeleteDelayDuration and podGCGracePeriodSeconds" + - "[Added]: Helm helper function to allow image registry to be absent" diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 057ed5f9..7719052d 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -142,3 +142,14 @@ Return the default Argo Workflows app version {{- define "argo-workflows.defaultTag" -}} {{- default .Chart.AppVersion .Values.images.tag }} {{- end -}} + +{{/* +Return full image name including or excluding registry based on existence +*/}} +{{- define "argo-workflows.image" -}} +{{- if and .image.registry .image.repository -}} + {{ .image.registry }}/{{ .image.repository }} +{{- else -}} + {{ .image.repository }} +{{- end -}} +{{- end -}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 7ce17155..b90122ca 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -34,14 +34,14 @@ spec: {{- end }} containers: - name: controller - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" + image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" imagePullPolicy: {{ .Values.images.pullPolicy }} command: [ "workflow-controller" ] args: - "--configmap" - "{{ template "argo-workflows.controller.fullname" . }}-configmap" - "--executor-image" - - "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" + - "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" - "--loglevel" - "{{ .Values.controller.logging.level }}" - "--gloglevel" diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index e1e9b680..70b1495c 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} containers: - name: argo-server - image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" + image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.server.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" imagePullPolicy: {{ .Values.images.pullPolicy }} securityContext: {{- toYaml .Values.server.securityContext | nindent 12 }} From c5648d5c9f1e5c8a08690618f8ab0b76e4d8bacd Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 10 Jan 2023 09:58:45 +0100 Subject: [PATCH 29/35] chore(argo-cd): Consolidate cluster-wide RBAC (#1597) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 9 ++++--- charts/argo-cd/README.md | 6 ++--- charts/argo-cd/templates/NOTES.txt | 12 +++++++++ .../clusterrole.yaml | 27 ++++++++++--------- .../clusterrolebinding.yaml | 11 ++++---- .../argocd-repo-server/clusterrole.yaml | 27 ++++++++++--------- .../clusterrolebinding.yaml | 9 ++++--- .../templates/argocd-server/clusterrole.yaml | 3 ++- .../argocd-server/clusterrolebinding.yaml | 11 ++++---- charts/argo-cd/values.yaml | 21 +++------------ 10 files changed, 70 insertions(+), 66 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a3f338f0..912ffeff 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.14 +version: 5.16.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,7 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Docs]: Added sample how to provide K8s credentials plugin" - - "[Docs]: Added sample how to provide Argo config management plugin" - - "[Docs]: Removed samples that injects tools into incorrect controllers" + - "[Added]: Option createClusterRoles to enable cluster roles from one place" + - "[Deprecated]: Option controller.clusterAdminAccess.enabled" + - "[Deprecated]: Option server.clusterAdminAccess.enabled" + - "[Deprecated]: Option repoServer.clusterAdminAccess.enabled" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f71184f3..ec1213f8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -362,7 +362,8 @@ NAME: my-release | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | -| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources | +| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | @@ -451,7 +452,6 @@ NAME: my-release |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | -| controller.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPort | int | `8082` | Application controller listening port | @@ -529,7 +529,6 @@ NAME: my-release | repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret | | repoServer.certificateSecret.key | string | `""` | Certificate private key | | repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | -| repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | @@ -631,7 +630,6 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 98bbb96a..30138ee4 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -52,6 +52,18 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys {{- if .Values.configs.gpgKeysAnnotations }} DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations {{- end }} +{{- if hasKey .Values "createAggregateRoles" }} +DEPRECATED option createAggregateRoles - Use global.rbac.aggregatedRoles +{{- end }} +{{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} +{{- if hasKey (.Values.server.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} +{{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml index 0aa82961..5ebe00b3 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml @@ -1,23 +1,24 @@ -{{- if .Values.controller.clusterAdminAccess.enabled }} +{{- $config := .Values.controller.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: {{- if .Values.controller.clusterRoleRules.enabled }} - {{- toYaml .Values.controller.clusterRoleRules.rules | nindent 0 }} + {{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }} {{- else }} -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml index 86d7c883..39ee80a6 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if .Values.controller.clusterAdminAccess.enabled }} +{{- $config := .Values.controller.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.controllerServiceAccountName" . }} + name: {{ include "argo-cd.controllerServiceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml index 4ea41da3..21dff1a9 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml @@ -1,23 +1,24 @@ -{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} rules: {{- if .Values.repoServer.clusterRoleRules.enabled }} - {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 0 }} + {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 2 }} {{- else }} -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml index 9757912e..c3e21edb 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServerServiceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 2caa4dd0..0f26d470 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -1,4 +1,5 @@ -{{- if .Values.server.clusterAdminAccess.enabled }} +{{- $config := .Values.server.