From 6735d66f1ab58c82474f38e114092c3036cd82b1 Mon Sep 17 00:00:00 2001 From: sgavrylenko <13081190+sgavrylenko@users.noreply.github.com> Date: Tue, 11 May 2021 14:19:17 +0300 Subject: [PATCH 001/122] feat(argocd-notification): add context variable for templating purpose (#713) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * add context variable for templating purpose Signed-off-by: Sergiy Gavrylenko Signed-off-by: Sergiy Gavrylenko * update version of argocd-notification chart Signed-off-by: Sergiy Gavrylenko Signed-off-by: Sergiy Gavrylenko * fix: spec.preserveUnknownFields must be set to false to allow upgrades from v1beta1 (#709) Signed-off-by: Jack Andersen Signed-off-by: Sergiy Gavrylenko * feat: add resources to argo-rollouts deployment (#711) - add destinationrule to clusterrolebinding Signed-off-by: Hui Kang Co-authored-by: Hui Kang Signed-off-by: Sergiy Gavrylenko * chore(argo-events): update argo-events to 1.3.3 (#720) Signed-off-by: Alec Rajeev Signed-off-by: Sergiy Gavrylenko * chore(argo-cd): upgrade redis-ha version to 4.12.14 (#710) Signed-off-by: Aniek Gul Co-authored-by: Oliver Bähler Signed-off-by: Sergiy Gavrylenko * Update charts/argocd-notifications/Chart.yaml Co-authored-by: Oliver Bähler Signed-off-by: Sergiy Gavrylenko * Update charts/argocd-notifications/templates/configmap.yaml Co-authored-by: Oliver Bähler Signed-off-by: Sergiy Gavrylenko Co-authored-by: Sergiy Gavrylenko Co-authored-by: jandersen-plaid <52045989+jandersen-plaid@users.noreply.github.com> Co-authored-by: cskh Co-authored-by: Hui Kang Co-authored-by: Alec Rajeev Co-authored-by: aniekgul Co-authored-by: Oliver Bähler --- charts/argocd-notifications/Chart.yaml | 2 +- charts/argocd-notifications/templates/configmap.yaml | 5 ++++- charts/argocd-notifications/values.yaml | 5 +++++ 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 12c03d53..8a1e04d8 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.2.0 +version: 1.3.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/configmap.yaml b/charts/argocd-notifications/templates/configmap.yaml index 442234bc..37f95b53 100644 --- a/charts/argocd-notifications/templates/configmap.yaml +++ b/charts/argocd-notifications/templates/configmap.yaml @@ -8,6 +8,9 @@ metadata: data: context: | argocdUrl: {{ .Values.argocdUrl | quote }} + {{- with .Values.context }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.notifiers }} {{- toYaml . | nindent 2 }} {{- end }} @@ -21,4 +24,4 @@ data: {{- with .Values.triggers }} {{- toYaml . | nindent 2 }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index ace4c84e..bfe746c3 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -19,6 +19,11 @@ nodeSelector: {} updateStrategy: type: Recreate +context: + # Add custom values into context + # region: east + # environmentName: staging + secret: # Whether helm chart creates controller secret create: true From a25cfd221cd8093cd79282413b2201c9a1e789d9 Mon Sep 17 00:00:00 2001 From: loreleimccollum-work <66749079+loreleimccollum-work@users.noreply.github.com> Date: Thu, 13 May 2021 01:36:13 -0400 Subject: [PATCH 002/122] feat: Support custom rules for the Application Controller Cluster Role (#730) * feat: Support custom rules for the Application Controller Cluster Role Signed-off-by: Lorelei McCollum * Add newline at end of file Signed-off-by: Lorelei McCollum --- CONTRIBUTING.md | 6 ++++++ charts/argo-cd/Chart.yaml | 2 +- .../argocd-application-controller/clusterrole.yaml | 6 +++++- charts/argo-cd/values.yaml | 7 +++++++ 4 files changed, 19 insertions(+), 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index b64861bb..f4c7d89c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -22,6 +22,12 @@ helm delete argo-cd --purge kubectl delete crd -l app.kubernetes.io/part-of=argocd ``` +Pre-requisites: +``` +helm repo add redis-ha https://dandydeveloper.github.io/charts/ +helm dependency update +``` + Minimally: ``` diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 584ef6e2..07d6fb7b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.2.3 +version: 3.2.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml index 3426c9c8..bd6ff8aa 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml @@ -6,6 +6,9 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: +{{- if .Values.controller.clusterRoleRules.enabled }} +{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }} +{{ else }} - apiGroups: - '*' resources: @@ -16,4 +19,5 @@ rules: - '*' verbs: - '*' -{{- end }} \ No newline at end of file +{{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index dc04e3eb..ef68a320 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -183,6 +183,13 @@ controller: ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. clusterAdminAccess: enabled: true + ## Enable Custom Rules for the Application Controller's Cluster Role resource + ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. + ## Defaults to off + clusterRoleRules: + enabled: false + rules: [] + ## Dex dex: From 331d3445d2b5abb37cbf24dc29d2af5fb475b8eb Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 14 May 2021 21:04:24 +0200 Subject: [PATCH 003/122] chore: Nominate mkilchhofer as an approver (#714) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Oliver Bähler --- CODEOWNERS | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CODEOWNERS b/CODEOWNERS index bb890183..a3926889 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,5 +1,8 @@ # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners +# All charts +/charts/* @mkilchhofer + # Argo Workflows /charts/argo @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler From 9548bffc6959f965b1edc259f1c29400c5f1e351 Mon Sep 17 00:00:00 2001 From: Aman Shah Date: Sun, 16 May 2021 18:18:39 +0530 Subject: [PATCH 004/122] chore(argo-cd): Bumped argo-cd to 2.0.1 (#732) Signed-off-by: aman chore(argo-cd): bumped chart version Signed-off-by: aman Co-authored-by: aman Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 07d6fb7b..e154e4b0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.0 +appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.2.4 +version: 3.2.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ef68a320..f5bff3b4 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: quay.io/argoproj/argocd - tag: v2.0.0 + tag: v2.0.1 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 From 0919bbc11639499d240325265a84f7383b2b1c8b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sun, 16 May 2021 14:57:24 +0200 Subject: [PATCH 005/122] feat(argo-ci): remove deprecated helm chart (#734) Signed-off-by: Marco Kilchhofer --- charts/argo-ci/.helmignore | 21 ----------- charts/argo-ci/Chart.yaml | 12 ------- charts/argo-ci/README.md | 5 --- charts/argo-ci/templates/NOTES.txt | 0 charts/argo-ci/templates/_helpers.tpl | 16 --------- charts/argo-ci/templates/ci-deployment.yaml | 39 --------------------- charts/argo-ci/templates/ci-service.yaml | 17 --------- charts/argo-ci/values.yaml | 14 -------- 8 files changed, 124 deletions(-) delete mode 100644 charts/argo-ci/.helmignore delete mode 100644 charts/argo-ci/Chart.yaml delete mode 100644 charts/argo-ci/README.md delete mode 100644 charts/argo-ci/templates/NOTES.txt delete mode 100644 charts/argo-ci/templates/_helpers.tpl delete mode 100644 charts/argo-ci/templates/ci-deployment.yaml delete mode 100644 charts/argo-ci/templates/ci-service.yaml delete mode 100644 charts/argo-ci/values.yaml diff --git a/charts/argo-ci/.helmignore b/charts/argo-ci/.helmignore deleted file mode 100644 index f0c13194..00000000 --- a/charts/argo-ci/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/charts/argo-ci/Chart.yaml b/charts/argo-ci/Chart.yaml deleted file mode 100644 index c41334d9..00000000 --- a/charts/argo-ci/Chart.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v2 -description: A Helm chart for Argo-CI -name: argo-ci -version: 1.0.0 -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png -appVersion: v1.0.0-alpha2 -home: https://github.com/argoproj/argo-helm -deprecated: true -dependencies: - - name: argo - version: "^0.16.0" - repository: https://argoproj.github.io/argo-helm diff --git a/charts/argo-ci/README.md b/charts/argo-ci/README.md deleted file mode 100644 index 7eaa9039..00000000 --- a/charts/argo-ci/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# Argo CI Chart - -**Deprecated** - Use [Argo-Events](./argo-events) instead. - -This is a **community maintained** chart. diff --git a/charts/argo-ci/templates/NOTES.txt b/charts/argo-ci/templates/NOTES.txt deleted file mode 100644 index e69de29b..00000000 diff --git a/charts/argo-ci/templates/_helpers.tpl b/charts/argo-ci/templates/_helpers.tpl deleted file mode 100644 index f0d83d2e..00000000 --- a/charts/argo-ci/templates/_helpers.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/charts/argo-ci/templates/ci-deployment.yaml b/charts/argo-ci/templates/ci-deployment.yaml deleted file mode 100644 index bf2e4121..00000000 --- a/charts/argo-ci/templates/ci-deployment.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-ci - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ .Release.Name }}-ci - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-ci - release: {{ .Release.Name }} - spec: - containers: - - name: ci - image: "{{ .Values.imageNamespace }}/{{ .Values.ciImage }}:{{ .Values.imageTag }}" - imagePullPolicy: {{ .Values.imagePullPolicy }} - env: - - name: IN_CLUSTER - value: "true" - - name: NAMESPACE - value: {{ .Values.workflowNamespace }} - - name: ARGO_CI_IMAGE - value: "{{ .Values.imageNamespace }}/{{ .Values.ciImage }}:{{ .Values.imageTag }}" - - name: CONTROLLER_INSTANCE_ID - value: {{ .Release.Name }} - ports: - - containerPort: 8001 - - containerPort: 8002 - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/argo-ci/templates/ci-service.yaml b/charts/argo-ci/templates/ci-service.yaml deleted file mode 100644 index 3c335c62..00000000 --- a/charts/argo-ci/templates/ci-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }}-ci - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: 80 - protocol: TCP - targetPort: 8001 - selector: - app: {{ .Release.Name }}-ci - sessionAffinity: None - type: LoadBalancer diff --git a/charts/argo-ci/values.yaml b/charts/argo-ci/values.yaml deleted file mode 100644 index 86dadf98..00000000 --- a/charts/argo-ci/values.yaml +++ /dev/null @@ -1,14 +0,0 @@ -imageNamespace: argoproj -ciImage: argoci -imageTag: v1.0.0-alpha2 -imagePullPolicy: Always -# Secrets with credentials to pull images from a private registry -imagePullSecrets: [] -# - name: argo-pull-secret -workflowNamespace: default - -argo: - imagesNamespace: argoproj - installMinio: true - minioBucketName: argo-artifacts - useReleaseAsInstanceID: true From a70e1779afbda0b8d0385f96f460ecbff53abe2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Sun, 16 May 2021 17:32:19 +0200 Subject: [PATCH 006/122] feat: Define custom styles via values (#689) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: define custom styles via values Signed-off-by: Oliver Bähler * Version Bump Signed-off-by: Oliver Bähler * Mount to correct server Signed-off-by: Oliver Bähler * fix(argo-cd): correct alphabetical place of new values Signed-off-by: Marco Kilchhofer * fix(argo-cd): correct alphabetical place of new values in README Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/_helpers.tpl | 18 ++++++++++++++++++ .../templates/argocd-configs/argocd-cm.yaml | 3 +-- .../argocd-configs/argocd-styles-cm.yaml | 11 +++++++++++ .../templates/argocd-server/deployment.yaml | 10 ++++++++++ charts/argo-cd/values.yaml | 9 ++++++++- 7 files changed, 50 insertions(+), 4 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e154e4b0..07e35492 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.2.5 +version: 3.3.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 7716e41e..5513a8fd 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -113,6 +113,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | configs.tlsCertsAnnotations | TLS certificate configmap annotations | `{}` | | configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) | | configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` | +| configs.styles | Define custom CSS styles for your argo instance ([Read More](https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/)). This Settings will automatically mount the provided css and reference it in the argo configuration. | `""` (See [values.yaml](values.yaml)) | | openshift.enabled | enables using arbitrary uid for argo repo server | `false` | ## ArgoCD Controller diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 9ab07ef4..79723e71 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -151,4 +151,22 @@ Return the appropriate apiVersion for ingress {{- else -}} {{- print "networking.k8s.io/v1" -}} {{- end -}} +{{- end -}} + +{{/* +Argo Configuration Preset Values (Incluenced by Values configuration) +*/}} +{{- define "argo-cd.config.presets" -}} + {{- if .Values.configs.styles }} +ui.cssurl: "./custom/custom.styles.css" + {{- end }} +{{- end -}} + +{{/* +Merge Argo Configuration with Preset Configuration +*/}} +{{- define "argo-cd.config" -}} + {{- if .Values.server.configEnabled -}} +{{- toYaml (mergeOverwrite (default dict (fromYaml (include "argo-cd.config.presets" $))) .Values.server.config) }} + {{- end -}} {{- end -}} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index b17f4f1b..0da0c1ed 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -11,6 +11,5 @@ metadata: {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -data: -{{- toYaml .Values.server.config | nindent 4 }} +data: {{- include "argo-cd.config" $ | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml new file mode 100644 index 00000000..a8079671 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml @@ -0,0 +1,11 @@ +{{- if .Values.configs.styles }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-custom-styles + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} +data: + custom.styles.css: | + {{- .Values.configs.styles | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index d12c8446..2ee5b7e3 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -82,6 +82,11 @@ spec: {{- end }} - mountPath: /app/config/server/tls name: argocd-repo-server-tls + {{- if .Values.configs.styles }} + - mountPath: "/shared/app/custom/custom.styles.css" + subPath: "custom.styles.css" + name: custom-styles + {{- end }} ports: - name: {{ .Values.server.name }} containerPort: {{ .Values.server.containerPort }} @@ -141,6 +146,11 @@ spec: {{- end }} - emptyDir: {} name: static-files + {{- if .Values.configs.styles }} + - configMap: + name: argocd-custom-styles + name: custom-styles + {{- end }} {{- if .Values.configs.knownHosts }} - configMap: name: argocd-ssh-known-hosts-cm diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f5bff3b4..d0f813bb 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1015,9 +1015,16 @@ configs: # Argo expects the password in the secret to be bcrypt hashed. You can create this hash with # `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` - # argocdServerAdminPassword: + # argocdServerAdminPassword: "" # Password modification time defaults to current time if not set # argocdServerAdminPasswordMtime: "2006-01-02T15:04:05Z" + ## Custom CSS Styles + ## Reference: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ + # styles: | + # .nav-bar { + # background: linear-gradient(to bottom, #999, #777, #333, #222, #111); + # } + openshift: enabled: false From 17ad65e635f5a585419c40975b60f785e42edb7c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Sun, 16 May 2021 19:50:39 +0200 Subject: [PATCH 007/122] fix: Increased Redis Version (#700) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Oliver Bähler Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 07e35492..189a3eb3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.3.0 +version: 3.3.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d0f813bb..1a9fab3b 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -283,7 +283,7 @@ redis: image: repository: redis - tag: 6.2.1-alpine + tag: 6.2.2-alpine imagePullPolicy: IfNotPresent ## Additional command line arguments to pass to redis-server @@ -360,7 +360,7 @@ redis-ha: metrics: enabled: true image: - tag: 6.2.1-alpine + tag: 6.2.2-alpine ## Server server: From 7c94b7af7e69a61cf92e7ff00ef9c2ee3818f3dc Mon Sep 17 00:00:00 2001 From: Marco Zoveralli Date: Mon, 17 May 2021 07:40:38 +0200 Subject: [PATCH 008/122] fix(argo-cd): properly generate volumes and volumeMounts for application controller (#724) * fix: volumes and volumeMounts configurations are properly generated for the application controller (#723) Signed-off-by: marcozov * fix: Chart.yaml bump (#723) Signed-off-by: marcozov * fix: use consistent indentation Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- .../argocd-application-controller/deployment.yaml | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 189a3eb3..c2e9e948 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.3.1 +version: 3.3.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 7c87bce8..524f302e 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -95,9 +95,9 @@ spec: volumeMounts: - mountPath: /app/config/controller/tls name: argocd-repo-server-tls -{{- if .Values.controller.volumeMounts }} -{{- toYaml .Values.controller.volumeMounts | nindent 10}} -{{- end }} + {{- with .Values.controller.volumeMounts }} + {{- toYaml . | nindent 8 }} + {{- end }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} {{- if .Values.controller.nodeSelector }} @@ -129,9 +129,9 @@ spec: path: ca.crt optional: true secretName: argocd-repo-server-tls -{{- if .Values.controller.volumes }} -{{- toYaml .Values.controller.volumes | nindent 8 }} -{{- end }} + {{- with .Values.controller.volumes }} + {{- toYaml . | nindent 6 }} + {{- end }} {{- if .Values.controller.priorityClassName }} priorityClassName: {{ .Values.controller.priorityClassName }} {{- end }} From c311a91921c338d846ac90683a94aaa0f9109b2a Mon Sep 17 00:00:00 2001 From: Meiblorn Date: Mon, 17 May 2021 10:21:53 +0400 Subject: [PATCH 009/122] fix(argocd-applicationset): Removed duplicated "app.kubernetes.io/name" label (#728) * Removed duplicated "app.kubernetes.io/name" label Updated helpers.tpl Signed-off-by: Vadim Fedorenko * Bump argocd-applicationset chart's version Signed-off-by: Vadim Fedorenko Co-authored-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 2 +- charts/argocd-applicationset/templates/_helpers.tpl | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index ebb5ee1c..fba7f6bd 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.3 +version: 0.1.4 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png diff --git a/charts/argocd-applicationset/templates/_helpers.tpl b/charts/argocd-applicationset/templates/_helpers.tpl index 4d0e98b5..e86139e1 100644 --- a/charts/argocd-applicationset/templates/_helpers.tpl +++ b/charts/argocd-applicationset/templates/_helpers.tpl @@ -40,7 +40,6 @@ helm.sh/chart: {{ include "argo-applicationset.chart" . }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/name: {{ include "argo-applicationset.name" . }} app.kubernetes.io/part-of: argo-cd-applicationset app.kubernetes.io/component: controller {{- end }} From fdc6daa970a75e3bc05cf78a0facfc5df21ad0b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Batuhan=20Apayd=C4=B1n?= Date: Mon, 17 May 2021 10:05:38 +0300 Subject: [PATCH 010/122] fix(argo-cd): fixed typos in chart's README.md file (#727) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Batuhan Apaydın --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c2e9e948..720ea31d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.3.2 +version: 3.3.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5513a8fd..3c7a8be7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -40,7 +40,7 @@ Helm apiVersion switched to `v2`. Requires Helm `3.0.0` or above to install. [Re ### 2.14.7 and above -The `matchLabels` key in the ArgoCD Appliaction Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. +The `matchLabels` key in the ArgoCD Application Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. ### 2.10.x to 2.11.0 From 8ab948d1e332c6f98950e8f3e4eb5366774527d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fl=C3=A1vio=20Lemos?= Date: Tue, 18 May 2021 08:24:45 +0100 Subject: [PATCH 011/122] feat(argocd): Added externalTrafficPolicy to server service (#736) * feat(argocd): Added externalTrafficPolicy to server service Signed-off-by: flavio.lemos * chore: apply review changes Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/service.yaml | 3 +++ charts/argo-cd/values.yaml | 1 + 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 720ea31d..05e0df40 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.3.3 +version: 3.3.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 72a4018c..87877d92 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -44,3 +44,6 @@ spec: {{ toYaml .Values.server.service.loadBalancerSourceRanges | indent 4 }} {{- end }} {{- end -}} +{{- with .Values.server.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ . }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1a9fab3b..f1ddd6d3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -479,6 +479,7 @@ server: loadBalancerIP: "" loadBalancerSourceRanges: [] externalIPs: [] + externalTrafficPolicy: "" ## Server metrics service configuration metrics: From adfe72f72b582992af7442ab54d18040e086b648 Mon Sep 17 00:00:00 2001 From: valerauko Date: Tue, 18 May 2021 16:39:56 +0900 Subject: [PATCH 012/122] fix(argo-cd): update initial password guidance in NOTES (#707) * fix: Update NOTES to match the latest version Signed-off-by: Vale * chore: Bump chart version Signed-off-by: Vale * Add colon for better format Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/NOTES.txt | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 05e0df40..f4cb6e67 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.3.4 +version: 3.3.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 138ba588..a5f59108 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -9,7 +9,8 @@ In order to access the server UI you have the following options: - Add the `--insecure` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts -After reaching the UI the first time you can login with username: admin and the password will be the -name of the server pod. You can get the pod name by running: +After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running: -kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2 +kubectl -n {{ .Release.Namespace }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d + +(You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://github.com/argoproj/argo-cd/blob/master/docs/getting_started.md#4-login-using-the-cli) From 454a6576251b95fa36f5dac53e638b659736d44e Mon Sep 17 00:00:00 2001 From: Scott Cabrinha Date: Tue, 18 May 2021 08:37:24 -0700 Subject: [PATCH 013/122] chore: Remove cabrinha from CODEOWNERS (#716) Co-authored-by: Marco Kilchhofer --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index a3926889..eff2aab2 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -13,7 +13,7 @@ /charts/argo-events @jbehling @VaibhavPage @oliverbaehler # Argo Rollouts -/charts/argo-rollouts @cabrinha @oliverbaehler +/charts/argo-rollouts @oliverbaehler # Argo CD Notifications /charts/argocd-notifications @alexmt @andyfeller @oliverbaehler From 70234a635eea57940594620a6de5b468fe818f11 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 18 May 2021 17:37:55 +0200 Subject: [PATCH 014/122] chore: remove '*' in CODEOWNERS to allow recursive approvals (#737) According to documentation, the pattern /path/* only allows approval on this level: ~~~ # The `docs/*` pattern will match files like # `docs/getting-started.md` but not further nested files like # `docs/build-app/troubleshooting.md`. docs/* docs@example.com # In this example, @doctocat owns any file in the `/docs` # directory in the root of your repository and any of its # subdirectories. /docs/ @doctocat ~~~ Ref: https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#codeowners-syntax Signed-off-by: Marco Kilchhofer --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index eff2aab2..0cf6f6db 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,7 +1,7 @@ # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners # All charts -/charts/* @mkilchhofer +/charts/ @mkilchhofer # Argo Workflows /charts/argo @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler From 82b655dadcaba8aad895465b0033ba26aed170da Mon Sep 17 00:00:00 2001 From: chgl Date: Fri, 21 May 2021 14:19:05 +0200 Subject: [PATCH 015/122] feat(argo-workflows): added new argo-workflows chart and deprecated argo chart (#668) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: added new argo-workflows chart and deprecated argo chart Signed-off-by: chgl * fix: removed maintainers from deprecated argo chart Signed-off-by: chgl * docs: rm pullPolicy from snippet since the global images.pullPolicy is actually used Signed-off-by: chgl * use Chart.AppVersion as the default image tag Signed-off-by: chgl * updated various links Signed-off-by: chgl * enabled metrics endpoint and liveness probe by default Signed-off-by: chgl * fix: use new-style labels Signed-off-by: chgl * fix: set securitycontext for server to something more secure Signed-off-by: chgl * Update charts/argo-workflows/templates/_helpers.tpl Signed-off-by: chgl Co-authored-by: Brandon Mayfield <563214+bmayfi3ld@users.noreply.github.com> Signed-off-by: chgl * bumped argo chart version Signed-off-by: chgl * Update charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: chgl * Update charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: chgl * Update charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: chgl * Update charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: chgl * Update charts/argo-workflows/templates/controller/workflow-controller-service.yaml Co-authored-by: Oliver Bähler Signed-off-by: chgl * Apply suggestions from code review Co-authored-by: Brandon Mayfield <563214+bmayfi3ld@users.noreply.github.com> Co-authored-by: Oliver Bähler Signed-off-by: chgl * used ingress from argo-cd Signed-off-by: chgl * Update charts/argo-workflows/templates/server/server-deployment.yaml Signed-off-by: chgl Co-authored-by: Brandon Mayfield * updated argo-wf to v3.0.2 Signed-off-by: chgl * aligned serviceAccount configuration with argo-cd values Signed-off-by: chgl * docs: updated breaking changes in README Signed-off-by: chgl * fix: use .Capabilities.APIVersions.Has in Ingress template Signed-off-by: chgl Co-authored-by: Brandon Mayfield <563214+bmayfi3ld@users.noreply.github.com> Co-authored-by: Oliver Bähler Co-authored-by: Brandon Mayfield --- charts/argo-workflows/.helmignore | 21 ++ charts/argo-workflows/Chart.yaml | 15 + charts/argo-workflows/README.md | 48 +++ .../ci/enable-ingress-values.yaml | 5 + .../ci/enable-metrics-values.yaml | 7 + .../argo-workflows/ci/enable-rbac-values.yaml | 5 + .../argoproj.io_clusterworkflowtemplates.yaml | 35 ++ .../crds/argoproj.io_cronworkflows.yaml | 38 ++ .../argoproj.io_workfloweventbindings.yaml | 34 ++ .../crds/argoproj.io_workflows.yaml | 48 +++ .../crds/argoproj.io_workflowtemplates.yaml | 34 ++ charts/argo-workflows/templates/NOTES.txt | 7 + charts/argo-workflows/templates/_helpers.tpl | 96 +++++ .../controller/workflow-aggregate-roles.yaml | 95 +++++ .../workflow-controller-cluster-roles.yaml | 148 ++++++++ .../workflow-controller-config-map.yaml | 87 +++++ .../controller/workflow-controller-crb.yaml | 48 +++ .../workflow-controller-deployment-pdb.yaml | 19 + .../workflow-controller-deployment.yaml | 104 ++++++ .../controller/workflow-controller-sa.yaml | 8 + .../workflow-controller-service.yaml | 38 ++ .../workflow-controller-servicemonitor.yaml | 29 ++ .../templates/controller/workflow-rb.yaml | 19 + .../templates/controller/workflow-role.yaml | 25 ++ .../templates/controller/workflow-sa.yaml | 13 + .../server/server-cluster-roles.yaml | 136 +++++++ .../templates/server/server-crb.yaml | 39 +++ .../server/server-deployment-pdb.yaml | 19 + .../templates/server/server-deployment.yaml | 105 ++++++ .../templates/server/server-ingress.yaml | 88 +++++ .../templates/server/server-sa.yaml | 10 + .../templates/server/server-service.yaml | 31 ++ charts/argo-workflows/values.yaml | 331 ++++++++++++++++++ charts/argo/Chart.yaml | 8 +- charts/argo/README.md | 2 + 35 files changed, 1789 insertions(+), 6 deletions(-) create mode 100644 charts/argo-workflows/.helmignore create mode 100644 charts/argo-workflows/Chart.yaml create mode 100644 charts/argo-workflows/README.md create mode 100644 charts/argo-workflows/ci/enable-ingress-values.yaml create mode 100644 charts/argo-workflows/ci/enable-metrics-values.yaml create mode 100644 charts/argo-workflows/ci/enable-rbac-values.yaml create mode 100644 charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml create mode 100644 charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml create mode 100644 charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml create mode 100644 charts/argo-workflows/crds/argoproj.io_workflows.yaml create mode 100644 charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml create mode 100644 charts/argo-workflows/templates/NOTES.txt create mode 100644 charts/argo-workflows/templates/_helpers.tpl create mode 100644 charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-controller-crb.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-controller-sa.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-controller-service.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-rb.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-role.yaml create mode 100644 charts/argo-workflows/templates/controller/workflow-sa.yaml create mode 100644 charts/argo-workflows/templates/server/server-cluster-roles.yaml create mode 100644 charts/argo-workflows/templates/server/server-crb.yaml create mode 100644 charts/argo-workflows/templates/server/server-deployment-pdb.yaml create mode 100644 charts/argo-workflows/templates/server/server-deployment.yaml create mode 100644 charts/argo-workflows/templates/server/server-ingress.yaml create mode 100644 charts/argo-workflows/templates/server/server-sa.yaml create mode 100644 charts/argo-workflows/templates/server/server-service.yaml create mode 100644 charts/argo-workflows/values.yaml diff --git a/charts/argo-workflows/.helmignore b/charts/argo-workflows/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/charts/argo-workflows/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml new file mode 100644 index 00000000..32eb38d9 --- /dev/null +++ b/charts/argo-workflows/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +name: argo-workflows +description: A Helm chart for Argo Workflows +type: application +version: 0.1.0 +appVersion: "v3.0.2" +icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png +home: https://github.com/argoproj/argo-helm +sources: + - https://github.com/argoproj/argo-workflows +maintainers: + - name: alexec + - name: alexmt + - name: jessesuen + - name: benjaminws diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md new file mode 100644 index 00000000..7e1c9dd7 --- /dev/null +++ b/charts/argo-workflows/README.md @@ -0,0 +1,48 @@ +# Argo Workflows Chart + +This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). + +If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo-workflows), you should deploy it in the `kube-system` namespace. + +## Pre-Requisites + +This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to do create these. + +A few options are: + +- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute +- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions + +## Usage Notes + +This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. + +## Values + +The `values.yaml` contains items used to tweak a deployment of this chart. +Fields to note: + +- `controller.instanceID.enabled`: If set to true, the Argo Controller will **ONLY** monitor Workflow submissions with a `--instanceid` attribute +- `controller.instanceID.useReleaseName`: If set to true then chart set controller instance id to release name +- `controller.instanceID.explicitID`: Allows customization of an instance id for the workflow controller to monitor +- `controller.workflowNamespaces`: This is a list of namespaces where workflows will be ran + +## Breaking changes from the deprecated `argo` chart + +1. the `installCRD` value has been removed. CRDs are now only installed from the conventional crds/ directory +1. the CRDs were updated to `apiextensions.k8s.io/v1` +1. the container image registry/project/tag format was changed to be more in line with the more common + + ```yaml + image: + registry: quay.io + repository: argoproj/argocli + tag: v3.0.1 + ``` + + this also makes it easier for automatic update tooling (eg. renovate bot) to detect and update images. + +1. switched to quay.io as the default registry for all images +1. removed any included usage of Minio +1. aligned the configuration of serviceAccounts with the argo-cd chart, ie: what used to be `server.createServiceAccount` is now `server.serviceAccount.create` +1. moved the previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` diff --git a/charts/argo-workflows/ci/enable-ingress-values.yaml b/charts/argo-workflows/ci/enable-ingress-values.yaml new file mode 100644 index 00000000..d3485603 --- /dev/null +++ b/charts/argo-workflows/ci/enable-ingress-values.yaml @@ -0,0 +1,5 @@ +server: + ingress: + enabled: true + hosts: + - argo-workflows.127.0.0.1.xip.io diff --git a/charts/argo-workflows/ci/enable-metrics-values.yaml b/charts/argo-workflows/ci/enable-metrics-values.yaml new file mode 100644 index 00000000..9818ebe5 --- /dev/null +++ b/charts/argo-workflows/ci/enable-metrics-values.yaml @@ -0,0 +1,7 @@ +controller: + serviceMonitor: + enabled: true + metricsConfig: + enabled: true + telemetryConfig: + enabled: true diff --git a/charts/argo-workflows/ci/enable-rbac-values.yaml b/charts/argo-workflows/ci/enable-rbac-values.yaml new file mode 100644 index 00000000..10f717ac --- /dev/null +++ b/charts/argo-workflows/ci/enable-rbac-values.yaml @@ -0,0 +1,5 @@ +workflow: + serviceAccount: + create: true # Specifies whether a service account should be created + rbac: + create: true # adds Role and RoleBinding for the above specified service account to be able to run workflows diff --git a/charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml b/charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml new file mode 100644 index 00000000..fa7da83a --- /dev/null +++ b/charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml @@ -0,0 +1,35 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusterworkflowtemplates.argoproj.io +spec: + group: argoproj.io + names: + kind: ClusterWorkflowTemplate + listKind: ClusterWorkflowTemplateList + plural: clusterworkflowtemplates + shortNames: + - clusterwftmpl + - cwft + singular: clusterworkflowtemplate + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true diff --git a/charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml b/charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml new file mode 100644 index 00000000..2878fe9b --- /dev/null +++ b/charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml @@ -0,0 +1,38 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: cronworkflows.argoproj.io +spec: + group: argoproj.io + names: + kind: CronWorkflow + listKind: CronWorkflowList + plural: cronworkflows + shortNames: + - cwf + - cronwf + singular: cronworkflow + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true diff --git a/charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml b/charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml new file mode 100644 index 00000000..9585686a --- /dev/null +++ b/charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml @@ -0,0 +1,34 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workfloweventbindings.argoproj.io +spec: + group: argoproj.io + names: + kind: WorkflowEventBinding + listKind: WorkflowEventBindingList + plural: workfloweventbindings + shortNames: + - wfeb + singular: workfloweventbinding + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true diff --git a/charts/argo-workflows/crds/argoproj.io_workflows.yaml b/charts/argo-workflows/crds/argoproj.io_workflows.yaml new file mode 100644 index 00000000..f3751e18 --- /dev/null +++ b/charts/argo-workflows/crds/argoproj.io_workflows.yaml @@ -0,0 +1,48 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workflows.argoproj.io +spec: + group: argoproj.io + names: + kind: Workflow + listKind: WorkflowList + plural: workflows + shortNames: + - wf + singular: workflow + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status of the workflow + jsonPath: .status.phase + name: Status + type: string + - description: When the workflow was started + format: date-time + jsonPath: .status.startedAt + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: {} diff --git a/charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml b/charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml new file mode 100644 index 00000000..f6fa080a --- /dev/null +++ b/charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml @@ -0,0 +1,34 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workflowtemplates.argoproj.io +spec: + group: argoproj.io + names: + kind: WorkflowTemplate + listKind: WorkflowTemplateList + plural: workflowtemplates + shortNames: + - wftmpl + singular: workflowtemplate + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true diff --git a/charts/argo-workflows/templates/NOTES.txt b/charts/argo-workflows/templates/NOTES.txt new file mode 100644 index 00000000..b6ac65d4 --- /dev/null +++ b/charts/argo-workflows/templates/NOTES.txt @@ -0,0 +1,7 @@ +1. Get Argo Server external IP/domain by running: + +kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-{{ .Values.server.name }} + +2. Submit the hello-world workflow by running: + +argo submit https://raw.githubusercontent.com/argoproj/argo-workflows/master/examples/hello-world.yaml --watch diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl new file mode 100644 index 00000000..f5c8a4c3 --- /dev/null +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -0,0 +1,96 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Create argo workflows server name and version as used by the chart label. +*/}} +{{- define "argo-workflows.server.fullname" -}} +{{- printf "%s-%s" (include "argo-workflows.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create controller name and version as used by the chart label. +*/}} +{{- define "argo-workflows.controller.fullname" -}} +{{- printf "%s-%s" (include "argo-workflows.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "argo-workflows.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "argo-workflows.fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "argo-workflows.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "argo-workflows.labels" -}} +helm.sh/chart: {{ include "argo-workflows.chart" .context }} +{{ include "argo-workflows.selectorLabels" (dict "context" .context "component" .component "name" .name) }} +app.kubernetes.io/managed-by: {{ .context.Release.Service }} +app.kubernetes.io/part-of: argo-workflows +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "argo-workflows.selectorLabels" -}} +{{- if .name -}} +app.kubernetes.io/name: {{ include "argo-workflows.name" .context }}-{{ .name }} +{{ end -}} +app.kubernetes.io/instance: {{ .context.Release.Name }} +{{- if .component }} +app.kubernetes.io/component: {{ .component }} +{{- end }} +{{- end }} + +{{/* +Create the name of the server service account to use +*/}} +{{- define "argo-workflows.serverServiceAccountName" -}} +{{- if .Values.server.serviceAccount.create -}} + {{ default (include "argo-workflows.fullname" .) .Values.server.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.server.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the controller service account to use +*/}} +{{- define "argo-workflows.controllerServiceAccountName" -}} +{{- if .Values.controller.serviceAccount.create -}} + {{ default (include "argo-workflows.fullname" .) .Values.controller.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.controller.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for ingress +*/}} +{{- define "argo-workflows.ingress.apiVersion" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.Version -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml new file mode 100644 index 00000000..2143f208 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -0,0 +1,95 @@ +{{- if .Values.createAggregateRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + helm.sh/hook: pre-install + helm.sh/hook-delete-policy: before-hook-creation + name: argo-workflows-aggregate-to-view + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: + - argoproj.io + resources: + - workflows + - workflows/finalizers + - workfloweventbindings + - workfloweventbindings/finalizers + - workflowtemplates + - workflowtemplates/finalizers + - cronworkflows + - cronworkflows/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + helm.sh/hook: pre-install + helm.sh/hook-delete-policy: before-hook-creation + name: argo-workflows-aggregate-to-edit + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: + - argoproj.io + resources: + - workflows + - workflows/finalizers + - workfloweventbindings + - workfloweventbindings/finalizers + - workflowtemplates + - workflowtemplates/finalizers + - cronworkflows + - cronworkflows/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + helm.sh/hook: pre-install + helm.sh/hook-delete-policy: before-hook-creation + name: argo-workflows-aggregate-to-admin + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: +- apiGroups: + - argoproj.io + resources: + - workflows + - workflows/finalizers + - workfloweventbindings + - workfloweventbindings/finalizers + - workflowtemplates + - workflowtemplates/finalizers + - cronworkflows + - cronworkflows/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml new file mode 100644 index 00000000..de5e88a3 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -0,0 +1,148 @@ +apiVersion: rbac.authorization.k8s.io/v1 +{{- if .Values.singleNamespace }} +kind: Role +{{- else }} +kind: ClusterRole +{{- end }} +metadata: + name: {{ template "argo-workflows.controller.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - pods + - pods/exec + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - watch + - list +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete +- apiGroups: + - argoproj.io + resources: + - workflows + - workflows/finalizers + verbs: + - get + - list + - watch + - update + - patch + - delete + - create +- apiGroups: + - argoproj.io + resources: + - workflowtemplates + - workflowtemplates/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers + verbs: + - get + - list + - watch +- apiGroups: + - argoproj.io + resources: + - cronworkflows + - cronworkflows/finalizers + verbs: + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - list +- apiGroups: + - "policy" + resources: + - poddisruptionbudgets + verbs: + - create + - get + - delete +{{- if .Values.controller.persistence }} +- apiGroups: + - "" + resources: + - secrets + resourceNames: + {{- if .Values.controller.persistence.postgresql }} + - {{ .Values.controller.persistence.postgresql.userNameSecret.name }} + - {{ .Values.controller.persistence.postgresql.passwordSecret.name }} + {{- end}} + {{- if .Values.controller.persistence.mysql }} + - {{ .Values.controller.persistence.mysql.userNameSecret.name }} + - {{ .Values.controller.persistence.mysql.passwordSecret.name }} + {{- end}} + verbs: + - get +{{- end}} +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create +- apiGroups: + - coordination.k8s.io + resources: + - leases + resourceNames: + - workflow-controller + - workflow-controller-lease + verbs: + - get + - watch + - update + - patch + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template +rules: +- apiGroups: + - argoproj.io + resources: + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers + verbs: + - get + - list + - watch diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml new file mode 100644 index 00000000..afddb194 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "argo-workflows.controller.fullname" . }}-configmap + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} +data: + config: | + {{- if .Values.controller.instanceID.enabled }} + {{- if .Values.controller.instanceID.useReleaseName }} + instanceID: {{ .Release.Name }} + {{- else }} + instanceID: {{ .Values.controller.instanceID.explicitID }} + {{- end }} + {{- end }} + containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} + {{- if .Values.controller.parallelism }} + parallelism: {{ .Values.controller.parallelism }} + {{- end }} + {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} + executor: + {{- with .Values.executor.resources }} + resources: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.executor.env }} + env: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.executor.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- if .Values.useDefaultArtifactRepo }} + artifactRepository: + {{- if .Values.artifactRepository.archiveLogs }} + archiveLogs: {{ .Values.artifactRepository.archiveLogs }} + {{- end }} + {{- if .Values.artifactRepository.gcs }} + gcs: +{{ toYaml .Values.artifactRepository.gcs | indent 8}} + {{- else }} + s3: + {{- if .Values.useStaticCredentials }} + accessKeySecret: + key: {{ .Values.artifactRepository.s3.accessKeySecret.key }} + name: {{ .Values.artifactRepository.s3.accessKeySecret.name }} + secretKeySecret: + key: {{ .Values.artifactRepository.s3.secretKeySecret.key }} + name: {{ .Values.artifactRepository.s3.secretKeySecret.name }} + {{- end }} + bucket: {{ .Values.artifactRepository.s3.bucket }} + endpoint: {{ .Values.artifactRepository.s3.endpoint }} + insecure: {{ .Values.artifactRepository.s3.insecure }} + {{- if .Values.artifactRepository.s3.keyFormat }} + keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }} + {{- end }} + {{- if .Values.artifactRepository.s3.region }} + region: {{ .Values.artifactRepository.s3.region }} + {{- end }} + {{- if .Values.artifactRepository.s3.roleARN }} + roleARN: {{ .Values.artifactRepository.s3.roleARN }} + {{- end }} + {{- if .Values.artifactRepository.s3.useSDKCreds }} + useSDKCreds: {{ .Values.artifactRepository.s3.useSDKCreds }} + {{- end }} + {{- end }} + {{- end}} + {{- if .Values.controller.metricsConfig.enabled }} + metricsConfig: +{{ toYaml .Values.controller.metricsConfig | indent 6}}{{- end }} + {{- if .Values.controller.telemetryConfig.enabled }} + telemetryConfig: +{{ toYaml .Values.controller.telemetryConfig | indent 6}}{{- end }} + {{- if .Values.controller.persistence }} + persistence: +{{ toYaml .Values.controller.persistence | indent 6 }}{{- end }} + {{- if .Values.controller.workflowDefaults }} + workflowDefaults: +{{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} + {{- with .Values.server.sso }} + sso: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.controller.workflowRestrictions }} + workflowRestrictions: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.controller.links }} + links: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml new file mode 100644 index 00000000..6879d282 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -0,0 +1,48 @@ +apiVersion: rbac.authorization.k8s.io/v1 +{{- if .Values.singleNamespace }} +kind: RoleBinding +{{ else }} +kind: ClusterRoleBinding +{{- end }} +metadata: + name: {{ template "argo-workflows.controller.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + {{- if .Values.singleNamespace }} + kind: Role + {{ else }} + kind: ClusterRole + {{- end }} + name: {{ template "argo-workflows.controller.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "argo-workflows.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- if .Values.controller.workflowNamespaces }} +{{- $uiServiceAccount := (include "argo-workflows.controllerServiceAccountName" .) }} +{{- $namespace := .Release.Namespace }} +{{- range $key := .Values.controller.workflowNamespaces }} + {{- if not (eq $key $namespace) }} + - kind: ServiceAccount + name: {{ $uiServiceAccount }} + namespace: {{ $key }} + {{- end }} +{{- end }} +{{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template +subjects: + - kind: ServiceAccount + name: {{ template "argo-workflows.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml new file mode 100644 index 00000000..564ba412 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -0,0 +1,19 @@ +{{- if .Values.controller.pdb.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-workflows.controller.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} +spec: + {{- if .Values.controller.pdb.minAvailable }} + minAvailable: {{ .Values.controller.pdb.minAvailable }} + {{- else if .Values.controller.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml new file mode 100644 index 00000000..c35894ec --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -0,0 +1,104 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-workflows.controller.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | quote }} +spec: + replicas: {{ .Values.controller.replicas }} + selector: + matchLabels: + {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} + template: + metadata: + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | quote }} + {{- with.Values.controller.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "argo-workflows.controllerServiceAccountName" . }} + {{- with .Values.controller.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: controller + image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.images.pullPolicy }} + command: [ "workflow-controller" ] + args: + - "--configmap" + - "{{ template "argo-workflows.controller.fullname" . }}-configmap" + - "--executor-image" + - "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ .Values.executor.image.tag | default .Chart.AppVersion }}" + - "--loglevel" + - "{{ .Values.controller.logging.level }}" + - "--gloglevel" + - "{{ .Values.controller.logging.globallevel }}" + {{- if .Values.singleNamespace }} + - "--namespaced" + {{- end }} + {{- with .Values.controller.workflowWorkers }} + - "--workflow-workers" + - {{ . | quote }} + {{- end }} + {{- with .Values.controller.podWorkers }} + - "--pod-workers" + - {{ . | quote }} + {{- end }} + {{- with .Values.controller.extraArgs }} + {{- toYaml . | nindent 10 }} + {{- end }} + securityContext: + {{- toYaml .Values.controller.securityContext | nindent 12 }} + env: + - name: ARGO_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: LEADER_ELECTION_IDENTITY + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + {{- with .Values.controller.extraEnv }} + {{ toYaml . | nindent 10 }} + {{- end }} + resources: + {{- toYaml .Values.controller.resources | nindent 12 }} + ports: + - name: metrics + containerPort: {{ .Values.controller.metricsConfig.port }} + livenessProbe: + httpGet: + port: metrics + path: {{ .Values.controller.metricsConfig.path }} + initialDelaySeconds: 30 + periodSeconds: 30 + {{- with .Values.images.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml new file mode 100644 index 00000000..e917bb41 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "argo-workflows.controllerServiceAccountName" . }} + {{ with .Values.controller.serviceAccount.annotations }} + annotations: + {{- toYaml .| nindent 4 }} + {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml new file mode 100644 index 00000000..5c248f49 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -0,0 +1,38 @@ +{{- if or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "argo-workflows.controller.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | quote }} + {{- with .Values.controller.serviceLabels }} + {{ toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.serviceAnnotations }} + annotations: + {{- toYaml . | nindent 4}} + {{- end }} +spec: + ports: + {{- if .Values.controller.metricsConfig.enabled }} + - name: {{ .Values.controller.metricsConfig.servicePortName }} + port: {{ .Values.controller.metricsConfig.servicePort }} + protocol: TCP + targetPort: {{ .Values.controller.metricsConfig.port }} + {{- end }} + {{- if .Values.controller.telemetryConfig.enabled }} + - name: {{ .Values.controller.telemetryConfig.servicePortName }} + port: {{ .Values.controller.telemetryConfig.servicePort }} + protocol: TCP + targetPort: {{ .Values.controller.telemetryConfig.port }} + {{- end }} + selector: + {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} + sessionAffinity: None + type: {{ .Values.controller.serviceType }} + {{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- toYaml .Values.controller.loadBalancerSourceRanges | nindent 4 }} + {{- end }} +{{- end -}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml new file mode 100644 index 00000000..54cf1b31 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -0,0 +1,29 @@ +{{- if and (or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled) .Values.controller.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-workflows.controller.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- with .Values.controller.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + {{- if .Values.controller.metricsConfig.enabled }} + - port: metrics + path: {{ .Values.controller.metricsConfig.path }} + interval: 30s + {{- end }} + {{- if .Values.controller.telemetryConfig.enabled }} + - port: telemetry + path: {{ .Values.controller.telemetryConfig.path }} + interval: 30s + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml new file mode 100644 index 00000000..9b27c045 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -0,0 +1,19 @@ +{{- if .Values.workflow.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-workflows.fullname" . }}-workflow + {{- with .Values.workflow.namespace }} + namespace: {{ . }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "argo-workflows.fullname" . }}-workflow +subjects: +- kind: ServiceAccount + name: {{ .Values.workflow.serviceAccount.name }} + {{- with .Values.workflow.namespace }} + namespace: {{ . }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml new file mode 100644 index 00000000..bf8b3cff --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -0,0 +1,25 @@ +{{- if .Values.workflow.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "argo-workflows.fullname" . }}-workflow + {{- with .Values.workflow.namespace }} + namespace: {{ . }} + {{- end }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - patch +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - watch +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml new file mode 100644 index 00000000..dc84f2b1 --- /dev/null +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -0,0 +1,13 @@ +{{- if .Values.workflow.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.workflow.serviceAccount.name }} + {{- with .Values.workflow.namespace }} + namespace: {{ . }} + {{- end }} + {{- with .Values.workflow.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml new file mode 100644 index 00000000..5901bbd1 --- /dev/null +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -0,0 +1,136 @@ +{{- if .Values.server.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 + {{- if .Values.singleNamespace }} +kind: Role + {{- else }} +kind: ClusterRole + {{- end }} +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - configmaps + - events + verbs: + - get + - watch + - list +- apiGroups: + - "" + resources: + - pods + - pods/exec + - pods/log + verbs: + - get + - list + - watch + - delete + {{- if .Values.server.sso }} +- apiGroups: + - "" + resources: + - secrets + resourceNames: + - sso + verbs: + - get + - update +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + {{- if .Values.server.sso.rbac }} +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - list + {{- end }} + {{- end }} +- apiGroups: + - "" + resources: + - secrets + verbs: + - get +{{- if .Values.server.sso }} + {{- if .Values.server.sso.rbac }} + {{- with .Values.server.sso.rbac.secretWhitelist }} + resourceNames: {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} +- apiGroups: + - "" + resources: + - events + verbs: + - watch + - create + - patch +{{- if .Values.controller.persistence }} +- apiGroups: + - "" + resources: + - secrets + resourceNames: + {{- with .Values.controller.persistence.postgresql }} + - {{ .userNameSecret.name }} + - {{ .passwordSecret.name }} + {{- end}} + {{- with .Values.controller.persistence.mysql }} + - {{ .userNameSecret.name }} + - {{ .passwordSecret.name }} + {{- end}} + verbs: + - get +{{- end}} +- apiGroups: + - argoproj.io + resources: + - eventsources + - sensors + - workflows + - workfloweventbindings + - workflowtemplates + - cronworkflows + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "argo-workflows.server.fullname" . }}-cluster-template + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +rules: +- apiGroups: + - argoproj.io + resources: + - clusterworkflowtemplates + verbs: + - get + - list + - watch + {{- if .Values.server.clusterWorkflowTemplates.enableEditing }} + - create + - update + - patch + - delete + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml new file mode 100644 index 00000000..fd9450d5 --- /dev/null +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -0,0 +1,39 @@ +{{- if and .Values.server.enabled .Values.server.serviceAccount.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +{{- if .Values.singleNamespace }} +kind: RoleBinding +{{ else }} +kind: ClusterRoleBinding +{{- end }} +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + {{- if .Values.singleNamespace }} + kind: Role + {{ else }} + kind: ClusterRole + {{- end }} + name: {{ template "argo-workflows.server.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "argo-workflows.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "argo-workflows.server.fullname" . }}-cluster-template + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "argo-workflows.server.fullname" . }}-cluster-template +subjects: +- kind: ServiceAccount + name: {{ template "argo-workflows.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml new file mode 100644 index 00000000..aeba6547 --- /dev/null +++ b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.server.enabled .Values.server.pdb.enabled -}} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + {{- if .Values.server.pdb.minAvailable }} + minAvailable: {{ .Values.server.pdb.minAvailable }} + {{- else if .Values.server.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.server.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml new file mode 100644 index 00000000..9d1696dd --- /dev/null +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -0,0 +1,105 @@ +{{- if .Values.server.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | quote }} +spec: + replicas: {{ .Values.server.replicas }} + selector: + matchLabels: + {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} + template: + metadata: + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | quote }} + {{- with .Values.server.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.server.podAnnotations }} + annotations: + {{- toYaml .Values.server.podAnnotations | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "argo-workflows.serverServiceAccountName" . }} + {{- with .Values.server.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: argo-server + image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ .Values.server.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.images.pullPolicy }} + securityContext: + {{- toYaml .Values.server.securityContext | nindent 12 }} + args: + - server + - --configmap={{ template "argo-workflows.controller.fullname" . }}-configmap + {{- with .Values.server.extraArgs }} + {{- toYaml . | nindent 10 }} + {{- end }} + - "--secure={{ .Values.server.secure }}" + {{- if .Values.singleNamespace }} + - "--namespaced" + {{- end }} + ports: + - name: web + containerPort: 2746 + readinessProbe: + httpGet: + path: / + port: 2746 + {{- if .Values.server.secure }} + scheme: HTTPS + {{- else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: 10 + periodSeconds: 20 + env: + - name: IN_CLUSTER + value: "true" + - name: ARGO_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: BASE_HREF + value: {{ .Values.server.baseHref | quote }} + resources: + {{- toYaml .Values.server.resources | nindent 12 }} + volumeMounts: + - name: tmp + mountPath: /tmp + {{- with .Values.server.volumeMounts }} + {{- toYaml . | nindent 10}} + {{- end }} + {{- with .Values.images.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: tmp + emptyDir: {} + {{- with .Values.server.volumes }} + {{- toYaml . | nindent 6}} + {{- end }} + {{- with .Values.server.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.server.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.server.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.server.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml new file mode 100644 index 00000000..fe67c0a3 --- /dev/null +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -0,0 +1,88 @@ +{{- if .Values.server.ingress.enabled -}} +{{- $serviceName := include "argo-workflows.server.fullname" . -}} +{{- $servicePort := .Values.server.servicePort -}} +{{- $paths := .Values.server.ingress.paths -}} +{{- $extraPaths := .Values.server.ingress.extraPaths -}} +apiVersion: {{ include "argo-workflows.ingress.apiVersion" . }} +kind: Ingress +metadata: +{{- if .Values.server.ingress.annotations }} + annotations: + {{- range $key, $value := .Values.server.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ template "argo-workflows.server.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- if .Values.server.ingress.labels }} + {{- toYaml .Values.server.ingress.labels | nindent 4 }} + {{- end }} +spec: + {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + {{- with .Values.server.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + {{- end }} + rules: + {{- if .Values.server.ingress.hosts }} + {{- range $host := .Values.server.ingress.hosts }} + - host: {{ $host }} + http: + paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} + - path: {{ $p }} + {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + pathType: Prefix + {{- end }} + backend: + {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- else }} + - http: + paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} + - path: {{ $p }} + {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + pathType: Prefix + {{- end }} + backend: + {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- if .Values.server.ingress.tls }} + tls: + {{- toYaml .Values.server.ingress.tls | nindent 4 }} + {{- end -}} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml new file mode 100644 index 00000000..10e03d0e --- /dev/null +++ b/charts/argo-workflows/templates/server/server-sa.yaml @@ -0,0 +1,10 @@ +{{- if and .Values.server.enabled .Values.server.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "argo-workflows.serverServiceAccountName" . }} + {{- with .Values.server.serviceAccount.annotations }} + annotations: + {{- toYaml . | indent 4 }} + {{- end }} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml new file mode 100644 index 00000000..5d161ee8 --- /dev/null +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -0,0 +1,31 @@ +{{- if .Values.server.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | quote }} + {{- with .Values.server.serviceAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ports: + - port: {{ .Values.server.servicePort }} + {{- with .Values.server.servicePortName }} + name: {{ . }} + {{- end }} + targetPort: 2746 + selector: + {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} + sessionAffinity: None + type: {{ .Values.server.serviceType }} + {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerIP }} + loadBalancerIP: {{ .Values.server.loadBalancerIP | quote }} + {{- end }} + {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- toYaml .Values.server.loadBalancerSourceRanges | nindent 4 }} + {{- end }} +{{- end -}} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml new file mode 100644 index 00000000..375c5eb1 --- /dev/null +++ b/charts/argo-workflows/values.yaml @@ -0,0 +1,331 @@ +images: + # imagePullPolicy to apply to all containers + pullPolicy: Always + # Secrets with credentials to pull images from a private registry + pullSecrets: [] + # - name: argo-pull-secret + +init: + # By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is + # being deployed to. In RBAC clusters, that will almost certainly fail. See the NOTES: section of the readme for more info. + serviceAccount: "" + +createAggregateRoles: true + +# Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents, +# and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. +singleNamespace: false + +workflow: + namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. + serviceAccount: + create: false # Specifies whether a service account should be created + annotations: {} + name: "argo-workflow" # Service account which is used to run workflows + rbac: + create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows + +controller: + image: + registry: quay.io + repository: argoproj/workflow-controller + # Overrides the image tag whose default is the chart appVersion. + tag: "" + # parallelism dictates how many workflows can be running at the same time + parallelism: + # podAnnotations is an optional map of annotations to be applied to the controller Pods + podAnnotations: {} + # Optional labels to add to the controller pods + podLabels: {} + # SecurityContext to set on the controller pods + podSecurityContext: {} + # podPortName: http + metricsConfig: + enabled: false + path: /metrics + port: 9090 + servicePort: 8080 + servicePortName: metrics + # the controller container's securityContext + securityContext: + readOnlyRootFilesystem: true + runAsNonRoot: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + persistence: {} + # connectionPool: + # maxIdleConns: 100 + # maxOpenConns: 0 + # # save the entire workflow into etcd and DB + # nodeStatusOffLoad: false + # # enable archiving of old workflows + # archive: false + # postgresql: + # host: localhost + # port: 5432 + # database: postgres + # tableName: argo_workflows + # # the database secrets must be in the same namespace of the controller + # userNameSecret: + # name: argo-postgres-config + # key: username + # passwordSecret: + # name: argo-postgres-config + # key: password + workflowDefaults: {} # Only valid for 2.7+ + # spec: + # ttlStrategy: + # secondsAfterCompletion: 84600 + # workflowWorkers: 32 + # podWorkers: 32 + workflowRestrictions: {} # Only valid for 2.9+ + # templateReferencing: Strict|Secure + telemetryConfig: + enabled: false + path: /telemetry + port: 8081 + servicePort: 8081 + servicePortName: telemetry + serviceMonitor: + enabled: false + additionalLabels: {} + serviceAccount: + create: true + name: argo + # Annotations applied to created service account + annotations: {} + name: workflow-controller + workflowNamespaces: + - default + containerRuntimeExecutor: docker + instanceID: + # `instanceID.enabled` configures the controller to filter workflow submissions + # to only those which have a matching instanceID attribute. + enabled: false + # NOTE: If `instanceID.enabled` is set to `true` then either `instanceID.userReleaseName` + # or `instanceID.explicitID` must be defined. + # useReleaseName: true + # explicitID: unique-argo-controller-identifier + logging: + level: info + globallevel: "0" + serviceType: ClusterIP + # Annotations to be applied to the controller Service + serviceAnnotations: {} + # Optional labels to add to the controller Service + serviceLabels: {} + # Source ranges to allow access to service from. Only applies to + # service type `LoadBalancer` + loadBalancerSourceRanges: [] + resources: {} + # The list of environment variable definitions to be added to the controller + # manages container verbatim. + extraEnv: [] + # Extra arguments to be added to the controller + extraArgs: [] + replicas: 1 + pdb: + enabled: false + # minAvailable: 1 + # maxUnavailable: 1 + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: + kubernetes.io/os: linux + tolerations: [] + affinity: {} + # Leverage a PriorityClass to ensure your pods survive resource shortages + # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + # PriorityClass: system-cluster-critical + priorityClassName: "" + # https://argoproj.github.io/argo-workflows/links/ + links: [] + +# executor controls how the init and wait container should be customized +executor: + image: + registry: quay.io + repository: argoproj/argoexec + # Overrides the image tag whose default is the chart appVersion. + tag: "" + resources: {} + # Adds environment variables for the executor. + env: {} + # sets security context for the executor container + securityContext: {} + +server: + enabled: true + # only updates base url of resources on client side, + # it's expected that a proxy server rewrites the request URL and gets rid of this prefix + # https://github.com/argoproj/argo-workflows/issues/716#issuecomment-433213190 + baseHref: / + image: + registry: quay.io + repository: argoproj/argocli + # Overrides the image tag whose default is the chart appVersion. + tag: "" + # optional map of annotations to be applied to the ui Pods + podAnnotations: {} + # Optional labels to add to the UI pods + podLabels: {} + # SecurityContext to set on the server pods + podSecurityContext: {} + securityContext: + readOnlyRootFilesystem: false + runAsNonRoot: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + name: server + serviceType: ClusterIP + servicePort: 2746 + # servicePortName: http + serviceAccount: + create: true + name: argo-server + annotations: {} + # Annotations to be applied to the UI Service + serviceAnnotations: {} + # Optional labels to add to the UI Service + serviceLabels: {} + # Static IP address to assign to loadBalancer + # service type `LoadBalancer` + loadBalancerIP: "" + # Source ranges to allow access to service from. Only applies to + # service type `LoadBalancer` + loadBalancerSourceRanges: [] + resources: {} + replicas: 1 + pdb: + enabled: false + # minAvailable: 1 + # maxUnavailable: 1 + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: + kubernetes.io/os: linux + tolerations: [] + affinity: {} + # Leverage a PriorityClass to ensure your pods survive resource shortages + # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + # PriorityClass: system-cluster-critical + priorityClassName: "" + + # Run the argo server in "secure" mode. Configure this value instead of + # "--secure" in extraArgs. See the following documentation for more details + # on secure mode: + # https://argoproj.github.io/argo-workflows/tls/ + secure: false + + # Extra arguments to provide to the Argo server binary. + extraArgs: [] + + ## Additional volumes to the server main container. + volumeMounts: [] + volumes: [] + + ## Ingress configuration. + ## ref: https://kubernetes.io/docs/user-guide/ingress/ + ## + ingress: + enabled: false + annotations: {} + labels: {} + ingressClassName: "" + + ## Argo Workflows Server Ingress. + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + ## + hosts: + [] + # - argocd.example.com + paths: + - / + extraPaths: + [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation + tls: + [] + # - secretName: argocd-example-tls + # hosts: + # - argocd.example.com + https: false + + clusterWorkflowTemplates: + # Give the server permissions to edit ClusterWorkflowTemplates. + enableEditing: true + sso: + ## SSO configuration when SSO is specified as a server auth mode. + ## All the values are required. SSO is activated by adding --auth-mode=sso + ## to the server command line. + # + ## The root URL of the OIDC identity provider. + # issuer: https://accounts.google.com + ## Name of a secret and a key in it to retrieve the app OIDC client ID from. + # clientId: + # name: argo-server-sso + # key: client-id + ## Name of a secret and a key in it to retrieve the app OIDC client secret from. + # clientSecret: + # name: argo-server-sso + # key: client-secret + ## The OIDC redirect URL. Should be in the form /oauth2/callback. + # redirectUrl: https://argo/oauth2/callback + # rbac: + # enabled: true + ## When present, restricts secrets the server can read to a given list. + ## You can use it to restrict the server to only be able to access the + ## service account token secrets that are associated with service accounts + ## used for authorization. + # secretWhitelist: [] + ## Scopes requested from the SSO ID provider. The 'groups' scope requests + ## group membership information, which is usually used for authorization + ## decisions. + # scopes: + # - groups + +# Influences the creation of the ConfigMap for the workflow-controller itself. +useDefaultArtifactRepo: false +useStaticCredentials: true +artifactRepository: + # archiveLogs will archive the main container logs as an artifact + archiveLogs: false + s3: + # Note the `key` attribute is not the actual secret, it's the PATH to + # the contents in the associated secret, as defined by the `name` attribute. + accessKeySecret: + # name: -minio + key: accesskey + secretKeySecret: + # name: -minio + key: secretkey + insecure: true + # bucket: + # endpoint: + # region: + # roleARN: + # useSDKCreds: true + # gcs: + # bucket: -argo + # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/" + # serviceAccountKeySecret is a secret selector. + # It references the k8s secret named 'my-gcs-credentials'. + # This secret is expected to have have the key 'serviceAccountKey', + # containing the base64 encoded credentials + # to the bucket. + # + # If it's running on GKE and Workload Identity is used, + # serviceAccountKeySecret is not needed. + # serviceAccountKeySecret: + # name: my-gcs-credentials + # key: serviceAccountKey diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 3f10ee6f..8e82de87 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,16 +2,12 @@ apiVersion: v2 appVersion: v2.12.5 description: A Helm chart for Argo Workflows name: argo -version: 0.16.10 +version: 1.0.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm -maintainers: - - name: alexec - - name: alexmt - - name: jessesuen - - name: benjaminws dependencies: - name: minio version: 8.0.9 repository: https://helm.min.io/ condition: minio.install +deprecated: true diff --git a/charts/argo/README.md b/charts/argo/README.md index b0b5613a..024f0077 100644 --- a/charts/argo/README.md +++ b/charts/argo/README.md @@ -1,5 +1,7 @@ ## Argo Workflows Chart +> ⚠ DEPRECATION WARNING: this chart is for v2 of Argo Workflows. For v3, a new chart is available at + This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo-workflows), you should deploy it in the `kube-system` namespace. From b971b36317c25c3926661c1012eddacca8de2fcb Mon Sep 17 00:00:00 2001 From: Sergey Shaykhullin <46970457+sergeyshaykhullin@users.noreply.github.com> Date: Fri, 21 May 2021 15:43:10 +0300 Subject: [PATCH 016/122] feat(argo-cd): Extract ServiceMonitor interval to values (#739) * Extract interval and path to values Signed-off-by: Sergey Shaykhullin * Bump chart Signed-off-by: Sergey Shaykhullin * Remove path from values Signed-off-by: Sergey Shaykhullin --- charts/argo-cd/Chart.yaml | 2 +- .../argocd-application-controller/servicemonitor.yaml | 4 +++- .../argo-cd/templates/argocd-repo-server/servicemonitor.yaml | 4 +++- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 4 +++- charts/argo-cd/templates/dex/servicemonitor.yaml | 4 +++- charts/argo-cd/values.yaml | 4 ++++ 6 files changed, 17 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f4cb6e67..75e7cdba 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.3.5 +version: 3.4.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 51f81030..0b943982 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -17,7 +17,9 @@ metadata: spec: endpoints: - port: metrics - interval: 30s + {{- with .Values.controller.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} path: /metrics namespaceSelector: matchNames: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 0b343750..05b38acc 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -17,7 +17,9 @@ metadata: spec: endpoints: - port: metrics - interval: 30s + {{- with .Values.controller.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} path: /metrics namespaceSelector: matchNames: diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index ddf52efa..00002faa 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -17,7 +17,9 @@ metadata: spec: endpoints: - port: metrics - interval: 30s + {{- with .Values.controller.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} path: /metrics namespaceSelector: matchNames: diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index adc3394a..58bae6e2 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -17,7 +17,9 @@ metadata: spec: endpoints: - port: metrics - interval: 30s + {{- with .Values.controller.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} path: /metrics namespaceSelector: matchNames: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f1ddd6d3..066857e5 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -143,6 +143,7 @@ controller: servicePort: 8082 serviceMonitor: enabled: false + interval: 30s # selector: # prometheus: kube-prometheus # namespace: monitoring @@ -203,6 +204,7 @@ dex: labels: {} serviceMonitor: enabled: false + interval: 30s image: repository: quay.io/dexidp/dex @@ -490,6 +492,7 @@ server: servicePort: 8083 serviceMonitor: enabled: false + interval: 30s # selector: # prometheus: kube-prometheus # namespace: monitoring @@ -838,6 +841,7 @@ repoServer: servicePort: 8084 serviceMonitor: enabled: false + interval: 30s # selector: # prometheus: kube-prometheus # namespace: monitoring From 35c754364f68c8ce360270a1d7225fd75fdf5a98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Fri, 21 May 2021 15:03:28 +0200 Subject: [PATCH 017/122] chore!: Rewrite Lint Workflow to Github (#685) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: Move Linting to Github Actions Signed-off-by: Oliver Bähler Disable ServiceAccount on disabled Dex Signed-off-by: Oliver Bähler Swap Linting to Github Signed-off-by: Oliver Bähler Increase all chart versions Signed-off-by: Oliver Bähler Remove Circle & Improve Github Lint Signed-off-by: Oliver Bähler Remove Circle & Improve Github Lint Signed-off-by: Oliver Bähler Lookup Configmaps update Retest Retest reduce changes reduce changes * Bump argo-events Signed-off-by: Oliver Bähler * Move Config files Signed-off-by: Oliver Bähler * Readd Lint & Remove Argo Chart Signed-off-by: Oliver Bähler * Correct CT config name Signed-off-by: Oliver Bähler * Readd ARgo Signed-off-by: Oliver Bähler --- .circleci/chart-testing.yaml | 4 --- .circleci/config.yml | 7 ++-- .github/ct.yaml | 17 ++++++++++ {.circleci => .github}/lintconf.yaml | 0 .github/stale.yml | 1 - .github/workflows/lint-and-test.yml | 45 ++++++++++++++++++++++++++ .github/workflows/stale.yml | 4 --- charts/argo-events/Chart.yaml | 2 +- charts/argo-events/ci/test-values.yaml | 3 -- scripts/lint.sh | 26 +++++++-------- 10 files changed, 79 insertions(+), 30 deletions(-) delete mode 100644 .circleci/chart-testing.yaml create mode 100644 .github/ct.yaml rename {.circleci => .github}/lintconf.yaml (100%) delete mode 100644 .github/stale.yml create mode 100644 .github/workflows/lint-and-test.yml diff --git a/.circleci/chart-testing.yaml b/.circleci/chart-testing.yaml deleted file mode 100644 index 87e07618..00000000 --- a/.circleci/chart-testing.yaml +++ /dev/null @@ -1,4 +0,0 @@ -chart-repos: - - argo=https://argoproj.github.io/argo-helm - - minio=https://helm.min.io/ - - dandydeveloper=https://dandydeveloper.github.io/charts/ diff --git a/.circleci/config.yml b/.circleci/config.yml index 6c3306ec..e62f742c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -5,8 +5,8 @@ jobs: - image: quay.io/helmpack/chart-testing:v3.3.1 steps: - checkout - - run: helm repo add stable https://charts.helm.sh/stable - - run: ct lint --config .circleci/chart-testing.yaml --lint-conf .circleci/lintconf.yaml + - run: ct lint --config .github/ct.yaml --lint-conf .github/lintconf.yaml + # Technically this only needs to be run on master, but it's good to have it run on every PR # so that it is regularly tested. publish: @@ -21,6 +21,7 @@ jobs: - checkout - run: helm repo add stable https://charts.helm.sh/stable - run: helm repo add minio https://helm.min.io/ + - run: helm repo add argo https://argoproj.github.io/argo-helm - run: helm repo add dandydeveloper https://dandydeveloper.github.io/charts/ # Only actually publish charts on master. - run: | @@ -38,4 +39,4 @@ workflows: - lint - publish: requires: - - lint + - lint \ No newline at end of file diff --git a/.github/ct.yaml b/.github/ct.yaml new file mode 100644 index 00000000..4b22c6d5 --- /dev/null +++ b/.github/ct.yaml @@ -0,0 +1,17 @@ +## Reference: https://github.com/helm/chart-testing/blob/master/doc/ct_lint-and-install.md +# Don't add the 'debug' attribute, otherwise the workflow won't work anymore +remote: origin +chart-dirs: + - charts +chart-repos: + - argo=https://argoproj.github.io/argo-helm + - minio=https://helm.min.io/ + - dandydeveloper=https://dandydeveloper.github.io/charts/ + - stable=https://charts.helm.sh/stable + - incubator=https://charts.helm.sh/incubator +helm-extra-args: "--timeout 600s" +validate-chart-schema: false +validate-maintainers: true +validate-yaml: true +exclude-deprecated: true +excluded-charts: [] diff --git a/.circleci/lintconf.yaml b/.github/lintconf.yaml similarity index 100% rename from .circleci/lintconf.yaml rename to .github/lintconf.yaml diff --git a/.github/stale.yml b/.github/stale.yml deleted file mode 100644 index b81bf109..00000000 --- a/.github/stale.yml +++ /dev/null @@ -1 +0,0 @@ -# See https://github.com/probot/stale diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml new file mode 100644 index 00000000..30e6b63a --- /dev/null +++ b/.github/workflows/lint-and-test.yml @@ -0,0 +1,45 @@ +## Reference: https://github.com/helm/chart-testing-action +--- +name: Linting and Testing +on: pull_request +jobs: + chart-test: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Set up Helm + uses: azure/setup-helm@v1 + + - name: Set up python + uses: actions/setup-python@v2 + with: + python-version: 3.7 + + - name: Setup Chart Linting + id: lint + uses: helm/chart-testing-action@v2.0.1 + + - name: List changed charts + id: list-changed + run: | + ## If executed with debug this won't work anymore. + changed=$(ct --config ./.github/ct.yaml list-changed) + charts=$(echo "$changed" | tr '\n' ' ' | xargs) + if [[ -n "$changed" ]]; then + echo "::set-output name=changed::true" + echo "::set-output name=changed_charts::$charts" + fi + - name: Run chart-testing (lint) + run: ct lint --debug --config ./.github/ct.yaml --lint-conf ./.github/lintconf.yaml + + - name: Create kind cluster + uses: helm/kind-action@v1.1.0 + if: steps.list-changed.outputs.changed == 'true' + + - name: Run chart-testing (install) + run: ct install --config ./.github/ct.yaml + if: steps.list-changed.outputs.changed == 'true' diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index b671fc09..8b16dff4 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -1,14 +1,10 @@ name: Mark stale issues and pull requests - on: schedule: - cron: "30 1 * * *" - jobs: stale: - runs-on: ubuntu-latest - steps: - uses: actions/stale@v3 with: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 5def36c7..ea1878d3 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.4.0 +version: 1.4.1 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/ci/test-values.yaml b/charts/argo-events/ci/test-values.yaml index cd5d3916..3078a2d3 100644 --- a/charts/argo-events/ci/test-values.yaml +++ b/charts/argo-events/ci/test-values.yaml @@ -1,6 +1,3 @@ serviceAccount: argo-events-sa-test -additionalSaNamespaces: - - nsone - - nstwo instanceID: test-argo-events singleNamespace: false diff --git a/scripts/lint.sh b/scripts/lint.sh index 8f084c5b..c97b6863 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -1,19 +1,17 @@ #!/bin/bash +# This script runs the chart-testing tool locally. It simulates the linting that is also done by the github action. Run this without any errors before pushing. +# Reference: https://github.com/helm/chart-testing set -eux SRCROOT="$(cd "$(dirname "$0")/.." && pwd)" -for dir in $(find $SRCROOT/charts -mindepth 1 -maxdepth 1 -type d); -do - rm -rf $dir/charts - name=$(basename $dir) - echo "Running Helm linting for $name" - docker run \ - -v "$SRCROOT:/workdir" \ - gcr.io/kubernetes-charts-ci/test-image:v3.1.0 \ - ct \ - lint \ - --config .circleci/chart-testing.yaml \ - --lint-conf .circleci/lintconf.yaml \ - --charts "/workdir/charts/${name}" -done +echo -e "\n-- Linting all Helm Charts --\n" +docker run \ + -v "$SRCROOT:/workdir" \ + --entrypoint /bin/sh \ + quay.io/helmpack/chart-testing:v3.3.1 \ + -c cd /workdir \ + ct lint \ + --config .github/ct.yaml \ + --lint-conf .github/lintconf.yaml \ + --debug From 9a3077afe2e08ec6b4ff9dd71ccb6d1ca345ce68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Fri, 21 May 2021 17:59:30 +0200 Subject: [PATCH 018/122] chore!: Chart Publications via Github Workflow (#741) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: Move Linting to Github Actions Signed-off-by: Oliver Bähler --- .circleci/config.yml | 28 ++----------- .github/configs/cr.yaml | 2 + .github/configs/ct-install.yaml | 19 +++++++++ .github/{ct.yaml => configs/ct-lint.yaml} | 1 + .github/{ => configs}/lintconf.yaml | 0 .github/workflows/lint-and-test.yml | 6 +-- .github/workflows/publish.yml | 42 +++++++++++++++++++ CONTRIBUTING.md | 11 +---- README.md | 2 + charts/argo-cd/Chart.yaml | 2 +- charts/argo-events/Chart.yaml | 2 +- charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-workflows/Chart.yaml | 2 +- .../ci/enable-metrics-values.yaml | 2 +- charts/argocd-applicationset/Chart.yaml | 2 +- charts/argocd-notifications/Chart.yaml | 2 +- scripts/lint.sh | 4 +- scripts/publish.sh | 42 ------------------- 18 files changed, 84 insertions(+), 87 deletions(-) create mode 100644 .github/configs/cr.yaml create mode 100644 .github/configs/ct-install.yaml rename .github/{ct.yaml => configs/ct-lint.yaml} (94%) rename .github/{ => configs}/lintconf.yaml (100%) create mode 100644 .github/workflows/publish.yml delete mode 100755 scripts/publish.sh diff --git a/.circleci/config.yml b/.circleci/config.yml index e62f742c..79e8d1dc 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -5,33 +5,13 @@ jobs: - image: quay.io/helmpack/chart-testing:v3.3.1 steps: - checkout - - run: ct lint --config .github/ct.yaml --lint-conf .github/lintconf.yaml - - # Technically this only needs to be run on master, but it's good to have it run on every PR - # so that it is regularly tested. + - run: ct lint --config .github/configs/ct-lint.yaml --lint-conf .github/configs/lintconf.yaml publish: docker: - # We just need an image with `helm` on it. Handily we know of one already. - - image: quay.io/helmpack/chart-testing:v3.3.1 + - image: bash steps: - # install the additional keys needed to push to GitHub. Alex Collins owns these keys. - - add_ssh_keys - - run: git config --global user.email "nobody@circleci.com" - - run: git config --global user.name "Circle CI Build" - - checkout - - run: helm repo add stable https://charts.helm.sh/stable - - run: helm repo add minio https://helm.min.io/ - - run: helm repo add argo https://argoproj.github.io/argo-helm - - run: helm repo add dandydeveloper https://dandydeveloper.github.io/charts/ - # Only actually publish charts on master. - - run: | - set -x - if [ "$CIRCLE_BRANCH" = "master" ]; then - export GIT_PUSH=true - else - export GIT_PUSH=false - fi - sh ./scripts/publish.sh + - run: echo "Replaced by Github Workflow - https://github.com/argoproj/argo-helm/actions/workflows/publish.yml" + workflows: version: 2 workflow: diff --git a/.github/configs/cr.yaml b/.github/configs/cr.yaml new file mode 100644 index 00000000..01fdbe0c --- /dev/null +++ b/.github/configs/cr.yaml @@ -0,0 +1,2 @@ +## Reference: https://github.com/helm/chart-releaser +index-path: "./index.yaml" \ No newline at end of file diff --git a/.github/configs/ct-install.yaml b/.github/configs/ct-install.yaml new file mode 100644 index 00000000..e991d382 --- /dev/null +++ b/.github/configs/ct-install.yaml @@ -0,0 +1,19 @@ +## Reference: https://github.com/helm/chart-testing/blob/master/doc/ct_lint-and-install.md +# Don't add the 'debug' attribute, otherwise the workflow won't work anymore +# Only Used for the CT Install Stage +remote: origin +chart-dirs: + - charts +chart-repos: + - argo=https://argoproj.github.io/argo-helm + - minio=https://helm.min.io/ + - dandydeveloper=https://dandydeveloper.github.io/charts/ + - stable=https://charts.helm.sh/stable + - incubator=https://charts.helm.sh/incubator +helm-extra-args: "--timeout 600s" +validate-chart-schema: false +validate-maintainers: true +validate-yaml: true +exclude-deprecated: true +excluded-charts: + - "argocd-applicationset" diff --git a/.github/ct.yaml b/.github/configs/ct-lint.yaml similarity index 94% rename from .github/ct.yaml rename to .github/configs/ct-lint.yaml index 4b22c6d5..e7188eb1 100644 --- a/.github/ct.yaml +++ b/.github/configs/ct-lint.yaml @@ -1,5 +1,6 @@ ## Reference: https://github.com/helm/chart-testing/blob/master/doc/ct_lint-and-install.md # Don't add the 'debug' attribute, otherwise the workflow won't work anymore +# Only Used for the CT Lint Stage remote: origin chart-dirs: - charts diff --git a/.github/lintconf.yaml b/.github/configs/lintconf.yaml similarity index 100% rename from .github/lintconf.yaml rename to .github/configs/lintconf.yaml diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 30e6b63a..1056a239 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -27,19 +27,19 @@ jobs: id: list-changed run: | ## If executed with debug this won't work anymore. - changed=$(ct --config ./.github/ct.yaml list-changed) + changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed) charts=$(echo "$changed" | tr '\n' ' ' | xargs) if [[ -n "$changed" ]]; then echo "::set-output name=changed::true" echo "::set-output name=changed_charts::$charts" fi - name: Run chart-testing (lint) - run: ct lint --debug --config ./.github/ct.yaml --lint-conf ./.github/lintconf.yaml + run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml - name: Create kind cluster uses: helm/kind-action@v1.1.0 if: steps.list-changed.outputs.changed == 'true' - name: Run chart-testing (install) - run: ct install --config ./.github/ct.yaml + run: ct install --config ./.github/configs/ct-install.yaml if: steps.list-changed.outputs.changed == 'true' diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 00000000..f01702a6 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,42 @@ +--- +name: Chart Publish +on: + push: + branches: + - master + - rewrite-build +jobs: + publish: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Install Helm + uses: azure/setup-helm@v1 + + - name: Add dependency chart repos + run: | + helm repo add argo https://argoproj.github.io/argo-helm + helm repo add minio https://helm.min.io/ + helm repo add dandydeveloper https://dandydeveloper.github.io/charts/ + helm repo add stable https://charts.helm.sh/stable + helm repo add incubator https://charts.helm.sh/incubator + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + ## This is required to consider the old Circle-CI Index and to stay compatible with all the old releases. + - name: Fetch current Chart Index + run: | + git checkout origin/gh-pages index.yaml + + - name: Run chart-releaser + uses: helm/chart-releaser-action@v1.2.0 + with: + config: "./.github/configs/cr.yaml" + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f4c7d89c..a4ad43dd 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -86,7 +86,7 @@ As part of the Continuous Integration system we run Helm's [Chart Testing](https The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames. -Linting configuration can be found in [lintconf.yaml](.circleci/lintconf.yaml) +Linting configuration can be found in [ct-lint.yaml](./.github/configs/ct-lint.yaml) The linting can be invoked manually with the following command: @@ -96,11 +96,4 @@ The linting can be invoked manually with the following command: ## Publishing Changes -Changes are automatically publish whenever a commit is merged to master. The CI job (see `.circleci/config.yaml`) runs this: - -``` -GIT_PUSH=true ./scripts/publish.sh -``` - -Script generates tar file for each chart in `charts` directory and push changes to `gh-pages` branch. -Write access to https://github.com/argoproj/argo-helm.git is required to publish changes. +Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`). \ No newline at end of file diff --git a/README.md b/README.md index 63c3aa4b..2db0e70a 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Argo Helm Charts +[![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=master)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) + Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. The charts can be added using following command: ``` diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 75e7cdba..1a9ea518 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.4.0 +version: 3.4.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index ea1878d3..b0770954 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.4.1 +version: 1.4.2 keywords: - argo-events - sensor-controller diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 84752bf3..63a1fd07 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.10.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.5.2 +version: 0.5.3 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 32eb38d9..fd576f3c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.1.0 +version: 0.1.1 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/ci/enable-metrics-values.yaml b/charts/argo-workflows/ci/enable-metrics-values.yaml index 9818ebe5..64c56cc1 100644 --- a/charts/argo-workflows/ci/enable-metrics-values.yaml +++ b/charts/argo-workflows/ci/enable-metrics-values.yaml @@ -1,6 +1,6 @@ controller: serviceMonitor: - enabled: true + enabled: false metricsConfig: enabled: true telemetryConfig: diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index fba7f6bd..936734b0 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.4 +version: 0.1.5 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 8a1e04d8..714b0474 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.3.0 +version: 1.3.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/scripts/lint.sh b/scripts/lint.sh index c97b6863..1f0e9104 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -12,6 +12,6 @@ docker run \ quay.io/helmpack/chart-testing:v3.3.1 \ -c cd /workdir \ ct lint \ - --config .github/ct.yaml \ - --lint-conf .github/lintconf.yaml \ + --config .github/configs/ct-lint.yaml \ + --lint-conf .github/configs/lintconf.yaml \ --debug diff --git a/scripts/publish.sh b/scripts/publish.sh deleted file mode 100755 index 025ba5d9..00000000 --- a/scripts/publish.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -set -eux - -SRCROOT="$(cd "$(dirname "$0")/.." && pwd)" -GIT_PUSH=${GIT_PUSH:-false} - -rm -rf $SRCROOT/output && git clone -b gh-pages git@github.com:argoproj/argo-helm.git $SRCROOT/output - -helm repo add argoproj https://argoproj.github.io/argo-helm - -for dir in $(find $SRCROOT/charts -mindepth 1 -maxdepth 1 -type d); -do - rm -rf $dir/charts - - name=$(basename $dir) - - if [ $(helm dep list $dir 2>/dev/null| wc -l) -gt 1 ] - then - echo "Processing chart dependencies" - helm --debug dep build $dir - # Bug with Helm subcharts with hyphen on them - # https://github.com/argoproj/argo-helm/pull/270#issuecomment-608695684 - if [ "$name" == "argo-cd" ] - then - echo "Restore ArgoCD RedisHA subchart" - tar -C $dir/charts -xf $dir/charts/redis-ha-*.tgz - fi - fi - - echo "Processing $dir" - helm --debug package $dir -done - -cp $SRCROOT/*.tgz output/ -cd $SRCROOT/output && helm repo index . - -cd $SRCROOT/output && git status - -if [ "$GIT_PUSH" == "true" ] -then - cd $SRCROOT/output && git add . && git commit -m "Publish charts" && git push git@github.com:argoproj/argo-helm.git gh-pages -fi From 60a42675cbd3064e9836d0217266f0ec169beb5a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Fri, 21 May 2021 18:39:07 +0200 Subject: [PATCH 019/122] fix: Remove Argo Chart (#748) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Oliver Bähler --- charts/argo/.helmignore | 21 -- charts/argo/Chart.lock | 6 - charts/argo/Chart.yaml | 13 - charts/argo/README.md | 29 -- .../crds/cluster-workflow-template-crd.yaml | 23 -- charts/argo/crds/cron-workflow-crd.yaml | 23 -- charts/argo/crds/workflow-crd.yaml | 33 -- .../argo/crds/workflow-eventbinding-crd.yaml | 19 - charts/argo/crds/workflow-template-crd.yaml | 22 -- charts/argo/templates/NOTES.txt | 16 - charts/argo/templates/_helpers.tpl | 16 - .../cluster-workflow-template-crd.yaml | 19 - charts/argo/templates/cron-workflow-crd.yaml | 19 - .../argo/templates/server-cluster-roles.yaml | 134 ------- charts/argo/templates/server-crb.yaml | 35 -- .../argo/templates/server-deployment-pdb.yaml | 25 -- charts/argo/templates/server-deployment.yaml | 108 ------ charts/argo/templates/server-ingress.yaml | 46 --- charts/argo/templates/server-sa.yaml | 8 - charts/argo/templates/server-service.yaml | 33 -- .../worfkflow-controller-secrets-access.yaml | 18 - .../templates/workflow-aggregate-roles.yaml | 89 ----- .../workflow-controller-cluster-roles.yaml | 146 -------- .../workflow-controller-config-map.yaml | 89 ----- .../templates/workflow-controller-crb.yaml | 44 --- .../workflow-controller-deployment-pdb.yaml | 23 -- .../workflow-controller-deployment.yaml | 94 ----- .../workflow-controller-minio-secret-crb.yaml | 25 -- .../templates/workflow-controller-sa.yaml | 6 - .../workflow-controller-service.yaml | 38 -- .../workflow-controller-servicemonitor.yaml | 33 -- charts/argo/templates/workflow-crd.yaml | 28 -- charts/argo/templates/workflow-rb.yaml | 19 - charts/argo/templates/workflow-role.yaml | 25 -- charts/argo/templates/workflow-sa.yaml | 13 - .../argo/templates/workflow-template-crd.yaml | 18 - charts/argo/values.yaml | 330 ------------------ 37 files changed, 1686 deletions(-) delete mode 100644 charts/argo/.helmignore delete mode 100644 charts/argo/Chart.lock delete mode 100644 charts/argo/Chart.yaml delete mode 100644 charts/argo/README.md delete mode 100644 charts/argo/crds/cluster-workflow-template-crd.yaml delete mode 100644 charts/argo/crds/cron-workflow-crd.yaml delete mode 100644 charts/argo/crds/workflow-crd.yaml delete mode 100644 charts/argo/crds/workflow-eventbinding-crd.yaml delete mode 100644 charts/argo/crds/workflow-template-crd.yaml delete mode 100644 charts/argo/templates/NOTES.txt delete mode 100644 charts/argo/templates/_helpers.tpl delete mode 100644 charts/argo/templates/cluster-workflow-template-crd.yaml delete mode 100644 charts/argo/templates/cron-workflow-crd.yaml delete mode 100644 charts/argo/templates/server-cluster-roles.yaml delete mode 100644 charts/argo/templates/server-crb.yaml delete mode 100644 charts/argo/templates/server-deployment-pdb.yaml delete mode 100644 charts/argo/templates/server-deployment.yaml delete mode 100644 charts/argo/templates/server-ingress.yaml delete mode 100644 charts/argo/templates/server-sa.yaml delete mode 100644 charts/argo/templates/server-service.yaml delete mode 100644 charts/argo/templates/worfkflow-controller-secrets-access.yaml delete mode 100644 charts/argo/templates/workflow-aggregate-roles.yaml delete mode 100644 charts/argo/templates/workflow-controller-cluster-roles.yaml delete mode 100644 charts/argo/templates/workflow-controller-config-map.yaml delete mode 100644 charts/argo/templates/workflow-controller-crb.yaml delete mode 100644 charts/argo/templates/workflow-controller-deployment-pdb.yaml delete mode 100755 charts/argo/templates/workflow-controller-deployment.yaml delete mode 100644 charts/argo/templates/workflow-controller-minio-secret-crb.yaml delete mode 100644 charts/argo/templates/workflow-controller-sa.yaml delete mode 100644 charts/argo/templates/workflow-controller-service.yaml delete mode 100644 charts/argo/templates/workflow-controller-servicemonitor.yaml delete mode 100644 charts/argo/templates/workflow-crd.yaml delete mode 100644 charts/argo/templates/workflow-rb.yaml delete mode 100644 charts/argo/templates/workflow-role.yaml delete mode 100644 charts/argo/templates/workflow-sa.yaml delete mode 100644 charts/argo/templates/workflow-template-crd.yaml delete mode 100644 charts/argo/values.yaml diff --git a/charts/argo/.helmignore b/charts/argo/.helmignore deleted file mode 100644 index f0c13194..00000000 --- a/charts/argo/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/charts/argo/Chart.lock b/charts/argo/Chart.lock deleted file mode 100644 index 4b57ae05..00000000 --- a/charts/argo/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: minio - repository: https://helm.min.io/ - version: 8.0.9 -digest: sha256:0f43ad0a4b4e9af47615ef3da85054712eb28f154418d96b7b974a095cc19260 -generated: "2021-01-13T15:31:40.823086-08:00" diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml deleted file mode 100644 index 8e82de87..00000000 --- a/charts/argo/Chart.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v2 -appVersion: v2.12.5 -description: A Helm chart for Argo Workflows -name: argo -version: 1.0.0 -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png -home: https://github.com/argoproj/argo-helm -dependencies: -- name: minio - version: 8.0.9 - repository: https://helm.min.io/ - condition: minio.install -deprecated: true diff --git a/charts/argo/README.md b/charts/argo/README.md deleted file mode 100644 index 024f0077..00000000 --- a/charts/argo/README.md +++ /dev/null @@ -1,29 +0,0 @@ -## Argo Workflows Chart - -> ⚠ DEPRECATION WARNING: this chart is for v2 of Argo Workflows. For v3, a new chart is available at - -This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). - -If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo-workflows), you should deploy it in the `kube-system` namespace. - -## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to do create these. - -A few options are: -- Setup the CRD yourself manually and use `--set installCRD=false` when installing the helm chart. Find the CRDs in the [argo codebase](https://github.com/argoproj/argo-workflows/tree/master/manifests/base/crds/full) -- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute -- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions - -## Usage Notes: -This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. - -## Values - -The `values.yaml` contains items used to tweak a deployment of this chart. -Fields to note: -* `controller.instanceID.enabled`: If set to true, the Argo Controller will **ONLY** monitor Workflow submissions with a `--instanceid` attribute -* `controller.instanceID.useReleaseName`: If set to true then chart set controller instance id to release name -* `controller.instanceID.explicitID`: Allows customization of an instance id for the workflow controller to monitor -* `controller.workflowNamespaces`: This is a list of namespaces where workflows will be ran -* `minio.install`: If this is true, we'll install [minio](https://github.com/kubernetes/charts/tree/master/stable/minio) and build out the artifactRepository section in workflow controller config map. -* `artifactRepository.s3.accessKeySecret` and `artifactRepository.s3.secretKeySecret` These by default link to minio default credentials stored in the secret deployed by the minio chart. diff --git a/charts/argo/crds/cluster-workflow-template-crd.yaml b/charts/argo/crds/cluster-workflow-template-crd.yaml deleted file mode 100644 index a189f17c..00000000 --- a/charts/argo/crds/cluster-workflow-template-crd.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: clusterworkflowtemplates.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - version: v1alpha1 - scope: Cluster - names: - kind: ClusterWorkflowTemplate - listKind: ClusterWorkflowTemplateList - plural: clusterworkflowtemplates - shortNames: - - clusterwftmpl - - cwft - singular: clusterworkflowtemplate - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/crds/cron-workflow-crd.yaml b/charts/argo/crds/cron-workflow-crd.yaml deleted file mode 100644 index abd50b30..00000000 --- a/charts/argo/crds/cron-workflow-crd.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: cronworkflows.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: CronWorkflow - listKind: CronWorkflowList - plural: cronworkflows - shortNames: - - cwf - - cronwf - singular: cronworkflow - scope: Namespaced - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/crds/workflow-crd.yaml b/charts/argo/crds/workflow-crd.yaml deleted file mode 100644 index 24f6abc2..00000000 --- a/charts/argo/crds/workflow-crd.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: workflows.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - additionalPrinterColumns: - - JSONPath: .status.phase - description: Status of the workflow - name: Status - type: string - - JSONPath: .status.startedAt - description: When the workflow was started - format: date-time - name: Age - type: date - group: argoproj.io - names: - kind: Workflow - listKind: WorkflowList - plural: workflows - shortNames: - - wf - singular: workflow - scope: Namespaced - subresources: {} - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/crds/workflow-eventbinding-crd.yaml b/charts/argo/crds/workflow-eventbinding-crd.yaml deleted file mode 100644 index a58de8e7..00000000 --- a/charts/argo/crds/workflow-eventbinding-crd.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: workfloweventbindings.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowEventBinding - listKind: WorkflowEventBindingList - plural: workfloweventbindings - shortNames: - - wfeb - singular: workfloweventbinding - scope: Namespaced - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/crds/workflow-template-crd.yaml b/charts/argo/crds/workflow-template-crd.yaml deleted file mode 100644 index 0be13451..00000000 --- a/charts/argo/crds/workflow-template-crd.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: workflowtemplates.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - version: v1alpha1 - scope: Namespaced - names: - kind: WorkflowTemplate - listKind: WorkflowTemplateList - plural: workflowtemplates - shortNames: - - wftmpl - singular: workflowtemplate - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/charts/argo/templates/NOTES.txt b/charts/argo/templates/NOTES.txt deleted file mode 100644 index 7b4c02f0..00000000 --- a/charts/argo/templates/NOTES.txt +++ /dev/null @@ -1,16 +0,0 @@ -1. Get Argo Server external IP/domain by running: - -kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-{{ .Values.server.name }} - -2. Submit the hello-world workflow by running: - -argo submit https://raw.githubusercontent.com/argoproj/argo/master/examples/hello-world.yaml --watch - -{{ if .Values.minio.install }} - -3. Access Minio UI and create bucket '{{ .Values.minio.defaultBucket.name }}'. Minio UI is available on port 9000 and available via external URL. URL might be retrieved using following -command: - -kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-minio - -{{ end }} diff --git a/charts/argo/templates/_helpers.tpl b/charts/argo/templates/_helpers.tpl deleted file mode 100644 index f0d83d2e..00000000 --- a/charts/argo/templates/_helpers.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/charts/argo/templates/cluster-workflow-template-crd.yaml b/charts/argo/templates/cluster-workflow-template-crd.yaml deleted file mode 100644 index be688da3..00000000 --- a/charts/argo/templates/cluster-workflow-template-crd.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterworkflowtemplates.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - version: v1alpha1 - scope: Cluster - names: - kind: ClusterWorkflowTemplate - plural: clusterworkflowtemplates - shortNames: - - clusterwftmpl - - cwft -{{- end }} diff --git a/charts/argo/templates/cron-workflow-crd.yaml b/charts/argo/templates/cron-workflow-crd.yaml deleted file mode 100644 index 923abdf2..00000000 --- a/charts/argo/templates/cron-workflow-crd.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: cronworkflows.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: CronWorkflow - plural: cronworkflows - shortNames: - - cronwf - - cwf - scope: Namespaced - version: v1alpha1 -{{- end }} diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml deleted file mode 100644 index b6d47c09..00000000 --- a/charts/argo/templates/server-cluster-roles.yaml +++ /dev/null @@ -1,134 +0,0 @@ -{{- if .Values.server.