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 9f5a960d..72e4d450 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if .Values.server.clusterAdminAccess.enabled }} +{{- $config := .Values.server.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.serverServiceAccountName" . }} + name: {{ include "argo-cd.serverServiceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 010d7cbe..d799dcb9 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -19,9 +19,12 @@ apiVersionOverrides: # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 -# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds +# -- Create aggregated roles that extend existing cluster roles to interact with argo-cd resources ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: false +# -- Create cluster roles for cluster-wide installation. +## Used when you manage applications in the same cluster where Argo CD runs +createClusterRoles: true openshift: # -- enables using arbitrary uid for argo repo server @@ -718,11 +721,6 @@ controller: # additionalLabels: {} # annotations: {} - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: true - ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off clusterRoleRules: @@ -1732,12 +1730,6 @@ server: # -- Termination policy of Openshift Route termination_policy: None - ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: true - GKEbackendConfig: # -- Enable BackendConfig custom resource for Google Kubernetes Engine enabled: false @@ -2031,11 +2023,6 @@ repoServer: # -- Prometheus ServiceMonitor annotations annotations: {} - ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant cluster rights to Argo CD repo server. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: false ## Enable Custom Rules for the Repo server's Cluster Role resource ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off From 31242020c44e75815945aed42a8244a7c13d9dd7 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 10 Jan 2023 13:31:57 +0100 Subject: [PATCH 30/35] feat(argo-cd): Allow templated values for init and extra containers (#1749) --- charts/argo-cd/Chart.yaml | 9 ++-- charts/argo-cd/README.md | 3 ++ .../statefulset.yaml | 10 ++-- .../argocd-applicationset/deployment.yaml | 6 ++- .../argocd-notifications/deployment.yaml | 51 +++++++++++-------- .../argocd-repo-server/deployment.yaml | 48 ++++++++--------- .../templates/argocd-server/deployment.yaml | 14 ++--- charts/argo-cd/templates/dex/deployment.yaml | 44 ++++++++-------- .../argo-cd/templates/redis/deployment.yaml | 10 ++-- charts/argo-cd/values.yaml | 26 +++++++++- 10 files changed, 128 insertions(+), 93 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 912ffeff..45ff4446 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.15 +version: 5.17.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,7 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Option createClusterRoles to enable cluster roles from one place" - - "[Deprecated]: Option controller.clusterAdminAccess.enabled" - - "[Deprecated]: Option server.clusterAdminAccess.enabled" - - "[Deprecated]: Option repoServer.clusterAdminAccess.enabled" + - "[Added]: Support for extraContainers and initContainers for applicationSet and notifications" + - "[Added]: Support for use of Helm templates for extraContainers and initContainers" + - "[Docs]: Added notes about custom Helm template support" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ec1213f8..dabacfe7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -970,6 +970,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller | | applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod | | applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | applicationSet.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -1063,6 +1064,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | +| notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod | | notifications.extraEnv | list | `[]` | Additional container environment variables | | notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller | | notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | @@ -1071,6 +1073,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | +| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod | | notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` | | notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 66486b53..208545e0 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -257,7 +257,11 @@ spec: - mountPath: /home/argocd name: argocd-home {{- with .Values.controller.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.controller.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: @@ -304,10 +308,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.controller.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ce4cd821..0c3862de 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -125,8 +125,12 @@ spec: - mountPath: /tmp name: tmp {{- with .Values.applicationSet.extraContainers }} - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} + {{- with .Values.applicationSet.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 2be14fdd..7ee9f8f4 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -81,12 +81,39 @@ spec: {{- with .Values.notifications.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} + {{- with .Values.notifications.extraContainers }} + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + {{- with .Values.notifications.initContainers }} + initContainers: + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + {{- with .Values.notifications.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} volumes: - - configMap: + {{- with .Values.notifications.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: tls-certs + configMap: name: argocd-tls-certs-cm - name: tls-certs - name: argocd-repo-server-tls secret: + secretName: argocd-repo-server-tls + optional: true items: - key: tls.crt path: tls.crt @@ -94,24 +121,4 @@ spec: path: tls.key - key: ca.crt path: ca.crt - optional: true - secretName: argocd-repo-server-tls - {{- with .Values.notifications.extraVolumes }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index d8cbb97d..04117ba3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -264,7 +264,30 @@ spec: securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} {{- with .Values.repoServer.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + initContainers: + - command: + - cp + - -n + - /usr/local/bin/argocd + - /var/run/argocd/argocd-cmp-server + image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} + name: copyutil + {{- with .Values.repoServer.resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.repoServer.