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -{{- else }} -kind: ClusterRole -{{- end }} -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }} -rules: -- apiGroups: - - "" - resources: - - configmaps - - events - verbs: - - get - - watch - - list -- apiGroups: - - "" - resources: - - pods - - pods/exec - - pods/log - verbs: - - get - - list - - watch - - delete -{{- if .Values.server.sso }} -- apiGroups: - - "" - resources: - - secrets - resourceNames: - - sso - verbs: - - get - - update -- apiGroups: - - "" - resources: - - secrets - verbs: - - create -{{- end}} -{{- if .Values.server.sso }} - {{- if .Values.server.sso.rbac }} -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list - {{- end }} -{{- end }} -- apiGroups: - - "" - resources: - - secrets - verbs: - - get -{{- if .Values.server.sso }} - {{- if .Values.server.sso.rbac }} - {{- with .Values.server.sso.rbac.secretWhitelist }} - resourceNames: {{- toYaml . | nindent 4 }} - {{- end }} - {{- end }} -{{- end }} -- apiGroups: - - "" - resources: - - events - verbs: - - watch - - create - - patch -{{- if .Values.controller.persistence }} -- apiGroups: - - "" - resources: - - secrets - resourceNames: - {{- with .Values.controller.persistence.postgresql }} - - {{ .userNameSecret.name }} - - {{ .passwordSecret.name }} - {{- end}} - {{- with .Values.controller.persistence.mysql }} - - {{ .userNameSecret.name }} - - {{ .passwordSecret.name }} - {{- end}} - verbs: - - get -{{- end}} -- apiGroups: - - argoproj.io - resources: - - workflows - - workfloweventbindings - - workflowtemplates - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }}-cluster-template -rules: -- apiGroups: - - argoproj.io - resources: - - clusterworkflowtemplates - verbs: - - get - - list - - watch - {{- if .Values.server.clusterWorkflowTemplates.enableEditing }} - - create - - update - - patch - - delete - {{- end }} -{{- end }} diff --git a/charts/argo/templates/server-crb.yaml b/charts/argo/templates/server-crb.yaml deleted file mode 100644 index ad4cfeda..00000000 --- a/charts/argo/templates/server-crb.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if and .Values.server.enabled .Values.server.createServiceAccount -}} -apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: RoleBinding -{{ else }} -kind: ClusterRoleBinding -{{- end }} -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}} -roleRef: - apiGroup: rbac.authorization.k8s.io - {{- if .Values.singleNamespace }} - kind: Role - {{ else }} - kind: ClusterRole - {{- end }} - name: {{ .Release.Name }}-{{ .Values.server.name}} -subjects: -- kind: ServiceAccount - name: {{ .Values.server.serviceAccount }} - namespace: {{ .Release.Namespace }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template -subjects: -- kind: ServiceAccount - name: {{ .Values.server.serviceAccount }} - namespace: {{ .Release.Namespace }} -{{- end -}} diff --git a/charts/argo/templates/server-deployment-pdb.yaml b/charts/argo/templates/server-deployment-pdb.yaml deleted file mode 100644 index 31f1d4f8..00000000 --- a/charts/argo/templates/server-deployment-pdb.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.server.enabled -}} -{{- if .Values.server.pdb.enabled -}} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}} - labels: - app: {{ .Release.Name }}-{{ .Values.server.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - {{- if .Values.server.pdb.minAvailable }} - minAvailable: {{ .Values.server.pdb.minAvailable }} - {{- else if .Values.server.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.server.pdb.maxUnavailable }} - {{- else }} - minAvailable: 0 - {{- end }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.server.name}} - release: {{ .Release.Name }} -{{- end -}} -{{- end -}} diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml deleted file mode 100644 index 832fd37d..00000000 --- a/charts/argo/templates/server-deployment.yaml +++ /dev/null @@ -1,108 +0,0 @@ -{{- if .Values.server.enabled -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name}} - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.server.replicas }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.server.name}} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-{{ .Values.server.name}} - release: {{ .Release.Name }} - {{- if .Values.server.podLabels }} - {{- toYaml .Values.server.podLabels | nindent 8 }} - {{- end }} - {{- if .Values.server.podAnnotations }} - annotations: -{{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }} - spec: - serviceAccountName: {{ .Values.server.serviceAccount | quote }} - {{- if .Values.server.podSecurityContext }} - securityContext: - {{- toYaml .Values.server.podSecurityContext | nindent 8 }} - {{- end }} - containers: - - name: argo-server - args: - - server - - --configmap={{ .Release.Name }}-{{ .Values.controller.name }}-configmap - {{- if .Values.server.extraArgs }} - {{- toYaml .Values.server.extraArgs | nindent 10 }} - {{- end }} - {{- if .Values.server.secure }} - - "--secure" - {{- end }} - {{- if .Values.singleNamespace }} - - "--namespaced" - {{- end }} - image: "{{ .Values.images.namespace }}/{{ .Values.images.server }}:{{ default .Values.images.tag .Values.server.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} - {{- if .Values.server.podPortName }} - ports: - - name: {{ .Values.server.podPortName }} - containerPort: 2746 - {{- end }} - readinessProbe: - httpGet: - path: / - port: 2746 - {{- if .Values.server.secure }} - scheme: HTTPS - {{- else }} - scheme: HTTP - {{- end }} - initialDelaySeconds: 10 - periodSeconds: 20 - env: - - name: IN_CLUSTER - value: "true" - - name: ARGO_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: BASE_HREF - value: {{ .Values.server.baseHref | quote }} - resources: - {{- toYaml .Values.server.resources | nindent 12 }} - volumeMounts: - - name: tmp - mountPath: /tmp - {{- with .Values.server.volumeMounts }} - {{- toYaml . | nindent 10}} - {{- end }} - {{- with .Values.images.pullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: tmp - emptyDir: {} - {{- with .Values.server.volumes }} - {{- toYaml . | nindent 6}} - {{- end }} - {{- with .Values.server.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.server.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.server.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.server.priorityClassName }} - priorityClassName: {{ .Values.server.priorityClassName }} - {{- end }} -{{- end -}} diff --git a/charts/argo/templates/server-ingress.yaml b/charts/argo/templates/server-ingress.yaml deleted file mode 100644 index 6eab3f50..00000000 --- a/charts/argo/templates/server-ingress.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{- if .Values.server.enabled -}} -{{- if .Values.server.ingress.enabled -}} -{{- $serviceName := printf "%s-%s" .Release.Name .Values.server.name -}} -{{- $servicePort := .Values.server.servicePort -}} -{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} -apiVersion: networking.k8s.io/v1beta1 -{{ else }} -apiVersion: extensions/v1beta1 -{{ end -}} -kind: Ingress -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }} - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- range $key, $value := .Values.server.ingress.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - annotations: - {{- range $key, $value := .Values.server.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -spec: - rules: - {{- range .Values.server.ingress.hosts }} - - host: {{ . }} - http: - paths: - {{- if $.Values.server.ingress.paths }} - {{- range $.Values.server.ingress.paths }} - - backend: - serviceName: {{ .serviceName }} - servicePort: {{ .servicePort }} - {{- end }} - {{- end }} - - backend: - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end -}} - {{- if .Values.server.ingress.tls }} - tls: -{{ toYaml .Values.server.ingress.tls | indent 4 }} - {{- end -}} -{{- end -}} -{{- end -}} diff --git a/charts/argo/templates/server-sa.yaml b/charts/argo/templates/server-sa.yaml deleted file mode 100644 index 5b419a65..00000000 --- a/charts/argo/templates/server-sa.yaml +++ /dev/null @@ -1,8 +0,0 @@ -{{- if and .Values.server.enabled .Values.server.createServiceAccount -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.server.serviceAccount }} - annotations: -{{ toYaml .Values.server.serviceAccountAnnotations | indent 4 }} -{{- end -}} diff --git a/charts/argo/templates/server-service.yaml b/charts/argo/templates/server-service.yaml deleted file mode 100644 index ba4d74f6..00000000 --- a/charts/argo/templates/server-service.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if .Values.server.enabled -}} -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }}-{{ .Values.server.name }} - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- if .Values.server.serviceLabels }} - {{- toYaml .Values.server.serviceLabels | nindent 4 }} - {{- end }} - {{- if .Values.server.serviceAnnotations }} - annotations: -{{ toYaml .Values.server.serviceAnnotations | indent 4}}{{- end }} -spec: - ports: - - port: {{ .Values.server.servicePort }} - {{- if .Values.server.servicePortName }} - name: {{ .Values.server.servicePortName }} - {{- end }} - targetPort: 2746 - selector: - app: {{ .Release.Name }}-{{ .Values.server.name }} - sessionAffinity: None - type: {{ .Values.server.serviceType }} - {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerIP }} - loadBalancerIP: {{ .Values.server.loadBalancerIP | quote }} - {{- end }} - {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.server.loadBalancerSourceRanges | indent 4 }}{{- end }} -{{- end -}} diff --git a/charts/argo/templates/worfkflow-controller-secrets-access.yaml b/charts/argo/templates/worfkflow-controller-secrets-access.yaml deleted file mode 100644 index f0d48519..00000000 --- a/charts/argo/templates/worfkflow-controller-secrets-access.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{ if .Values.minio.install }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name}}-minio-secret -rules: -- apiGroups: - - "" - resources: - - secrets - resourceNames: - - {{ .Values.artifactRepository.s3.accessKeySecret.name | default (printf "%s-%s" .Release.Name "minio") | quote }} - - {{ .Values.artifactRepository.s3.secretKeySecret.name | default (printf "%s-%s" .Release.Name "minio") | quote }} - verbs: - - get - - watch - - list -{{- end }} \ No newline at end of file diff --git a/charts/argo/templates/workflow-aggregate-roles.yaml b/charts/argo/templates/workflow-aggregate-roles.yaml deleted file mode 100644 index b89e7b13..00000000 --- a/charts/argo/templates/workflow-aggregate-roles.yaml +++ /dev/null @@ -1,89 +0,0 @@ -{{- if .Values.createAggregateRoles }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: before-hook-creation - name: argo-aggregate-to-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" -rules: -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtemplates - - workflowtemplates/finalizers - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: before-hook-creation - name: argo-aggregate-to-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" -rules: -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtemplates - - workflowtemplates/finalizers - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: before-hook-creation - name: argo-aggregate-to-admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtemplates - - workflowtemplates/finalizers - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch -{{- end }} diff --git a/charts/argo/templates/workflow-controller-cluster-roles.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml deleted file mode 100644 index 4d596b1c..00000000 --- a/charts/argo/templates/workflow-controller-cluster-roles.yaml +++ /dev/null @@ -1,146 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: Role -{{- else }} -kind: ClusterRole -{{- end }} -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }} -rules: -- apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list -- apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - create - - delete -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete - - create -- apiGroups: - - argoproj.io - resources: - - workflowtemplates - - workflowtemplates/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - cronworkflows - - cronworkflows/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - "policy" - resources: - - poddisruptionbudgets - verbs: - - create - - get - - delete -{{- if .Values.controller.persistence }} -- apiGroups: - - "" - resources: - - secrets - resourceNames: - {{- if .Values.controller.persistence.postgresql }} - - {{ .Values.controller.persistence.postgresql.userNameSecret.name }} - - {{ .Values.controller.persistence.postgresql.passwordSecret.name }} - {{- end}} - {{- if .Values.controller.persistence.mysql }} - - {{ .Values.controller.persistence.mysql.userNameSecret.name }} - - {{ .Values.controller.persistence.mysql.passwordSecret.name }} - {{- end}} - verbs: - - get -{{- end}} -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create -- apiGroups: - - coordination.k8s.io - resources: - - leases - resourceNames: - - workflow-controller - - workflow-controller-lease - verbs: - - get - - watch - - update - - patch - - delete ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template -rules: -- apiGroups: - - argoproj.io - resources: - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - get - - list - - watch diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml deleted file mode 100644 index 26fe2cd8..00000000 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-configmap - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - config: | - {{- if .Values.controller.instanceID.enabled }} - {{- if .Values.controller.instanceID.useReleaseName }} - instanceID: {{ .Release.Name }} - {{- else }} - instanceID: {{ .Values.controller.instanceID.explicitID }} - {{- end }} - {{- end }} - containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} - {{- if .Values.controller.parallelism }} - parallelism: {{ .Values.controller.parallelism }} - {{- end }} - {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} - executor: - {{- with .Values.executor.resources }} - resources: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.executor.env }} - env: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.executor.securityContext }} - securityContext: {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} - artifactRepository: - {{- if .Values.artifactRepository.archiveLogs }} - archiveLogs: {{ .Values.artifactRepository.archiveLogs }} - {{- end }} - {{- if .Values.artifactRepository.gcs }} - gcs: -{{ toYaml .Values.artifactRepository.gcs | indent 8}} - {{- else }} - s3: - {{- if .Values.useStaticCredentials }} - accessKeySecret: - key: {{ .Values.artifactRepository.s3.accessKeySecret.key }} - name: {{ .Values.artifactRepository.s3.accessKeySecret.name | default (printf "%s-%s" .Release.Name "minio") }} - secretKeySecret: - key: {{ .Values.artifactRepository.s3.secretKeySecret.key }} - name: {{ .Values.artifactRepository.s3.secretKeySecret.name | default (printf "%s-%s" .Release.Name "minio") }} - {{- end }} - bucket: {{ .Values.artifactRepository.s3.bucket | default .Values.minio.defaultBucket.name }} - endpoint: {{ .Values.artifactRepository.s3.endpoint | default (printf "%s-%s" .Release.Name "minio:9000") }} - insecure: {{ .Values.artifactRepository.s3.insecure }} - {{- if .Values.artifactRepository.s3.keyFormat }} - keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }} - {{- end }} - {{- if .Values.artifactRepository.s3.region }} - region: {{ .Values.artifactRepository.s3.region }} - {{- end }} - {{- if .Values.artifactRepository.s3.roleARN }} - roleARN: {{ .Values.artifactRepository.s3.roleARN }} - {{- end }} - {{- if .Values.artifactRepository.s3.useSDKCreds }} - useSDKCreds: {{ .Values.artifactRepository.s3.useSDKCreds }} - {{- end }} - {{- end }} - {{- end}} - {{- if .Values.controller.metricsConfig.enabled }} - metricsConfig: -{{ toYaml .Values.controller.metricsConfig | indent 6}}{{- end }} - {{- if .Values.controller.telemetryConfig.enabled }} - telemetryConfig: -{{ toYaml .Values.controller.telemetryConfig | indent 6}}{{- end }} - {{- if .Values.controller.persistence }} - persistence: -{{ toYaml .Values.controller.persistence | indent 6 }}{{- end }} - {{- if .Values.controller.workflowDefaults }} - workflowDefaults: -{{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} - {{- with .Values.server.sso }} - sso: {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.controller.workflowRestrictions }} - workflowRestrictions: {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.controller.links }} - links: {{- toYaml . | nindent 6 }} - {{- end }} diff --git a/charts/argo/templates/workflow-controller-crb.yaml b/charts/argo/templates/workflow-controller-crb.yaml deleted file mode 100644 index 66cca4d0..00000000 --- a/charts/argo/templates/workflow-controller-crb.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -{{- if .Values.singleNamespace }} -kind: RoleBinding -{{ else }} -kind: ClusterRoleBinding -{{- end }} -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }} -roleRef: - apiGroup: rbac.authorization.k8s.io - {{- if .Values.singleNamespace }} - kind: Role - {{ else }} - kind: ClusterRole - {{- end }} - name: {{ .Release.Name }}-{{ .Values.controller.name }} -subjects: - - kind: ServiceAccount - name: {{ .Values.controller.serviceAccount }} - namespace: {{ .Release.Namespace }} -{{- if .Values.controller.workflowNamespaces }} -{{- $uiServiceAccount := .Values.controller.serviceAccount }} -{{- $namespace := .Release.Namespace }} -{{- range $key := .Values.controller.workflowNamespaces }} - {{- if not (eq $key $namespace) }} - - kind: ServiceAccount - name: {{ $uiServiceAccount }} - namespace: {{ $key }} - {{- end }} -{{- end }} -{{- end }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template -subjects: - - kind: ServiceAccount - name: {{ .Values.controller.serviceAccount }} - namespace: {{ .Release.Namespace }} diff --git a/charts/argo/templates/workflow-controller-deployment-pdb.yaml b/charts/argo/templates/workflow-controller-deployment-pdb.yaml deleted file mode 100644 index a7352a04..00000000 --- a/charts/argo/templates/workflow-controller-deployment-pdb.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if .Values.controller.pdb.enabled }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name}} - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - {{- if .Values.controller.pdb.minAvailable }} - minAvailable: {{ .Values.controller.pdb.minAvailable }} - {{- else if .Values.controller.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} - {{- else }} - minAvailable: 0 - {{- end }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - release: {{ .Release.Name }} -{{- end }} diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml deleted file mode 100755 index 9ad509d0..00000000 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ /dev/null @@ -1,94 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name}} - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.controller.replicas }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - release: {{ .Release.Name }} - {{- if .Values.controller.podLabels }} - {{ toYaml .Values.controller.podLabels | nindent 8}} - {{- end }} - {{- if .Values.controller.podAnnotations }} - annotations: -{{ toYaml .Values.controller.podAnnotations | indent 8}}{{- end }} - spec: - serviceAccountName: {{ .Values.controller.serviceAccount | quote }} - {{- if .Values.controller.podSecurityContext }} - securityContext: - {{- toYaml .Values.controller.podSecurityContext | nindent 8 }} - {{- end }} - containers: - - name: controller - image: "{{ .Values.images.namespace }}/{{ .Values.images.controller }}:{{ default .Values.images.tag .Values.controller.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} - command: [ "workflow-controller" ] - args: - - "--configmap" - - "{{ .Release.Name }}-{{ .Values.controller.name}}-configmap" - - "--executor-image" - - "{{ .Values.images.namespace }}/{{ .Values.images.executor }}:{{ default .Values.images.tag .Values.executor.image.tag }}" - - "--loglevel" - - "{{ .Values.controller.logging.level }}" - - "--gloglevel" - - "{{ .Values.controller.logging.globallevel }}" - {{- if .Values.singleNamespace }} - - "--namespaced" - {{- end }} - {{- with .Values.controller.workflowWorkers }} - - "--workflow-workers" - - {{ . | quote }} - {{- end }} - {{- with .Values.controller.podWorkers }} - - "--pod-workers" - - {{ . | quote }} - {{- end }} - {{- if .Values.controller.extraArgs }} - {{- toYaml .Values.controller.extraArgs | nindent 10 }} - {{- end }} - env: - - name: ARGO_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - {{- with .Values.controller.extraEnv }} - {{ toYaml . | nindent 10 }} - {{- end }} - resources: - {{- toYaml .Values.controller.resources | nindent 12 }} - {{- if .Values.controller.metricsConfig.enabled }} - ports: - - containerPort: 8080 - {{- end }} - {{- with .Values.images.pullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.controller.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.controller.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.controller.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.controller.priorityClassName }} - priorityClassName: {{ .Values.controller.priorityClassName }} - {{- end }} diff --git a/charts/argo/templates/workflow-controller-minio-secret-crb.yaml b/charts/argo/templates/workflow-controller-minio-secret-crb.yaml deleted file mode 100644 index 722776a4..00000000 --- a/charts/argo/templates/workflow-controller-minio-secret-crb.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{ if .Values.minio.install }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name}}-minio-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ .Release.Name }}-{{ .Values.controller.name}}-minio-secret -subjects: - - kind: ServiceAccount - name: {{ .Values.controller.serviceAccount }} - namespace: {{ .Release.Namespace }} -{{- if .Values.controller.workflowNamespaces }} -{{- $uiServiceAccount := .Values.controller.serviceAccount }} -{{- $namespace := .Release.Namespace }} -{{- range $key := .Values.controller.workflowNamespaces }} - {{- if not (eq $key $namespace) }} - - kind: ServiceAccount - name: {{ $uiServiceAccount }} - namespace: {{ $key }} - {{- end }} -{{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/argo/templates/workflow-controller-sa.yaml b/charts/argo/templates/workflow-controller-sa.yaml deleted file mode 100644 index 02d274da..00000000 --- a/charts/argo/templates/workflow-controller-sa.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.controller.serviceAccount }} - annotations: -{{ toYaml .Values.controller.serviceAccountAnnotations | indent 4 }} diff --git a/charts/argo/templates/workflow-controller-service.yaml b/charts/argo/templates/workflow-controller-service.yaml deleted file mode 100644 index 7985a54c..00000000 --- a/charts/argo/templates/workflow-controller-service.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }} - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- if .Values.controller.serviceLabels }} - {{ toYaml .Values.controller.serviceLabels | nindent 4}} - {{- end }} - {{- if .Values.controller.serviceAnnotations }} - annotations: -{{ toYaml .Values.controller.serviceAnnotations | indent 4}}{{- end }} -spec: - ports: - {{- if .Values.controller.metricsConfig.enabled }} - - name: {{ .Values.controller.metricsServicePortName }} - port: {{ .Values.controller.metricsServicePort }} - protocol: TCP - targetPort: {{ .Values.controller.metricsConfig.port }} - {{- end }} - {{- if .Values.controller.telemetryConfig.enabled }} - - name: {{ .Values.controller.telemetryServicePortName }} - port: {{ .Values.controller.telemetryServicePort }} - protocol: TCP - targetPort: {{ .Values.controller.telemetryConfig.port }} - {{- end }} - selector: - app: {{ .Release.Name }}-{{ .Values.controller.name }} - sessionAffinity: None - type: {{ .Values.controller.serviceType }} - {{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.controller.loadBalancerSourceRanges | indent 4 }}{{- end }} -{{- end -}} diff --git a/charts/argo/templates/workflow-controller-servicemonitor.yaml b/charts/argo/templates/workflow-controller-servicemonitor.yaml deleted file mode 100644 index 425fedac..00000000 --- a/charts/argo/templates/workflow-controller-servicemonitor.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if and (or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled) .Values.controller.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }} - labels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- if .Values.controller.serviceMonitor.additionalLabels }} -{{ toYaml .Values.controller.serviceMonitor.additionalLabels | indent 4 }} - {{- end }} -spec: - endpoints: - {{- if .Values.controller.metricsConfig.enabled }} - - port: metrics - path: {{ .Values.controller.metricsConfig.path }} - interval: 30s - {{- end }} - {{- if .Values.controller.telemetryConfig.enabled }} - - port: telemetry - path: {{ .Values.controller.telemetryConfig.path }} - interval: 30s - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.controller.name}} - release: {{ .Release.Name }} -{{- end }} diff --git a/charts/argo/templates/workflow-crd.yaml b/charts/argo/templates/workflow-crd.yaml deleted file mode 100644 index 44a6fa98..00000000 --- a/charts/argo/templates/workflow-crd.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflows.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - additionalPrinterColumns: - - JSONPath: .status.phase - description: Status of the workflow - name: Status - type: string - - JSONPath: .status.startedAt - description: When the workflow was started - format: date-time - name: Age - type: date - group: argoproj.io - names: - kind: Workflow - plural: workflows - shortNames: - - wf - scope: Namespaced - version: v1alpha1 -{{- end }} diff --git a/charts/argo/templates/workflow-rb.yaml b/charts/argo/templates/workflow-rb.yaml deleted file mode 100644 index 17785257..00000000 --- a/charts/argo/templates/workflow-rb.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.workflow.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ .Release.Name }}-workflow -{{- if .Values.workflow.namespace }} - namespace: {{ .Values.workflow.namespace }} -{{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ .Release.Name }}-workflow -subjects: -- kind: ServiceAccount - name: {{ .Values.workflow.serviceAccount.name }} - {{- if .Values.workflow.namespace }} - namespace: {{ .Values.workflow.namespace }} - {{- end }} -{{- end }} diff --git a/charts/argo/templates/workflow-role.yaml b/charts/argo/templates/workflow-role.yaml deleted file mode 100644 index 37365f21..00000000 --- a/charts/argo/templates/workflow-role.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.workflow.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ .Release.Name }}-workflow - {{- if .Values.workflow.namespace }} - namespace: {{ .Values.workflow.namespace }} - {{- end }} -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - watch - - patch -- apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - watch -{{- end }} diff --git a/charts/argo/templates/workflow-sa.yaml b/charts/argo/templates/workflow-sa.yaml deleted file mode 100644 index 45d97cf0..00000000 --- a/charts/argo/templates/workflow-sa.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.workflow.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.workflow.serviceAccount.name }} - {{- if .Values.workflow.namespace }} - namespace: {{ .Values.workflow.namespace }} - {{- end }} - {{- with .Values.workflow.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/argo/templates/workflow-template-crd.yaml b/charts/argo/templates/workflow-template-crd.yaml deleted file mode 100644 index 757fa098..00000000 --- a/charts/argo/templates/workflow-template-crd.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtemplates.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - version: v1alpha1 - scope: Namespaced - names: - kind: WorkflowTemplate - plural: workflowtemplates - shortNames: - - wftmpl -{{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml deleted file mode 100644 index 31a36041..00000000 --- a/charts/argo/values.yaml +++ /dev/null @@ -1,330 +0,0 @@ -images: - namespace: argoproj - controller: workflow-controller - server: argocli - executor: argoexec - pullPolicy: Always - # Secrets with credentials to pull images from a private registry - pullSecrets: [] - # - name: argo-pull-secret - tag: v2.12.5 - -crdVersion: v1alpha1 -installCRD: true - -init: - # By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is - # being deployed to. In RBAC clusters, that will almost certainly fail. See the NOTES: section of the readme for more info. - serviceAccount: "" - -createAggregateRoles: true - -# Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents, -# and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. -singleNamespace: false - -workflow: - namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. - serviceAccount: - create: false # Specifies whether a service account should be created - annotations: {} - name: "argo-workflow" # Service account which is used to run workflows - rbac: - create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows - -controller: - image: - # Overrides .images.tag if defined. - tag: "" - # parallelism dictates how many workflows can be running at the same time - parallelism: - # podAnnotations is an optional map of annotations to be applied to the controller Pods - podAnnotations: {} - # Optional labels to add to the controller pods - podLabels: {} - # SecurityContext to set on the controller pods - podSecurityContext: {} - # podPortName: http - metricsConfig: - enabled: false - path: /metrics - port: 8080 - persistence: {} - # connectionPool: - # maxIdleConns: 100 - # maxOpenConns: 0 - # # save the entire workflow into etcd and DB - # nodeStatusOffLoad: false - # # enable archiving of old workflows - # archive: false - # postgresql: - # host: localhost - # port: 5432 - # database: postgres - # tableName: argo_workflows - # # the database secrets must be in the same namespace of the controller - # userNameSecret: - # name: argo-postgres-config - # key: username - # passwordSecret: - # name: argo-postgres-config - # key: password - workflowDefaults: {} # Only valid for 2.7+ - # spec: - # ttlStrategy: - # secondsAfterCompletion: 84600 - # workflowWorkers: 32 - # podWorkers: 32 - workflowRestrictions: {} # Only valid for 2.9+ - # templateReferencing: Strict|Secure - telemetryConfig: - enabled: false - path: /telemetry - port: 8081 - serviceMonitor: - enabled: false - additionalLabels: {} - serviceAccount: argo - # Service account annotations - serviceAccountAnnotations: {} - name: workflow-controller - workflowNamespaces: - - default - containerRuntimeExecutor: docker - instanceID: - # `instanceID.enabled` configures the controller to filter workflow submissions - # to only those which have a matching instanceID attribute. - enabled: false - # NOTE: If `instanceID.enabled` is set to `true` then either `instanceID.userReleaseName` - # or `instanceID.explicitID` must be defined. - # useReleaseName: true - # explicitID: unique-argo-controller-identifier - logging: - level: info - globallevel: "0" - serviceType: ClusterIP - metricsServicePort: 8080 - metricsServicePortName: metrics - telemetryServicePort: 8081 - telemetryServicePortName: telemetry - # Annotations to be applied to the controller Service - serviceAnnotations: {} - # Optional labels to add to the controller Service - serviceLabels: {} - # Source ranges to allow access to service from. Only applies to - # service type `LoadBalancer` - loadBalancerSourceRanges: [] - resources: {} - # The list of environment variable definitions to be added to the controller - # manages container verbatim. - extraEnv: [] - # Extra arguments to be added to the controller - extraArgs: [] - replicas: 1 - pdb: - enabled: false - # minAvailable: 1 - # maxUnavailable: 1 - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## - nodeSelector: - kubernetes.io/os: linux - tolerations: [] - affinity: {} - # Leverage a PriorityClass to ensure your pods survive resource shortages - # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ - # PriorityClass: system-cluster-critical - priorityClassName: "" - # https://argoproj.github.io/argo-workflows/links/ - links: [] - -# executor controls how the init and wait container should be customized -executor: - image: - # Overrides .images.tag if defined. - tag: "" - resources: {} - # Adds environment variables for the executor. - env: {} - # sets security context for the executor container - securityContext: {} - -server: - enabled: true - # only updates base url of resources on client side, - # it's expected that a proxy server rewrites the request URL and gets rid of this prefix - # https://github.com/argoproj/argo/issues/716#issuecomment-433213190 - baseHref: / - image: - # Overrides .images.tag if defined. - tag: "" - # optional map of annotations to be applied to the ui Pods - podAnnotations: {} - # Optional labels to add to the UI pods - podLabels: {} - # SecurityContext to set on the server pods - podSecurityContext: {} - name: server - serviceType: ClusterIP - servicePort: 2746 - # servicePortName: http - serviceAccount: argo-server - # Whether to create the service account with the name specified in - # server.serviceAccount and bind it to the server role. - createServiceAccount: true - # Service account annotations - serviceAccountAnnotations: {} - # Annotations to be applied to the UI Service - serviceAnnotations: {} - # Optional labels to add to the UI Service - serviceLabels: {} - # Static IP address to assign to loadBalancer - # service type `LoadBalancer` - loadBalancerIP: "" - # Source ranges to allow access to service from. Only applies to - # service type `LoadBalancer` - loadBalancerSourceRanges: [] - resources: {} - replicas: 1 - pdb: - enabled: false - # minAvailable: 1 - # maxUnavailable: 1 - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## - nodeSelector: - kubernetes.io/os: linux - tolerations: [] - affinity: {} - # Leverage a PriorityClass to ensure your pods survive resource shortages - # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ - # PriorityClass: system-cluster-critical - priorityClassName: "" - - # Run the argo server in "secure" mode. Configure this value instead of - # "--secure" in extraArgs. See the following documentation for more details - # on secure mode: - # https://argoproj.github.io/argo-workflows/tls/#encrypted - secure: false - - # Extra arguments to provide to the Argo server binary. - extraArgs: [] - - ## Additional volumes to the server main container. - volumeMounts: [] - volumes: [] - - ## Ingress configuration. - ## ref: https://kubernetes.io/docs/user-guide/ingress/ - ## - ingress: - enabled: false - - ## Annotations to be added to the web ingress. - ## - # annotations: - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - - ## Labels to be added to the web ingress. - ## - # labels: - # use-cloudflare-solver: "true" - - ## Hostnames. - ## Must be provided if Ingress is enabled. - ## - # hosts: - # - argo.domain.com - - ## Additional Paths for each host - # paths: - # - serviceName: "ssl-redirect" - # servicePort: "use-annotation" - - ## TLS configuration. - ## Secrets must be manually created in the namespace. - ## - # tls: - # - secretName: argo-ui-tls - # hosts: - # - argo.domain.com - clusterWorkflowTemplates: - # Give the server permissions to edit ClusterWorkflowTemplates. - enableEditing: true - sso: - ## SSO configuration when SSO is specified as a server auth mode. - ## All the values are required. SSO is activated by adding --auth-mode=sso - ## to the server command line. - # - ## The root URL of the OIDC identity provider. - # issuer: https://accounts.google.com - ## Name of a secret and a key in it to retrieve the app OIDC client ID from. - # clientId: - # name: argo-server-sso - # key: client-id - ## Name of a secret and a key in it to retrieve the app OIDC client secret from. - # clientSecret: - # name: argo-server-sso - # key: client-secret - ## The OIDC redirect URL. Should be in the form /oauth2/callback. - # redirectUrl: https://argo/oauth2/callback - # rbac: - # enabled: true - ## When present, restricts secrets the server can read to a given list. - ## You can use it to restrict the server to only be able to access the - ## service account token secrets that are associated with service accounts - ## used for authorization. - # secretWhitelist: [] - ## Scopes requested from the SSO ID provider. The 'groups' scope requests - ## group membership information, which is usually used for authorization - ## decisions. - # scopes: - # - groups - -# Influences the creation of the ConfigMap for the workflow-controller itself. -useDefaultArtifactRepo: false -useStaticCredentials: true -artifactRepository: - # archiveLogs will archive the main container logs as an artifact - archiveLogs: false - s3: - # Note the `key` attribute is not the actual secret, it's the PATH to - # the contents in the associated secret, as defined by the `name` attribute. - accessKeySecret: - # name: -minio (default) - key: accesskey - secretKeySecret: - # name: -minio - key: secretkey - insecure: true - # bucket: - # endpoint: - # region: - # roleARN: - # useSDKCreds: true - # gcs: - # bucket: -argo - # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/" - # serviceAccountKeySecret is a secret selector. - # It references the k8s secret named 'my-gcs-credentials'. - # This secret is expected to have have the key 'serviceAccountKey', - # containing the base64 encoded credentials - # to the bucket. - # - # If it's running on GKE and Workload Identity is used, - # serviceAccountKeySecret is not needed. - # serviceAccountKeySecret: - # name: my-gcs-credentials - # key: serviceAccountKey - - -# NOTE: These are setting attributes for the `minio` optional dependency -minio: - # If set to true then chart installs minio and generate according artifactRepository section in workflow controller config map - install: false - defaultBucket: - enabled: true - name: argo-artifacts From 083c46cf009e0e62fca5a6b80fe0c1526a6afe9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Czeraszkiewicz?= Date: Fri, 21 May 2021 18:43:24 +0200 Subject: [PATCH 020/122] feat(argo-cd): add support for envFrom (#743) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: add support for envFrom Signed-off-by: Michał Czeraszkiewicz * config: bump chart version Signed-off-by: Michał Czeraszkiewicz * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- .../deployment.yaml | 3 ++ .../argocd-repo-server/deployment.yaml | 3 ++ .../templates/argocd-server/deployment.yaml | 3 ++ charts/argo-cd/templates/dex/deployment.yaml | 3 ++ .../argo-cd/templates/redis/deployment.yaml | 3 ++ charts/argo-cd/values.yaml | 39 +++++++++++++++++++ 7 files changed, 55 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1a9ea518..502cad37 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.4.1 +version: 3.5.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 524f302e..7902be76 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -70,6 +70,9 @@ spec: {{- if .Values.controller.env }} env: {{- toYaml .Values.controller.env | nindent 8 }} + {{- end }} + {{- with .Values.controller.envFrom }} + envFrom: {{- toYaml . | nindent 8 }} {{- end }} ports: - name: controller diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 7350db37..b0458fad 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -67,6 +67,9 @@ spec: value: argocd {{- end }} {{- end }} + {{- with .Values.openshift.envFrom }} + envFrom: {{- toYaml . | nindent 8 }} + {{- end }} volumeMounts: {{- if .Values.repoServer.volumeMounts }} {{- toYaml .Values.repoServer.volumeMounts | nindent 8}} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 2ee5b7e3..44b89c0e 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -67,6 +67,9 @@ spec: {{- if .Values.server.env }} env: {{- toYaml .Values.server.env | nindent 8 }} + {{- end }} + {{- with .Values.server.envFrom }} + envFrom: {{- toYaml . | nindent 8 }} {{- end }} volumeMounts: {{- if .Values.server.volumeMounts }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 45a2e09e..557140ce 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -62,6 +62,9 @@ spec: {{- if .Values.dex.env }} env: {{- toYaml .Values.dex.env | nindent 8 }} + {{- end }} + {{- with .Values.dex.envFrom }} + envFrom: {{- toYaml . | nindent 8 }} {{- end }} ports: - name: http diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index f3dd7f05..a6f0c46a 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -52,6 +52,9 @@ spec: {{- if .Values.redis.env }} env: {{- toYaml .Values.redis.env | nindent 8 }} + {{- end }} + {{- with .Values.redis.envFrom }} + envFrom: {{- toYaml . | nindent 8 }} {{- end }} ports: - containerPort: {{ .Values.redis.containerPort }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 066857e5..d5ca989d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -61,6 +61,14 @@ controller: # - name: "ARGOCD_CONTROLLER_REPLICAS" # value: "" + ## envFrom to pass to argocd-controller + ## + envFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + ## Annotations to be added to controller pods ## podAnnotations: {} @@ -219,6 +227,13 @@ dex: ## env: [] + ## envFrom to pass to the Dex server + envFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + ## Annotations to be added to the Dex server pods ## podAnnotations: {} @@ -301,6 +316,14 @@ redis: ## env: [] + ## envFrom to pass to the Redis server + ## + envFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + ## Annotations to be added to the Redis server pods ## podAnnotations: {} @@ -391,6 +414,14 @@ server: ## env: [] + ## envFrom to pass to argocd-server + ## + envFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + ## Specify postStart and preStop lifecycle hooks for your argo-cd-server container ## lifecycle: {} @@ -762,6 +793,14 @@ repoServer: ## env: [] + ## envFrom to pass to argocd-repo-server + ## + envFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + ## Argo repoServer log format: text|json logFormat: text ## Argo repoServer log level From 4cb8e058ac101f6d2883e16779ad87c8a9f38c1d Mon Sep 17 00:00:00 2001 From: Abhinav Khanna Date: Fri, 21 May 2021 11:50:05 -0500 Subject: [PATCH 021/122] fix(argo-workflows): fixes server sa annotations and ingress (#747) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(argo-workflows): fixed server sa annotations Signed-off-by: abhinav.khanna * fix(argo-workflows): fixed ingress Signed-off-by: abhinav.khanna * chore(argo-workflows): version bump Signed-off-by: abhinav.khanna Co-authored-by: Oliver Bähler --- charts/argo-workflows/Chart.yaml | 2 +- .../templates/server/server-ingress.yaml | 10 +++++----- charts/argo-workflows/templates/server/server-sa.yaml | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index fd576f3c..13b1ea78 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.1.1 +version: 0.1.2 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index fe67c0a3..f0488031 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -19,7 +19,7 @@ metadata: {{- toYaml .Values.server.ingress.labels | nindent 4 }} {{- end }} spec: - {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }} {{- with .Values.server.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} @@ -35,11 +35,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} pathType: Prefix {{- end }} backend: - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: @@ -62,11 +62,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} pathType: Prefix {{- end }} backend: - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} + {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml index 10e03d0e..adcf7b48 100644 --- a/charts/argo-workflows/templates/server/server-sa.yaml +++ b/charts/argo-workflows/templates/server/server-sa.yaml @@ -5,6 +5,6 @@ metadata: name: {{ template "argo-workflows.serverServiceAccountName" . }} {{- with .Values.server.serviceAccount.annotations }} annotations: - {{- toYaml . | indent 4 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- end -}} From 9af9403ed42356430fb3a5fd490d0c31b0657aa6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Fri, 21 May 2021 18:55:23 +0200 Subject: [PATCH 022/122] feat: pr size labeling (#749) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Oliver Bähler --- .github/workflows/pr-sizing.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 .github/workflows/pr-sizing.yml diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml new file mode 100644 index 00000000..d1ba98ee --- /dev/null +++ b/.github/workflows/pr-sizing.yml @@ -0,0 +1,14 @@ +## Reference: https://github.com/pascalgn/size-label-action +--- +name: 'PR Size' +on: + pull_request_target: + types: [opened, synchronize, reopened] +jobs: + size-label: + runs-on: ubuntu-latest + steps: + - name: size-label + uses: "pascalgn/size-label-action@v0.4.2" + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" \ No newline at end of file From eb659b10c3b7df8697db2073ede9efe40c7d9181 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Sun, 23 May 2021 14:25:26 +0200 Subject: [PATCH 023/122] fix(argo-cd): Add option to override kubeVersion (#704) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: Add global kubeCapabilities Signed-off-by: Oliver Bähler * chore: change var global.kubeCapabilities > kubeVersionOverride Signed-off-by: Marco Kilchhofer * docs: add missing variable in README Signed-off-by: Marco Kilchhofer * fix: Bump version in README again Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 17 +++++++++++++++++ charts/argo-cd/templates/_helpers.tpl | 11 +++++++++-- charts/argo-cd/values.yaml | 1 + 4 files changed, 28 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 502cad37..876a3ffa 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.5.0 +version: 3.6.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3c7a8be7..e05717b1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -34,6 +34,21 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 3.2.* + +With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). +[Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an ArgoCD instance**, +especially deploying on clusters running a cluster version prior to `1.19` (which misses `Ingress` on apiVersion `networking.k8s.io/v1`). + +If you are running a cluster version prior to `1.19` you can avoid this issue by directly installing chart version `3.6.0` and setting `kubeVersionOverride` like: + +```yaml +kubeVersionOverride: "1.18.0" +``` + +Then you should no longer encounter this issue. + + ### 3.0.0 and above Helm apiVersion switched to `v2`. Requires Helm `3.0.0` or above to install. [Read More](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/) on how to migrate your release from Helm 2 to Helm 3. @@ -98,7 +113,9 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | +| kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | +| fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | | installCRDs | Install CRDs if you are using Helm2. | `true` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 79723e71..65081951 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -144,15 +144,22 @@ app.kubernetes.io/component: {{ .component }} Return the appropriate apiVersion for ingress */}} {{- define "argo-cd.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}} {{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.GitVersion -}} +{{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" $) -}} {{- print "networking.k8s.io/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1" -}} {{- end -}} {{- end -}} +{{/* +Return the target Kubernetes version +*/}} +{{- define "argo-cd.kubeVersion" -}} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} +{{- end -}} + {{/* Argo Configuration Preset Values (Incluenced by Values configuration) */}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d5ca989d..938f258d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -3,6 +3,7 @@ ## nameOverride: argocd fullnameOverride: "" +kubeVersionOverride: "" # Optional CRD installation for those without Helm hooks installCRDs: true From 10bf57b893a86cd9efbcfd45f283ec0317fef78b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Czeraszkiewicz?= Date: Mon, 24 May 2021 21:20:33 +0200 Subject: [PATCH 024/122] fix(argo-cd): envFrom in repoServer (#751) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: envFrom for repoServer Signed-off-by: Michał Czeraszkiewicz * config: bump chart version Signed-off-by: Michał Czeraszkiewicz * docs: add envFrom documentation Signed-off-by: Michał Czeraszkiewicz * docs: improve documentation for envFrom Signed-off-by: Michał Czeraszkiewicz * Apply suggestions from code review Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 5 +++++ charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 876a3ffa..bbe33978 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.0 +version: 3.6.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e05717b1..1c5f8c17 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -147,6 +147,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | controller.extraArgs | Additional arguments for the controller. A list of flags | `[]` | | controller.enableStatefulSet | Enable deploying the controller as a StatefulSet instead of a Deployment. Used for HA installations. | `false` | | controller.env | Environment variables for the controller. | `[]` | +| controller.envFrom | `envFrom` to pass to the controller. | `[]` (See [values.yaml](values.yaml)) | | controller.image.repository | Repository to use for the controller | `global.image.repository` | | controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` | | controller.image.tag | Tag to use for the controller | `global.image.tag` | @@ -198,6 +199,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | repoServer.containerPort | Repo server port | `8081` | | repoServer.extraArgs | Additional arguments for the repo server. A list of flags. | `[]` | | repoServer.env | Environment variables for the repo server. | `[]` | +| repoServer.envFrom | `envFrom` to pass to the repo server. | `[]` (See [values.yaml](values.yaml)) | | repoServer.image.repository | Repository to use for the repo server | `global.image.repository` | | repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` | | repoServer.image.tag | Tag to use for the repo server | `global.image.tag` | @@ -258,6 +260,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | | server.env | Environment variables for the server. | `[]` | +| server.envFrom | `envFrom` to pass to the server. | `[]` (See [values.yaml](values.yaml)) | | server.image.repository | Repository to use for the server | `global.image.repository` | | server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` | | server.image.tag | Tag to use for the server | `global.image.tag` | @@ -343,6 +346,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | dex.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | | dex.name | Dex name | `"dex-server"` | | dex.env | Environment variables for the Dex server. | `[]` | +| dex.envFrom | `envFrom` to pass to the Dex server. | `[]` (See [values.yaml](values.yaml)) | | dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | dex.podAnnotations | Annotations for the Dex server pods | `{}` | | dex.podLabels | Labels for the Dex server pods | `{}` | @@ -376,6 +380,7 @@ through `xxx.extraArgs` | redis.extraArgs | Additional arguments for the `redis-server`. A list of flags. | `[]` | | redis.name | Redis name | `"redis"` | | redis.env | Environment variables for the Redis server. | `[]` | +| redis.envFrom | `envFrom` to pass to the Redis server. | `[]` (See [values.yaml](values.yaml)) | | redis.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | redis.podAnnotations | Annotations for the Redis server pods | `{}` | | redis.podLabels | Labels for the Redis server pods | `{}` | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index b0458fad..bd924d4b 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -67,7 +67,7 @@ spec: value: argocd {{- end }} {{- end }} - {{- with .Values.openshift.envFrom }} + {{- with .Values.repoServer.envFrom }} envFrom: {{- toYaml . | nindent 8 }} {{- end }} volumeMounts: From 162e10b6d5a10b296d84dc95290cb8abf6865da3 Mon Sep 17 00:00:00 2001 From: cskh Date: Mon, 24 May 2021 17:33:58 -0400 Subject: [PATCH 025/122] feat(argo-rollouts): add labels to crd to identify the rollout crds (#738) - update chart version to 0.5.4 Signed-off-by: Hui Kang --- charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-rollouts/README.md | 2 +- charts/argo-rollouts/templates/crds/analysis-run-crd.yaml | 3 +++ charts/argo-rollouts/templates/crds/analysis-template-crd.yaml | 3 +++ .../templates/crds/cluster-analysis-template-crd.yaml | 3 +++ charts/argo-rollouts/templates/crds/experiment-crd.yaml | 3 +++ charts/argo-rollouts/templates/crds/rollout-crd.yaml | 3 +++ 7 files changed, 17 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 63a1fd07..8005b1e9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.10.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.5.3 +version: 0.5.4 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 6d2bef84..91d7b9ad 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -2,7 +2,7 @@ Argo Rollouts Chart ============= A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. -Current chart version is `0.5.0` +Current chart version is `0.5.4` Source code can be found [here](https://github.com/argoproj/argo-rollouts) diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index b70b6f0b..bd717905 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -7,6 +7,9 @@ metadata: {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} + labels: + app.kubernetes.io/name: argo-rollouts + app.kubernetes.io/part-of: argo-rollouts name: analysisruns.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 4712ae2d..b1484066 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -7,6 +7,9 @@ metadata: {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} + labels: + app.kubernetes.io/name: argo-rollouts + app.kubernetes.io/part-of: argo-rollouts name: analysistemplates.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 72832f03..0dbc04aa 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -7,6 +7,9 @@ metadata: {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} + labels: + app.kubernetes.io/name: argo-rollouts + app.kubernetes.io/part-of: argo-rollouts name: clusteranalysistemplates.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 1fa5b261..b78f5cb4 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -7,6 +7,9 @@ metadata: {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} + labels: + app.kubernetes.io/name: argo-rollouts + app.kubernetes.io/part-of: argo-rollouts name: experiments.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 888ca599..772a1a59 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -7,6 +7,9 @@ metadata: {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} + labels: + app.kubernetes.io/name: argo-rollouts + app.kubernetes.io/part-of: argo-rollouts name: rollouts.argoproj.io spec: group: argoproj.io From 7a06415d83bd4c81b8477be6d1407f587a9c9b9b Mon Sep 17 00:00:00 2001 From: g-linville <53102776+g-linville@users.noreply.github.com> Date: Tue, 25 May 2021 02:06:31 -0400 Subject: [PATCH 026/122] feat(argo-workflows): add value to avoid creating RBAC related to ClusterWorkflowTemplates (#657) * Argo Workflows: avoid creating ClusterRoles and CRBs if singleNamespace is true Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com> * Argo Workflows: bumped chart version Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com> * Argo: remove clusterworkflowtemplates from WorkflowController role Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com> * feat(argo-workflows): add value to disable creation of RBAC relating to ClusterWorkflowTemplates Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com> * Bumped chart version Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 2 +- .../controller/workflow-controller-cluster-roles.yaml | 5 +++-- .../templates/controller/workflow-controller-crb.yaml | 3 +++ .../templates/server/server-cluster-roles.yaml | 3 +++ charts/argo-workflows/templates/server/server-crb.yaml | 3 +++ charts/argo-workflows/values.yaml | 5 +++++ 6 files changed, 18 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 13b1ea78..2bdcf2aa 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.1.2 +version: 0.1.3 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index de5e88a3..756e1f0f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -55,8 +55,6 @@ rules: resources: - workflowtemplates - workflowtemplates/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers verbs: - get - list @@ -131,6 +129,8 @@ rules: - update - patch - delete + +{{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -146,3 +146,4 @@ rules: - get - list - watch +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index 6879d282..1235e325 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -31,6 +31,8 @@ subjects: {{- end }} {{- end }} {{- end }} + +{{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -46,3 +48,4 @@ subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 5901bbd1..6403bf96 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -111,6 +111,8 @@ rules: - update - patch - delete + +{{- if .Values.server.clusterWorkflowTemplates.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -134,3 +136,4 @@ rules: - delete {{- end }} {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index fd9450d5..16d55902 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -21,6 +21,8 @@ subjects: - kind: ServiceAccount name: {{ template "argo-workflows.serverServiceAccountName" . }} namespace: {{ .Release.Namespace }} + +{{- if .Values.server.clusterWorkflowTemplates.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -37,3 +39,4 @@ subjects: name: {{ template "argo-workflows.serverServiceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end -}} +{{- end -}} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 375c5eb1..d2899516 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -143,6 +143,9 @@ controller: priorityClassName: "" # https://argoproj.github.io/argo-workflows/links/ links: [] + clusterWorkflowTemplates: + # Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. + enabled: true # executor controls how the init and wait container should be customized executor: @@ -262,6 +265,8 @@ server: https: false clusterWorkflowTemplates: + # Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. + enabled: true # Give the server permissions to edit ClusterWorkflowTemplates. enableEditing: true sso: From cae5f1d8112a8df5bb467b0a6063c9fa977292cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fl=C3=A1vio=20Lemos?= Date: Wed, 26 May 2021 10:44:21 +0100 Subject: [PATCH 027/122] fix(argo-rollouts): Removed duplicated resources declaration (#757) Signed-off-by: flavio.lemos --- charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-rollouts/templates/argo-rollouts-deployment.yaml | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 8005b1e9..d7fd46ac 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.10.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.5.4 +version: 0.5.5 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index 1c4342bf..87c84929 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -37,8 +37,6 @@ spec: {{- end }} imagePullPolicy: {{ .Values.controller.image.pullPolicy }} name: {{ .Values.controller.name }} - resources: -{{- toYaml .Values.controller.resources | nindent 10 }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} resources: From 44c15c834e885f5db23b655f18df8aae9f54010f Mon Sep 17 00:00:00 2001 From: Tadayuki Onishi Date: Wed, 26 May 2021 19:00:10 +0900 Subject: [PATCH 028/122] fix(argo-workflows): fix server.podAnnotations template (#758) Signed-off-by: kenchan0130 --- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/templates/server/server-deployment.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 2bdcf2aa..a9bf7b20 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.1.3 +version: 0.1.4 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 9d1696dd..3a97a7fb 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -21,7 +21,7 @@ spec: {{- end }} {{- with .Values.server.podAnnotations }} annotations: - {{- toYaml .Values.server.podAnnotations | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} spec: serviceAccountName: {{ template "argo-workflows.serverServiceAccountName" . }} From f6069848f53cddb33f5be6e04b1eaebe824a3a5f Mon Sep 17 00:00:00 2001 From: Atze de Vries Date: Wed, 26 May 2021 12:35:19 +0200 Subject: [PATCH 029/122] fix(argo-cd): Fix duplicate secret name (#755) Signed-off-by: Atze de Vries --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/certificate.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bbe33978..3dfdf5ed 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.1 +version: 3.6.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 7212922c..edaea3b5 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -23,5 +23,5 @@ spec: issuerRef: kind: {{ .Values.server.certificate.issuer.kind | quote }} name: {{ .Values.server.certificate.issuer.name | quote }} - secretName: argocd-secret + secretName: argocd-tls-certificate {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 938f258d..bdcfe854 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -561,7 +561,7 @@ server: # servicePort: use-annotation tls: [] - # - secretName: argocd-example-tls + # - secretName: argocd-tls-certificate # hosts: # - argocd.example.com https: false @@ -590,7 +590,7 @@ server: # servicePort: use-annotation tls: [] - # - secretName: argocd-example-tls + # - secretName: argocd-tls-certificate # hosts: # - argocd.example.com https: false From 6acfdc62ef05211a3dec32d24ebbafe21079ac3a Mon Sep 17 00:00:00 2001 From: "Chris St. Pierre" Date: Wed, 26 May 2021 16:13:14 -0500 Subject: [PATCH 030/122] feat(argo-events): add support for resource requests/limits (#761) * feat(argo-events): add support for resource requests/limits Signed-off-by: Chris St. Pierre * Fix `resources` scope Signed-off-by: Chris St. Pierre * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 2 +- .../argo-events/templates/eventbus-controller-deployment.yaml | 1 + .../templates/eventsource-controller-deployment.yaml | 1 + charts/argo-events/templates/sensor-controller-deployment.yaml | 1 + charts/argo-events/values.yaml | 3 +++ 5 files changed, 7 insertions(+), 1 deletion(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index b0770954..c8463ad9 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.4.2 +version: 1.4.3 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index e3631828..45d54c88 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -55,6 +55,7 @@ spec: port: 8081 initialDelaySeconds: 3 periodSeconds: 3 + resources: {{- toYaml .Values.eventbusController.resources | nindent 12 }} {{- with .Values.eventbusController.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index a6522da6..18fdcb87 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -53,6 +53,7 @@ spec: port: 8081 initialDelaySeconds: 3 periodSeconds: 3 + resources: {{- toYaml .Values.eventsourceController.resources | nindent 12 }} {{- with .Values.eventsourceController.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index e6a1c104..8eb73185 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -53,6 +53,7 @@ spec: port: 8081 initialDelaySeconds: 3 periodSeconds: 3 + resources: {{- toYaml .Values.sensorController.resources | nindent 12 }} {{- with .Values.sensorController.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index a54ec010..518cec4c 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -54,6 +54,7 @@ sensorController: priorityClassName: "" tolerations: [] affinity: {} + resources: {} eventsourceController: name: eventsource-controller @@ -67,6 +68,7 @@ eventsourceController: priorityClassName: "" tolerations: [] affinity: {} + resources: {} eventbusController: name: eventbus-controller @@ -79,6 +81,7 @@ eventbusController: priorityClassName: "" tolerations: [] affinity: {} + resources: {} natsStreamingImage: nats-streaming:0.17.0 natsMetricsExporterImage: synadia/prometheus-nats-exporter:0.6.2 From be7c6c572121880f9f7a5561d6a552a331737b3a Mon Sep 17 00:00:00 2001 From: kostas-theo <43744618+kostas-theo@users.noreply.github.com> Date: Wed, 26 May 2021 23:27:12 +0200 Subject: [PATCH 031/122] feat(argo-events): Add annotations to argo-events-sa. (#708) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: sa annotations Signed-off-by: kostas-theo * fix: review recommendations Signed-off-by: kostas-theo * fix: Apply review changes Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 2 +- charts/argo-events/templates/argo-events-sa.yaml | 7 +++++++ charts/argo-events/values.yaml | 3 +++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index c8463ad9..8a5a85b5 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.4.3 +version: 1.5.0 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/argo-events-sa.yaml b/charts/argo-events/templates/argo-events-sa.yaml index f13b8a1d..fec88b4d 100644 --- a/charts/argo-events/templates/argo-events-sa.yaml +++ b/charts/argo-events/templates/argo-events-sa.yaml @@ -5,7 +5,11 @@ kind: ServiceAccount metadata: name: {{ .Values.serviceAccount }} namespace: {{ .Release.Namespace }} + {{- with .Values.serviceAccountAnnotations }} + annotations: {{- toYaml . | nindent 4 }} + {{- end }} {{- if .Values.additionalSaNamespaces }} +{{ $annotations := .Values.serviceAccountAnnotations }} {{ $sa := .Values.serviceAccount }} {{- range $namespace := .Values.additionalSaNamespaces }} --- @@ -14,5 +18,8 @@ kind: ServiceAccount metadata: name: {{ $sa }} namespace: {{ $namespace }} + {{- with $annotations }} + annotations: {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 518cec4c..df7d4a1a 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -14,6 +14,9 @@ installCRD: true # ServiceAccount to use for running controller. serviceAccount: argo-events-sa +# serviceAccountAnnotations can be used to enable GKE workload identity, or other use-cases +serviceAccountAnnotations: {} + # Create service accounts in additional namespaces specified # The SA will always be created in the release namespaces additionalSaNamespaces: [] From e2975df4c0d27d738ea543a97aec480b026ef86e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9sar=20Yuji=20Okuti?= Date: Wed, 26 May 2021 18:41:33 -0300 Subject: [PATCH 032/122] feat(argocd-notifications): add service account annotations (#673) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * add service account to argocd notifications Signed-off-by: Cesar Okuti * change chart.yaml Signed-off-by: Cesar Okuti * remove dots and quotes from toYaml serviceaccount Signed-off-by: Cesar Okuti * chore: Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler * fix: bump chart version Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler Co-authored-by: Marco Kilchhofer --- charts/argocd-notifications/Chart.yaml | 2 +- .../templates/bots/slack/serviceaccount.yaml | 4 ++++ charts/argocd-notifications/templates/serviceaccount.yaml | 4 ++++ charts/argocd-notifications/values.yaml | 4 ++++ 4 files changed, 13 insertions(+), 1 deletion(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 714b0474..9be1b26b 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.3.1 +version: 1.3.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml b/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml index badee60f..f888811c 100644 --- a/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml +++ b/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml @@ -5,4 +5,8 @@ metadata: name: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} labels: {{- include "argocd-notifications.bots.slack.labels" . | nindent 4 }} + {{- with .Values.bots.slack.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{ end }} {{ end }} diff --git a/charts/argocd-notifications/templates/serviceaccount.yaml b/charts/argocd-notifications/templates/serviceaccount.yaml index 591d13bd..418b6800 100644 --- a/charts/argocd-notifications/templates/serviceaccount.yaml +++ b/charts/argocd-notifications/templates/serviceaccount.yaml @@ -5,4 +5,8 @@ metadata: name: {{ include "argocd-notifications.serviceAccountName" . }} labels: {{- include "argocd-notifications.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index bfe746c3..f258401f 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -93,6 +93,8 @@ serviceAccount: # If not set and create is true, a name is generated using the fullname template name: argocd-notifications-controller + annotations: {} + cm: # Whether helm chart creates controller config map create: true @@ -371,6 +373,8 @@ bots: # If not set and create is true, a name is generated using the fullname template name: argocd-notifications-bot + annotations: {} + resources: {} # limits: # cpu: 100m From 5183243ce261c1facae31448997d754bd600cb97 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 27 May 2021 18:33:22 +0200 Subject: [PATCH 033/122] fix(argo-workflows): use template for all resource names (#759) --- CODEOWNERS | 2 +- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/templates/NOTES.txt | 2 +- charts/argo-workflows/templates/_helpers.tpl | 4 ++-- .../controller/workflow-aggregate-roles.yaml | 15 +++------------ .../workflow-controller-cluster-roles.yaml | 2 +- charts/argo-workflows/values.yaml | 4 ++-- 7 files changed, 11 insertions(+), 20 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 0cf6f6db..dbba7a58 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -4,7 +4,7 @@ /charts/ @mkilchhofer # Argo Workflows -/charts/argo @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler +/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler # Argo CD /charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a9bf7b20..094fc999 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.1.4 +version: 0.1.5 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/NOTES.txt b/charts/argo-workflows/templates/NOTES.txt index b6ac65d4..b4933a7d 100644 --- a/charts/argo-workflows/templates/NOTES.txt +++ b/charts/argo-workflows/templates/NOTES.txt @@ -1,6 +1,6 @@ 1. Get Argo Server external IP/domain by running: -kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-{{ .Values.server.name }} +kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ template "argo-workflows.server.fullname" . }} 2. Submit the hello-world workflow by running: diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index f5c8a4c3..00173131 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -65,7 +65,7 @@ Create the name of the server service account to use */}} {{- define "argo-workflows.serverServiceAccountName" -}} {{- if .Values.server.serviceAccount.create -}} - {{ default (include "argo-workflows.fullname" .) .Values.server.serviceAccount.name }} + {{ default (include "argo-workflows.server.fullname" .) .Values.server.serviceAccount.name }} {{- else -}} {{ default "default" .Values.server.serviceAccount.name }} {{- end -}} @@ -76,7 +76,7 @@ Create the name of the controller service account to use */}} {{- define "argo-workflows.controllerServiceAccountName" -}} {{- if .Values.controller.serviceAccount.create -}} - {{ default (include "argo-workflows.fullname" .) .Values.controller.serviceAccount.name }} + {{ default (include "argo-workflows.controller.fullname" .) .Values.controller.serviceAccount.name }} {{- else -}} {{ default "default" .Values.controller.serviceAccount.name }} {{- end -}} diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml index 2143f208..ba1c202d 100644 --- a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -2,10 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: before-hook-creation - name: argo-workflows-aggregate-to-view + name: {{ template "argo-workflows.fullname" . }}-view labels: rbac.authorization.k8s.io/aggregate-to-view: "true" rules: @@ -30,10 +27,7 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: before-hook-creation - name: argo-workflows-aggregate-to-edit + name: {{ template "argo-workflows.fullname" . }}-edit labels: rbac.authorization.k8s.io/aggregate-to-edit: "true" rules: @@ -63,10 +57,7 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: before-hook-creation - name: argo-workflows-aggregate-to-admin + name: {{ template "argo-workflows.fullname" . }}-admin labels: rbac.authorization.k8s.io/aggregate-to-admin: "true" rules: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 756e1f0f..34340d14 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -135,7 +135,7 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template + name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template rules: - apiGroups: - argoproj.io diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index d2899516..684fe6cb 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -93,7 +93,7 @@ controller: additionalLabels: {} serviceAccount: create: true - name: argo + name: "" # Annotations applied to created service account annotations: {} name: workflow-controller @@ -190,7 +190,7 @@ server: # servicePortName: http serviceAccount: create: true - name: argo-server + name: "" annotations: {} # Annotations to be applied to the UI Service serviceAnnotations: {} From 8c6a1bf81a0bde385d22250e19c4b31a1f5287f3 Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Sat, 29 May 2021 09:41:27 +0100 Subject: [PATCH 034/122] feat(argo-cd): Bump default version to v2.0.3 (#766) Signed-off-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3dfdf5ed..e8f58a65 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.1 +appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.2 +version: 3.6.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index bdcfe854..97b14fd0 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -11,7 +11,7 @@ installCRDs: true global: image: repository: quay.io/argoproj/argocd - tag: v2.0.1 + tag: v2.0.3 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 From c7f1bfbda35f89be91d72f2ac9d38404612976ee Mon Sep 17 00:00:00 2001 From: Peter Benjamin Date: Sat, 29 May 2021 03:30:06 -0700 Subject: [PATCH 035/122] feat(argo-events): support namespaced deployments (#705) * feat(argo-events): support namespaced deployments Signed-off-by: Peter Benjamin * chore: bump chart major version Signed-off-by: Peter Benjamin * fix: bump minor chart version Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 2 +- .../argo-events/templates/eventbus-controller-deployment.yaml | 1 + .../templates/eventsource-controller-deployment.yaml | 1 + charts/argo-events/templates/sensor-controller-deployment.yaml | 1 + 4 files changed, 4 insertions(+), 1 deletion(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 8a5a85b5..4731f882 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.5.0 +version: 1.6.0 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index 45d54c88..591d8da3 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-{{ .Values.eventbusController.name }} + namespace: {{ .Release.Namespace }} labels: app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 18fdcb87..62fe150e 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} + namespace: {{ .Release.Namespace }} labels: app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 8eb73185..0b51d1de 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-{{ .Values.sensorController.name }} + namespace: {{ .Release.Namespace }} labels: app: {{ .Release.Name }}-{{ .Values.sensorController.name }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} From 87855a4caa34e6a9c0e3286bee6c652c24ec7a2e Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sat, 29 May 2021 16:37:17 +0200 Subject: [PATCH 036/122] fix(argo-cd): Update dex to v2.27.0 (#772) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e8f58a65..d2334076 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.3 +version: 3.6.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 97b14fd0..1b6b1505 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -216,8 +216,8 @@ dex: interval: 30s image: - repository: quay.io/dexidp/dex - tag: v2.26.0 + repository: ghcr.io/dexidp/dex + tag: v2.27.0 imagePullPolicy: IfNotPresent initImage: repository: From 8deaa0a119b65b5cd4320ceb74387d3642f7f572 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:06:26 +0200 Subject: [PATCH 037/122] feat(argo-rollouts): Update manifests for v1.0.1 (#752) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-rollouts): Update manifests for v1.0.1 Signed-off-by: Marco Kilchhofer * fix: add template function for labels Signed-off-by: Marco Kilchhofer * fix: Apply changes from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-rollouts/Chart.yaml | 6 +- charts/argo-rollouts/README.md | 65 ++++++++++++------- charts/argo-rollouts/templates/_helpers.tpl | 32 +++++++++ .../argo-rollouts-aggregate-roles.yaml | 21 +++--- .../templates/argo-rollouts-clusterrole.yaml | 27 +++++++- .../argo-rollouts-clusterrolebinding.yaml | 9 ++- .../templates/argo-rollouts-deployment.yaml | 38 ++++++----- .../argo-rollouts-metrics-service.yaml | 13 ++-- .../templates/argo-rollouts-role.yaml | 7 +- .../templates/argo-rollouts-rolebinding.yaml | 11 ++-- .../templates/argo-rollouts-sa.yaml | 11 +++- .../argo-rollouts-service-monitor.yaml | 16 ++--- .../templates/crds/analysis-run-crd.yaml | 9 ++- .../templates/crds/analysis-template-crd.yaml | 9 ++- .../crds/cluster-analysis-template-crd.yaml | 9 ++- .../templates/crds/experiment-crd.yaml | 4 +- .../templates/crds/rollout-crd.yaml | 41 ++++++++++-- charts/argo-rollouts/values.yaml | 27 +++++++- 18 files changed, 248 insertions(+), 107 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index d7fd46ac..65f30638 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ -apiVersion: v1 -appVersion: "0.10.2" +apiVersion: v2 +appVersion: "v1.0.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.5.5 +version: 1.0.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 91d7b9ad..47da9c14 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -1,12 +1,11 @@ -Argo Rollouts Chart -============= -A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. +# Argo Rollouts Chart -Current chart version is `0.5.4` +A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. Source code can be found [here](https://github.com/argoproj/argo-rollouts) ## Additional Information + This is a **community maintained** chart. This chart installs [argo-rollouts](https://argoproj.github.io/argo-rollouts/), progressive delivery for Kubernetes. The default installation is intended to be similar to the provided Argo Rollouts [releases](https://github.com/argoproj/argo-rollouts/releases). @@ -14,6 +13,7 @@ The default installation is intended to be similar to the provided Argo Rollouts ## Prerequisites - Kubernetes 1.7+ +- Helm v3.0.0+ ## Installing the Chart @@ -22,27 +22,48 @@ To install the chart with the release name `my-release`: ```console $ helm repo add argo https://argoproj.github.io/argo-helm -$ helm install --name my-release argo/argo-rollouts +$ helm install my-release argo/argo-rollouts ``` ## Chart Values | Key | Type | Default | Description | |-----|------|---------|-------------| -| clusterInstall | bool | `true` | | -| controller.component | string | `"rollouts-controller"` | | -| controller.image.pullPolicy | string | `"IfNotPresent"` | | -| controller.image.repository | string | `"argoproj/argo-rollouts"` | | -| controller.image.tag | string | `"v0.10.2"` | | -| controller.name | string | `"argo-rollouts"` | | -| controller.resources | Resource limits and requests for the controller pods. | `{}` | -| controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | -| controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | -| controller.metrics.serviceMonitor.enabled | bool | `false` | | -| imagePullSecrets | list | `[]` | | -| installCRDs | bool | `true` | | -| crdAnnotations | object | `{}` | | -| podAnnotations | object | `{}` | | -| podLabels | object | `{}` | | -| serviceAccount.name | string | `"argo-rollouts"` | | +| clusterInstall | bool | `true` | `false` runs controller in namespaced mode (does not require cluster RBAC) | +| controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | +| controller.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| controller.image.registry | string | `quay.io` | Registry to use | +| controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | +| controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | +| controller.resources | object | `{}` | Resource limits and requests for the controller pods. | +| controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | +| controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | +| controller.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | +| controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | +| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | +| imagePullSecrets | list | `[]` | Registry secret names as an array | +| installCRDs | bool | `true` | Install and upgrade CRDs | +| crdAnnotations | object | `{}` | Annotations to be added to all CRDs | +| podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | +| podLabels | object | `{}` | Labels to be added to the Rollout pods | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | +| containerSecurityContext | object | `{}` | Security Context to set on container level | + +## Upgrading + +### To 1.0.0 + +* This is a breaking change which only supports Helm v3.0.0+ now. If you still use Helm v2, please consider upgrading because v2 is EOL since November 2020. + To migrate to Helm v3 please have a look at the [Helm 2to3 Plugin](https://github.com/helm/helm-2to3). This tool will convert the existing ConfigMap used for Tiller to a Secret of type `helm.sh/release.v1`. +* `quay.io` is the default registry now +* We introduce a template function for the labels here to reduce code duplication. This also affects the Deployment `matchLabels` selector. + To upgrade an existing installation, please **add the `--force` parameter** to the `helm upgrade` command or **delete the Deployment resource** before you upgrade. This is necessary because Deployment's label selector is immutable. +* All resources are now prefixed with the template `"argo-rollouts.fullname"`. + This enables the users to override resource names via the `nameOverride` and `fullnameOverride` parameters. +* Breaking parameters update + * `securityContext` was renamed to `containerSecurityContext` + * Added `controller.image.registry`. Prior to this chart version you had to override the registry via `controller.image.repository` diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 48744885..2e5153b5 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -30,3 +30,35 @@ Create chart name and version as used by the chart label. {{- define "argo-rollouts.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} + +{{/* +Common labels +*/}} +{{- define "argo-rollouts.labels" -}} +helm.sh/chart: {{ include "argo-rollouts.chart" . }} +{{ include "argo-rollouts.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/part-of: argo-rollouts +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "argo-rollouts.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argo-rollouts.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "argo-rollouts.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "argo-rollouts.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml b/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml index 715aa001..ab3ac6dd 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml @@ -2,12 +2,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-aggregate-to-view + name: {{ include "argo-rollouts.fullname" . }}-aggregate-to-view labels: rbac.authorization.k8s.io/aggregate-to-view: "true" - app.kubernetes.io/component: aggregate-cluster-role - app.kubernetes.io/name: {{ .Release.Name }}-aggregate-to-view - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io @@ -27,12 +26,11 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-aggregate-to-edit + name: {{ include "argo-rollouts.fullname" . }}-aggregate-to-edit labels: rbac.authorization.k8s.io/aggregate-to-edit: "true" - app.kubernetes.io/component: aggregate-cluster-role - app.kubernetes.io/name: {{ .Release.Name }}-aggregate-to-edit - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io @@ -58,12 +56,11 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-aggregate-to-admin + name: {{ include "argo-rollouts.fullname" . }}-aggregate-to-admin labels: rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/component: aggregate-cluster-role - app.kubernetes.io/name: {{ .Release.Name }}-aggregate-to-admin - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index c3fb9f0c..5872d59d 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -2,11 +2,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-clusterrole + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }}-clusterrole - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io @@ -57,6 +56,16 @@ rules: - update - patch - delete +- apiGroups: + - "" + - apps + resources: + - deployments + - podtemplates + verbs: + - get + - list + - watch # services patch needed to update selector of canary/stable/active/preview services - apiGroups: - "" @@ -135,6 +144,7 @@ rules: - watch - get - update + - patch - list # trafficsplit access needed for using the SMI provider - apiGroups: @@ -147,4 +157,15 @@ rules: - get - update - patch +- apiGroups: + - getambassador.io + resources: + - mappings + verbs: + - create + - watch + - get + - update + - list + - delete {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml index 1d446845..b48ce5b5 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml @@ -2,17 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ .Release.Name }}-clusterrolebinding + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }}-clusterrolebinding - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ .Release.Name }}-clusterrole + name: {{ include "argo-rollouts.fullname" . }} subjects: - kind: ServiceAccount - name: {{ .Values.serviceAccount.name }} + name: {{ include "argo-rollouts.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index 87c84929..fb632312 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -1,50 +1,54 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ .Release.Name }} + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} - {{- if .Values.podLabels }} -{{- toYaml .Values.podLabels | nindent 4 }} - {{- end }} + {{- include "argo-rollouts.labels" . | nindent 4 }} spec: selector: matchLabels: - app.kubernetes.io/name: {{ .Release.Name }} + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + strategy: + type: Recreate template: metadata: - {{- if .Values.podAnnotations }} + {{- with .Values.podAnnotations }} annotations: - {{- range $key, $value := .Values.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: - app.kubernetes.io/name: {{ .Release.Name }} + {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} + {{- range $key, $value := .Values.podLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ .Values.serviceAccount.name }} + serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . }} containers: - - image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" + - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default .Chart.AppVersion .Values.controller.image.tag }}" {{- if not .Values.clusterInstall }} args: - --namespaced {{- end }} imagePullPolicy: {{ .Values.controller.image.pullPolicy }} - name: {{ .Values.controller.name }} + name: argo-rollouts + ports: + - containerPort: 8090 + name: metrics securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} + {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} {{- if .Values.controller.nodeSelector }} nodeSelector: {{- toYaml .Values.controller.nodeSelector | nindent 8 }} {{- end }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} {{- if .Values.controller.tolerations }} tolerations: {{- toYaml .Values.controller.tolerations | nindent 8 }} @@ -53,5 +57,3 @@ spec: affinity: {{- toYaml .Values.controller.affinity | nindent 8 }} {{- end }} - strategy: - type: Recreate diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index 4301b7c8..df6d1291 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -1,14 +1,14 @@ +{{- if .Values.controller.metrics.serviceMonitor.enabled }} apiVersion: v1 kind: Service metadata: - name: {{ .Release.Name }}-metrics + name: {{ include "argo-rollouts.fullname" . }}-metrics labels: app.kubernetes.io/component: server - app.kubernetes.io/name: {{ .Release.Name }}-metrics - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.serviceAnnotations }} annotations: - {{- range $key, $value := .Values.serviceAnnotations }} - {{ $key }}: {{ $value | quote }} + {{- toYaml . | nindent 4 }} {{- end }} spec: ports: @@ -17,4 +17,5 @@ spec: port: 8090 targetPort: 8090 selector: - app.kubernetes.io/name: {{ .Release.Name }} + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-role.yaml b/charts/argo-rollouts/templates/argo-rollouts-role.yaml index 4c80d507..a981d95d 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml @@ -1,11 +1,11 @@ +{{- if not .Values.clusterInstall }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ .Release.Name }}-role + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }}-role - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} rules: - apiGroups: - argoproj.io @@ -145,3 +145,4 @@ rules: - get - update - patch +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml b/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml index ddc0e27d..128df3ab 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml @@ -1,15 +1,16 @@ +{{- if not .Values.clusterInstall }} apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ .Release.Name }}-role-binding + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }}-role-binding - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ .Release.Name }}-role + name: {{ include "argo-rollouts.fullname" . }} subjects: - kind: ServiceAccount - name: {{ .Values.serviceAccount.name }} + name: {{ include "argo-rollouts.serviceAccountName" . }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-sa.yaml b/charts/argo-rollouts/templates/argo-rollouts-sa.yaml index dca70793..327eb6a5 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-sa.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-sa.yaml @@ -1,8 +1,13 @@ +{{- if .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.serviceAccount.name }} + name: {{ include "argo-rollouts.serviceAccountName" . }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml index ea67f356..bf6fae81 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml @@ -2,17 +2,16 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: - name: {{ .Release.Name }} + name: {{ include "argo-rollouts.fullname" . }} labels: app.kubernetes.io/component: server - app.kubernetes.io/name: {{ .Release.Name }}-metrics - app.kubernetes.io/part-of: {{ .Release.Name }} - {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} -{{ toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- range $key, $value := .Values.controller.metrics.serviceMonitor.additionalLabels }} + {{ $key }}: {{ $value | quote }} {{- end }} - {{- if .Values.controller.metrics.serviceMonitor.additionalAnnotations }} + {{- with .Values.controller.metrics.serviceMonitor.additionalAnnotations }} annotations: -{{ toYaml .Values.controller.metrics.serviceMonitor.additionalAnnotations | indent 4 }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: @@ -23,6 +22,5 @@ spec: selector: matchLabels: app.kubernetes.io/component: server - app.kubernetes.io/name: {{ .Release.Name }}-metrics - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index bd717905..08786ca0 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts @@ -2308,6 +2308,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2327,6 +2328,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2348,8 +2350,10 @@ spec: threshold: properties: marginal: + format: int64 type: integer pass: + format: int64 type: integer required: - marginal @@ -2407,6 +2411,7 @@ spec: jsonPath: type: string timeoutSeconds: + format: int64 type: integer url: type: string diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index b1484066..12fc5340 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts @@ -2303,6 +2303,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2322,6 +2323,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2343,8 +2345,10 @@ spec: threshold: properties: marginal: + format: int64 type: integer pass: + format: int64 type: integer required: - marginal @@ -2402,6 +2406,7 @@ spec: jsonPath: type: string timeoutSeconds: + format: int64 type: integer url: type: string diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 0dbc04aa..e357b4d2 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts @@ -2303,6 +2303,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2322,6 +2323,7 @@ spec: start: type: string step: + format: int64 type: integer required: - end @@ -2343,8 +2345,10 @@ spec: threshold: properties: marginal: + format: int64 type: integer pass: + format: int64 type: integer required: - marginal @@ -2402,6 +2406,7 @@ spec: jsonPath: type: string timeoutSeconds: + format: int64 type: integer url: type: string diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index b78f5cb4..5f9f8cfc 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 772a1a59..10d0a8e1 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,9 +3,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.5.0 {{- if .Values.crdAnnotations }} -{{- toYaml .Values.crdAnnotations | nindent 4 }} + {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} labels: app.kubernetes.io/name: argo-rollouts @@ -32,11 +32,13 @@ spec: jsonPath: .status.replicas name: Current type: integer - - description: Total number of non-terminated pods targeted by this rollout that have the desired template spec + - description: Total number of non-terminated pods targeted by this rollout that + have the desired template spec jsonPath: .status.updatedReplicas name: Up-to-date type: integer - - description: Total number of available pods (ready for at least minReadySeconds) targeted by this rollout + - description: Total number of available pods (ready for at least minReadySeconds) + targeted by this rollout jsonPath: .status.availableReplicas name: Available type: integer @@ -303,6 +305,12 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + scaleDownDelayRevisionLimit: + format: int32 + type: integer + scaleDownDelaySeconds: + format: int32 + type: integer stableMetadata: properties: annotations: @@ -490,6 +498,15 @@ spec: - ingress - servicePort type: object + ambassador: + properties: + mappings: + items: + type: string + type: array + required: + - mappings + type: object istio: properties: destinationRule: @@ -2651,9 +2668,15 @@ spec: - containers type: object type: object - required: - - selector - - template + workloadRef: + properties: + apiVersion: + type: string + kind: + type: string + name: + type: string + type: object type: object status: properties: @@ -2768,6 +2791,8 @@ spec: currentStepIndex: format: int32 type: integer + message: + type: string observedGeneration: type: string pauseConditions: @@ -2783,6 +2808,8 @@ spec: - startTime type: object type: array + phase: + type: string promoteFull: type: boolean readyReplicas: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index a3200728..3e2a4769 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -3,7 +3,6 @@ installCRDs: true clusterInstall: true controller: - name: argo-rollouts component: rollouts-controller ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ @@ -12,8 +11,9 @@ controller: tolerations: [] affinity: {} image: + registry: quay.io repository: argoproj/argo-rollouts - tag: v0.10.2 + tag: "" pullPolicy: IfNotPresent resources: {} @@ -31,7 +31,13 @@ controller: additionalAnnotations: {} serviceAccount: - name: argo-rollouts + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" ## Annotations to be added to all CRDs ## @@ -41,6 +47,21 @@ crdAnnotations: {} ## podAnnotations: {} +## Security Context to set on pod level +## +podSecurityContext: + runAsNonRoot: true + +## Security Context to set on container level +## +containerSecurityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + ## Annotations to be added to the Rollout service ## serviceAnnotations: {} From 8f523cbed09ac95ee230a858425d22d1898881a5 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:09:33 +0200 Subject: [PATCH 038/122] chore(argo-events): Use container images from quay.io (#771) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-events/Chart.yaml | 2 +- charts/argo-events/values.yaml | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 4731f882..6a7b1b7e 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.0 +version: 1.6.1 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index df7d4a1a..55dd6643 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -1,5 +1,5 @@ # docker registry -registry: argoproj +registry: quay.io # The image pull policy imagePullPolicy: Always @@ -47,10 +47,10 @@ singleNamespace: true # sensor controller sensorController: name: sensor-controller - image: sensor-controller + image: argoproj/sensor-controller tag: v1.3.1 replicaCount: 1 - sensorImage: sensor + sensorImage: argoproj/sensor podAnnotations: {} nodeSelector: {} podLabels: {} @@ -61,10 +61,10 @@ sensorController: eventsourceController: name: eventsource-controller - image: eventsource-controller + image: argoproj/eventsource-controller tag: v1.3.1 replicaCount: 1 - eventsourceImage: eventsource + eventsourceImage: argoproj/eventsource podAnnotations: {} nodeSelector: {} podLabels: {} @@ -75,7 +75,7 @@ eventsourceController: eventbusController: name: eventbus-controller - image: eventbus-controller + image: argoproj/eventbus-controller tag: v1.3.1 replicaCount: 1 podAnnotations: {} From 8ff9fe551b22b0315b80afca8aea64832ea20c2c Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:10:30 +0200 Subject: [PATCH 039/122] chore: Remove old workflow in '.argo' directory (#770) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- .argo/argo-checkout.yaml | 21 --------------- .argo/publish.yaml | 58 ---------------------------------------- 2 files changed, 79 deletions(-) delete mode 100644 .argo/argo-checkout.yaml delete mode 100644 .argo/publish.yaml diff --git a/.argo/argo-checkout.yaml b/.argo/argo-checkout.yaml deleted file mode 100644 index d7280c3b..00000000 --- a/.argo/argo-checkout.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -type: container -version: 1 -name: argo-checkout -description: Checks out a source repository to /src -resources: - mem_mib: 500 - cpu_cores: 0.1 -image: argoproj/argoscm:v2.0 -command: ["axscm"] -args: ["clone", "%%inputs.parameters.REPO%%", "/src", "--commit", "%%inputs.parameters.COMMIT%%"] -inputs: - parameters: - COMMIT: - default: "%%session.commit%%" - REPO: - default: "%%session.repo%%" -outputs: - artifacts: - CODE: - path: /src diff --git a/.argo/publish.yaml b/.argo/publish.yaml deleted file mode 100644 index 7f15760c..00000000 --- a/.argo/publish.yaml +++ /dev/null @@ -1,58 +0,0 @@ ---- -type: workflow -version: 1 -name: Publish Charts -inputs: - parameters: - COMMIT: - default: "%%session.commit%%" - REPO: - default: "%%session.repo%%" -steps: -- CHECKOUT: - template: argo-checkout -- PREPARE: - image: hypnoglow/kubernetes-helm:v2.6.1 - resources: - mem_mib: 500 - cpu_cores: 0.1 - command: ["sh", "-c"] - args: [cd /src && helm init --client-only && ./scripts/publish.sh] - inputs: - artifacts: - CODE: - from: "%%steps.CHECKOUT.outputs.artifacts.CODE%%" - path: /src - outputs: - artifacts: - CODE: - path: /src/output -- PUBLISH: - image: argoproj/argoscm:v2.0 - command: ["sh", "-c"] - args: [ - axscm clone %%inputs.parameters.REPO%% --commit gh-pages /src && cd /src && cp -r /output/* . && - git add . && git commit -m "Build on `date`" && - axscm clone %%inputs.parameters.REPO%% /src --commit gh-pages --merge=gh-pages --push] - resources: - mem_mib: 500 - cpu_cores: 0.1 - inputs: - artifacts: - CODE: - from: "%%steps.PREPARE.outputs.artifacts.CODE%%" - path: /output - ---- -type: policy -version: 1 -name: Publish Charts Policy -template: Publish Charts -notifications: -- when: - - on_failure - whom: - - committer - - author -when: -- event: on_push From b3b6a38c861d497baa618cdac123c4404d01984b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:18:09 +0200 Subject: [PATCH 040/122] feat(argo-workflows): Add support for fullnameOverride (#769) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/templates/_helpers.tpl | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 094fc999..a3c8442a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.1.5 +version: 0.2.0 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 00173131..a72c148f 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -26,9 +26,17 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). */}} {{- define "argo-workflows.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} {{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- end -}} +{{- end -}} {{/* Create chart name and version as used by the chart label. From f2e530ea7ea93620fa304970a0fe93549323a9e2 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 May 2021 18:31:44 +0200 Subject: [PATCH 041/122] fix(argo-workflows): Fix indentation when using extraEnv (#773) Signed-off-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 2 +- .../workflow-controller-deployment.yaml | 2 +- .../templates/server/server-deployment.yaml | 21 +++++++++++-------- charts/argo-workflows/values.yaml | 14 +++++++++++-- 4 files changed, 26 insertions(+), 13 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a3c8442a..e45ed5c5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.0 +version: 0.2.1 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index c35894ec..9f80ea7f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -70,7 +70,7 @@ spec: apiVersion: v1 fieldPath: metadata.name {{- with .Values.controller.extraEnv }} - {{ toYaml . | nindent 10 }} + {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.controller.resources | nindent 12 }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 3a97a7fb..5effabf6 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -60,15 +60,18 @@ spec: initialDelaySeconds: 10 periodSeconds: 20 env: - - name: IN_CLUSTER - value: "true" - - name: ARGO_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: BASE_HREF - value: {{ .Values.server.baseHref | quote }} + - name: IN_CLUSTER + value: "true" + - name: ARGO_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: BASE_HREF + value: {{ .Values.server.baseHref | quote }} + {{- with .Values.server.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} resources: {{- toYaml .Values.server.resources | nindent 12 }} volumeMounts: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 684fe6cb..b78666a7 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -120,9 +120,13 @@ controller: # service type `LoadBalancer` loadBalancerSourceRanges: [] resources: {} - # The list of environment variable definitions to be added to the controller - # manages container verbatim. + + ## Extra environment variables to provide to the controller container + ## extraEnv: + ## - name: FOO + ## value: "bar" extraEnv: [] + # Extra arguments to be added to the controller extraArgs: [] replicas: 1 @@ -226,6 +230,12 @@ server: # https://argoproj.github.io/argo-workflows/tls/ secure: false + ## Extra environment variables to provide to the argo-server container + ## extraEnv: + ## - name: FOO + ## value: "bar" + extraEnv: [] + # Extra arguments to provide to the Argo server binary. extraArgs: [] From 4a905d573650bcf1039c18bacfaefe6eea82ddc1 Mon Sep 17 00:00:00 2001 From: Roman <4456572+sturman@users.noreply.github.com> Date: Mon, 31 May 2021 23:15:09 +0300 Subject: [PATCH 042/122] docs: Update ingress extraPaths examples (#774) * Update example for extraPaths for usage with k8s>=1.19 with "networking.k8s.io/v1" Signed-off-by: sturman <4456572+sturman@users.noreply.github.com> * Fix typos in values.yaml Signed-off-by: sturman <4456572+sturman@users.noreply.github.com> * Bump charts version Signed-off-by: sturman <4456572+sturman@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 20 ++++++++++++++++++-- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/values.yaml | 8 ++++++++ 4 files changed, 28 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d2334076..74db87f5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.4 +version: 3.6.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1b6b1505..63e6d75d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -559,13 +559,21 @@ server: # backend: # serviceName: ssl-redirect # servicePort: use-annotation + ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + # - path: /* + # pathType: Prefix + # backend: + # service + # name: ssl-redirect + # port: + # name: use-annotation tls: [] # - secretName: argocd-tls-certificate # hosts: # - argocd.example.com https: false - # dedicated ingess for gRPC as documented at + # dedicated ingress for gRPC as documented at # https://argoproj.github.io/argo-cd/operator-manual/ingress/ ingressGrpc: enabled: false @@ -588,6 +596,14 @@ server: # backend: # serviceName: ssl-redirect # servicePort: use-annotation + ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + # - path: /* + # pathType: Prefix + # backend: + # service + # name: ssl-redirect + # port: + # name: use-annotation tls: [] # - secretName: argocd-tls-certificate @@ -664,7 +680,7 @@ server: ## Annotations to be added to ArgoCD rbac ConfigMap rbacConfigAnnotations: {} - # Boolean determining whether or not to create the configmap. If false, it is expected tthe configmap will be created + # Boolean determining whether or not to create the configmap. If false, it is expected the configmap will be created # by something else. ArgoCD will not work if there is no configMap created with the name above. rbacConfigCreate: true diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index e45ed5c5..6a33bfe4 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.1 +version: 0.2.2 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index b78666a7..e2ce2e71 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -267,6 +267,14 @@ server: # backend: # serviceName: ssl-redirect # servicePort: use-annotation + ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + # - path: /* + # pathType: Prefix + # backend: + # service + # name: ssl-redirect + # port: + # name: use-annotation tls: [] # - secretName: argocd-example-tls From b58209845580cfcef3a7eee2c9769eee44f1f654 Mon Sep 17 00:00:00 2001 From: Pedro Arvela Date: Mon, 31 May 2021 22:23:05 +0100 Subject: [PATCH 043/122] fix: Allow metrics service without CoreOS Service Monitor (#775) Signed-off-by: Pedro Arvela --- charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-rollouts/README.md | 1 + .../argo-rollouts/templates/argo-rollouts-metrics-service.yaml | 2 +- .../argo-rollouts/templates/argo-rollouts-service-monitor.yaml | 2 +- charts/argo-rollouts/values.yaml | 1 + 5 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 65f30638..d053ac6e 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.0 +version: 1.0.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 47da9c14..8916a86c 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -39,6 +39,7 @@ $ helm install my-release argo/argo-rollouts | controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | | controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | | controller.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | +| controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index df6d1291..6f2c975f 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -1,4 +1,4 @@ -{{- if .Values.controller.metrics.serviceMonitor.enabled }} +{{- if .Values.controller.metrics.enabled }} apiVersion: v1 kind: Service metadata: diff --git a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml index bf6fae81..f94a25b8 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml @@ -1,4 +1,4 @@ -{{- if .Values.controller.metrics.serviceMonitor.enabled }} +{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 3e2a4769..e778377f 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -25,6 +25,7 @@ controller: # memory: 64Mi metrics: + enabled: false serviceMonitor: enabled: false additionalLabels: {} From 71eaaea9cbfe5f3e0cb67df612c2fc3143345eb2 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 1 Jun 2021 17:53:07 +0200 Subject: [PATCH 044/122] chore: Complete migration CircleCI -> GitHub Actions (#780) Signed-off-by: Marco Kilchhofer --- .circleci/config.yml | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 79e8d1dc..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,22 +0,0 @@ -version: 2.1 -jobs: - lint: - docker: - - image: quay.io/helmpack/chart-testing:v3.3.1 - steps: - - checkout - - run: ct lint --config .github/configs/ct-lint.yaml --lint-conf .github/configs/lintconf.yaml - publish: - docker: - - image: bash - steps: - - run: echo "Replaced by Github Workflow - https://github.com/argoproj/argo-helm/actions/workflows/publish.yml" - -workflows: - version: 2 - workflow: - jobs: - - lint - - publish: - requires: - - lint \ No newline at end of file From 818cf41bc409a4c84c7aa0bfe026cb9c877adbeb Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Tue, 1 Jun 2021 21:25:34 +0100 Subject: [PATCH 045/122] chore: Nominate mbevc1 as an approver (#767) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Oliver Bähler Co-authored-by: Marco Kilchhofer --- CODEOWNERS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index dbba7a58..016e7842 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,7 +7,7 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler # Argo CD -/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler +/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 # Argo Events /charts/argo-events @jbehling @VaibhavPage @oliverbaehler @@ -16,4 +16,4 @@ /charts/argo-rollouts @oliverbaehler # Argo CD Notifications -/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler +/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler @mbevc1 From 44aa7ed71028d1dda5f7fe82f3515250bd9c70f7 Mon Sep 17 00:00:00 2001 From: Nicolas Lamirault Date: Wed, 2 Jun 2021 19:54:48 +0200 Subject: [PATCH 046/122] docs(argo-cd): Dex ServiceMonitor labels, namespace and selector (#726) * Add: serviceMonitor labels and selector Signed-off-by: Nicolas Lamirault * Update: bump chart version Signed-off-by: Nicolas Lamirault * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 74db87f5..465ad6e0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.5 +version: 3.6.6 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 63e6d75d..fdd50b36 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -214,6 +214,10 @@ dex: serviceMonitor: enabled: false interval: 30s + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} image: repository: ghcr.io/dexidp/dex From 03140b36fcef6e0268b72fc73345edd9c642e85f Mon Sep 17 00:00:00 2001 From: Sergey Shaykhullin <46970457+sergeyshaykhullin@users.noreply.github.com> Date: Thu, 3 Jun 2021 13:07:47 +0300 Subject: [PATCH 047/122] feat(argocd-notifications): Add metrics service labels and annotations (#783) * feat(argocd-notifications): Add metrics service labels and annotations Signed-off-by: Sergey Shaykhullin * Update charts/argocd-notifications/templates/service-metrics.