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + volumeMounts: + - mountPath: /var/run/argocd + name: var-files + {{- with .Values.repoServer.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.repoServer.nodeSelector }} nodeSelector: @@ -328,29 +351,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - initContainers: - - command: - - cp - - -n - - /usr/local/bin/argocd - - /var/run/argocd/argocd-cmp-server - image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - name: copyutil - {{- with .Values.repoServer.resources }} - resources: - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with .Values.repoServer.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} - volumeMounts: - - mountPath: /var/run/argocd - name: var-files - {{- with .Values.repoServer.initContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.repoServer.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 7793b11a..c38d9348 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -319,9 +319,6 @@ spec: lifecycle: {{- toYaml . | nindent 10 }} {{- end }} - {{- with .Values.server.extraContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- if .Values.server.extensions.enabled }} - name: argocd-extensions image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }} @@ -336,6 +333,13 @@ spec: - name: tmp mountPath: /tmp {{- end }} + {{- with .Values.server.extraContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.server.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- with .Values.server.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -406,10 +410,6 @@ spec: path: tls.crt - key: ca.crt path: ca.crt - {{- with .Values.server.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.server.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5900070f..bd0362b3 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -43,27 +43,6 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} - initContainers: - - name: copyutil - image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - command: - - cp - - -n - - /usr/local/bin/argocd - - /shared/argocd-dex - volumeMounts: - - mountPath: /shared - name: static-files - - mountPath: /tmp - name: dexconfig - resources: - {{- toYaml .Values.dex.resources | nindent 10 }} - securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} - {{- with .Values.dex.initContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -136,7 +115,28 @@ spec: - name: argocd-dex-server-tls mountPath: /tls {{- with .Values.dex.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + initContainers: + - name: copyutil + image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} + command: + - cp + - -n + - /usr/local/bin/argocd + - /shared/argocd-dex + volumeMounts: + - mountPath: /shared + name: static-files + - mountPath: /tmp + name: dexconfig + resources: + {{- toYaml .Values.dex.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- with .Values.dex.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.dex.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 38ba73be..6c6a4dbe 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -41,10 +41,6 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} - {{- with .Values.redis.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.redis.name }} image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} @@ -96,7 +92,11 @@ spec: {{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }} {{- end }} {{- with .Values.redis.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.redis.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.redis.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d799dcb9..9fad462e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -439,6 +439,7 @@ configs: # } # -- Array of extra K8s manifests to deploy +## Note: Supports use of custom Helm templates extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 # kind: SecretProviderClass @@ -538,12 +539,14 @@ controller: # name: secret-name # -- Additional containers to be added to the application controller pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the application controller pod ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin ## you could use this (and the same in the server pod) to provide such executable ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + ## Note: Supports use of custom Helm templates initContainers: [] # - name: download-tools # image: alpine:3 @@ -827,9 +830,11 @@ dex: # name: secret-name # -- Additional containers to be added to the dex pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the dex pod + ## Note: Supports use of custom Helm templates initContainers: [] # -- Additional volumeMounts to the dex main container @@ -1012,9 +1017,11 @@ redis: # name: secret-name # -- Additional containers to be added to the redis pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the redis pod + ## Note: Supports use of custom Helm templates initContainers: [] # -- Additional volumeMounts to the redis container @@ -1353,7 +1360,7 @@ server: # memory: 64Mi # -- Additional containers to be added to the server pod - ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + ## Note: Supports use of custom Helm templates extraContainers: [] # - name: my-sidecar # image: nginx:latest @@ -1846,11 +1853,13 @@ repoServer: # -- Additional containers to be added to the repo server pod ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ + ## Note: Supports use of custom Helm templates extraContainers: [] # - name: cmp # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server # command: [/var/run/argocd/argocd-cmp-server] - # image: busybox # This can be off-the-shelf or custom-built image + # # This can be off-the-shelf or custom-built image + # image: busybox # securityContext: # runAsNonRoot: true # runAsUser: 999 @@ -2134,8 +2143,13 @@ applicationSet: # name: secret-name # -- Additional containers to be added to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates extraContainers: [] + # -- Init containers to add to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates + initContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] @@ -2382,6 +2396,14 @@ notifications: # - secretRef: # name: secret-name + # -- Additional containers to be added to the notifications controller pod + ## Note: Supports use of custom Helm templates + extraContainers: [] + + # -- Init containers to add to the notifications controller pod + ## Note: Supports use of custom Helm templates + initContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] From 136d8c4fca96cfad3736ba44ea4df17195c343da Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 11 Jan 2023 15:33:30 +0900 Subject: [PATCH 31/35] chore(argo-cd): Update Argo CD to v2.5.6 (#1757) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 45ff4446..7e45a587 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.5 +appVersion: v2.5.6 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.0 +version: 5.17.