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Sergey Shaykhullin * Update charts/argocd-notifications/templates/service-metrics.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Sergey Shaykhullin * Update _helpers.tpl Signed-off-by: Sergey Shaykhullin * Update _helpers.tpl Signed-off-by: Sergey Shaykhullin * Delete templated.yaml Signed-off-by: Sergey Shaykhullin Co-authored-by: Marco Kilchhofer --- charts/argocd-notifications/Chart.yaml | 2 +- charts/argocd-notifications/templates/service-metrics.yaml | 7 +++++++ charts/argocd-notifications/values.yaml | 3 +++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 9be1b26b..cf33a5d9 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.3.2 +version: 1.4.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/service-metrics.yaml b/charts/argocd-notifications/templates/service-metrics.yaml index 5645a4d3..aea5d90e 100644 --- a/charts/argocd-notifications/templates/service-metrics.yaml +++ b/charts/argocd-notifications/templates/service-metrics.yaml @@ -5,6 +5,13 @@ metadata: name: {{ include "argocd-notifications.name" . }}-metrics labels: {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} + {{- with .Values.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.metrics.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: selector: {{- include "argocd-notifications.selectorLabels" . | nindent 4 }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index f258401f..ff5ca14d 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -52,6 +52,9 @@ extraArgs: [] metrics: enabled: false port: 9001 + service: + annotations: {} + labels: {} serviceMonitor: enabled: false additionalLabels: {} From 603f2aa8ef2488fdf0ed40181b8d96826e03bda9 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 3 Jun 2021 20:08:12 +0900 Subject: [PATCH 048/122] docs(argo-workflows): Add missing value on values.yaml (#782) * chore(argo-workflows): Add missing value Signed-off-by: yu-croco * reflect review: make it shorter and clearer. Signed-off-by: yu-croco * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/values.yaml | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6a33bfe4..cc7f7c86 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.2 +version: 0.2.3 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index e2ce2e71..7de0dfea 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -12,6 +12,14 @@ init: createAggregateRoles: true +## String to partially override "argo-workflows.fullname" template +## +nameOverride: + +## String to fully override "argo-workflows.fullname" template +## +fullnameOverride: + # Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents, # and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. singleNamespace: false From afe72167fb4f74021a5b47b05626d38404989fe4 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 3 Jun 2021 19:10:55 +0200 Subject: [PATCH 049/122] fix(argo-workflows): Observe 'controller.serviceAccount.create' (#787) * fix(argo-workflows): Observe 'controller.serviceAccount.create' Signed-off-by: Marco Kilchhofer * chore: Ignore ci/ directory in final package Signed-off-by: Marco Kilchhofer --- charts/argo-workflows/.helmignore | 1 + charts/argo-workflows/Chart.yaml | 2 +- .../templates/controller/workflow-controller-sa.yaml | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/charts/argo-workflows/.helmignore b/charts/argo-workflows/.helmignore index f0c13194..b4af6c20 100644 --- a/charts/argo-workflows/.helmignore +++ b/charts/argo-workflows/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +ci/ diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index cc7f7c86..078b42b2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.3 +version: 0.2.4 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index e917bb41..f5e10857 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -1,3 +1,4 @@ +{{- if .Values.controller.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount metadata: @@ -6,3 +7,4 @@ metadata: annotations: {{- toYaml .| nindent 4 }} {{- end }} +{{- end }} From be8f33c8722c512d438d61166f6ee73213415240 Mon Sep 17 00:00:00 2001 From: Josh Hudson <382062+itmustbejj@users.noreply.github.com> Date: Thu, 3 Jun 2021 10:50:20 -0700 Subject: [PATCH 050/122] feat(argocd-applicationset): Add priorityClass for argocd-applicationset (#788) Signed-off-by: Josh Hudson <382062+itmustbejj@users.noreply.github.com> --- charts/argocd-applicationset/Chart.yaml | 2 +- charts/argocd-applicationset/templates/deployment.yaml | 3 +++ charts/argocd-applicationset/values.yaml | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 936734b0..2596addb 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.5 +version: 0.1.6 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index d2cd345c..4840bd65 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -98,3 +98,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index f7be897d..1be0c0ff 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -71,6 +71,8 @@ tolerations: [] affinity: {} +priorityClassName: "" + mountSSHKnownHostsVolume: true mountTLSCertsVolume: true mountGPGKeysVolume: false From 01c78a82b5cc3d65feaa9be2e4cbd0c6652bde57 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 7 Jun 2021 10:35:39 +0200 Subject: [PATCH 051/122] chore(argo-events): Cleanup old CRD hooks (#778) * Drop old CRDs with hooks containing helm hooks Signed-off-by: Marco Kilchhofer * Bump chart version Signed-off-by: Marco Kilchhofer * Drop empty newlines inside manifests Signed-off-by: Marco Kilchhofer * chore: trigger CI Signed-off-by: Marco Kilchhofer * chore: Ignore 'ci/' directory in final package Signed-off-by: Marco Kilchhofer * Apply changes from code review Signed-off-by: Marco Kilchhofer --- charts/argo-events/.helmignore | 1 + charts/argo-events/Chart.yaml | 2 +- charts/argo-events/README.md | 2 +- .../templates/argo-events-cluster-roles.yaml | 7 ++- .../templates/argo-events-roles.yaml | 5 +-- .../argo-events/templates/eventbus-crd.yaml | 44 ------------------ .../templates/eventsource-crd.yaml | 44 ------------------ charts/argo-events/templates/sensor-crd.yaml | 45 ------------------- charts/argo-events/values.yaml | 3 -- 9 files changed, 8 insertions(+), 145 deletions(-) delete mode 100644 charts/argo-events/templates/eventbus-crd.yaml delete mode 100644 charts/argo-events/templates/eventsource-crd.yaml delete mode 100644 charts/argo-events/templates/sensor-crd.yaml diff --git a/charts/argo-events/.helmignore b/charts/argo-events/.helmignore index f0c13194..b4af6c20 100644 --- a/charts/argo-events/.helmignore +++ b/charts/argo-events/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +ci/ diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 6a7b1b7e..2df3b1c7 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.1 +version: 1.6.2 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 3c375c3a..2bece9b9 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -15,6 +15,6 @@ This is a **community maintained** chart. It installs the [argo-events](https:// ## Notes on CRD Installation -Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart. +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. You can install the CRDs manually from `crds` folder. \ No newline at end of file diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index bfd2d021..c3904980 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -1,5 +1,4 @@ {{- if not .Values.singleNamespace }} - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -26,9 +25,9 @@ kind: ClusterRole metadata: name: argo-events-role rules: -{{- if .Values.additionalServiceAccountRules }} -{{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} -{{- end }} + {{- with .Values.additionalServiceAccountRules }} + {{- toYaml . | nindent 2 }} + {{- end }} - apiGroups: - argoproj.io verbs: diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml index 56721159..1371f6a6 100644 --- a/charts/argo-events/templates/argo-events-roles.yaml +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -1,5 +1,4 @@ {{- if .Values.singleNamespace }} - apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: @@ -28,8 +27,8 @@ metadata: name: argo-events-role namespace: {{ .Release.Namespace }} rules: - {{- if .Values.additionalServiceAccountRules }} - {{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} + {{- with .Values.additionalServiceAccountRules }} + {{- toYaml . | nindent 2 }} {{- end }} - apiGroups: - argoproj.io diff --git a/charts/argo-events/templates/eventbus-crd.yaml b/charts/argo-events/templates/eventbus-crd.yaml deleted file mode 100644 index 4a67294e..00000000 --- a/charts/argo-events/templates/eventbus-crd.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventbus.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: EventBus - listKind: EventBusList - plural: eventbus - shortNames: - - eb - singular: eventbus - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} -{{- end }} diff --git a/charts/argo-events/templates/eventsource-crd.yaml b/charts/argo-events/templates/eventsource-crd.yaml deleted file mode 100644 index 5c6a0b6b..00000000 --- a/charts/argo-events/templates/eventsource-crd.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventsources.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - scope: Namespaced - names: - kind: EventSource - plural: eventsources - singular: eventsource - listKind: EventSourceList - shortNames: - - es - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} -{{- end }} diff --git a/charts/argo-events/templates/sensor-crd.yaml b/charts/argo-events/templates/sensor-crd.yaml deleted file mode 100644 index d121019e..00000000 --- a/charts/argo-events/templates/sensor-crd.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{- if .Values.installCRD }} -# Define a "sensor" custom resource definition -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sensors.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: Sensor - listKind: SensorList - plural: sensors - singular: sensor - shortNames: - - sn - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} -{{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 55dd6643..11827406 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -8,9 +8,6 @@ imagePullPolicy: Always imagePullSecrets: [] # - name: argo-pull-secret -# If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation. -installCRD: true - # ServiceAccount to use for running controller. serviceAccount: argo-events-sa From 99ae115455fe1595a8260bf7ebdc697041f40486 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 7 Jun 2021 10:51:52 +0200 Subject: [PATCH 052/122] chore(argo-cd): Cleanup old CRD hooks (#777) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore: Cleanup old CRD hooks Signed-off-by: Marco Kilchhofer * Bump chart version Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 8 +------- charts/argo-cd/crds/crd-application.yaml | 2 -- charts/argo-cd/crds/crd-project.yaml | 2 -- charts/argo-cd/templates/crds.yaml | 6 ------ charts/argo-cd/values.yaml | 3 --- 6 files changed, 2 insertions(+), 21 deletions(-) delete mode 100644 charts/argo-cd/templates/crds.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 465ad6e0..68a2ed62 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.6 +version: 3.6.7 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1c5f8c17..f17addb7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -83,6 +83,7 @@ server: ## Prerequisites - Kubernetes 1.7+ +- Helm v3.0.0+ ## Installing the Chart @@ -97,12 +98,6 @@ NAME: my-release ... ``` -### Helm v3 Compatibility - -Requires chart version 1.5.2 or newer. - -Helm v3 has removed the `install-crds` hook so CRDs are now populated by files in the [crds](./crds) directory. Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks. - ## Chart Values | Parameter | Description | Default | @@ -116,7 +111,6 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | -| installCRDs | Install CRDs if you are using Helm2. | `true` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index c62189e8..74364ae4 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -5,8 +5,6 @@ metadata: app.kubernetes.io/name: applications.argoproj.io app.kubernetes.io/part-of: argocd name: applications.argoproj.io - annotations: - helm.sh/hook: crd-install spec: group: argoproj.io names: diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 40182848..7bb09652 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -5,8 +5,6 @@ metadata: app.kubernetes.io/name: appprojects.argoproj.io app.kubernetes.io/part-of: argocd name: appprojects.argoproj.io - annotations: - helm.sh/hook: crd-install spec: group: argoproj.io names: diff --git a/charts/argo-cd/templates/crds.yaml b/charts/argo-cd/templates/crds.yaml deleted file mode 100644 index 45ab72d4..00000000 --- a/charts/argo-cd/templates/crds.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if .Values.installCRDs }} -{{- range $path, $_ := .Files.Glob "crds/*.yaml" }} -{{ $.Files.Get $path }} ---- -{{- end }} -{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fdd50b36..df964dee 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -5,9 +5,6 @@ nameOverride: argocd fullnameOverride: "" kubeVersionOverride: "" -# Optional CRD installation for those without Helm hooks -installCRDs: true - global: image: repository: quay.io/argoproj/argocd From 87af20fd06f87b8a05b14ad33738244067102d21 Mon Sep 17 00:00:00 2001 From: Rich Date: Mon, 7 Jun 2021 10:39:41 +0100 Subject: [PATCH 053/122] fix(argo-cd): Server cert-manager certificate secretName to match documentation (#793) * fix(argo-cd): Set ArgoCD server certificate manager certificate secret name to match the documentation by default. Signed-off-by: Rich * fix(argo-cd): Add server certificate issuer subvalues to values.yaml and a relevant comment. Signed-off-by: Rich * Bump chart version again Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/certificate.yaml | 2 +- charts/argo-cd/values.yaml | 5 ++++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 68a2ed62..9bb09636 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.7 +version: 3.6.8 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index edaea3b5..753dc8bc 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -23,5 +23,5 @@ spec: issuerRef: kind: {{ .Values.server.certificate.issuer.kind | quote }} name: {{ .Values.server.certificate.issuer.name | quote }} - secretName: argocd-tls-certificate + secretName: {{ .Values.server.certificate.secretName | quote }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index df964dee..466fc7c3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -495,8 +495,11 @@ server: certificate: enabled: false domain: argocd.example.com - issuer: {} + issuer: + kind: # ClusterIssuer + name: # letsencrypt additionalHosts: [] + secretName: argocd-server-tls ## Server service configuration service: From eecc88fbd7147cd540440ca9d8e0c43db6a919bc Mon Sep 17 00:00:00 2001 From: Sevan Date: Tue, 8 Jun 2021 15:14:55 +0200 Subject: [PATCH 054/122] fix(argo-workflows): use template for ingress .Capabilities (#795) * fix(argo-workflows): use argo-workflows.ingress.apiVersion for ingress (#794) Signed-off-by: Sevan Murriguian-Watrin * feat(argo-workflows): Add option to override kubeVersion Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/templates/_helpers.tpl | 11 +++++++++-- .../templates/server/server-ingress.yaml | 10 +++++----- charts/argo-workflows/values.yaml | 4 ++++ 4 files changed, 19 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 078b42b2..fb23a3a8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.4 +version: 0.2.5 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index a72c148f..18eae994 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -94,11 +94,18 @@ Create the name of the controller service account to use Return the appropriate apiVersion for ingress */}} {{- define "argo-workflows.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} +{{- if semverCompare "<1.14-0" (include "argo-workflows.kubeVersion" $) -}} {{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.Version -}} +{{- else if semverCompare "<1.19-0" (include "argo-workflows.kubeVersion" $) -}} {{- print "networking.k8s.io/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1" -}} {{- end -}} {{- end -}} + +{{/* +Return the target Kubernetes version +*/}} +{{- define "argo-workflows.kubeVersion" -}} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index f0488031..6072c9d7 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -19,7 +19,7 @@ metadata: {{- toYaml .Values.server.ingress.labels | nindent 4 }} {{- end }} spec: - {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} @@ -35,11 +35,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: Prefix {{- end }} backend: - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: @@ -62,11 +62,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: Prefix {{- end }} backend: - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 7de0dfea..c6af6902 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -20,6 +20,10 @@ nameOverride: ## fullnameOverride: +## Override the Kubernetes version, which is used to evaluate certain manifests +## +kubeVersionOverride: "" + # Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents, # and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. singleNamespace: false From ca0a53d6ebd86bfe46ba5018410b2be08dce2bb3 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 10 Jun 2021 10:30:57 +0200 Subject: [PATCH 055/122] chore: Relax 'Semantic Pull Requests' check (#796) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- .github/semantic.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .github/semantic.yml diff --git a/.github/semantic.yml b/.github/semantic.yml new file mode 100644 index 00000000..d93cf9cc --- /dev/null +++ b/.github/semantic.yml @@ -0,0 +1,3 @@ +## Reference: https://github.com/zeke/semantic-pull-requests +# Always validate the PR title, and ignore the commits +titleOnly: true From 7e381436f98fdad7b21b607193f8bb8d27c74776 Mon Sep 17 00:00:00 2001 From: Alex Andrews Date: Fri, 25 Jun 2021 07:06:59 +0100 Subject: [PATCH 056/122] fix(argo-cd): fix missing colon in example service definitions (#810) * fix(argo-cd): fix missing colon in example service definitions Signed-off-by: Alex Andrews * build(argo-cd): Bump chart patch version Signed-off-by: Alex Andrews --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9bb09636..ac5ca980 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.8 +version: 3.6.9 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 466fc7c3..ad6d1b23 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -567,7 +567,7 @@ server: # - path: /* # pathType: Prefix # backend: - # service + # service: # name: ssl-redirect # port: # name: use-annotation @@ -604,7 +604,7 @@ server: # - path: /* # pathType: Prefix # backend: - # service + # service: # name: ssl-redirect # port: # name: use-annotation From 0180e943ff1a9b676893eeac40d306a71c8e2967 Mon Sep 17 00:00:00 2001 From: Alex Sears Date: Fri, 25 Jun 2021 02:15:43 -0400 Subject: [PATCH 057/122] chore(argo-workflows): update workflows version to most 3.0.7 (#811) * chore(argo-workflows): update workflows version to most 3.0.7 Signed-off-by: Alex Sears * chore(argo-worflows): update controller liveness probe Signed-off-by: Alex Sears * chore(argo-workflows): templatize controller liveness probe Signed-off-by: Alex Sears Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-deployment.yaml | 8 ++------ charts/argo-workflows/values.yaml | 9 +++++++++ 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index fb23a3a8..f3dd5219 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.5 -appVersion: "v3.0.2" +version: 0.2.6 +appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 9f80ea7f..e085b899 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -77,12 +77,8 @@ spec: ports: - name: metrics containerPort: {{ .Values.controller.metricsConfig.port }} - livenessProbe: - httpGet: - port: metrics - path: {{ .Values.controller.metricsConfig.path }} - initialDelaySeconds: 30 - periodSeconds: 30 + - containerPort: 6060 + livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index c6af6902..864c9931 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -132,6 +132,15 @@ controller: # service type `LoadBalancer` loadBalancerSourceRanges: [] resources: {} + livenessProbe: + httpGet: + port: 6060 + path: /healthz + # Require three failures to tolerate transient errors. + failureThreshold: 3 + initialDelaySeconds: 90 + periodSeconds: 60 + timeoutSeconds: 30 ## Extra environment variables to provide to the controller container ## extraEnv: From f17cc62250bd5e049e86aeb3c1308e3b635da355 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81ngel=20Cabrera=20Mi=C3=B1agorri?= Date: Sat, 26 Jun 2021 17:04:59 +0200 Subject: [PATCH 058/122] fix(argo-cd): Typo in repo server service monitor (#815) --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac5ca980..63d5fbd1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.9 +version: 3.6.10 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 05b38acc..027cdb5f 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -17,7 +17,7 @@ metadata: spec: endpoints: - port: metrics - {{- with .Values.controller.metrics.serviceMonitor.interval }} + {{- with .Values.repoServer.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} path: /metrics From 34e606f012ee81034037ce321dbba989c9c06b16 Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Mon, 28 Jun 2021 11:32:54 +0100 Subject: [PATCH 059/122] chore: Fix CODEOWNERS syntax (#817) Signed-off-by: Marko Bevc --- CODEOWNERS | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 016e7842..012ac7f7 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,13 +7,13 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler # Argo CD -/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 +/charts/argo-cd/ @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 # Argo Events -/charts/argo-events @jbehling @VaibhavPage @oliverbaehler +/charts/argo-events/ @jbehling @VaibhavPage @oliverbaehler # Argo Rollouts -/charts/argo-rollouts @oliverbaehler +/charts/argo-rollouts/ @oliverbaehler # Argo CD Notifications -/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler @mbevc1 +/charts/argocd-notifications/ @alexmt @andyfeller @oliverbaehler @mbevc1 From 7f16fc4213a45bf2df1cb8366ba397a97fe920c5 Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Tue, 29 Jun 2021 09:48:48 +0100 Subject: [PATCH 060/122] feat(argo-cd): Bump default version to v2.0.4 (#816) * feat(argo-cd): Bump default version to v2.0.4 Signed-off-by: Marko Bevc * Update README Signed-off-by: Marko Bevc * Bump Chart version Signed-off-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 63d5fbd1..9062f659 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.3 +appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.10 +version: 3.6.11 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f17addb7..b8159f89 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -104,7 +104,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.8.4"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.4"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ad6d1b23..ac96ad11 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.0.3 + tag: v2.0.4 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 From 8a39a9d1ba1c067068e8062804c8a4c0a9ee509f Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 5 Jul 2021 11:35:51 +0200 Subject: [PATCH 061/122] chore(chart-testing-action): Update components (#823) Signed-off-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 1056a239..2de22a8b 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -21,7 +21,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.0.1 + uses: helm/chart-testing-action@v2.1.0 - name: List changed charts id: list-changed @@ -37,7 +37,7 @@ jobs: run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml - name: Create kind cluster - uses: helm/kind-action@v1.1.0 + uses: helm/kind-action@v1.2.0 if: steps.list-changed.outputs.changed == 'true' - name: Run chart-testing (install) From d860a04452bb09e1ebfea4388b79e22bb4f0b672 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 5 Jul 2021 11:41:55 +0200 Subject: [PATCH 062/122] feat(argo-cd): Add ability to manage gpgKeys (#797) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 2 ++ .../argocd-configs/argocd-gpg-keys-cm.yaml | 16 ++++++++++++++ .../argocd-repo-server/deployment.yaml | 9 ++++++-- .../templates/argocd-server/deployment.yaml | 4 ++++ charts/argo-cd/values.yaml | 21 +++++++++++++++++++ 6 files changed, 51 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9062f659..61179742 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.11 +version: 3.7.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b8159f89..c0322bad 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -112,6 +112,8 @@ NAME: my-release | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | +| configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` | +| configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) | | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | | configs.secret.annotations | Annotations for argocd-secret | `{}` | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml new file mode 100644 index 00000000..e96ef9aa --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + {{- if .Values.configs.gpgKeysAnnotations }} + annotations: + {{- range $key, $value := .Values.configs.gpgKeysAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} + name: argocd-gpg-keys-cm +{{- with .Values.configs.gpgKeys }} +data: + {{- toYaml . | nindent 2 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index bd924d4b..30082b2d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -72,8 +72,10 @@ spec: {{- end }} volumeMounts: {{- if .Values.repoServer.volumeMounts }} -{{- toYaml .Values.repoServer.volumeMounts | nindent 8}} + {{- toYaml .Values.repoServer.volumeMounts | nindent 8 }} {{- end }} + - mountPath: /app/config/gpg/source + name: gpg-keys - mountPath: /app/config/gpg/keys name: gpg-keyring {{- if .Values.configs.knownHosts }} @@ -134,8 +136,11 @@ spec: {{- end }} volumes: {{- if .Values.repoServer.volumes }} -{{- toYaml .Values.repoServer.volumes | nindent 6}} + {{- toYaml .Values.repoServer.volumes | nindent 6 }} {{- end }} + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm - emptyDir: {} name: gpg-keyring {{- if .Values.configs.knownHosts }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 44b89c0e..68c98845 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -90,6 +90,8 @@ spec: subPath: "custom.styles.css" name: custom-styles {{- end }} + - mountPath: /tmp + name: tmp-dir ports: - name: {{ .Values.server.name }} containerPort: {{ .Values.server.containerPort }} @@ -149,6 +151,8 @@ spec: {{- end }} - emptyDir: {} name: static-files + - emptyDir: {} + name: tmp-dir {{- if .Values.configs.styles }} - configMap: name: argocd-custom-styles diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ac96ad11..9f81bbe4 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -977,6 +977,27 @@ configs: # insecure: false # caData: "" + gpgKeysAnnotations: {} + gpgKeys: {} + # 4AEE18F83AFDEB23: | + # -----BEGIN PGP PUBLIC KEY BLOCK----- + # + # mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta + # x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT + # SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ + # 7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa + # buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v + # yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs + # b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW + # BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf + # DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6 + # 9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws + # +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5 + # 4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O + # j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48= + # =Bvzs + # -----END PGP PUBLIC KEY BLOCK----- + knownHostsAnnotations: {} knownHosts: data: From b78109c4f3d5990e1805cf61a32a2571264c9697 Mon Sep 17 00:00:00 2001 From: Mouhsen Ibrahim <78358035+mouhsen-ibrahim@users.noreply.github.com> Date: Mon, 5 Jul 2021 11:52:59 +0200 Subject: [PATCH 063/122] feat(argo-cd): Add pathType value to ingress (#822) Modern GKE versions only accept ImplementationSpecific as pathType for the ingress resource, so here we added a new value for the pathType which can be used to set pathType on demand, the default value is still Prefix for backward compatability Signed-off-by: Mouhsen Ibrahim --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 5 +++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 5 +++-- charts/argo-cd/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 61179742..77b0fc3d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.7.0 +version: 3.7.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 1f5fc4ea..1fb89979 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -3,6 +3,7 @@ {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} +{{- $pathType := .Values.server.ingressGrpc.pathType -}} apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} kind: Ingress metadata: @@ -36,7 +37,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} @@ -63,7 +64,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 1bd2c53c..aa7d49dc 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -3,6 +3,7 @@ {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} +{{- $pathType := .Values.server.ingress.pathType -}} apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} kind: Ingress metadata: @@ -36,7 +37,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} @@ -63,7 +64,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9f81bbe4..087a091d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -557,6 +557,7 @@ server: # - argocd.example.com paths: - / + pathType: Prefix extraPaths: [] # - path: /* @@ -594,6 +595,7 @@ server: # - argocd.example.com paths: - / + pathType: Prefix extraPaths: [] # - path: /* From a807d24c3b5c313c5e6adaad5c629fbdc6538fc7 Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Wed, 7 Jul 2021 17:17:35 +0200 Subject: [PATCH 064/122] fix(argo-rollouts): Add ConfigMap read access to support notification-engine (#812) * Add configmap read access Signed-off-by: Aditya Menon * Retrigger CI pipeline Signed-off-by: Aditya Menon * Match upstream manifest definition Follow the same pattern on argo-rollouts repo Signed-off-by: Aditya Menon --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml | 2 ++ charts/argo-rollouts/templates/argo-rollouts-role.yaml | 2 ++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index d053ac6e..f058d566 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "v1.0.1" +appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.1 +version: 1.0.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index 5872d59d..fdd0f2b0 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -77,10 +77,12 @@ rules: - watch - patch # secret read access to run analysis templates which reference secrets +# configmap access to read notification-engine configuration - apiGroups: - "" resources: - secrets + - configmaps verbs: - get - list diff --git a/charts/argo-rollouts/templates/argo-rollouts-role.yaml b/charts/argo-rollouts/templates/argo-rollouts-role.yaml index a981d95d..23794c34 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml @@ -67,10 +67,12 @@ rules: - watch - patch # secret read access to run analysis templates which reference secrets +# configmap access to read notification-engine configuration - apiGroups: - "" resources: - secrets + - configmaps verbs: - get - list From a70d156217f701350920abbf639b953c5c5d66c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Fri, 9 Jul 2021 13:08:43 +0200 Subject: [PATCH 065/122] feat!: Improve Pull Request Template & Contributing Guidelines (#750) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: improve documentation and require changelog Signed-off-by: Oliver Bähler * Bump Versions Signed-off-by: Oliver Bähler * Bump argo-rollouts Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Reword Artifacthub -> Artifact Hub Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- .github/pull_request_template.md | 4 +- CONTRIBUTING.md | 50 ++++++++++++++++++++++++- README.md | 5 +++ charts/argo-cd/Chart.yaml | 2 +- charts/argo-events/Chart.yaml | 5 ++- charts/argo-rollouts/Chart.yaml | 5 ++- charts/argo-workflows/Chart.yaml | 5 ++- charts/argocd-applicationset/Chart.yaml | 5 ++- charts/argocd-notifications/Chart.yaml | 5 ++- 9 files changed, 77 insertions(+), 9 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 67fe55f4..f614c199 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -4,9 +4,9 @@ If the DCO action in the integration test fails, one or more of your commits are Checklist: -* [ ] I have updated the chart version in `Chart.yaml` following Semantic Versioning. +* [ ] I have bumped the chart version according to [versioning](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#versioning) +* [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#changelog). * [ ] Any new values are backwards compatible and/or have sensible default. -* [ ] I have followed the testing instructions in the [contributing guide](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md). * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/tree/master/community#contributing-to-argo). * [ ] My build is green ([troubleshooting builds](https://argoproj.github.io/argo-cd/developer-guide/ci/)). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a4ad43dd..070b0981 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,6 +2,54 @@ Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently. + +# Pull Requests + +All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project. + +## Versioning + +Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease). + +Any breaking changes to a chart (backwards incompatible) require: + + * Bump of the current Major version of the chart + * State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades)) + +### Immutability + +Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error. + + +### Artifact Hub Annotations + +Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub. + + * [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/) + +#### Changelog + +We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release. + +Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: + +``` +name: argo-cd +version: 3.4.1 +... +annotations: + artifacthub.io/changes: | + - "[Added]: Something New was added" + - "[Changed]: Changed Something within this chart" + - "[Changed]: Changed Something else within this chart" + - "[Deprecated]: Something deprecated" + - "[Removed]: Something was removed" + - "[Fixed]: Something was fixed" + - "[Security]": Some Security Patch was included" +``` + +# Testing + ## Testing Argo Workflows Changes Minimally: @@ -96,4 +144,4 @@ The linting can be invoked manually with the following command: ## Publishing Changes -Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`). \ No newline at end of file +Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`). diff --git a/README.md b/README.md index 2db0e70a..6e1aaf2c 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ # Argo Helm Charts +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=master)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. The charts can be added using following command: @@ -7,3 +8,7 @@ Argo Helm is a collection of **community maintained** charts for http://argoproj ``` helm repo add argo https://argoproj.github.io/argo-helm ``` + +## Contributing + +We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details. \ No newline at end of file diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 77b0fc3d..9ea33e54 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.7.1 +version: 3.7.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 2df3b1c7..835705bf 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.2 +version: 1.6.4 keywords: - argo-events - sensor-controller @@ -15,3 +15,6 @@ maintainers: appVersion: 1.3.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index f058d566..6f904714 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,10 +2,13 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.2 +version: 1.0.3 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: - name: alexmt - name: dthomson25 - name: jessesuen +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f3dd5219..d966c9f8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.6 +version: 0.2.7 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -13,3 +13,6 @@ maintainers: - name: alexmt - name: jessesuen - name: benjaminws +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 2596addb..2facbad1 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.6 +version: 0.1.7 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png @@ -12,3 +12,6 @@ keywords: - gitops maintainers: - name: maruina +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index cf33a5d9..81fc8e5c 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.0 +version: 1.4.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -13,3 +13,6 @@ keywords: maintainers: - name: alexmt - name: andyfeller +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" From 783cb3e0290b1f8b5934f1dfb212dd1fbe16df02 Mon Sep 17 00:00:00 2001 From: Atze de Vries Date: Fri, 9 Jul 2021 14:34:09 +0200 Subject: [PATCH 066/122] feat(argo-cd): Add ability to override API versions (#760) * feat: Add ability to override api versions for argocd Signed-off-by: Atze de Vries * fix linting Signed-off-by: Atze de Vries * reimplement a bit and update chart version Signed-off-by: Atze de Vries * update to new minor Signed-off-by: Atze de Vries * fix spaces in comments Signed-off-by: Atze de Vries * Updated flow control and add documentation on apiVersionOverrides Signed-off-by: Atze de Vries * Add changelog annotation Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++++- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/_helpers.tpl | 4 +++- charts/argo-cd/templates/argocd-server/certificate.yaml | 4 +++- charts/argo-cd/values.yaml | 7 +++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9ea33e54..6be2a125 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.7.2 +version: 3.8.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -19,3 +19,6 @@ dependencies: version: 4.12.14 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled +annotations: + artifacthub.io/changes: | + - "[Added]: Ability to override API versions" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c0322bad..219e76ab 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -111,6 +111,8 @@ NAME: my-release | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | +| apiVersionOverrides.certmanager | String to override apiVersion of certmanager resources rendered by this helm chart | `""` | +| apiVersionOverrides.ingress | String to override apiVersion of ingresses rendered by this helm chart | `""` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` | | configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 65081951..177d1db8 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -144,7 +144,9 @@ app.kubernetes.io/component: {{ .component }} Return the appropriate apiVersion for ingress */}} {{- define "argo-cd.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}} +{{- if .Values.apiVersionOverrides.ingress -}} +{{- print .Values.apiVersionOverrides.ingress -}} +{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}} {{- print "extensions/v1beta1" -}} {{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" $) -}} {{- print "networking.k8s.io/v1beta1" -}} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 753dc8bc..64241bfe 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,5 +1,7 @@ {{- if .Values.server.certificate.enabled -}} -{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1" }} +{{- if .Values.apiVersionOverrides.certmanager -}} +apiVersion: {{ .Values.apiVersionOverrides.certmanager }} +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" }} apiVersion: cert-manager.io/v1 {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }} apiVersion: cert-manager.io/v1alpha3 diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 087a091d..6edc3e29 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,6 +20,13 @@ global: # hostnames: # - git.myhostname +# Override APIVersions +# If you want to template helm charts but cannot access k8s API server +# you can set api versions here +apiVersionOverrides: + certmanager: "" # cert-manager.io/v1 + ingress: "" # networking.k8s.io/v1beta1 + ## Controller controller: name: application-controller From 1416d5e082b97878ab9c8cbe99e299669ee747d9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 12 Jul 2021 12:54:17 +0200 Subject: [PATCH 067/122] fix(argocd-applicationset): Cleanup old CRD installation method (#827) Signed-off-by: Marco Kilchhofer --- charts/argocd-applicationset/.helmignore | 1 + charts/argocd-applicationset/Chart.yaml | 8 ++++--- charts/argocd-applicationset/README.md | 23 +++++++++++++++---- .../ci/default-values.yaml | 2 -- .../ci/leader-election-values.yaml | 2 -- .../argocd-applicationset/templates/crds.yaml | 6 ----- charts/argocd-applicationset/values.yaml | 2 -- 7 files changed, 24 insertions(+), 20 deletions(-) delete mode 100644 charts/argocd-applicationset/templates/crds.yaml diff --git a/charts/argocd-applicationset/.helmignore b/charts/argocd-applicationset/.helmignore index 0e8a0eb3..5bdaa3eb 100644 --- a/charts/argocd-applicationset/.helmignore +++ b/charts/argocd-applicationset/.helmignore @@ -21,3 +21,4 @@ .idea/ *.tmproj .vscode/ +ci/ diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 2facbad1..b91b1441 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,10 +2,10 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.7 +version: 1.0.0 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png keywords: - argoproj - appset @@ -14,4 +14,6 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Removed]: CRD installation via templates folder. CRDs are now only handled via the '/crds' folder in the same way like the ArgoCD chart." + - "[Removed]: Exclude '/ci' folder from being packaged into the final chart archive." + - "[Changed]: Fix icon url" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index b200d9cf..0b59414b 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -10,6 +10,11 @@ This is a **community maintained** chart. This chart installs the [applicationse This chart currently installs the non-HA version of Argo CD ApplicationSet. +## Prerequisites + +- Helm v3.0.0+ +- The ApplicationSet controller **must** be installed into the same namespace as the Argo CD it is targetting. + ## Installing the Chart To install the chart with the release name `my-release`: @@ -23,10 +28,6 @@ NAME: my-release ... ``` -### Helm v3 Compatibility - -Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks. - ### Testing Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing). @@ -38,6 +39,19 @@ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/st ct install --namespace argocd ``` +## Notes on CRD Installation + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. + +You then can install the CRDs manually from `crds` folder or via the manifests from the upstream project repo: + +```console +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref= + +# Eg. version v0.1.0 +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=v0.1.0 +``` + ## Values | Key | Type | Default | Description | @@ -56,7 +70,6 @@ ct install --namespace argocd | image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | -| installCRDs | bool | `true` | Install Custom Resource Definition | | mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume | | mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume | | mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | diff --git a/charts/argocd-applicationset/ci/default-values.yaml b/charts/argocd-applicationset/ci/default-values.yaml index eb1b7aae..233dd8e2 100644 --- a/charts/argocd-applicationset/ci/default-values.yaml +++ b/charts/argocd-applicationset/ci/default-values.yaml @@ -4,8 +4,6 @@ replicaCount: 1 -installCRDs: false # this needs to be false with ct - image: # The image repository repository: quay.io/argocdapplicationset/argocd-applicationset diff --git a/charts/argocd-applicationset/ci/leader-election-values.yaml b/charts/argocd-applicationset/ci/leader-election-values.yaml index e7201ac1..39ec3078 100644 --- a/charts/argocd-applicationset/ci/leader-election-values.yaml +++ b/charts/argocd-applicationset/ci/leader-election-values.yaml @@ -2,5 +2,3 @@ args: enableLeaderElection: true replicaCount: 3 - -installCRDs: false diff --git a/charts/argocd-applicationset/templates/crds.yaml b/charts/argocd-applicationset/templates/crds.yaml deleted file mode 100644 index 45ab72d4..00000000 --- a/charts/argocd-applicationset/templates/crds.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if .Values.installCRDs }} -{{- range $path, $_ := .Files.Glob "crds/*.yaml" }} -{{ $.Files.Get $path }} ---- -{{- end }} -{{- end }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index 1be0c0ff..ac4b3bd9 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -4,8 +4,6 @@ replicaCount: 1 -installCRDs: true - image: # The image repository repository: quay.io/argocdapplicationset/argocd-applicationset From 62699ffc827757b5ed5842c593e9e4bd19120226 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 12 Jul 2021 13:06:50 +0200 Subject: [PATCH 068/122] fix(argo-cd): Add ServiceAccount for redis (#828) * Add ability to create ServiceAccount for redis Signed-off-by: Marco Kilchhofer * Use correct default for ServiceAccounts in _helpers.tpl Signed-off-by: Marco Kilchhofer * Bump version and update changelog Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 19 +++++++++++++++---- .../argo-cd/templates/redis/deployment.yaml | 3 ++- .../templates/redis/serviceaccount.yaml | 15 +++++++++++++++ charts/argo-cd/values.yaml | 8 ++++++++ 5 files changed, 42 insertions(+), 7 deletions(-) create mode 100644 charts/argo-cd/templates/redis/serviceaccount.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6be2a125..3a503aca 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.8.0 +version: 3.8.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to override API versions" + - "[Fixed]: Cannot create a service account for redis" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 177d1db8..c5d2adab 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -71,7 +71,7 @@ Create the name of the controller service account to use */}} {{- define "argo-cd.controllerServiceAccountName" -}} {{- if .Values.controller.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }} + {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} {{- else -}} {{ default "default" .Values.controller.serviceAccount.name }} {{- end -}} @@ -82,18 +82,29 @@ Create the name of the dex service account to use */}} {{- define "argo-cd.dexServiceAccountName" -}} {{- if .Values.dex.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }} + {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} {{- else -}} {{ default "default" .Values.dex.serviceAccount.name }} {{- end -}} {{- end -}} +{{/* +Create the name of the redis service account to use +*/}} +{{- define "argo-cd.redisServiceAccountName" -}} +{{- if .Values.redis.serviceAccount.create -}} + {{ default (include "argo-cd.redis.fullname" .) .Values.redis.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.redis.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create the name of the ArgoCD server service account to use */}} {{- define "argo-cd.serverServiceAccountName" -}} {{- if .Values.server.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }} + {{ default (include "argo-cd.server.fullname" .) .Values.server.serviceAccount.name }} {{- else -}} {{ default "default" .Values.server.serviceAccount.name }} {{- end -}} @@ -104,7 +115,7 @@ Create the name of the repo-server service account to use */}} {{- define "argo-cd.repoServerServiceAccountName" -}} {{- if .Values.repoServer.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }} + {{ default (include "argo-cd.repoServer.fullname" .) .Values.repoServer.serviceAccount.name }} {{- else -}} {{ default "default" .Values.repoServer.serviceAccount.name }} {{- end -}} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index a6f0c46a..05500337 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -30,7 +30,8 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - automountServiceAccountToken: false + automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} + serviceAccountName: {{ template "argo-cd.redisServiceAccountName" . }} {{- if .Values.redis.securityContext }} securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/serviceaccount.yaml b/charts/argo-cd/templates/redis/serviceaccount.yaml new file mode 100644 index 00000000..ae67d3b2 --- /dev/null +++ b/charts/argo-cd/templates/redis/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.redis.enabled .Values.redis.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "argo-cd.redisServiceAccountName" . }} +{{- if .Values.redis.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.redis.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6edc3e29..3ecfd228 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -365,6 +365,14 @@ redis: fsGroup: 1000 runAsNonRoot: true + serviceAccount: + create: false + name: "" + ## Annotations applied to created service account + annotations: {} + ## Automount API credentials for the Service Account + automountServiceAccountToken: false + resources: {} # limits: # cpu: 200m From 9c69a87f6719446cde3e1f6cec10c8bd6f4c61a3 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 13 Jul 2021 08:25:41 +0200 Subject: [PATCH 069/122] docs(argo-cd): Upgrading notes for ServiceAccount change in 3.8.1 (#830) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 28 ++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3a503aca..ea3fbc45 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.8.1 +version: 3.8.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Cannot create a service account for redis" + - "[Changed]: Add important upgrading notes to README concerning potential ServiceAccount renamings introduced in chart version 3.8.1+." diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 219e76ab..1c12a617 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -34,6 +34,34 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 3.8.1 + +This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization: + +```yaml +# Case 1) - only happens when you do not specify a custom name (repoServer.serviceAccount.name) +repoServer: + serviceAccount: + create: true + +# Case 2) +controller: + serviceAccount: + name: "" # or + +# Case 3) +dex: + serviceAccount: + name: "" # or + +# Case 4) +server: + serviceAccount: + name: "" # or +``` + +Please check if you are affected by one of these cases **before you upgrade**, especially when you use **cloud IAM roles for service accounts.** (eg. IRSA on AWS or Workload Identity for GKE) + ### 3.2.* With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). From 922799081d6037d71971baf3fecf3519c35326e9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 13 Jul 2021 08:35:25 +0200 Subject: [PATCH 070/122] feat(argo-cd): Add ability to create network policies (#800) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +++-- charts/argo-cd/README.md | 2 ++ .../networkpolicy.yaml | 19 ++++++++++++ .../argocd-repo-server/networkpolicy.yaml | 31 +++++++++++++++++++ .../argocd-server/networkpolicy.yaml | 16 ++++++++++ .../argo-cd/templates/dex/networkpolicy.yaml | 31 +++++++++++++++++++ .../templates/networkpolicy-default-deny.yaml | 12 +++++++ .../argo-cd/templates/redis/deployment.yaml | 2 +- .../templates/redis/networkpolicy.yaml | 29 +++++++++++++++++ charts/argo-cd/values.yaml | 4 +++ 10 files changed, 149 insertions(+), 4 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/argocd-server/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/dex/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/networkpolicy-default-deny.yaml create mode 100644 charts/argo-cd/templates/redis/networkpolicy.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ea3fbc45..60ff890e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.8.2 +version: 3.9.0 home: https://github.com/argoproj/argo-helm -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: - argoproj - argocd @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Add important upgrading notes to README concerning potential ServiceAccount renamings introduced in chart version 3.8.1+." + - "[Added]: Ability to create network policies" + - "[Changed]: Fix icon url" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1c12a617..bb929e93 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -136,6 +136,8 @@ NAME: my-release | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | +| global.networkPolicy.create | Create NetworkPolicy objects for all components | `false` | +| global.networkPolicy.defaultDenyIngress | Default deny all ingress traffic | `false` | | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | diff --git a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml new file mode 100644 index 00000000..9116fbcf --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml @@ -0,0 +1,19 @@ +{{- if .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + name: {{ template "argo-cd.controller.fullname" . }} +spec: + ingress: + - from: + - namespaceSelector: {} + ports: + - port: controller + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml new file mode 100644 index 00000000..0d9274ed --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -0,0 +1,31 @@ +{{- if .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} + name: {{ template "argo-cd.repoServer.fullname" . }} +spec: + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }} + ports: + - port: repo-server + protocol: TCP + {{- if .Values.repoServer.metrics.enabled }} + - from: + - namespaceSelector: {} + ports: + - port: metrics + {{- end }} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml new file mode 100644 index 00000000..8300d696 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml @@ -0,0 +1,16 @@ +{{- if .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + name: {{ template "argo-cd.server.fullname" . }} +spec: + ingress: + - {} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/dex/networkpolicy.yaml b/charts/argo-cd/templates/dex/networkpolicy.yaml new file mode 100644 index 00000000..e79a2e3e --- /dev/null +++ b/charts/argo-cd/templates/dex/networkpolicy.yaml @@ -0,0 +1,31 @@ +{{- if and .Values.global.networkPolicy.create .Values.dex.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} + name: {{ template "argo-cd.dex.fullname" . }} +spec: + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }} + ports: + - port: http + protocol: TCP + - port: grpc + protocol: TCP + {{- if .Values.dex.metrics.enabled }} + - from: + - namespaceSelector: {} + ports: + - port: metrics + protocol: TCP + {{- end }} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/networkpolicy-default-deny.yaml b/charts/argo-cd/templates/networkpolicy-default-deny.yaml new file mode 100644 index 00000000..3d47a397 --- /dev/null +++ b/charts/argo-cd/templates/networkpolicy-default-deny.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.global.networkPolicy.create .Values.global.networkPolicy.defaultDenyIngress }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} + name: {{ template "argo-cd.fullname" . }}-default-deny +spec: + podSelector: {} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 05500337..5b5879a3 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -59,8 +59,8 @@ spec: {{- end }} ports: - containerPort: {{ .Values.redis.containerPort }} + name: redis {{- if .Values.redis.volumeMounts }} - volumeMounts: {{- toYaml .Values.redis.volumeMounts | nindent 10 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/networkpolicy.yaml b/charts/argo-cd/templates/redis/networkpolicy.yaml new file mode 100644 index 00000000..881e257c --- /dev/null +++ b/charts/argo-cd/templates/redis/networkpolicy.yaml @@ -0,0 +1,29 @@ +{{- $redisHa := (index .Values "redis-ha") -}} +{{- if and .Values.global.networkPolicy.create .Values.redis.enabled (not $redisHa.enabled) }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} + name: {{ template "argo-cd.redis.fullname" . }} +spec: + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 10 }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }} + ports: + - port: redis + protocol: TCP + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3ecfd228..452aba69 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,6 +20,10 @@ global: # hostnames: # - git.myhostname + networkPolicy: + create: false + defaultDenyIngress: false + # Override APIVersions # If you want to template helm charts but cannot access k8s API server # you can set api versions here From 1e3a4afd0583a4c35dba2b8783f9fded82667dfc Mon Sep 17 00:00:00 2001 From: Thomas O'Neill Date: Tue, 20 Jul 2021 07:40:54 -0400 Subject: [PATCH 071/122] feat(argo-cd): Support AWS ALB Ingress with gRPC (#806) * Support AWS ALB Ingress with GRPC Signed-off-by: Thomas O'Neill Signed-off-by: Thomas O'Neill * Bump chart version Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Use single if statement Signed-off-by: Thomas O'Neill * Append -grpc to the service labels for ALB GRPC service Signed-off-by: Thomas O'Neill Co-authored-by: Thomas O'Neill Co-authored-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++-- charts/argo-cd/README.md | 21 ++++++++++++++++ .../argocd-server/alb-grpc-service.yaml | 24 +++++++++++++++++++ .../templates/argocd-server/ingress-grpc.yaml | 2 +- .../templates/argocd-server/ingress.yaml | 24 +++++++++++++++++++ charts/argo-cd/values.yaml | 1 + 6 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 60ff890e..71320643 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.9.0 +version: 3.10.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to create network policies" - - "[Changed]: Fix icon url" + - "[Added]: Support AWS ALB Ingress with gRPC" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bb929e93..05623c59 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -305,6 +305,7 @@ NAME: my-release | server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` | | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` | | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | +| server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.lifecycle | PostStart and PreStop hooks configuration | `{}` | @@ -429,3 +430,23 @@ through `xxx.extraArgs` | redis-ha.image.tag | Redis tag | `"6.2.1-alpine"` | [gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ + + +### Using AWS ALB Ingress Controller With GRPC +If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. + +Example: +```yaml +server: + ingress: + enabled: true + annotations: + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + alb.ingress.kubernetes.io/scheme: internal + alb.ingress.kubernetes.io/target-type: ip + ingressGrpc: + enabled: true + isAWSALB: true + +``` \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml new file mode 100644 index 00000000..018bca3e --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.server.ingressGrpc.enabled .Values.server.ingressGrpc.isAWSALB -}} +apiVersion: v1 +kind: Service +metadata: + annotations: + alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + labels: + {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} + name: {{ template "argo-cd.server.fullname" . }}-grpc +spec: + ports: + - name: {{ .Values.server.service.servicePortHttpName }} + protocol: TCP + port: {{ .Values.server.service.servicePortHttp }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + - name: {{ .Values.server.service.servicePortHttpsName }} + protocol: TCP + port: {{ .Values.server.service.servicePortHttps }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} + sessionAffinity: None + type: ClusterIP +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 1fb89979..6a90445e 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.ingressGrpc.enabled -}} +{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}} {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index aa7d49dc..576b94df 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -12,6 +12,10 @@ metadata: {{- range $key, $value := .Values.server.ingress.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} + alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | + [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] + {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} labels: @@ -35,6 +39,26 @@ spec: {{- toYaml $extraPaths | nindent 10 }} {{- end }} {{- range $p := $paths }} + {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} + - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: Prefix + {{- end }} + backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ template "argo-cd.server.fullname" $ }}-grpc + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc + servicePort: {{ $servicePort }} + {{- end }} + {{- end }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 452aba69..b4d5a954 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -601,6 +601,7 @@ server: # https://argoproj.github.io/argo-cd/operator-manual/ingress/ ingressGrpc: enabled: false + isAWSALB: false annotations: {} labels: {} ingressClassName: "" From 186fe34b872813cf290209fb093ba7b211c64173 Mon Sep 17 00:00:00 2001 From: Jakub Bielawski <60479855+kobejn-jb@users.noreply.github.com> Date: Tue, 20 Jul 2021 20:10:29 +0200 Subject: [PATCH 072/122] Fix controller Role/ClusterRole to work with InstanceID (#833) Bumped Chart version Add indednt in controller ConfigMap flow control Signed-off-by: Jakub Bielawski --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-cluster-roles.yaml | 10 ++++++++++ .../controller/workflow-controller-config-map.yaml | 6 +++--- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index d966c9f8..736b131d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.7 +version: 0.2.8 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Fixed]: Controller Role/ClusterRole to work with InstanceID" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 34340d14..72e97f45 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -121,8 +121,18 @@ rules: resources: - leases resourceNames: + {{- if .Values.controller.instanceID.enabled }} + {{- if .Values.controller.instanceID.useReleaseName }} + - workflow-controller-{{ .Release.Name }} + - workflow-controller-lease-{{ .Release.Name }} + {{- else }} + - workflow-controller-{{ .Values.controller.instanceID.explicitID }} + - workflow-controller-lease-{{ .Values.controller.instanceID.explicitID }} + {{- end }} + {{- else }} - workflow-controller - workflow-controller-lease + {{- end }} verbs: - get - watch diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index afddb194..dd2af42e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -7,11 +7,11 @@ metadata: data: config: | {{- if .Values.controller.instanceID.enabled }} - {{- if .Values.controller.instanceID.useReleaseName }} + {{- if .Values.controller.instanceID.useReleaseName }} instanceID: {{ .Release.Name }} - {{- else }} + {{- else }} instanceID: {{ .Values.controller.instanceID.explicitID }} - {{- end }} + {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} {{- if .Values.controller.parallelism }} From 37277315ce669a12e9a5a66ce03ab2a6e08eb184 Mon Sep 17 00:00:00 2001 From: Rein van 't Veer Date: Tue, 20 Jul 2021 20:18:26 +0200 Subject: [PATCH 073/122] feat(argo-workflows): Multiple workflow namespaces (#824) * allow workflow to be run in multiple namespaces, bump chart version Signed-off-by: reinvantveer * update helm install instructions Signed-off-by: reinvantveer * fix indents Signed-off-by: reinvantveer * add newlines Signed-off-by: reinvantveer * bump chart version Signed-off-by: reinvantveer * default to "argo" namespace for workflow service account Signed-off-by: reinvantveer * simplify setting service account, fix syntactical error in defaulting to "argo" namespace Signed-off-by: reinvantveer * Bump only the chart version, revert bumping the controller version: 3.0.8 does not exist yet as a workflow-controller image version Signed-off-by: reinvantveer * don't set a namespace if there isn't one provided Signed-off-by: reinvantveer * bump version Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces, add additional inline comments on rbac.create effect Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * dro now-redundant branch for controller.workflowNamespaces Signed-off-by: reinvantveer * use template helper "argo-workflows.fullname" instead of release name in order to be able to override the service account name Signed-off-by: reinvantveer * add missing "template" keyword Signed-off-by: reinvantveer * drop redundant $namespace assignment that was already moved inside the "range" function Signed-off-by: reinvantveer * replace "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * drop redundant $namespace assignment that was already moved inside the "range" function Signed-off-by: reinvantveer * inline "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * inline "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * add missing "$" to denote target for templating the workflows fullname helper Signed-off-by: reinvantveer * restore `with` blocks for service account name and service account annotations Signed-off-by: reinvantveer * drop validations: considering cases of `workflowNamespaces`, `namespace` and `singleNamespace` Signed-off-by: reinvantveer * include case for single namespaces with default ("") namespace, otherwise (ternary) combine the workflow namespace and workflowNamespaces from the controller settings into a list to iterate over Signed-off-by: reinvantveer * wrap namespace configuration in `with` block to prevent setting it to "" Signed-off-by: reinvantveer * fix append vs. concat bug: append workflowNamespace to (possibly 0-lenght) list of controller.workflowNamespaces Signed-off-by: reinvantveer * fix namespace range with additional check for either single namespace being false, or append to the workflow namespaces: the first non-null (coalesce) from the workflow namespace or the namespace Argo is being deployed to. Signed-off-by: reinvantveer * add changelog entries Signed-off-by: reinvantveer * unwrap (inline) with-block for service account name Signed-off-by: reinvantveer Co-authored-by: Vlad Losev --- CONTRIBUTING.md | 2 +- charts/argo-workflows/Chart.yaml | 6 ++- .../templates/controller/workflow-rb.yaml | 19 ++++----- .../templates/controller/workflow-role.yaml | 40 ++++++++++--------- .../templates/controller/workflow-sa.yaml | 13 +++--- charts/argo-workflows/values.yaml | 8 +++- 6 files changed, 51 insertions(+), 37 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 070b0981..3d6e1782 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -55,7 +55,7 @@ annotations: Minimally: ``` -helm install charts/argo -n argo +helm install charts/argo-workflows -n argo argo version ``` diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 736b131d..70b9bf10 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.8 +version: 0.2.9 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,6 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Controller Role/ClusterRole to work with InstanceID" + - "[Changed]: Service accounts, roles and role bindings can now be auto-created for each workflow controller namespace" + - "[Fixed]: The contributer testing guidelines were updated to reflect the chart name change from 'argo' to + 'argo-workflows'" diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 9b27c045..004d40d0 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,19 +1,20 @@ {{- if .Values.workflow.rbac.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-workflows.fullname" . }}-workflow - {{- with .Values.workflow.namespace }} - namespace: {{ . }} - {{- end }} + name: {{ template "argo-workflows.fullname" $ }}-workflow + namespace: {{ $namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-workflows.fullname" . }}-workflow + name: {{ template "argo-workflows.fullname" $ }}-workflow subjects: -- kind: ServiceAccount - name: {{ .Values.workflow.serviceAccount.name }} - {{- with .Values.workflow.namespace }} - namespace: {{ . }} + - kind: ServiceAccount + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index bf8b3cff..4ca10e8e 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,25 +1,29 @@ {{- if .Values.workflow.rbac.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ template "argo-workflows.fullname" . }}-workflow - {{- with .Values.workflow.namespace }} + name: {{ template "argo-workflows.fullname" $ }}-workflow + {{- with $namespace }} namespace: {{ . }} - {{- end }} + {{- end }} rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - watch - - patch -- apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - patch + - apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - watch + {{- end }} + {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index dc84f2b1..2ea64771 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,13 +1,16 @@ {{- if .Values.workflow.serviceAccount.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.workflow.serviceAccount.name }} - {{- with .Values.workflow.namespace }} + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} namespace: {{ . }} - {{- end }} - {{- with .Values.workflow.serviceAccount.annotations }} + {{- end }} + {{- with $.Values.workflow.serviceAccount.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 864c9931..ebd7fc92 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -29,13 +29,15 @@ kubeVersionOverride: "" singleNamespace: false workflow: - namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. + namespace: # Deprecated, for backwards compatibility: specify a single namespace to run workflows in serviceAccount: create: false # Specifies whether a service account should be created annotations: {} name: "argo-workflow" # Service account which is used to run workflows rbac: - create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows + # Adds Role and RoleBinding for the above specified service account to be able to run workflows + # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) + create: true controller: image: @@ -109,6 +111,8 @@ controller: # Annotations applied to created service account annotations: {} name: workflow-controller + # Specify all namespaces to run worksflows need to be able to run in. This controls where the service + # account and RBAC resources will be created. If unspecified, will run in the default namespace. workflowNamespaces: - default containerRuntimeExecutor: docker From e393ef1ba2017973fc52208abcc5243e52b2443d Mon Sep 17 00:00:00 2001 From: Zadkiel Date: Tue, 20 Jul 2021 20:24:41 +0200 Subject: [PATCH 074/122] fix(argo-workflows): remove old default init service account (#834) * fix(argo-workflows): remove old default init service account Signed-off-by: GitHub * fix(argo-workflows): remove init.serviceAccount from README Signed-off-by: GitHub * chore(argo-workflows): update changelog Signed-off-by: GitHub * chore(argo-workflows): bump chart to 0.2.8 Signed-off-by: GitHub Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 6 ++---- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 5 ----- 3 files changed, 3 insertions(+), 10 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 70b9bf10..a342b248 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.9 +version: 0.2.10 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,6 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Service accounts, roles and role bindings can now be auto-created for each workflow controller namespace" - - "[Fixed]: The contributer testing guidelines were updated to reflect the chart name change from 'argo' to - 'argo-workflows'" + - "[Fixed]: Removed init.serviceAccount unused fields" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 7e1c9dd7..e25a3840 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -10,7 +10,7 @@ This chart uses an install hook to configure the CRD definition. Installation of A few options are: -- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute +- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions ## Usage Notes diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index ebd7fc92..68f6f459 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -5,11 +5,6 @@ images: pullSecrets: [] # - name: argo-pull-secret -init: - # By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is - # being deployed to. In RBAC clusters, that will almost certainly fail. See the NOTES: section of the readme for more info. - serviceAccount: "" - createAggregateRoles: true ## String to partially override "argo-workflows.fullname" template From 4e739561c0e2e9807e297905313710f95790522a Mon Sep 17 00:00:00 2001 From: kostas-theo <43744618+kostas-theo@users.noreply.github.com> Date: Tue, 20 Jul 2021 23:51:02 +0200 Subject: [PATCH 075/122] fix: pod status pending issue (#837) Signed-off-by: kostas-theo Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/crds/argoproj.io_workflows.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a342b248..60d4305d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.10 +version: 0.2.11 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Removed init.serviceAccount unused fields" + - "[Fixed]: Pods stuck in pending phase due to workflow update timeouts." diff --git a/charts/argo-workflows/crds/argoproj.io_workflows.yaml b/charts/argo-workflows/crds/argoproj.io_workflows.yaml index f3751e18..59d2fc3b 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflows.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workflows.yaml @@ -36,9 +36,11 @@ spec: spec: type: object x-kubernetes-preserve-unknown-fields: true + x-kubernetes-map-type: atomic status: type: object x-kubernetes-preserve-unknown-fields: true + x-kubernetes-map-type: atomic required: - metadata - spec From 3ca4a4eca08b7a35aa1e9ce9ad92dcb8cdf76fa3 Mon Sep 17 00:00:00 2001 From: Niels ten Boom Date: Wed, 21 Jul 2021 18:02:03 +0200 Subject: [PATCH 076/122] docs: Rename argocd references to argoworkflows in workflow chart (#842) * rename argocd to argoworkflows Signed-off-by: Niels ten Boom * bump patch version Signed-off-by: Niels ten Boom * bump patch version Signed-off-by: Niels ten Boom Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/values.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 60d4305d..768d2266 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.11 +version: 0.2.12 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Pods stuck in pending phase due to workflow update timeouts." + - "[Changed]: Argo workflows values file no longer has examples referencing ArgoCD" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 68f6f459..50085773 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -278,7 +278,7 @@ server: ## hosts: [] - # - argocd.example.com + # - argoworkflows.example.com paths: - / extraPaths: @@ -297,9 +297,9 @@ server: # name: use-annotation tls: [] - # - secretName: argocd-example-tls + # - secretName: argoworkflows-example-tls # hosts: - # - argocd.example.com + # - argoworkflows.example.com https: false clusterWorkflowTemplates: From 2358b152f9af125fcb608ead2d76fb81d18342fd Mon Sep 17 00:00:00 2001 From: smcavallo Date: Mon, 26 Jul 2021 21:32:56 -0400 Subject: [PATCH 077/122] feat(argo-cd): Bump default version to v2.0.5 (#844) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 71320643..60bc092a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.4 +appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.10.0 +version: 3.10.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 05623c59..4cd712b5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -132,7 +132,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.4"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b4d5a954..c6795bbc 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.0.4 + tag: v2.0.5 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 From 3374813feb15674af4430c3ba33f58244fda6c4d Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Tue, 27 Jul 2021 13:07:07 +0200 Subject: [PATCH 078/122] fix(argo-cd): Deprecate the static assets flag passed to argocd-server (#846) Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 3 ++- charts/argo-cd/README.md | 8 +++++++- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 60bc092a..b58fd1c2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.10.1 +version: 3.10.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -22,3 +22,4 @@ dependencies: annotations: artifacthub.io/changes: | - "[Added]: Support AWS ALB Ingress with gRPC" + - "[Deprecated]: Deprecate static assets flag passed to argocd-server" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4cd712b5..08025c94 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -34,6 +34,11 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 3.10.2 + +ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default +It can be re-enabled by setting `server.staticAssets.enabled` to true + ### 3.8.1 This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization: @@ -287,6 +292,7 @@ NAME: my-release | server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | +| server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` | | server.env | Environment variables for the server. | `[]` | | server.envFrom | `envFrom` to pass to the server. | `[]` (See [values.yaml](values.yaml)) | | server.image.repository | Repository to use for the server | `global.image.repository` | @@ -449,4 +455,4 @@ server: enabled: true isAWSALB: true -``` \ No newline at end of file +``` diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 68c98845..ff86f5ec 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -42,8 +42,10 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server + {{ if .Values.server.staticAssets.enabled }} - --staticassets - /shared/app + {{ end }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- if .Values.dex.enabled }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c6795bbc..d930fcd8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -431,6 +431,10 @@ server: extraArgs: [] # - --insecure + # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app + staticAssets: + enabled: false + ## Environment variables to pass to argocd-server ## env: [] From 5ed8dccc99f9a84e3f40458df79d7c4eba81b371 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Wed, 28 Jul 2021 10:36:56 -0400 Subject: [PATCH 079/122] argocd - update misc dependencies (#847) Signed-off-by: smcavallo --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 9 +++++---- charts/argo-cd/values.yaml | 6 +++--- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 52941728..fe323d72 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.12.14 -digest: sha256:34275a4f4df92c570d07b0553da5d1fa200b6f057f7091746c853fd7399ee30a -generated: "2021-05-03T16:02:41.4356045-04:00" + version: 4.12.17 +digest: sha256:ad1833436031e3578165d48646c90323040fa1bc00d9235fe7ba7c67b20094ec +generated: "2021-07-27T16:35:27.2509236-04:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b58fd1c2..dd68aab2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.10.2 +version: 3.11.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -16,10 +16,11 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.12.14 + version: 4.12.17 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support AWS ALB Ingress with gRPC" - - "[Deprecated]: Deprecate static assets flag passed to argocd-server" + - "[Updated]: Updated redis-ha chart dependency 4.12.14 -> 4.12.17" + - "[Updated]: Updated dex image 2.27.0 -> 2.28.1" + - "[Updated]: Updated redis alpine image 6.2.2 -> 6.2.4" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d930fcd8..8d5a092c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -229,7 +229,7 @@ dex: image: repository: ghcr.io/dexidp/dex - tag: v2.27.0 + tag: v2.28.1 imagePullPolicy: IfNotPresent initImage: repository: @@ -313,7 +313,7 @@ redis: image: repository: redis - tag: 6.2.2-alpine + tag: 6.2.4-alpine imagePullPolicy: IfNotPresent ## Additional command line arguments to pass to redis-server @@ -406,7 +406,7 @@ redis-ha: metrics: enabled: true image: - tag: 6.2.2-alpine + tag: 6.2.4-alpine ## Server server: From f20e070de1b1570987bc265de3a07c81d5156c49 Mon Sep 17 00:00:00 2001 From: Lucas Bickel Date: Wed, 28 Jul 2021 17:42:12 +0200 Subject: [PATCH 080/122] fix(argo-cd): re-enable not yet deprecated staticassets flag (#849) Signed-off-by: Lucas Bickel --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dd68aab2..87e252a8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.0 +version: 3.11.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,6 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Updated]: Updated redis-ha chart dependency 4.12.14 -> 4.12.17" - - "[Updated]: Updated dex image 2.27.0 -> 2.28.1" - - "[Updated]: Updated redis alpine image 6.2.2 -> 6.2.4" + - "[Changed]: Set server.staticAssets.enabled=true since Argo CD 2.0.5 still needs it" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8d5a092c..06232342 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -433,7 +433,7 @@ server: # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app staticAssets: - enabled: false + enabled: true ## Environment variables to pass to argocd-server ## From c043eb2d292d49a0b1403a2539a846354bcca7d0 Mon Sep 17 00:00:00 2001 From: Rafael Tovar Date: Sat, 7 Aug 2021 15:07:41 +0200 Subject: [PATCH 081/122] feat(argo-cd): Add sessionAffinity to server service (#859) * feat(argo-cd):Add sessionAffinity to server Signed-off-by: Rafael Tovar * feat(argo-cd): update changelog new chart Signed-off-by: Rafael Tovar --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/service.yaml | 3 +++ charts/argo-cd/values.yaml | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 87e252a8..a1d6cd5e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.1 +version: 3.11.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Set server.staticAssets.enabled=true since Argo CD 2.0.5 still needs it" + - "[Added]: Add server.service.sessionAffinity setting of the Service into account when deciding which backend Pod to use" diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 87877d92..1dc04116 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -47,3 +47,6 @@ spec: {{- with .Values.server.service.externalTrafficPolicy }} externalTrafficPolicy: {{ . }} {{- end }} +{{- with .Values.server.service.sessionAffinity }} + sessionAffinity: {{ . }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 06232342..8ffcdaea 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -541,6 +541,7 @@ server: loadBalancerSourceRanges: [] externalIPs: [] externalTrafficPolicy: "" + sessionAffinity: "" ## Server metrics service configuration metrics: From b862c6239fa9a6df2f67cdd6a8162001fda42b79 Mon Sep 17 00:00:00 2001 From: Calum MacRae Date: Sat, 7 Aug 2021 23:43:28 +0100 Subject: [PATCH 082/122] feat(argo-events): Ability to specify custom env variables (#516) * feat(argo-events): Add debugLogging value for controller components Signed-off-by: Calum MacRae * fix: quote strings Signed-off-by: Marco Kilchhofer * Rework to generic extraEnv Signed-off-by: Marco Kilchhofer * Fix chart icon url Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 7 ++++--- .../templates/eventbus-controller-deployment.yaml | 3 +++ .../templates/eventsource-controller-deployment.yaml | 3 +++ .../templates/sensor-controller-deployment.yaml | 3 +++ charts/argo-events/values.yaml | 9 +++++++++ 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 835705bf..c29777c7 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.4 +version: 1.7.0 keywords: - argo-events - sensor-controller @@ -13,8 +13,9 @@ maintainers: - name: VaibhavPage - name: whynowy appVersion: 1.3.1 -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Added]: Ability to specify additional/custom environment variables" + - "[Fixed]: Charts icon url" diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index 591d8da3..747bfc11 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -36,6 +36,9 @@ spec: - --namespaced {{- end }} env: + {{- with .Values.eventbusController.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 62fe150e..651ff39b 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -36,6 +36,9 @@ spec: - --namespaced {{- end }} env: + {{- with .Values.eventsourceController.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 0b51d1de..6c2f6a04 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -36,6 +36,9 @@ spec: - --namespaced {{- end }} env: + {{- with .Values.sensorController.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 11827406..db6f679d 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -47,6 +47,9 @@ sensorController: image: argoproj/sensor-controller tag: v1.3.1 replicaCount: 1 + extraEnv: [] + # - name: DEBUG_LOG + # value: "true" sensorImage: argoproj/sensor podAnnotations: {} nodeSelector: {} @@ -61,6 +64,9 @@ eventsourceController: image: argoproj/eventsource-controller tag: v1.3.1 replicaCount: 1 + extraEnv: [] + # - name: DEBUG_LOG + # value: "true" eventsourceImage: argoproj/eventsource podAnnotations: {} nodeSelector: {} @@ -75,6 +81,9 @@ eventbusController: image: argoproj/eventbus-controller tag: v1.3.1 replicaCount: 1 + extraEnv: [] + # - name: DEBUG_LOG + # value: "true" podAnnotations: {} nodeSelector: {} podLabels: {} From 6bbcd833d4398745b3bd133cea233ebda40e4c98 Mon Sep 17 00:00:00 2001 From: Emanuel Oliveira Date: Mon, 9 Aug 2021 05:58:02 -0300 Subject: [PATCH 083/122] fix(argo-cd): Set type of service for gRPC as NodePort. (#861) * fix: set service-grpc type as NodePort Signed-off-by: Emanuel Oliveira Signed-off-by: Emanuel Oliveira * docs: Adds changelog Signed-off-by: Emanuel Oliveira Signed-off-by: Emanuel Oliveira * chore: remove old changelog comment Signed-off-by: Emanuel Oliveira Signed-off-by: Emanuel Oliveira --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a1d6cd5e..2859057a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.2 +version: 3.11.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add server.service.sessionAffinity setting of the Service into account when deciding which backend Pod to use" + - "[Fix]: Set type of service for grpc as NodePort because this is the default of ALB ingress Controller" diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml index 018bca3e..acc9dd60 100644 --- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -20,5 +20,5 @@ spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None - type: ClusterIP + type: NodePort {{- end -}} From 046635d69b140ec075731a196d9864caf9484232 Mon Sep 17 00:00:00 2001 From: cskh Date: Tue, 10 Aug 2021 02:39:38 -0400 Subject: [PATCH 084/122] fix(argo-rollouts): Add missing liveness and readiness probe (#860) * fix(argo-rollouts): missing liveness and readiness probe Signed-off-by: Hui Kang * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Update changelog annotation Signed-off-by: Marco Kilchhofer * Fix icon url Signed-off-by: Marco Kilchhofer Co-authored-by: Hui Kang Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 7 ++++--- .../templates/argo-rollouts-deployment.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 20 +++++++++++++++++++ 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6f904714..c92e4c62 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.3 -icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +version: 1.0.4 +icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: - name: alexmt @@ -11,4 +11,5 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Fixed]: Add missing liveness and readiness probes" + - "[Changed]: Fix icon url" diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index fb632312..4acb0cee 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -39,6 +39,10 @@ spec: ports: - containerPort: 8090 name: metrics + livenessProbe: + {{- toYaml .Values.controller.livenessProbe | nindent 10 }} + readinessProbe: + {{- toYaml .Values.controller.readinessProbe | nindent 10 }} securityContext: {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e778377f..e52e8902 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -31,6 +31,26 @@ controller: additionalLabels: {} additionalAnnotations: {} + ## Readiness and liveness probes for rollouts controller + livenessProbe: + httpGet: + path: /metrics + port: 8090 + initialDelaySeconds: 30 + periodSeconds: 20 + failureThreshold: 3 + successThreshold: 1 + timeoutSeconds: 10 + readinessProbe: + httpGet: + path: /metrics + port: 8090 + initialDelaySeconds: 15 + periodSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + timeoutSeconds: 4 + serviceAccount: # Specifies whether a service account should be created create: true From 8125f928ea00cef542f0e5b482aedec2c0d46043 Mon Sep 17 00:00:00 2001 From: Thom Date: Tue, 10 Aug 2021 15:45:09 +0200 Subject: [PATCH 085/122] feat(argo-workflow): Add pathType value to ingress (#854) Signed-off-by: thomascjohnson --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/server/server-ingress.yaml | 5 +++-- charts/argo-workflows/values.yaml | 1 + 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 768d2266..df0aea74 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.12 +version: 0.2.13 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Argo workflows values file no longer has examples referencing ArgoCD" + - "[Added]: pathType variable now available for ingress template" diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index 6072c9d7..969676e1 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -3,6 +3,7 @@ {{- $servicePort := .Values.server.servicePort -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} +{{- $pathType := .Values.server.ingress.pathType -}} apiVersion: {{ include "argo-workflows.ingress.apiVersion" . }} kind: Ingress metadata: @@ -36,7 +37,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} @@ -63,7 +64,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 50085773..76ed9479 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -281,6 +281,7 @@ server: # - argoworkflows.example.com paths: - / + pathType: Prefix extraPaths: [] # - path: /* From 4e4c28a4dcec2cac7eefadc8518ce83404b0246b Mon Sep 17 00:00:00 2001 From: c1_zh <5362164+cezhang@users.noreply.github.com> Date: Wed, 11 Aug 2021 15:14:27 +0800 Subject: [PATCH 086/122] fix(argo-cd): Respect timezone during password mtime generation (#864) Signed-off-by: cezhang --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2859057a..6ce42aec 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.3 +version: 3.11.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fix]: Set type of service for grpc as NodePort because this is the default of ALB ingress Controller" + - "[Fixed]: Can't login when using configs.secret.argocdServerAdminPassword" diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index d84d2649..62cf6be4 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -36,7 +36,7 @@ data: {{- end }} {{- if .Values.configs.secret.argocdServerAdminPassword }} admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }} - admin.passwordMtime: {{ default (date "2006-01-02T15:04:05Z" now) .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }} + admin.passwordMtime: {{ default (dateInZone "2006-01-02T15:04:05Z" (now) "UTC") .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }} {{- end }} {{- range $key, $value := .Values.configs.secret.extra }} {{ $key }}: {{ $value | b64enc }} From 07c1cf092c0f267ceb548512132e55fe75548207 Mon Sep 17 00:00:00 2001 From: Mike Bryant Date: Wed, 11 Aug 2021 08:32:11 +0100 Subject: [PATCH 087/122] feat(argo-workflows): Add support for extra containers in server & controller deployment (#841) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: Add support for extra containers in server & controller deployment Signed-off-by: Mike Bryant * Update charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: Mike Bryant * Update charts/argo-workflows/templates/server/server-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: Mike Bryant Co-authored-by: Oliver Bähler --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-deployment.yaml | 3 +++ charts/argo-workflows/templates/server/server-deployment.yaml | 3 +++ charts/argo-workflows/values.yaml | 4 ++++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index df0aea74..6534fbe8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.13 +version: 0.3.0 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: pathType variable now available for ingress template" + - "[Added]: Support for extraContainers in controller/server" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index e085b899..7dee67e5 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -79,6 +79,9 @@ spec: containerPort: {{ .Values.controller.metricsConfig.port }} - containerPort: 6060 livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }} + {{- with .Values.controller.extraContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 5effabf6..21917c43 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -80,6 +80,9 @@ spec: {{- with .Values.server.volumeMounts }} {{- toYaml . | nindent 10}} {{- end }} + {{- with .Values.server.extraContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 76ed9479..c19562d0 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -170,6 +170,8 @@ controller: clusterWorkflowTemplates: # Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. enabled: true + # Extra containers to be added to the controller deployment + extraContainers: [] # executor controls how the init and wait container should be customized executor: @@ -337,6 +339,8 @@ server: ## decisions. # scopes: # - groups + # Extra containers to be added to the server deployment + extraContainers: [] # Influences the creation of the ConfigMap for the workflow-controller itself. useDefaultArtifactRepo: false From 607caac246b772e59a90ea69fb508d3fedd6b885 Mon Sep 17 00:00:00 2001 From: Thomas O'Neill Date: Wed, 11 Aug 2021 11:44:18 -0400 Subject: [PATCH 088/122] Fix service type for AWS GRPC (#862) Signed-off-by: Thomas O'Neill Co-authored-by: Thomas O'Neill --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 3 +++ .../templates/argocd-server/alb-grpc-service.yaml | 2 +- charts/argo-cd/values.yaml | 9 +++++++++ 4 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6ce42aec..90cde221 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.4 +version: 3.11.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 08025c94..5672d677 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -312,6 +312,7 @@ NAME: my-release | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` | | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | | server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | +| server.ingressGrpc.awsALB.serviceType | Service type for the AWS ALB GRPC service | `NodePort` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.lifecycle | PostStart and PreStop hooks configuration | `{}` | @@ -454,5 +455,7 @@ server: ingressGrpc: enabled: true isAWSALB: true + awsALB: + serviceType: ClusterIP ``` diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml index acc9dd60..dd725fef 100644 --- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -20,5 +20,5 @@ spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None - type: NodePort + type: {{ .Values.server.ingressGrpc.awsALB.serviceType }} {{- end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8ffcdaea..6edc9201 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -611,6 +611,15 @@ server: labels: {} ingressClassName: "" + ## Service Type if isAWSALB is set to true + ## Can be of type NodePort or ClusterIP depending on which mode you are + ## are running. Instance mode needs type NodePort, IP mode needs type + ## ClusterIP + ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic + ## + awsALB: + serviceType: NodePort + ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace From 1dad68d4f433ba73f518b6a3b7c8f883970d1b1f Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 13 Aug 2021 18:37:06 +0200 Subject: [PATCH 089/122] Mount emptDir for /tmp and add extraVolumes support (#866) Signed-off-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 7 +++---- charts/argocd-applicationset/README.md | 2 ++ charts/argocd-applicationset/templates/deployment.yaml | 10 ++++++++++ charts/argocd-applicationset/values.yaml | 9 +++++++++ 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index b91b1441..c93d4cef 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.0.0 +version: 1.1.0 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,6 +14,5 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Removed]: CRD installation via templates folder. CRDs are now only handled via the '/crds' folder in the same way like the ArgoCD chart." - - "[Removed]: Exclude '/ci' folder from being packaged into the final chart archive." - - "[Changed]: Fix icon url" + - "[Added]: /tmp is an emptyDir now (enables users to use readOnlyRootFilesystem)" + - "[Added]: Ability to add extraVolumes and extraVolumeMounts" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index 0b59414b..0996b234 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -65,6 +65,8 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | args.policy | string | `sync` | How application is synced between the generator and the cluster | | args.debug | bool | `false` | Print debug logs | | args.dryRun | bool | `false` | Enable dry run mode | +| extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | +| extraVolumes | list | `[]` | List of extra volumes to add | | fullnameOverride | string | `""` | Override the default fully qualified app name | | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. | diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index 4840bd65..beb34680 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -50,6 +50,8 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: + - mountPath: /tmp + name: tmp-dir {{- if .Values.mountSSHKnownHostsVolume }} - mountPath: /app/config/ssh name: ssh-known-hosts @@ -66,7 +68,12 @@ spec: - mountPath: /app/config/gpg/keys name: gpg-keyring {{- end }} + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} volumes: + - emptyDir: {} + name: tmp-dir {{- if .Values.mountSSHKnownHostsVolume }} - configMap: name: argocd-ssh-known-hosts-cm @@ -86,6 +93,9 @@ spec: - emptyDir: {} name: gpg-keyring {{- end }} + {{- with .Values.extraVolumes }} + {{- toYaml . | nindent 6 }} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index ac4b3bd9..e5b12272 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -75,3 +75,12 @@ mountSSHKnownHostsVolume: true mountTLSCertsVolume: true mountGPGKeysVolume: false mountGPGKeyringVolume: true + +# -- List of extra mounts to add (normally used with extraVolumes) +extraVolumeMounts: [] + # - mountPath: /tmp/foobar + # name: foobar +# -- List of extra volumes to add +extraVolumes: [] + # - name: foobar + # emptyDir: {} From a795074dd1e25a4b8c666e5579344b04620d5314 Mon Sep 17 00:00:00 2001 From: Christian Strack Date: Fri, 13 Aug 2021 22:15:02 +0200 Subject: [PATCH 090/122] feat(argo-cd): Add support for aggregation clusterroles (#865) * feat(argo-cd): Add support for aggregation clusterroles * feat: Add support for aggregation clusterroles Signed-off-by: Christian Strack * fix(argo-cd): Remove redundant whitespace from README.md Signed-off-by: Christian Strack Co-authored-by: Marko Bevc * fix(argo-cd): Remove component labels from aggregation roles Signed-off-by: Christian Strack Co-authored-by: Marco Kilchhofer * fix(argo-cd): Use value `createAggregateRoles` to control role creation * fix: Use value `createAggregateRoles` to control role creation * bump version to 3.12.0 * update chart README.md accordingly Signed-off-by: Christian Strack Co-authored-by: Marko Bevc Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 1 + .../templates/argocd-aggregate-roles.yaml | 67 +++++++++++++++++++ charts/argo-cd/values.yaml | 4 ++ 4 files changed, 74 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-aggregate-roles.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 90cde221..2def2ed8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.5 +version: 3.12.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Can't login when using configs.secret.argocdServerAdminPassword" + - "[Added]: Support for aggregation clusterroles" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5672d677..c73299f9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -148,6 +148,7 @@ NAME: my-release | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | | apiVersionOverrides.certmanager | String to override apiVersion of certmanager resources rendered by this helm chart | `""` | | apiVersionOverrides.ingress | String to override apiVersion of ingresses rendered by this helm chart | `""` | +| createAggregateRoles | Create clusterroles that extend aggregated roles to use argo-cd crds | `false` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` | | configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) | diff --git a/charts/argo-cd/templates/argocd-aggregate-roles.yaml b/charts/argo-cd/templates/argocd-aggregate-roles.yaml new file mode 100644 index 00000000..d11329a3 --- /dev/null +++ b/charts/argo-cd/templates/argocd-aggregate-roles.yaml @@ -0,0 +1,67 @@ +{{- if .Values.createAggregateRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.fullname" . }}-aggregate-to-view + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +rules: +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - get + - list + - watch + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.fullname" . }}-aggregate-to-edit + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +rules: +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.fullname" . }}-aggregate-to-admin + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +rules: +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6edc9201..4a6172ef 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -31,6 +31,10 @@ apiVersionOverrides: certmanager: "" # cert-manager.io/v1 ingress: "" # networking.k8s.io/v1beta1 +## Create clusterroles that extend existing clusterroles to interact with argo-cd crds +## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles +createAggregateRoles: false + ## Controller controller: name: application-controller From d0efbc458a65bc56b432b989d03090e01096216f Mon Sep 17 00:00:00 2001 From: Thomas Petit Date: Sat, 14 Aug 2021 13:03:26 +0200 Subject: [PATCH 091/122] fix(argo-cd): Fix (full)nameOverride redis-ha sub-chart (#725) Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2def2ed8..322cd0c0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.12.0 +version: 3.12.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support for aggregation clusterroles" + - "[Fixed]: redis-ha.nameOverride / redis-ha.fullnameOverride breaks the ArgoCD helm chart" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index c5d2adab..be2927c2 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -42,10 +42,11 @@ Create dex name and version as used by the chart label. Create redis name and version as used by the chart label. */}} {{- define "argo-cd.redis.fullname" -}} -{{ $redisHa := (index .Values "redis-ha") }} +{{- $redisHa := (index .Values "redis-ha") -}} +{{- $redisHaContext := dict "Chart" (dict "Name" "redis-ha") "Release" .Release "Values" $redisHa -}} {{- if $redisHa.enabled -}} {{- if $redisHa.haproxy.enabled -}} - {{- printf "%s-redis-ha-haproxy" .Release.Name | trunc 63 | trimSuffix "-" -}} + {{- printf "%s-haproxy" (include "redis-ha.fullname" $redisHaContext) | trunc 63 | trimSuffix "-" -}} {{- end -}} {{- else -}} {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.redis.name | trunc 63 | trimSuffix "-" -}} From 879453808c9ada59d758200fe2bf2170dde1804d Mon Sep 17 00:00:00 2001 From: Wylie Hobbs Date: Mon, 16 Aug 2021 09:23:02 -0600 Subject: [PATCH 092/122] feat(argo-cd): Add argocd image updater (#477) * Add argocd-image-updater chart Signed-off-by: Wylie Hobbs * Add maintainers Signed-off-by: Wylie Hobbs * update rbac and chart metadata Signed-off-by: Wylie Hobbs * fix chompstyle Signed-off-by: Wylie Hobbs * add README/template with helm-docs Signed-off-by: Wylie Hobbs * Use correct icon url and use a generic maintainer section Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/.helmignore | 23 ++++ charts/argocd-image-updater/Chart.yaml | 18 ++++ charts/argocd-image-updater/README.md | 86 +++++++++++++++ charts/argocd-image-updater/README.md.gotmpl | 58 ++++++++++ .../templates/_helpers.tpl | 63 +++++++++++ .../templates/configmap.yaml | 13 +++ .../templates/deployment.yaml | 95 ++++++++++++++++ .../argocd-image-updater/templates/rbac.yaml | 48 +++++++++ .../templates/serviceaccount.yaml | 12 +++ charts/argocd-image-updater/values.yaml | 102 ++++++++++++++++++ 10 files changed, 518 insertions(+) create mode 100644 charts/argocd-image-updater/.helmignore create mode 100644 charts/argocd-image-updater/Chart.yaml create mode 100644 charts/argocd-image-updater/README.md create mode 100644 charts/argocd-image-updater/README.md.gotmpl create mode 100644 charts/argocd-image-updater/templates/_helpers.tpl create mode 100644 charts/argocd-image-updater/templates/configmap.yaml create mode 100644 charts/argocd-image-updater/templates/deployment.yaml create mode 100644 charts/argocd-image-updater/templates/rbac.yaml create mode 100644 charts/argocd-image-updater/templates/serviceaccount.yaml create mode 100644 charts/argocd-image-updater/values.yaml diff --git a/charts/argocd-image-updater/.helmignore b/charts/argocd-image-updater/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/argocd-image-updater/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml new file mode 100644 index 00000000..1ace2616 --- /dev/null +++ b/charts/argocd-image-updater/Chart.yaml @@ -0,0 +1,18 @@ +apiVersion: v2 +name: argocd-image-updater +description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD +type: application +version: 0.1.0 +appVersion: v0.10.1 +home: https://github.com/argoproj-labs/argocd-image-updater +icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png +keywords: + - argoproj + - argocd + - gitops +maintainers: + - name: argoproj + url: https://argoproj.github.io/ +annotations: + artifacthub.io/changes: | + - "[Added]: First chart release" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md new file mode 100644 index 00000000..d3440dd6 --- /dev/null +++ b/charts/argocd-image-updater/README.md @@ -0,0 +1,86 @@ +# argocd-image-updater + +A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD + +To regenerate this document, from the root of this chart directory run: +```shell +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + +## Installation + +```console +helm repo add argo https://argoproj.github.io/argo-helm +helm install argocd-image-updater argo/argocd-image-updater +``` + +You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). + +## TODO + +- Automate setting up the ArgoCD API Authentication user/secret using a Helm Hook or something. + +## Prerequisites + +* Helm v3.0.0+ + +## Configuration options + +In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags). + +All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your ArgoCD instance is setup, are set in the `config.argocd` values block. For instance: + +```yaml +config: + argocd: + grpcWeb: false + serverAddress: "http://argocd.argo" + insecure: true + plaintext: true +``` + +Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. + +### Registries + +ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): + +- Docker Hub +- Google Container Registry +- RedHat Quay +- GitHub Container Registry +- GitHub Docker Packages + +If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. + +The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | Kubernetes affinity settings for the deployment | +| config.argocd.grpcWeb | bool | `true` | Use the gRPC-web protocol to connect to the Argo CD API | +| config.argocd.insecure | bool | `false` | If specified, the certificate of the Argo CD API server is not verified. | +| config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. | +| config.argocd.serverAddress | string | `""` | Connect to the Argo CD API server at server address | +| config.logLevel | string | `"info"` | ArgoCD Image Update log level | +| config.registries | list | `[]` | ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | +| extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in config.argocd | +| fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | +| image.pullPolicy | string | `"Always"` | Default image pull policy | +| image.repository | string | `"argoprojlabs/argocd-image-updater"` | Default image repository | +| image.tag | string | `"v0.10.1"` | Default image tag | +| imagePullSecrets | list | `[]` | ImagePullSecrets for the image updater deployment | +| nameOverride | string | `""` | Global name (argocd-image-updater.name in _helpers.tpl) override | +| nodeSelector | object | `{}` | Kubernetes nodeSelector settings for the deployment | +| podAnnotations | object | `{}` | Pod Annotations for the deployment | +| podSecurityContext | object | `{}` | Pod security context settings for the deployment | +| rbac.enabled | bool | `true` | Enable RBAC creation | +| replicaCount | int | `1` | Replica count for the deployment. It is not advised to run more than one replica. | +| resources | object | `{}` | Pod memory and cpu resource settings for the deployment | +| securityContext | object | `{}` | Security context settings for the deployment | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| tolerations | list | `[]` | Kubernetes toleration settings for the deployment | diff --git a/charts/argocd-image-updater/README.md.gotmpl b/charts/argocd-image-updater/README.md.gotmpl new file mode 100644 index 00000000..eab46779 --- /dev/null +++ b/charts/argocd-image-updater/README.md.gotmpl @@ -0,0 +1,58 @@ +{{ template "chart.header" . }} + +{{ template "chart.description" . }} + +To regenerate this document, from the root of this chart directory run: +```shell +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + +## Installation + +```console +helm repo add argo https://argoproj.github.io/argo-helm +helm install argocd-image-updater argo/argocd-image-updater +``` + +You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). + +## TODO + +- Automate setting up the ArgoCD API Authentication user/secret using a Helm Hook or something. + +## Prerequisites + +* Helm v3.0.0+ + +## Configuration options + +In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags). + +All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your ArgoCD instance is setup, are set in the `config.argocd` values block. For instance: + +```yaml +config: + argocd: + grpcWeb: false + serverAddress: "http://argocd.argo" + insecure: true + plaintext: true +``` + +Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. + +### Registries + +ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): + +- Docker Hub +- Google Container Registry +- RedHat Quay +- GitHub Container Registry +- GitHub Docker Packages + +If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. + +The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. + +{{ template "chart.valuesSection" . }} diff --git a/charts/argocd-image-updater/templates/_helpers.tpl b/charts/argocd-image-updater/templates/_helpers.tpl new file mode 100644 index 00000000..5c0be1da --- /dev/null +++ b/charts/argocd-image-updater/templates/_helpers.tpl @@ -0,0 +1,63 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "argocd-image-updater.