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support for extraContainers and initContainers for applicationSet and notifications" - - "[Added]: Support for use of Helm templates for extraContainers and initContainers" - - "[Docs]: Added notes about custom Helm template support" + - "[Changed]: Update Argo CD to v2.5.6" From 5c6ad38b15fccd082da657bc577d23a803808d09 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 07:39:58 +0100 Subject: [PATCH 32/35] chore(deps): bump helm/chart-releaser-action from 1.4.1 to 1.5.0 (#1752) Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action) from 1.4.1 to 1.5.0. - [Release notes](https://github.com/helm/chart-releaser-action/releases) - [Commits](https://github.com/helm/chart-releaser-action/compare/v1.4.1...v1.5.0) --- updated-dependencies: - dependency-name: helm/chart-releaser-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ac6f0137..cb56596b 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -39,7 +39,7 @@ jobs: git checkout origin/gh-pages index.yaml - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.4.1 + uses: helm/chart-releaser-action@v1.5.0 with: config: "./.github/configs/cr.yaml" env: From 2777121707ccb8a9cdc45e84b496fea2568db483 Mon Sep 17 00:00:00 2001 From: Kiyoshi Muranaka Date: Wed, 18 Jan 2023 11:38:50 +0900 Subject: [PATCH 33/35] feat(argo-rollouts): Add support for topologySpreadConstraints (#1755) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/README.md.gotmpl | 1 + .../templates/controller/deployment.yaml | 12 ++++++++++++ .../templates/dashboard/deployment.yaml | 12 ++++++++++++ charts/argo-rollouts/values.yaml | 18 ++++++++++++++++++ 6 files changed, 48 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6688d9b0..913a190a 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.3.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.1 +version: 2.21.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoRollouts to v1.3.1" + - "[Added]: Add support for topologySpreadConstraints" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index e471d284..43f68a05 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -88,6 +88,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | | podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | @@ -145,6 +146,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | | dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints | +| dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server | ## Upgrading @@ -174,6 +176,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 445c84db..1a587350 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -96,6 +96,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index d06c0c92..d6adf9cf 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -83,6 +83,18 @@ spec: affinity: {{- toYaml .Values.controller.affinity | nindent 8 }} {{- end }} + {{- with .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + app.kubernetes.io/component: {{ $.Values.controller.component }} + {{- include "argo-rollouts.selectorLabels" $ | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index a84d4bbf..ebf9ce8b 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -65,6 +65,18 @@ spec: affinity: {{- toYaml .Values.dashboard.affinity | nindent 8 }} {{- end }} + {{- with .Values.dashboard.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-rollouts.selectorLabels" $ | nindent 12 }} + app.kubernetes.io/component: {{ $.Values.dashboard.component }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.dashboard.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f74ed7a1..43d322c2 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -47,6 +47,15 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the controller + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- [priorityClassName] for the controller priorityClassName: "" # -- The number of controller pods to run @@ -194,6 +203,15 @@ dashboard: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the dashboard server + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- [priorityClassName] for the dashboard server priorityClassName: "" From 0d57f6ec17d24ae0786ceb85615991bf1d6a24b7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 18 Jan 2023 15:44:21 +0900 Subject: [PATCH 34/35] chore(argo-cd): Update Argo CD to v2.5.7 (#1769) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7e45a587..0f294c96 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.6 +appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.1 +version: 5.17.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.6" + - "[Changed]: Update Argo CD to v2.5.7" From f3888bc99609cb82e1bda47a30dfc8c88c3cefb6 Mon Sep 17 00:00:00 2001 From: Victor Login Date: Wed, 18 Jan 2023 19:00:59 +0600 Subject: [PATCH 35/35] chore(argo-cd): Update Argo CD extensions to v0.2.1 (#1770) Signed-off-by: Victor Login Signed-off-by: Victor Login --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0f294c96..bc3ac6d1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.2 +version: 5.17.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.7" + - "[Changed]: Update Argo CD extensions to v0.2.1" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index dabacfe7..d1ad8c14 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -639,7 +639,7 @@ NAME: my-release | server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | | server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | -| server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | +| server.extensions.image.tag | string | `"v0.2.1"` | Tag to use for extensions image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9fad462e..cd0bee81 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1333,7 +1333,7 @@ server: # -- Repository to use for extensions image repository: "ghcr.io/argoproj-labs/argocd-extensions" # -- Tag to use for extensions image - tag: "v0.1.0" + tag: "v0.2.1" # -- Image pull policy for extensions # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: ""