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "argocd-image-updater.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "argocd-image-updater.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "argocd-image-updater.labels" -}} +helm.sh/chart: {{ include "argocd-image-updater.chart" . }} +{{ include "argocd-image-updater.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "argocd-image-updater.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argocd-image-updater.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "argocd-image-updater.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "argocd-image-updater.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml new file mode 100644 index 00000000..dab468a2 --- /dev/null +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + name: argocd-image-updater-config +data: + registries.conf: | + {{- with .Values.config.registries }} + registries: + {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml new file mode 100644 index 00000000..cfc350ec --- /dev/null +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -0,0 +1,95 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "argocd-image-updater.fullname" . }} + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "argocd-image-updater.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "argocd-image-updater.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argocd-image-updater.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + command: + - /usr/local/bin/argocd-image-updater + - run + {{- with .Values.extraArgs }} + {{- toYaml . | nindent 12 }} + {{- end }} + env: + - name: ARGOCD_GRPC_WEB + value: {{ .Values.config.argocd.grpcWeb | quote }} + - name: ARGOCD_SERVER + value: {{ .Values.config.argocd.serverAddress }} + - name: ARGOCD_INSECURE + value: {{ .Values.config.argocd.insecure | quote }} + - name: ARGOCD_PLAINTEXT + value: {{ .Values.config.argocd.plaintext | quote }} + - name: ARGOCD_TOKEN + valueFrom: + secretKeyRef: + key: argocd.token + name: argocd-image-updater-secret + optional: true + - name: IMAGE_UPDATER_LOGLEVEL + value: {{ .Values.config.logLevel }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 3 + periodSeconds: 30 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 3 + periodSeconds: 30 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - mountPath: /app/config + name: registries-conf + volumes: + - configMap: + items: + - key: registries.conf + path: registries.conf + name: argocd-image-updater-config + name: registries-conf + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argocd-image-updater/templates/rbac.yaml b/charts/argocd-image-updater/templates/rbac.yaml new file mode 100644 index 00000000..cb508a43 --- /dev/null +++ b/charts/argocd-image-updater/templates/rbac.yaml @@ -0,0 +1,48 @@ +{{- if .Values.rbac.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + {{ include "argocd-image-updater.labels" . | nindent 4 }} + name: {{ include "argocd-image-updater.fullname" . }} +rules: + - apiGroups: + - '' + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - argoproj.io + resources: + - applications + verbs: + - get + - list + - update + - patch + - apiGroups: + - "" + resources: + - events + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + {{ include "argocd-image-updater.labels" . | nindent 4 }} + name: {{ include "argocd-image-updater.fullname" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "argocd-image-updater.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "argocd-image-updater.serviceAccountName" . }} +{{- end }} diff --git a/charts/argocd-image-updater/templates/serviceaccount.yaml b/charts/argocd-image-updater/templates/serviceaccount.yaml new file mode 100644 index 00000000..c208ee69 --- /dev/null +++ b/charts/argocd-image-updater/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "argocd-image-updater.serviceAccountName" . }} + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml new file mode 100644 index 00000000..f939137c --- /dev/null +++ b/charts/argocd-image-updater/values.yaml @@ -0,0 +1,102 @@ +# -- Replica count for the deployment. It is not advised to run more than one replica. +replicaCount: 1 +image: + # -- Default image repository + repository: argoprojlabs/argocd-image-updater + # -- Default image pull policy + pullPolicy: Always + # -- Default image tag + tag: v0.10.1 + +# -- ImagePullSecrets for the image updater deployment +imagePullSecrets: [] +# -- Global name (argocd-image-updater.name in _helpers.tpl) override +nameOverride: "" +# -- Global fullname (argocd-image-updater.fullname in _helpers.tpl) override +fullnameOverride: "" + +# -- Extra arguments for argocd-image-updater not defined in config.argocd +extraArgs: [] + # - --disable-kubernetes + # - --dry-run + # - --health-port 8080 + # - --interval 2m + # - --kubeconfig ~/.kube/config + # - --match-application-name staging-* + # - --max-concurrency 5 + # - --once + # - --registries-conf-path /app/config/registries.conf + +config: + # Described in detail here https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags + argocd: + # -- Use the gRPC-web protocol to connect to the Argo CD API + grpcWeb: true + # -- Connect to the Argo CD API server at server address + serverAddress: "" + # -- If specified, the certificate of the Argo CD API server is not verified. + insecure: false + # -- If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. + plaintext: false + + # -- ArgoCD Image Update log level + logLevel: "info" + + # -- ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) + registries: [] + # - name: Docker Hub + # api_url: https://registry-1.docker.io + # ping: yes + # credentials: secret:foo/bar#creds + # defaultns: library + # - name: Google Container Registry + # api_url: https://gcr.io + # prefix: gcr.io + # ping: no + # credentials: pullsecret:foo/bar + # - name: RedHat Quay + # api_url: https://quay.io + # ping: no + # prefix: quay.io + # credentials: env:REGISTRY_SECRET + +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +# -- Pod Annotations for the deployment +podAnnotations: {} + +# -- Pod security context settings for the deployment +podSecurityContext: {} + # fsGroup: 2000 + +# -- Security context settings for the deployment +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +rbac: + # -- Enable RBAC creation + enabled: true + +# -- Pod memory and cpu resource settings for the deployment +resources: {} + +# -- Kubernetes nodeSelector settings for the deployment +nodeSelector: {} + +# -- Kubernetes toleration settings for the deployment +tolerations: [] + +# -- Kubernetes affinity settings for the deployment +affinity: {} From 3053af0500b942df4f0759ad29553b2938882c86 Mon Sep 17 00:00:00 2001 From: cskh Date: Mon, 16 Aug 2021 11:27:24 -0400 Subject: [PATCH 093/122] feat(argo-rollouts): add dashboard (#798) * feat(argo-rollouts): add dashboard deployment and service credit: the implemention is inspired by the work from Andrii Perenesenko . Signed-off-by: Hui Kang * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Add components to selectlabels Signed-off-by: Hui Kang * Bump major version and add upgrading note Signed-off-by: Hui Kang * fix: Documentation on dashboard values, change annotations Signed-off-by: Hui Kang * feat: Enable dashboard during chart testing Signed-off-by: Marco Kilchhofer Co-authored-by: Hui Kang Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/.helmignore | 1 + charts/argo-rollouts/Chart.yaml | 5 +- charts/argo-rollouts/README.md | 24 ++++++++ charts/argo-rollouts/ci/test-values.yaml | 2 + .../templates/argo-rollouts-deployment.yaml | 2 + .../argo-rollouts-metrics-service.yaml | 5 +- .../templates/dashboard/clusterrole.yaml | 58 ++++++++++++++++++ .../dashboard/clusterrolebinding.yaml | 17 ++++++ .../templates/dashboard/deployment.yaml | 59 +++++++++++++++++++ .../argo-rollouts/templates/dashboard/sa.yaml | 13 ++++ .../templates/dashboard/service.yaml | 22 +++++++ charts/argo-rollouts/values.yaml | 25 ++++++++ 12 files changed, 228 insertions(+), 5 deletions(-) create mode 100644 charts/argo-rollouts/ci/test-values.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/clusterrole.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/deployment.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/sa.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/service.yaml diff --git a/charts/argo-rollouts/.helmignore b/charts/argo-rollouts/.helmignore index f0c13194..b4af6c20 100644 --- a/charts/argo-rollouts/.helmignore +++ b/charts/argo-rollouts/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +ci/ diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c92e4c62..7bdb6ea9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.4 +version: 2.0.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,5 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing liveness and readiness probes" - - "[Changed]: Fix icon url" + - "[Added]: Dashboard manifests" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 8916a86c..9fcd862a 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -25,6 +25,9 @@ $ helm repo add argo https://argoproj.github.io/argo-helm $ helm install my-release argo/argo-rollouts ``` +If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-rollouts dashboard by +`kubectl port-forward service/argo-rollouts-dashboard 31000:3100` and pointing the browser to `localhost:31000` + ## Chart Values | Key | Type | Default | Description | @@ -53,9 +56,30 @@ $ helm install my-release argo/argo-rollouts | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | | containerSecurityContext | object | `{}` | Security Context to set on container level | +| dashboard.enabled | bool | `false` | Deploy dashboard server | +| dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` | +| dashboard.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| dashboard.image.registry | string | `quay.io` | Registry to use | +| dashboard.image.repository | string | `"argoproj/kubectl-argo-rollouts"` | Repository to use | +| dashboard.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | +| dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | +| dashboard.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | +| dashboard.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | +| dashboard.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | +| dashboard.podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | +| dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | +| dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | +| dashboard.serviceAccount.annotations | object | `{}` | Annotations to add to the dashboard service account | +| dashboard.serviceAccount.name | string | `""` | The name of the dashboard service account to use. If not set and create is true, a name is generated using the fullname template | ## Upgrading +### To 2.0.0 + +* The argo-rollouts dashboard is added to the template and can be enabled by setting `dashboard.enabled=true`. +* There is a breaking change where the selector label `app.kubernetes.io/component: {{ .Values.controller.component }}` is added to rollout's deployment and service in order to distinguish between the controller and the dashboard component. + To upgrade an existing installation, please **add the `--force` parameter** to the `helm upgrade` command or **delete the Deployment and Service resource** before you upgrade. This is necessary because Deployment's label selector is immutable. + ### To 1.0.0 * This is a breaking change which only supports Helm v3.0.0+ now. If you still use Helm v2, please consider upgrading because v2 is EOL since November 2020. diff --git a/charts/argo-rollouts/ci/test-values.yaml b/charts/argo-rollouts/ci/test-values.yaml new file mode 100644 index 00000000..7ea0c4c8 --- /dev/null +++ b/charts/argo-rollouts/ci/test-values.yaml @@ -0,0 +1,2 @@ +dashboard: + enabled: true diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index 4acb0cee..71d73352 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -8,6 +8,7 @@ metadata: spec: selector: matchLabels: + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} strategy: type: Recreate @@ -19,6 +20,7 @@ spec: {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ .Values.controller.component }} {{- range $key, $value := .Values.podLabels }} {{ $key }}: {{ $value | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index 6f2c975f..5e380347 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -4,7 +4,7 @@ kind: Service metadata: name: {{ include "argo-rollouts.fullname" . }}-metrics labels: - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} {{- with .Values.serviceAnnotations }} annotations: @@ -17,5 +17,6 @@ spec: port: 8090 targetPort: 8090 selector: - {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml new file mode 100644 index 00000000..071ba962 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -0,0 +1,58 @@ +{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +rules: + - apiGroups: + - argoproj.io + resources: + - rollouts + - rollouts/status + - rollouts/finalizers + verbs: + - get + - list + - watch + - update + - patch + - apiGroups: + - argoproj.io + resources: + - analysisruns + - analysisruns/finalizers + - experiments + - experiments/finalizers + verbs: + - create + - get + - list + - watch + - apiGroups: + - argoproj.io + resources: + - analysistemplates + - clusteranalysistemplates + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - replicasets + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - watch +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml new file mode 100644 index 00000000..331fbe4e --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "argo-rollouts.fullname" . }}-dashboard +subjects: +- kind: ServiceAccount + name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml new file mode 100644 index 00000000..48364587 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -0,0 +1,59 @@ +{{- if .Values.dashboard.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ .Values.dashboard.component }} + strategy: + type: Recreate + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- range $key, $value := .Values.podLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + containers: + - image: "{{ .Values.dashboard.image.registry }}/{{ .Values.dashboard.image.repository }}:{{ default .Chart.AppVersion .Values.dashboard.image.tag }}" + imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }} + name: argo-rollouts-dashboard + ports: + - containerPort: 3100 + name: dashboard + securityContext: + {{- toYaml .Values.dashboard.containerSecurityContext | nindent 10 }} + resources: + {{- toYaml .Values.dashboard.resources | nindent 10 }} + {{- if .Values.dashboard.nodeSelector }} + nodeSelector: + {{- toYaml .Values.dashboard.nodeSelector | nindent 8 }} + {{- end }} + securityContext: + {{- toYaml .Values.dashboard.podSecurityContext | nindent 8 }} + {{- if .Values.dashboard.tolerations }} + tolerations: + {{- toYaml .Values.dashboard.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.dashboard.affinity }} + affinity: + {{- toYaml .Values.dashboard.affinity | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-rollouts/templates/dashboard/sa.yaml b/charts/argo-rollouts/templates/dashboard/sa.yaml new file mode 100644 index 00000000..ff0c7300 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/sa.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.dashboard.enabled .Values.dashboard.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.dashboard.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml new file mode 100644 index 00000000..d2bd432b --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -0,0 +1,22 @@ +{{- if .Values.dashboard.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.serviceAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ports: + - name: dashboard + protocol: TCP + port: 3100 + targetPort: 3100 + selector: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e52e8902..4c288b98 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -94,3 +94,28 @@ podLabels: {} # Secrets with credentials to pull images from a private registry imagePullSecrets: [] # - name: argo-pull-secret + +dashboard: + enabled: false + component: rollouts-dashboard + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + image: + registry: quay.io + repository: argoproj/kubectl-argo-rollouts + tag: "" + pullPolicy: IfNotPresent + resources: {} + podSecurityContext: + runAsNonRoot: true + containerSecurityContext: {} + serviceAccount: + create: true + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" From 04cbf217aebe9ce3e847b277ecb4c25eb95fbf2d Mon Sep 17 00:00:00 2001 From: Matt Carr <39928231+matt-carr@users.noreply.github.com> Date: Tue, 17 Aug 2021 03:30:43 -0400 Subject: [PATCH 094/122] feat(argo-workflows): Bump appVersion to 3.1.5 (#831) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Bump appVersion to 3.1.0 Signed-off-by: Matt Carr * Update charts/argo-workflows/Chart.yaml Co-authored-by: Oliver Bähler Signed-off-by: Matt Carr * Fix conflicts with upstream Signed-off-by: Matt Carr * Update changelog annotations and bump minor version Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 6 +++--- scripts/lint.sh | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6534fbe8..8f02996f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.3.0 -appVersion: "v3.0.7" +version: 0.4.0 +appVersion: "v3.1.5" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Support for extraContainers in controller/server" + - "[Changed]: Bump appVersion to 3.1.5" diff --git a/scripts/lint.sh b/scripts/lint.sh index 1f0e9104..2a4e8c9f 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -10,7 +10,7 @@ docker run \ -v "$SRCROOT:/workdir" \ --entrypoint /bin/sh \ quay.io/helmpack/chart-testing:v3.3.1 \ - -c cd /workdir \ + -c cd /workdir \ ct lint \ --config .github/configs/ct-lint.yaml \ --lint-conf .github/configs/lintconf.yaml \ From 1b64b58062374ccbd83fedca10d919b555db1039 Mon Sep 17 00:00:00 2001 From: shortsn Date: Tue, 17 Aug 2021 11:12:51 +0200 Subject: [PATCH 095/122] feat(argocd-notifications): Add example for defaultTriggers (#871) * extending chart by optional defaultTriggers Signed-off-by: shortsn * #871 adjustments according review comments Signed-off-by: shortsn * #871 rework using existing field Signed-off-by: shortsn * #871 fixing linebreaks Signed-off-by: shortsn * #871 adjusting version Signed-off-by: shortsn --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/values.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 81fc8e5c..0c17c3d6 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.1 +version: 1.4.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Added]: Example for 'defaultTriggers'" diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index ff5ca14d..fe6857b7 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -346,6 +346,10 @@ triggers: # send: # - app-sync-succeeded # when: app.status.operationState.phase in ['Succeeded'] + # + # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers + # defaultTriggers: | + # - on-sync-status-unknown bots: # For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ From de3cbd960eb72b677f751d49dee370e7c0d0e476 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 18 Aug 2021 11:31:24 +0200 Subject: [PATCH 096/122] chore: Convert issue templates to issue forms (#875) Signed-off-by: Marco Kilchhofer --- .github/ISSUE_TEMPLATE/bug_report.md | 27 ------------- .github/ISSUE_TEMPLATE/bug_report.yaml | 45 +++++++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 20 --------- .github/ISSUE_TEMPLATE/feature_request.yaml | 35 ++++++++++++++++ 4 files changed, 80 insertions(+), 47 deletions(-) delete mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yaml delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yaml diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md deleted file mode 100644 index 816593c4..00000000 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -name: Bug report -about: Create a report to help us improve -title: '' -labels: 'bug' -assignees: '' - ---- - -**Describe the bug** -A clear and concise description of what the bug is. - -**To Reproduce** -Steps to reproduce the behavior: -1. Go to '...' -2. Click on '....' -3. Scroll down to '....' -4. See error - -**Expected behavior** -A clear and concise description of what you expected to happen. - -**Screenshots** -If applicable, add screenshots to help explain your problem. - -**Additional context** -Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml new file mode 100644 index 00000000..5db1fbc3 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yaml @@ -0,0 +1,45 @@ +--- +name: Bug report +description: Create a report to help us improve +labels: +- bug +body: +- type: textarea + attributes: + label: Describe the bug + description: A clear and concise description of what the bug is. + validations: + required: true + +- type: textarea + attributes: + label: To Reproduce + description: Steps to reproduce the behavior + placeholder: | + 1. Go to '...' + 2. Click on '....' + 3. Scroll down to '....' + 4. See error + validations: + required: true + +- type: textarea + attributes: + label: Expected behavior + description: A clear and concise description of what you expected to happen. + validations: + required: true + +- type: textarea + attributes: + label: Screenshots + description: If applicable, add screenshots to help explain your problem. + validations: + required: false + +- type: textarea + attributes: + label: Additional context + description: Add any other context about the problem here. + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md deleted file mode 100644 index 36014cde..00000000 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: Feature request -about: Suggest an idea for this project -title: '' -labels: 'enhancement' -assignees: '' - ---- - -**Is your feature request related to a problem? Please describe.** -A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] - -**Describe the solution you'd like** -A clear and concise description of what you want to happen. - -**Describe alternatives you've considered** -A clear and concise description of any alternative solutions or features you've considered. - -**Additional context** -Add any other context or screenshots about the feature request here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml new file mode 100644 index 00000000..2ff5ab68 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yaml @@ -0,0 +1,35 @@ +--- +name: Feature request +description: Suggest an idea for this project +labels: +- enhancement +body: +- type: textarea + attributes: + label: Is your feature request related to a problem? + description: A clear and concise description of what the problem is. Please describe. + placeholder: | + Ex. I'm always frustrated when [...] + validations: + required: false + +- type: textarea + attributes: + label: Describe the solution you'd like + description: A clear and concise description of what you want to happen. + validations: + required: true + +- type: textarea + attributes: + label: Describe alternatives you've considered + description: A clear and concise description of any alternative solutions or features you've considered. + validations: + required: false + +- type: textarea + attributes: + label: Additional context + description: Add any other context or screenshots about the feature request here. + validations: + required: false From bc16a275c4f8adc8894a480bb6962d4898ded467 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 18 Aug 2021 12:01:51 +0200 Subject: [PATCH 097/122] fix(argocd-notifications): Use correct chart icon url (#872) Signed-off-by: Marco Kilchhofer Co-authored-by: David J. M. Karlsen --- charts/argocd-notifications/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 0c17c3d6..0ae4fff0 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,9 +3,9 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.2 +version: 1.4.3 home: https://github.com/argoproj/argo-helm -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: - argoproj - argocd @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Added]: Example for 'defaultTriggers'" + - "[Fixed]: Use correct chart icon url" From b73566058d4f2d4e6e4503c879c7138b57255ce6 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 18 Aug 2021 14:09:29 +0200 Subject: [PATCH 098/122] chore: Migrate old probot stale config to github actions (#877) Signed-off-by: Marco Kilchhofer --- .github/stale.yaml | 17 ----------------- .github/workflows/stale.yml | 20 ++++++++++++++++++-- 2 files changed, 18 insertions(+), 19 deletions(-) delete mode 100644 .github/stale.yaml diff --git a/.github/stale.yaml b/.github/stale.yaml deleted file mode 100644 index d9f65632..00000000 --- a/.github/stale.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Number of days of inactivity before an issue becomes stale -daysUntilStale: 60 -# Number of days of inactivity before a stale issue is closed -daysUntilClose: 7 -# Issues with these labels will never be considered stale -exemptLabels: - - pinned - - security -# Label to use when marking an issue as stale -staleLabel: wontfix -# Comment to post when marking an issue as stale. Set to `false` to disable -markComment: > - This issue has been automatically marked as stale because it has not had - recent activity. It will be closed if no further activity occurs. Thank you - for your contributions. -# Comment to post when closing a stale issue. Set to `false` to disable -closeComment: false \ No newline at end of file diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 8b16dff4..03965cc5 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -1,3 +1,4 @@ +## Reference: https://github.com/actions/stale name: Mark stale issues and pull requests on: schedule: @@ -9,7 +10,22 @@ jobs: - uses: actions/stale@v3 with: repo-token: ${{ secrets.GITHUB_TOKEN }} - stale-issue-message: 'Stale issue message' - stale-pr-message: 'Stale pull request message' + # Number of days of inactivity before an issue becomes stale + days-before-stale: 60 + # Number of days of inactivity before a stale issue is closed + days-before-close: 7 + # Issues with these labels will never be considered stale + exempt-issue-labels: "on-hold,pinned,security" + exempt-pr-labels: "on-hold,pinned,security" + # Comment to post when marking an issue as stale. + stale-issue-message: > + This issue has been automatically marked as stale because it has not had + recent activity. It will be closed if no further activity occurs. Thank you + for your contributions. + stale-pr-message: > + This pull request has been automatically marked as stale because it has not had + recent activity. It will be closed if no further activity occurs. Thank you + for your contributions. + # Label to use when marking an issue as stale stale-issue-label: 'no-issue-activity' stale-pr-label: 'no-pr-activity' From fa7ba522e0c4ed17e1a114cdc3e02e3471c11015 Mon Sep 17 00:00:00 2001 From: Rein van 't Veer Date: Fri, 20 Aug 2021 18:24:23 +0200 Subject: [PATCH 099/122] fix(argo-workflows): Fix typo reported in #876 (#881) * fix typo. Fixes #876 Signed-off-by: reinvantveer * change notes and version bump Signed-off-by: reinvantveer * fix typos in role and service account Signed-off-by: reinvantveer * update change notes Signed-off-by: reinvantveer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/controller/workflow-rb.yaml | 2 +- charts/argo-workflows/templates/controller/workflow-role.yaml | 2 +- charts/argo-workflows/templates/controller/workflow-sa.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8f02996f..7198f79c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.4.0 +version: 0.4.1 appVersion: "v3.1.5" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Bump appVersion to 3.1.5" + - "[Fixed]: Fix typos in Workflows RBAC settings" diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 004d40d0..67f22504 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 4ca10e8e..66ad9328 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 2ea64771..7c76585a 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.serviceAccount.create -}} - {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} --- apiVersion: v1 kind: ServiceAccount From 11ec82596b5a62ba9d7c974c1a25aede739437b2 Mon Sep 17 00:00:00 2001 From: Peter Smit Date: Mon, 23 Aug 2021 14:13:15 +0300 Subject: [PATCH 100/122] feat(argo-workflows): Bump appVersion to 3.1.8 (#879) Co-authored-by: David J. M. Karlsen --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 7198f79c..6a8e00b8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.4.1 -appVersion: "v3.1.5" +version: 0.4.2 +appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Fix typos in Workflows RBAC settings" + - "[Changed]: Bump appVersion to 3.1.8" From 9b6802b3c93885b1905ec222ede64700cf875bef Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Mon, 23 Aug 2021 14:13:41 +0200 Subject: [PATCH 101/122] fix(argo-cd): Remove ArgoCD repo server entrypoint script from command block and drop --staticassets field (#886) --- charts/argo-cd/Chart.yaml | 7 ++++--- charts/argo-cd/README.md | 4 ++++ .../argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +-- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ---- charts/argo-cd/values.yaml | 6 +----- 5 files changed, 10 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 322cd0c0..0b4ec162 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.5 +appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.12.1 +version: 3.13.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: redis-ha.nameOverride / redis-ha.fullnameOverride breaks the ArgoCD helm chart" + - "[Fixed]: Remove ArgoCD Repo Server entrypoint file from command block. Defers to entrypoint defined in the Dockerfile" + - "[Fixed]: Remove deprecated static assets flag" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c73299f9..e9c661bf 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -34,6 +34,10 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 3.13.0 + +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `extraArgs` field + ### 3.10.2 ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 30082b2d..d89440a2 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -40,8 +40,7 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - command: - - uid_entrypoint.sh + args: - argocd-repo-server {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ff86f5ec..3ef5bb62 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -42,10 +42,6 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server - {{ if .Values.server.staticAssets.enabled }} - - --staticassets - - /shared/app - {{ end }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- if .Values.dex.enabled }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4a6172ef..8e637966 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.0.5 + tag: v2.1.0 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -435,10 +435,6 @@ server: extraArgs: [] # - --insecure - # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app - staticAssets: - enabled: true - ## Environment variables to pass to argocd-server ## env: [] From 4e8715d527629c7700b762aff8d5462e5af2f976 Mon Sep 17 00:00:00 2001 From: Edward Nys <36994826+enys@users.noreply.github.com> Date: Mon, 23 Aug 2021 14:23:21 +0200 Subject: [PATCH 102/122] feat(argocd-applicationset): Bump appVersion to 0.2.0 (#885) Co-authored-by: David J. M. Karlsen --- charts/argocd-applicationset/Chart.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index c93d4cef..f9f599c7 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.1.0 -appVersion: "v0.1.0" +version: 1.2.0 +appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,5 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: /tmp is an emptyDir now (enables users to use readOnlyRootFilesystem)" - - "[Added]: Ability to add extraVolumes and extraVolumeMounts" + - "[Changed]: Bumped argocd-applicationset to 0.2.0" From 3440961aa91f94cf74df9188aabbe92ee6470404 Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Mon, 23 Aug 2021 15:01:26 +0200 Subject: [PATCH 103/122] fix(argo-cd): Update README.md for ArgoCD (#888) --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0b4ec162..90543f56 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.13.0 +version: 3.13.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Remove ArgoCD Repo Server entrypoint file from command block. Defers to entrypoint defined in the Dockerfile" - - "[Fixed]: Remove deprecated static assets flag" + - "[Fixed]: Updated README.md for ArgoCD" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e9c661bf..48676ca7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -36,7 +36,7 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ### 3.13.0 -This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `extraArgs` field +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field ### 3.10.2 From 573a7494d442eca8fea26e3ac3476a7181cf84c9 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 23 Aug 2021 15:05:09 +0200 Subject: [PATCH 104/122] Upgrade application-set to version 0.2.0 (#887) Signed-off-by: Petr Drastil --- charts/argocd-applicationset/Chart.yaml | 5 +- .../crds/crd-applicationset.yaml | 5240 ++++++++++++++++- charts/argocd-applicationset/values.yaml | 2 +- 3 files changed, 4942 insertions(+), 305 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index f9f599c7..0796bbef 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.2.0 +version: 1.3.0 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,5 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Changed]: Bumped argocd-applicationset to 0.2.0" + - "[Fixed]: Use new image repository" + - "[Changed]: Updated ApplicationSet CRD" diff --git a/charts/argocd-applicationset/crds/crd-applicationset.yaml b/charts/argocd-applicationset/crds/crd-applicationset.yaml index 734ce34a..9132148a 100644 --- a/charts/argocd-applicationset/crds/crd-applicationset.yaml +++ b/charts/argocd-applicationset/crds/crd-applicationset.yaml @@ -1,8 +1,10 @@ +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.3.0 + creationTimestamp: null name: applicationsets.argoproj.io spec: group: argoproj.io @@ -10,6 +12,9 @@ spec: kind: ApplicationSet listKind: ApplicationSetList plural: applicationsets + shortNames: + - appset + - appsets singular: applicationset scope: Namespaced versions: @@ -38,6 +43,538 @@ spec: items: description: ApplicationSetGenerator include list item info properties: + clusterDecisionResource: + description: DuckType defines a generator to match against clusters + registered with ArgoCD. + properties: + configMapRef: + description: ConfigMapRef is a ConfigMap with the duck type + definitions needed to retreive the data this + includes apiVersion(group/version), kind, matchKey and + validation settings Name is the resource name of the kind, + group and version, defined in the ConfigMapRef RequeueAfterSeconds + is how long before the duckType will be rechecked for + a change + type: string + labelSelector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination is a reference to the target + Kubernetes server and namespace + properties: + name: + description: Name is an alternate way of specifying + the target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' + project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + of the application's manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter that's passed to helm template + during manifest generation + properties: + name: + description: Name is the name of the + Helm parameter + type: string + path: + description: Path is the path to the + file containing the values for the + Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during + manifest generation + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + Helm parameter + type: string + value: + description: Value is the value for + the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values + to be passed to helm template, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize + image override specifications + items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within + the Git repository, and is only valid for + applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + description: Env is a list of environment + variable entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the + variable, usually expressed in uppercase + type: string + value: + description: Value is the value of + the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when and how a + sync will be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff controls how to backoff + on subsequent retries of failed syncs + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + description: Values contains key/value pairs which are passed + directly as parameters to the template + type: object + required: + - configMapRef + type: object clusters: description: ClusterGenerator defines a generator to match against clusters registered with ArgoCD. @@ -102,6 +639,10 @@ spec: additionalProperties: type: string type: object + finalizers: + items: + type: string + type: array labels: additionalProperties: type: string @@ -118,27 +659,29 @@ spec: revision. properties: destination: - description: Destination overrides the kubernetes - server and namespace defined in the environment - ksonnet app.yaml + description: Destination is a reference to the target + Kubernetes server and namespace properties: name: - description: Name of the destination cluster - which can be used instead of server (url) - field + description: Name is an alternate way of specifying + the target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment - namespace value in the ksonnet app.yaml + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace type: string server: - description: Server overrides the environment - server value in the ksonnet app.yaml + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources - fields which should be ignored during comparison + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison items: description: ResourceIgnoreDifferences contains resource filter and list of json paths which @@ -147,6 +690,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -158,12 +705,11 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array info: - description: Infos contains a list of useful information + description: Info contains a list of information (URLs, email addresses, and plain text) that relates to the application items: @@ -178,43 +724,58 @@ spec: type: object type: array project: - description: Project is a application project name. - Empty name means that application belongs to 'default' + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept - in the apps revision history. This should only - be changed in exceptional circumstances. Setting - to zero will store no history. This will reduce - storage used. Increasing will increase the space - used to store the history, so we do not recommend - increasing it. Default is 10. + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. format: int64 type: integer source: description: Source is a reference to the location - ksonnet application definition + of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds - jsonnet specific options + description: Jsonnet holds options specific + to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -237,8 +798,9 @@ spec: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -253,6 +815,8 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests type: boolean type: object helm: @@ -263,24 +827,28 @@ spec: to the helm template items: description: HelmFileParameter is a file - parameter to a helm template + parameter that's passed to helm template + during manifest generation properties: name: description: Name is the name of the - helm parameter + Helm parameter type: string path: - description: Path is the path value - for the helm parameter + description: Path is the path to the + file containing the values for the + Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to - the helm template + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation items: description: HelmParameter is a parameter - to a helm template + that's passed to helm template during + manifest generation properties: forceString: description: ForceString determines @@ -289,17 +857,18 @@ spec: type: boolean name: description: Name is the name of the - helm parameter + Helm parameter type: string value: description: Value is the value for - the helm parameter + the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted - it will use the application name + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name type: string valueFiles: description: ValuesFiles is a list of Helm @@ -308,12 +877,13 @@ spec: type: string type: array values: - description: Values is Helm values, typically + description: Values specifies Helm values + to be passed to helm template, typically defined as a block type: string version: description: Version is the Helm version - to use for templating with + to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -350,50 +920,71 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional - kustomize commonAnnotations + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional - kustomize commonLabels + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean images: - description: Images are kustomize image - overrides + description: Images is a list of Kustomize + image override specifications items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: type: string type: array namePrefix: description: NamePrefix is a prefix appended - to resources for kustomize apps + to resources for Kustomize apps type: string nameSuffix: description: NameSuffix is a suffix appended - to resources for kustomize apps + to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize - version + description: Version controls which version + of Kustomize to use for rendering manifests type: string type: object path: description: Path is a directory path within - the Git repository + the Git repository, and is only valid for + applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment + variable entries items: + description: EnvEntry represents an entry + in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the + variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of + the variable type: string required: - name @@ -404,20 +995,24 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of - the application manifests + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests type: string targetRevision: - description: TargetRevision defines the commit, - tag, or branch in which to sync the application - to. If omitted, will sync to HEAD + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when a sync will - be performed + description: SyncPolicy controls when and how a + sync will be performed properties: automated: description: Automated will keep an application @@ -428,13 +1023,16 @@ spec: zero live resources (default: false)' type: boolean prune: - description: 'Prune will prune resources - automatically as part of automated sync - (default: false)' + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal enables auto-syncing - if (default: false)' + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' type: boolean type: object retry: @@ -442,7 +1040,8 @@ spec: behavior properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff + on subsequent retries of failed syncs properties: duration: description: Duration is the amount @@ -464,7 +1063,8 @@ spec: type: object limit: description: Limit is the maximum number - of attempts when retrying a container + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. format: int64 type: integer type: object @@ -496,6 +1096,8 @@ spec: directories: items: properties: + exclude: + type: boolean path: type: string required: @@ -530,6 +1132,10 @@ spec: additionalProperties: type: string type: object + finalizers: + items: + type: string + type: array labels: additionalProperties: type: string @@ -546,27 +1152,29 @@ spec: revision. properties: destination: - description: Destination overrides the kubernetes - server and namespace defined in the environment - ksonnet app.yaml + description: Destination is a reference to the target + Kubernetes server and namespace properties: name: - description: Name of the destination cluster - which can be used instead of server (url) - field + description: Name is an alternate way of specifying + the target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment - namespace value in the ksonnet app.yaml + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace type: string server: - description: Server overrides the environment - server value in the ksonnet app.yaml + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources - fields which should be ignored during comparison + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison items: description: ResourceIgnoreDifferences contains resource filter and list of json paths which @@ -575,6 +1183,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -586,12 +1198,11 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array info: - description: Infos contains a list of useful information + description: Info contains a list of information (URLs, email addresses, and plain text) that relates to the application items: @@ -606,43 +1217,58 @@ spec: type: object type: array project: - description: Project is a application project name. - Empty name means that application belongs to 'default' + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept - in the apps revision history. This should only - be changed in exceptional circumstances. Setting - to zero will store no history. This will reduce - storage used. Increasing will increase the space - used to store the history, so we do not recommend - increasing it. Default is 10. + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. format: int64 type: integer source: description: Source is a reference to the location - ksonnet application definition + of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds - jsonnet specific options + description: Jsonnet holds options specific + to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -665,8 +1291,9 @@ spec: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -681,6 +1308,8 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests type: boolean type: object helm: @@ -691,24 +1320,28 @@ spec: to the helm template items: description: HelmFileParameter is a file - parameter to a helm template + parameter that's passed to helm template + during manifest generation properties: name: description: Name is the name of the - helm parameter + Helm parameter type: string path: - description: Path is the path value - for the helm parameter + description: Path is the path to the + file containing the values for the + Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to - the helm template + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation items: description: HelmParameter is a parameter - to a helm template + that's passed to helm template during + manifest generation properties: forceString: description: ForceString determines @@ -717,17 +1350,18 @@ spec: type: boolean name: description: Name is the name of the - helm parameter + Helm parameter type: string value: description: Value is the value for - the helm parameter + the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted - it will use the application name + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name type: string valueFiles: description: ValuesFiles is a list of Helm @@ -736,12 +1370,13 @@ spec: type: string type: array values: - description: Values is Helm values, typically + description: Values specifies Helm values + to be passed to helm template, typically defined as a block type: string version: description: Version is the Helm version - to use for templating with + to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -778,50 +1413,71 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional - kustomize commonAnnotations + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional - kustomize commonLabels + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean images: - description: Images are kustomize image - overrides + description: Images is a list of Kustomize + image override specifications items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: type: string type: array namePrefix: description: NamePrefix is a prefix appended - to resources for kustomize apps + to resources for Kustomize apps type: string nameSuffix: description: NameSuffix is a suffix appended - to resources for kustomize apps + to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize - version + description: Version controls which version + of Kustomize to use for rendering manifests type: string type: object path: description: Path is a directory path within - the Git repository + the Git repository, and is only valid for + applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment + variable entries items: + description: EnvEntry represents an entry + in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the + variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of + the variable type: string required: - name @@ -832,20 +1488,24 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of - the application manifests + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests type: string targetRevision: - description: TargetRevision defines the commit, - tag, or branch in which to sync the application - to. If omitted, will sync to HEAD + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when a sync will - be performed + description: SyncPolicy controls when and how a + sync will be performed properties: automated: description: Automated will keep an application @@ -856,13 +1516,16 @@ spec: zero live resources (default: false)' type: boolean prune: - description: 'Prune will prune resources - automatically as part of automated sync - (default: false)' + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal enables auto-syncing - if (default: false)' + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' type: boolean type: object retry: @@ -870,7 +1533,8 @@ spec: behavior properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff + on subsequent retries of failed syncs properties: duration: description: Duration is the amount @@ -892,7 +1556,8 @@ spec: type: object limit: description: Limit is the maximum number - of attempts when retrying a container + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. format: int64 type: integer type: object @@ -921,23 +1586,7 @@ spec: properties: elements: items: - description: ListGeneratorElement include cluster and - url info - properties: - cluster: - type: string - url: - type: string - values: - additionalProperties: - type: string - description: Values contains key/value pairs which - are passed directly as parameters to the template - type: object - required: - - cluster - - url - type: object + x-kubernetes-preserve-unknown-fields: true type: array template: description: ApplicationSetTemplate represents argocd ApplicationSpec @@ -951,6 +1600,10 @@ spec: additionalProperties: type: string type: object + finalizers: + items: + type: string + type: array labels: additionalProperties: type: string @@ -967,27 +1620,29 @@ spec: revision. properties: destination: - description: Destination overrides the kubernetes - server and namespace defined in the environment - ksonnet app.yaml + description: Destination is a reference to the target + Kubernetes server and namespace properties: name: - description: Name of the destination cluster - which can be used instead of server (url) - field + description: Name is an alternate way of specifying + the target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment - namespace value in the ksonnet app.yaml + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace type: string server: - description: Server overrides the environment - server value in the ksonnet app.yaml + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources - fields which should be ignored during comparison + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison items: description: ResourceIgnoreDifferences contains resource filter and list of json paths which @@ -996,6 +1651,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -1007,12 +1666,11 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array info: - description: Infos contains a list of useful information + description: Info contains a list of information (URLs, email addresses, and plain text) that relates to the application items: @@ -1027,43 +1685,58 @@ spec: type: object type: array project: - description: Project is a application project name. - Empty name means that application belongs to 'default' + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept - in the apps revision history. This should only - be changed in exceptional circumstances. Setting - to zero will store no history. This will reduce - storage used. Increasing will increase the space - used to store the history, so we do not recommend - increasing it. Default is 10. + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. format: int64 type: integer source: description: Source is a reference to the location - ksonnet application definition + of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds - jsonnet specific options + description: Jsonnet holds options specific + to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -1086,8 +1759,9 @@ spec: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -1102,6 +1776,8 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests type: boolean type: object helm: @@ -1112,24 +1788,28 @@ spec: to the helm template items: description: HelmFileParameter is a file - parameter to a helm template + parameter that's passed to helm template + during manifest generation properties: name: description: Name is the name of the - helm parameter + Helm parameter type: string path: - description: Path is the path value - for the helm parameter + description: Path is the path to the + file containing the values for the + Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to - the helm template + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation items: description: HelmParameter is a parameter - to a helm template + that's passed to helm template during + manifest generation properties: forceString: description: ForceString determines @@ -1138,17 +1818,18 @@ spec: type: boolean name: description: Name is the name of the - helm parameter + Helm parameter type: string value: description: Value is the value for - the helm parameter + the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted - it will use the application name + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name type: string valueFiles: description: ValuesFiles is a list of Helm @@ -1157,12 +1838,13 @@ spec: type: string type: array values: - description: Values is Helm values, typically + description: Values specifies Helm values + to be passed to helm template, typically defined as a block type: string version: description: Version is the Helm version - to use for templating with + to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -1199,50 +1881,71 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional - kustomize commonAnnotations + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional - kustomize commonLabels + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean images: - description: Images are kustomize image - overrides + description: Images is a list of Kustomize + image override specifications items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: type: string type: array namePrefix: description: NamePrefix is a prefix appended - to resources for kustomize apps + to resources for Kustomize apps type: string nameSuffix: description: NameSuffix is a suffix appended - to resources for kustomize apps + to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize - version + description: Version controls which version + of Kustomize to use for rendering manifests type: string type: object path: description: Path is a directory path within - the Git repository + the Git repository, and is only valid for + applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment + variable entries items: + description: EnvEntry represents an entry + in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the + variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of + the variable type: string required: - name @@ -1253,20 +1956,24 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of - the application manifests + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests type: string targetRevision: - description: TargetRevision defines the commit, - tag, or branch in which to sync the application - to. If omitted, will sync to HEAD + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when a sync will - be performed + description: SyncPolicy controls when and how a + sync will be performed properties: automated: description: Automated will keep an application @@ -1277,13 +1984,16 @@ spec: zero live resources (default: false)' type: boolean prune: - description: 'Prune will prune resources - automatically as part of automated sync - (default: false)' + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal enables auto-syncing - if (default: false)' + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' type: boolean type: object retry: @@ -1291,7 +2001,8 @@ spec: behavior properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff + on subsequent retries of failed syncs properties: duration: description: Duration is the amount @@ -1313,7 +2024,8 @@ spec: type: object limit: description: Limit is the maximum number - of attempts when retrying a container + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. format: int64 type: integer type: object @@ -1336,18 +2048,3889 @@ spec: required: - elements type: object + matrix: + description: MatrixGenerator include Other generators + properties: + generators: + items: + description: ApplicationSetBaseGenerator include list + item info CRD dosn't support recursive types so we need + a different type for the matrix generator https://github.com/kubernetes-sigs/controller-tools/issues/477 + properties: + clusterDecisionResource: + description: DuckType defines a generator to match + against clusters registered with ArgoCD. + properties: + configMapRef: + description: ConfigMapRef is a ConfigMap with + the duck type definitions needed to retreive + the data this includes apiVersion(group/version), + kind, matchKey and validation settings Name + is the resource name of the kind, group and + version, defined in the ConfigMapRef RequeueAfterSeconds + is how long before the duckType will be rechecked + for a change + type: string + labelSelector: + description: A label selector is a label query + over a set of resources. The result of matchLabels + and matchExpressions are ANDed. An empty label + selector matches all objects. A null label selector + matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + description: Values contains key/value pairs which + are passed directly as parameters to the template + type: object + required: + - configMapRef + type: object + clusters: + description: ClusterGenerator defines a generator + to match against clusters registered with ArgoCD. + properties: + selector: + description: Selector defines a label selector + to match against all clusters registered with + ArgoCD. Clusters today are stored as Kubernetes + Secrets, thus the Secret labels will be used + for matching the selector. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + description: Values contains key/value pairs which + are passed directly as parameters to the template + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + description: ListGenerator include items info + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + scmProvider: + description: SCMProviderGenerator defines a generator + that scrapes a SCMaaS API to find candidate repos. + properties: + cloneProtocol: + description: Which protocol to use for the SCM + URL. Default is provider-specific but ssh if + possible. Not all providers necessarily support + all protocols. + type: string + filters: + description: Filters for which repos should be + considered. + items: + description: SCMProviderGeneratorFilter is a + single repository filter. If multiple filter + types are set on a single struct, they will + be AND'd together. All filters must pass for + a repo to be included. + properties: + branchMatch: + description: A regex which must match the + branch name. + type: string + labelMatch: + description: A regex which must match at + least one label. + type: string + pathsExist: + description: An array of paths, all of which + must exist. + items: + type: string + type: array + repositoryMatch: + description: A regex for repo names. + type: string + type: object + type: array + github: + description: Which provider to use and config + for it. + properties: + allBranches: + description: Scan all branches instead of + just the default branch. + type: boolean + api: + description: The GitHub API URL to talk to. + If blank, use https://api.github.com/. + type: string + organization: + description: GitHub org to scan. Required. + type: string + tokenRef: + description: Authentication token reference. + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + description: SCMProviderGeneratorGitlab defines + a connection info specific to Gitlab. + properties: + allBranches: + description: Scan all branches instead of + just the default branch. + type: boolean + api: + description: The Gitlab API URL to talk to. + type: string + group: + description: Gitlab group to scan. Required. You + can use either the project id (recommended) + or the full namespaced path. + type: string + includeSubgroups: + description: Recurse through subgroups (true) + or scan only the base group (false). Defaults + to "false" + type: boolean + tokenRef: + description: Authentication token reference. + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + description: Standard parameters. + format: int64 + type: integer + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + type: object + type: array + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination is a reference to the target + Kubernetes server and namespace + properties: + name: + description: Name is an alternate way of specifying + the target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' + project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + of the application's manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter that's passed to helm template + during manifest generation + properties: + name: + description: Name is the name of the + Helm parameter + type: string + path: + description: Path is the path to the + file containing the values for the + Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during + manifest generation + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + Helm parameter + type: string + value: + description: Value is the value for + the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values + to be passed to helm template, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize + image override specifications + items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within + the Git repository, and is only valid for + applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + description: Env is a list of environment + variable entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the + variable, usually expressed in uppercase + type: string + value: + description: Value is the value of + the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when and how a + sync will be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff controls how to backoff + on subsequent retries of failed syncs + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + scmProvider: + description: SCMProviderGenerator defines a generator that scrapes + a SCMaaS API to find candidate repos. + properties: + cloneProtocol: + description: Which protocol to use for the SCM URL. Default + is provider-specific but ssh if possible. Not all providers + necessarily support all protocols. + type: string + filters: + description: Filters for which repos should be considered. + items: + description: SCMProviderGeneratorFilter is a single repository + filter. If multiple filter types are set on a single + struct, they will be AND'd together. All filters must + pass for a repo to be included. + properties: + branchMatch: + description: A regex which must match the branch name. + type: string + labelMatch: + description: A regex which must match at least one + label. + type: string + pathsExist: + description: An array of paths, all of which must + exist. + items: + type: string + type: array + repositoryMatch: + description: A regex for repo names. + type: string + type: object + type: array + github: + description: Which provider to use and config for it. + properties: + allBranches: + description: Scan all branches instead of just the default + branch. + type: boolean + api: + description: The GitHub API URL to talk to. If blank, + use https://api.github.com/. + type: string + organization: + description: GitHub org to scan. Required. + type: string + tokenRef: + description: Authentication token reference. + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + description: SCMProviderGeneratorGitlab defines a connection + info specific to Gitlab. + properties: + allBranches: + description: Scan all branches instead of just the default + branch. + type: boolean + api: + description: The Gitlab API URL to talk to. + type: string + group: + description: Gitlab group to scan. Required. You can + use either the project id (recommended) or the full + namespaced path. + type: string + includeSubgroups: + description: Recurse through subgroups (true) or scan + only the base group (false). Defaults to "false" + type: boolean + tokenRef: + description: Authentication token reference. + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + description: Standard parameters. + format: int64 + type: integer + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination is a reference to the target + Kubernetes server and namespace + properties: + name: + description: Name is an alternate way of specifying + the target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' + project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + of the application's manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter that's passed to helm template + during manifest generation + properties: + name: + description: Name is the name of the + Helm parameter + type: string + path: + description: Path is the path to the + file containing the values for the + Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during + manifest generation + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + Helm parameter + type: string + value: + description: Value is the value for + the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values + to be passed to helm template, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize + image override specifications + items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within + the Git repository, and is only valid for + applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + description: Env is a list of environment + variable entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the + variable, usually expressed in uppercase + type: string + value: + description: Value is the value of + the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when and how a + sync will be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff controls how to backoff + on subsequent retries of failed syncs + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object type: object type: array syncPolicy: description: ApplicationSetSyncPolicy configures how generated Applications will relate to their ApplicationSet. properties: - skipPrune: - description: SkipPrune will disable the default behavior which - will delete Applications that are no longer being generated - for the ApplicationSet which created them, or the ApplicationSet - itself is deleted. If SkipPrune is set to true, these Applications - will be orphaned but continue to exist. + preserveResourcesOnDeletion: + description: PreserveResourcesOnDeletion will preserve resources + on deletion. If PreserveResourcesOnDeletion is set to true, + these Applications will not be deleted. type: boolean type: object template: @@ -1362,6 +5945,10 @@ spec: additionalProperties: type: string type: object + finalizers: + items: + type: string + type: array labels: additionalProperties: type: string @@ -1377,25 +5964,27 @@ spec: additional parameters link definition revision. properties: destination: - description: Destination overrides the kubernetes server and - namespace defined in the environment ksonnet app.yaml + description: Destination is a reference to the target Kubernetes + server and namespace properties: name: - description: Name of the destination cluster which can - be used instead of server (url) field + description: Name is an alternate way of specifying the + target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment namespace - value in the ksonnet app.yaml + description: Namespace specifies the target namespace + for the application's resources. The namespace will + only be set for namespace-scoped resources that have + not set a value for .metadata.namespace type: string server: - description: Server overrides the environment server value - in the ksonnet app.yaml + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources fields which - should be ignored during comparison + description: IgnoreDifferences is a list of resources and + their fields which should be ignored during comparison items: description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored @@ -1403,6 +5992,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -1414,13 +6007,12 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array info: - description: Infos contains a list of useful information (URLs, - email addresses, and plain text) that relates to the application + description: Info contains a list of information (URLs, email + addresses, and plain text) that relates to the application items: properties: name: @@ -1433,39 +6025,51 @@ spec: type: object type: array project: - description: Project is a application project name. Empty - name means that application belongs to 'default' project. + description: Project is a reference to the project this application + belongs to. The empty string means that application belongs + to the 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept in the - apps revision history. This should only be changed in exceptional - circumstances. Setting to zero will store no history. This - will reduce storage used. Increasing will increase the space - used to store the history, so we do not recommend increasing - it. Default is 10. + description: RevisionHistoryLimit limits the number of items + kept in the application's revision history, which is used + for informational purposes as well as for rollbacks to previous + versions. This should only be changed in exceptional circumstances. + Setting to zero will store no history. This will reduce + storage used. Increasing will increase the space used to + store the history, so we do not recommend increasing it. + Default is 10. format: int64 type: integer source: - description: Source is a reference to the location ksonnet - application definition + description: Source is a reference to the location of the + application's manifests or chart properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: Jsonnet holds options specific to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1487,7 +6091,8 @@ spec: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1502,6 +6107,8 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests type: boolean type: object helm: @@ -1512,23 +6119,25 @@ spec: the helm template items: description: HelmFileParameter is a file parameter - to a helm template + that's passed to helm template during manifest + generation properties: name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string path: - description: Path is the path value for the - helm parameter + description: Path is the path to the file containing + the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm - template + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter that's + passed to helm template during manifest generation properties: forceString: description: ForceString determines whether @@ -1536,17 +6145,17 @@ spec: as strings type: boolean name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the helm + description: Value is the value for the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it - will use the application name + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name type: string valueFiles: description: ValuesFiles is a list of Helm value files @@ -1555,12 +6164,12 @@ spec: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values specifies Helm values to be passed + to helm template, typically defined as a block type: string version: description: Version is the Helm version to use for - templating with + templating (either "2" or "3") type: string type: object ksonnet: @@ -1595,47 +6204,67 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional kustomize - commonAnnotations + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean images: - description: Images are kustomize image overrides + description: Images is a list of Kustomize image override + specifications items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: type: string type: array namePrefix: description: NamePrefix is a prefix appended to resources - for kustomize apps + for Kustomize apps type: string nameSuffix: description: NameSuffix is a suffix appended to resources - for kustomize apps + for Kustomize apps type: string version: - description: Version contains optional Kustomize version + description: Version controls which version of Kustomize + to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment variable + entries items: + description: EnvEntry represents an entry in the + application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the variable, + usually expressed in uppercase type: string value: - description: the value + description: Value is the value of the variable type: string required: - name @@ -1646,19 +6275,22 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or - branch in which to sync the application to. If omitted, - will sync to HEAD + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when a sync will be performed + description: SyncPolicy controls when and how a sync will + be performed properties: automated: description: Automated will keep an application synced @@ -1669,19 +6301,22 @@ spec: resources (default: false)' type: boolean prune: - description: 'Prune will prune resources automatically - as part of automated sync (default: false)' + description: 'Prune specifies whether to delete resources + from the cluster that are not found in the sources + anymore as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal enables auto-syncing if (default: - false)' + description: 'SelfHeal specifes whether to revert + resources back to their desired state upon modification + in the cluster (default: false)' type: boolean type: object retry: description: Retry controls failed sync retry behavior properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff on subsequent + retries of failed syncs properties: duration: description: Duration is the amount to back off. @@ -1700,7 +6335,8 @@ spec: type: object limit: description: Limit is the maximum number of attempts - when retrying a container + for retrying a failed sync. If set to 0, no retries + will be performed. format: int64 type: integer type: object diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index e5b12272..ac9ba29c 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -6,7 +6,7 @@ replicaCount: 1 image: # The image repository - repository: quay.io/argocdapplicationset/argocd-applicationset + repository: quay.io/argoproj/argocd-applicationset # Image pull policy pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. From 3a4baae95d4df8e35aecc1a5079637651b486bdb Mon Sep 17 00:00:00 2001 From: Piotr Kowalczyk Date: Mon, 23 Aug 2021 19:23:07 +0200 Subject: [PATCH 105/122] feat(argo-cd): Parameterizing dex ports names due to istio 403 errors (#889) * refactor: Parameterizing dex ports names due to istio 403 errors Signed-off-by: Piotr Kowalczyk * fix: updating default http port name to http Signed-off-by: Piotr Kowalczyk --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/dex/service.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 90543f56..72f417a7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.13.1 +version: 3.13.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Updated README.md for ArgoCD" + - "[Changed]: Parameterized dex service port names for istio-ingress 403 error" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 48676ca7..151285c1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -397,7 +397,9 @@ NAME: my-release | dex.serviceAccount.create | Create dex service account | `true` | | dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` | | dex.servicePortGrpc | Server GRPC port | `5557` | +| dex.servicePortGrpcName | Server GRPC port name | `grpc` | | dex.servicePortHttp | Server HTTP port | `5556` | +| dex.servicePortHttpName | Server GRPC port name | `http` | | dex.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | dex.volumeMounts | Dex volume mounts | `"/shared"` | | dex.volumes | Dex volumes | `{}` | diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index 6fa77c4e..c93b085e 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -16,11 +16,11 @@ metadata: {{- end }} spec: ports: - - name: http + - name: {{ .Values.dex.servicePortHttpName }} protocol: TCP port: {{ .Values.dex.servicePortHttp }} targetPort: http - - name: grpc + - name: {{ .Values.dex.servicePortGrpcName }} protocol: TCP port: {{ .Values.dex.servicePortGrpc }} targetPort: grpc diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8e637966..e1d67d71 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -280,8 +280,10 @@ dex: ## Dex deployment container ports containerPortHttp: 5556 servicePortHttp: 5556 + servicePortHttpName: http containerPortGrpc: 5557 servicePortGrpc: 5557 + servicePortGrpcName: grpc containerPortMetrics: 5558 servicePortMetrics: 5558 From da73ab6a69f8c777a4f90ed8ba0bd3ee5f19f372 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 24 Aug 2021 14:37:34 +0200 Subject: [PATCH 106/122] feat(argo-cd): Add probes for Dex server (#890) * Add probes for Dex server >= 2.28.0 Signed-off-by: Petr Drastil * Enable metrics port and allow user to configure only retries Signed-off-by: Petr Drastil * Update README Signed-off-by: Petr Drastil * Place probe configuration on top-level Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 24 +++++++++++++++----- charts/argo-cd/templates/dex/deployment.yaml | 18 ++++++++++++++- charts/argo-cd/values.yaml | 17 ++++++++++++++ 4 files changed, 54 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72f417a7..15fa92f4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.13.2 +version: 3.14.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Parameterized dex service port names for istio-ingress 403 error" + - "[Added]: Probe configuration for Dex server" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 151285c1..3f58dbb3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -36,7 +36,7 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ### 3.13.0 -This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field ### 3.10.2 @@ -71,7 +71,7 @@ server: Please check if you are affected by one of these cases **before you upgrade**, especially when you use **cloud IAM roles for service accounts.** (eg. IRSA on AWS or Workload Identity for GKE) -### 3.2.* +### 3.2.* With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). [Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an ArgoCD instance**, @@ -81,7 +81,7 @@ If you are running a cluster version prior to `1.19` you can avoid this issue by ```yaml kubeVersionOverride: "1.18.0" -``` +``` Then you should no longer encounter this issue. @@ -391,6 +391,18 @@ NAME: my-release | dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | dex.podAnnotations | Annotations for the Dex server pods | `{}` | | dex.podLabels | Labels for the Dex server pods | `{}` | +| dex.livenessProbe.enabled | Enable Kubernetes liveness probe for Dex >= 2.28.0 | `false` | +| dex.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | +| dex.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` | +| dex.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | +| dex.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | +| dex.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | +| dex.readinessProbe.enabled | Enable Kubernetes readiness probe for Dex >= 2.28.0 | `false` | +| dex.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | +| dex.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` | +| dex.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | +| dex.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | +| dex.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | | dex.priorityClassName | Priority class for dex | `""` | | dex.resources | Resource limits and requests for dex | `{}` | | dex.serviceAccount.automountServiceAccountToken | Automount API credentials for the Service Account | `true` | @@ -447,14 +459,14 @@ through `xxx.extraArgs` ### Using AWS ALB Ingress Controller With GRPC -If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. +If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. Example: ```yaml server: ingress: enabled: true - annotations: + annotations: alb.ingress.kubernetes.io/backend-protocol: HTTPS alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' alb.ingress.kubernetes.io/scheme: internal @@ -464,5 +476,5 @@ server: isAWSALB: true awsALB: serviceType: ClusterIP - + ``` diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 557140ce..5063ebfe 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -73,10 +73,26 @@ spec: - name: grpc containerPort: {{ .Values.dex.containerPortGrpc }} protocol: TCP - {{- if .Values.dex.metrics.enabled }} - name: metrics containerPort: {{ .Values.dex.containerPortMetrics }} protocol: TCP + {{- if .Values.dex.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /healthz/live + port: metrics + {{- with .Values.dex.livenessProbe }} + {{- omit . "enabled" | toYaml | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.dex.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /healthz/ready + port: metrics + {{- with .Values.dex.readinessProbe }} + {{- omit . "enabled" | toYaml | nindent 10 }} + {{- end }} {{- end }} volumeMounts: - mountPath: /tmp diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e1d67d71..5f5a7bf1 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -259,6 +259,23 @@ dex: ## podLabels: {} + ## Probes for Dex server + ## Supported from Dex >= 2.28.0 + livenessProbe: + enabled: false + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + readinessProbe: + enabled: false + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + serviceAccount: create: true name: argocd-dex-server From 536e98b72b0a6e53e7ae6ed8618a737969b57520 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 24 Aug 2021 14:48:03 +0200 Subject: [PATCH 107/122] feat(argo-cd): Allow global configuration for pod annotations and labels (#894) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ .../argocd-application-controller/deployment.yaml | 10 ++++------ .../templates/argocd-repo-server/deployment.yaml | 10 ++++------ charts/argo-cd/templates/argocd-server/deployment.yaml | 10 ++++------ charts/argo-cd/templates/dex/deployment.yaml | 10 ++++------ charts/argo-cd/templates/redis/deployment.yaml | 10 ++++------ charts/argo-cd/values.yaml | 4 ++++ 8 files changed, 28 insertions(+), 32 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 15fa92f4..7686f02e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.14.0 +version: 3.15.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Probe configuration for Dex server" + - "[Added]: Global configuration for pod annotations and labels" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3f58dbb3..c3dabc56 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -142,6 +142,8 @@ NAME: my-release | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | | global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` | +| global.podAnnotations | Annotations for the all deployed pods | +| global.podLabels | Labels for the all deployed pods | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 7902be76..fac40ab7 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -17,17 +17,15 @@ spec: replicas: {{ .Values.controller.replicas }} template: metadata: - {{- if .Values.controller.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.controller.podAnnotations) }} annotations: - {{- range $key, $value := .Values.controller.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }} - {{- if .Values.controller.podLabels }} -{{- toYaml .Values.controller.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.controller.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index d89440a2..9b4c3400 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -16,17 +16,15 @@ spec: {{- end }} template: metadata: - {{- if .Values.repoServer.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.repoServer.podAnnotations) }} annotations: - {{- range $key, $value := .Values.repoServer.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }} app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }} - {{- if .Values.repoServer.podLabels }} -{{- toYaml .Values.repoServer.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.repoServer.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 3ef5bb62..9f941c96 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -16,17 +16,15 @@ spec: {{- end }} template: metadata: - {{- if .Values.server.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.server.podAnnotations) }} annotations: - {{- range $key, $value := .Values.server.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }} - {{- if .Values.server.podLabels }} -{{- toYaml .Values.server.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.server.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5063ebfe..97951d01 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -12,17 +12,15 @@ spec: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }} template: metadata: - {{- if .Values.dex.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.dex.podAnnotations) }} annotations: - {{- range $key, $value := .Values.dex.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 8 }} app.kubernetes.io/version: {{ .Values.dex.image.tag | quote }} - {{- if .Values.dex.podLabels }} -{{- toYaml .Values.dex.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.dex.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 5b5879a3..05d9f43d 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -13,17 +13,15 @@ spec: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} template: metadata: - {{- if .Values.redis.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.redis.podAnnotations) }} annotations: - {{- range $key, $value := .Values.redis.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 8 }} app.kubernetes.io/version: {{ .Values.redis.image.tag | quote }} - {{- if .Values.redis.podLabels }} -{{- toYaml .Values.redis.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.redis.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5f5a7bf1..bc807eb1 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,6 +10,10 @@ global: repository: quay.io/argoproj/argocd tag: v2.1.0 imagePullPolicy: IfNotPresent + ## Annotations applied to all pods + podAnnotations: {} + ## Labels applied to all pods + podLabels: {} securityContext: {} # runAsUser: 999 # runAsGroup: 999 From 561c5332bbee2c63cd6f8a4fed85b89049eb7867 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 25 Aug 2021 09:05:16 +0200 Subject: [PATCH 108/122] docs(argocd-applicationset): Update README and convert it to helm-docs (#896) Signed-off-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 5 +- charts/argocd-applicationset/README.md | 24 ++++---- charts/argocd-applicationset/README.md.gotmpl | 57 +++++++++++++++++++ charts/argocd-applicationset/values.yaml | 38 +++++++++++-- 4 files changed, 105 insertions(+), 19 deletions(-) create mode 100644 charts/argocd-applicationset/README.md.gotmpl diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 0796bbef..ebe52679 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.3.0 +version: 1.3.1 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,5 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Fixed]: Use new image repository" - - "[Changed]: Updated ApplicationSet CRD" + - "[Changed]: Update README and convert it to helm-docs" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index 0996b234..35c57240 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -57,34 +57,38 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | Key | Type | Default | Description | |-----|------|---------|-------------| | affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | -| args.metricsAddr | int | `8080` | The default metric address | -| args.probeBindAddr | int | `8081` | The default health check port | -| args.enableLeaderElection | bool | `false` | The default leader election setting | -| args.namespace | string | `argocd` | The default Argo CD repo namespace | -| args.argocdRepoServer | string | `argocd-repo-server:8081` | The default Argo CD repo server address | -| args.policy | string | `sync` | How application is synced between the generator and the cluster | +| args.argocdRepoServer | string | `"argocd-repo-server:8081"` | The default Argo CD repo server address | | args.debug | bool | `false` | Print debug logs | | args.dryRun | bool | `false` | Enable dry run mode | +| args.enableLeaderElection | bool | `false` | The default leader election setting | +| args.metricsAddr | string | `":8080"` | The default metric address | +| args.namespace | string | `"argocd"` | The default Argo CD repo namespace | +| args.policy | string | `"sync"` | How application is synced between the generator and the cluster | +| args.probeBindAddr | string | `":8081"` | The default health check port | | extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | extraVolumes | list | `[]` | List of extra volumes to add | | fullnameOverride | string | `""` | Override the default fully qualified app name | | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | -| image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. | +| image.repository | string | `"quay.io/argoproj/argocd-applicationset"` | The image repository | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` | +| mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | | mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume | | mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume | -| mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | -| mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` | | nameOverride | string | `""` | Provide a name in place of `argocd-applicationset` | | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | | podAnnotations | object | `{}` | Annotations for the controller pods | | podSecurityContext | object | `{}` | Pod Security Context | +| priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | | rbac.pspEnabled | bool | `true` | Enable Pod Security Policy | | replicaCount | int | `1` | The number of controller pods to run | | resources | object | `{}` | Resource limits and requests for the controller pods. | | securityContext | object | `{}` | Security Context | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) diff --git a/charts/argocd-applicationset/README.md.gotmpl b/charts/argocd-applicationset/README.md.gotmpl new file mode 100644 index 00000000..62f1145e --- /dev/null +++ b/charts/argocd-applicationset/README.md.gotmpl @@ -0,0 +1,57 @@ +# Argo CD ApplicationSet Chart + +A Helm chart for Argo CD ApplicationSet, a controller to programmatically generate Argo CD Application. + +Source code can be found [here](https://github.com/argoproj-labs/applicationset/) + +## Additional Information + +This is a **community maintained** chart. This chart installs the [applicationset](https://github.com/argoproj-labs/applicationset) controller. + +This chart currently installs the non-HA version of Argo CD ApplicationSet. + +## Prerequisites + +- Helm v3.0.0+ +- The ApplicationSet controller **must** be installed into the same namespace as the Argo CD it is targetting. + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install --name my-release argo/argocd-applicationset +NAME: my-release +... +``` + +### Testing + +Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing). + +```console +kind create cluster +kubectl create namespace argocd +kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml +ct install --namespace argocd +``` + +## Notes on CRD Installation + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. + +You then can install the CRDs manually from `crds` folder or via the manifests from the upstream project repo: + +```console +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref= + +# Eg. version v0.1.0 +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=v0.1.0 +``` + +{{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index ac9ba29c..b0820368 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -2,47 +2,63 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. +# -- The number of controller pods to run replicaCount: 1 image: - # The image repository + # -- The image repository repository: quay.io/argoproj/argocd-applicationset - # Image pull policy + # -- Image pull policy pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. + # -- Overrides the image tag whose default is the chart appVersion. tag: "" args: + # -- The default metric address metricsAddr: :8080 + # -- The default health check port probeBindAddr: :8081 + # -- The default leader election setting enableLeaderElection: false + # -- The default Argo CD repo namespace namespace: argocd + # -- The default Argo CD repo server address argocdRepoServer: argocd-repo-server:8081 + # -- How application is synced between the generator and the cluster policy: sync + # -- Print debug logs debug: false + # -- Enable dry run mode dryRun: false +# -- If defined, uses a Secret to pull an image from a private Docker registry or repository. imagePullSecrets: [] +# -- Provide a name in place of `argocd-applicationset` nameOverride: "" +# -- Override the default fully qualified app name fullnameOverride: "" serviceAccount: - # Specifies whether a service account should be created + # -- Specifies whether a service account should be created create: true - # Annotations to add to the service account + # -- Annotations to add to the service account annotations: {} - # The name of the service account to use. + # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" +# -- Annotations for the controller pods podAnnotations: {} rbac: + # -- Enable Pod Security Policy pspEnabled: true +# -- Pod Security Context podSecurityContext: {} # fsGroup: 2000 +# -- Security Context securityContext: {} # capabilities: # drop: @@ -51,6 +67,7 @@ securityContext: {} # runAsNonRoot: true # runAsUser: 1000 +# -- Resource limits and requests for the controller pods. resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -63,23 +80,32 @@ resources: {} # cpu: 100m # memory: 128Mi +# -- [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) nodeSelector: {} +# -- [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) tolerations: [] +# -- [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) affinity: {} +# -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. priorityClassName: "" +# -- Mount the `argocd-ssh-known-hosts-cm` volume mountSSHKnownHostsVolume: true +# -- Mount the `argocd-tls-certs-cm` volume mountTLSCertsVolume: true +# -- Mount the `argocd-gpg-keys-cm` volume mountGPGKeysVolume: false +# -- Mount an emptyDir volume for `gpg-keyring` mountGPGKeyringVolume: true # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] # - mountPath: /tmp/foobar # name: foobar + # -- List of extra volumes to add extraVolumes: [] # - name: foobar From 91e6e0749a24dbf453fce0f51faea39c4501d9e7 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 25 Aug 2021 14:14:13 +0200 Subject: [PATCH 109/122] fix(argocd-notifications): Use correct names for ConfigMap and Secret (#898) Signed-off-by: Petr Drastil --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/templates/configmap.yaml | 2 +- charts/argocd-notifications/templates/secret.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 0ae4fff0..26d37b85 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.3 +version: 1.4.4 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Fixed]: Use correct chart icon url" + - "[Fixed]: Use correct names for ConfigMap and Secret" diff --git a/charts/argocd-notifications/templates/configmap.yaml b/charts/argocd-notifications/templates/configmap.yaml index 37f95b53..7b5186c0 100644 --- a/charts/argocd-notifications/templates/configmap.yaml +++ b/charts/argocd-notifications/templates/configmap.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "argocd-notifications.name" . }}-cm + name: argocd-notifications-cm labels: {{- include "argocd-notifications.labels" . | nindent 4 }} data: diff --git a/charts/argocd-notifications/templates/secret.yaml b/charts/argocd-notifications/templates/secret.yaml index 11cf4c78..e912eef7 100644 --- a/charts/argocd-notifications/templates/secret.yaml +++ b/charts/argocd-notifications/templates/secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "argocd-notifications.name" . }}-secret + name: argocd-notifications-secret labels: {{- include "argocd-notifications.labels" . | nindent 4 }} type: Opaque From 8e11387e7d250adc7d80e711ceae58d0d7966f4f Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 25 Aug 2021 17:04:29 +0200 Subject: [PATCH 110/122] feat(argo-cd): Allow service monitor relabeling configs (#897) * Allow service monitor relabeling configs Signed-off-by: Petr Drastil * Revert scrape interval to optional field Signed-off-by: Petr Drastil * Revert path to original place Signed-off-by: Petr Drastil * Fix trailing character on README Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++-- charts/argo-cd/README.md | 8 +++++++ .../servicemonitor.yaml | 21 ++++++++++------ .../argocd-repo-server/servicemonitor.yaml | 21 ++++++++++------ .../argocd-server/servicemonitor.yaml | 19 ++++++++++----- .../argo-cd/templates/dex/servicemonitor.yaml | 24 ++++++++++++------- charts/argo-cd/values.yaml | 8 +++++++ 7 files changed, 76 insertions(+), 30 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7686f02e..ea642649 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.15.0 +version: 3.16.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Global configuration for pod annotations and labels" + - "[Added]: Service monitor relabelings and metricsRelabelings" + - "[Fixed]: Service monitor interval configuration for all components" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c3dabc56..57399e5e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -203,6 +203,8 @@ NAME: my-release | controller.metrics.service.servicePort | Metrics service port | `8082` | | controller.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | | controller.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| controller.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | +| controller.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | | controller.name | Controller name string. | `"application-controller"` | | controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | controller.podAnnotations | Annotations for the controller pods | `{}` | @@ -255,6 +257,8 @@ NAME: my-release | repoServer.metrics.service.servicePort | Metrics service port | `8082` | | repoServer.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | | repoServer.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| repoServer.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | +| repoServer.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | | repoServer.name | Repo server name | `"repo-server"` | | repoServer.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | repoServer.podAnnotations | Annotations for the repo server pods | `{}` | @@ -335,6 +339,8 @@ NAME: my-release | server.metrics.service.servicePort | Metrics service port | `8082` | | server.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | | server.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| server.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | +| server.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | | server.name | Argo CD server name | `"server"` | | server.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | server.podAnnotations | Annotations for the server pods | `{}` | @@ -387,6 +393,8 @@ NAME: my-release | dex.metrics.service.labels | Metrics service labels | `{}` | | dex.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | | dex.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| dex.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | +| dex.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | | dex.name | Dex name | `"dex-server"` | | dex.env | Environment variables for the Dex server. | `[]` | | dex.envFrom | `envFrom` to pass to the Dex server. | `[]` (See [values.yaml](values.yaml)) | diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 0b943982..249d4e38 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -3,16 +3,16 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.controller.fullname" . }} - {{- if .Values.controller.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }} + {{- with .Values.controller.metrics.serviceMonitor.namespace }} + namespace: {{ . }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - {{- if .Values.controller.metrics.serviceMonitor.selector }} -{{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }} + {{- with .Values.controller.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} -{{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- with .Values.controller.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: @@ -21,6 +21,14 @@ spec: interval: {{ . }} {{- end }} path: /metrics + {{- with .Values.controller.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} @@ -28,4 +36,3 @@ spec: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 6 }} {{- end }} - diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 027cdb5f..2c353479 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -3,16 +3,16 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.repoServer.fullname" . }} - {{- if .Values.repoServer.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.repoServer.metrics.serviceMonitor.namespace }} + {{- with .Values.repoServer.metrics.serviceMonitor.namespace }} + namespace: {{ . }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} - {{- if .Values.repoServer.metrics.serviceMonitor.selector }} -{{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }} + {{- with .Values.repoServer.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }} -{{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- with .Values.repoServer.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: @@ -21,6 +21,14 @@ spec: interval: {{ . }} {{- end }} path: /metrics + {{- with .Values.repoServer.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.repoServer.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} @@ -28,4 +36,3 @@ spec: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-metrics" .Values.repoServer.name)) | nindent 6 }} {{- end }} - diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 00002faa..ab97acc2 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -8,19 +8,27 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- if .Values.server.metrics.serviceMonitor.selector }} -{{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }} + {{- with .Values.server.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.server.metrics.serviceMonitor.additionalLabels }} -{{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- with .Values.server.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: - port: metrics - {{- with .Values.controller.metrics.serviceMonitor.interval }} + {{- with .Values.server.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} path: /metrics + {{- with .Values.server.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.server.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} @@ -28,4 +36,3 @@ spec: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.server.name "name" (printf "%s-metrics" .Values.server.name)) | nindent 6 }} {{- end }} - diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 58bae6e2..ca1d54b0 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -3,28 +3,36 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.dex.fullname" . }} - {{- if .Values.dex.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.dex.metrics.serviceMonitor.namespace }} + {{- with .Values.dex.metrics.serviceMonitor.namespace }} + namespace: {{ . }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} - {{- if .Values.dex.metrics.serviceMonitor.selector }} -{{- toYaml .Values.dex.metrics.serviceMonitor.selector | nindent 4 }} + {{- with .Values.dex.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.dex.metrics.serviceMonitor.additionalLabels }} -{{- toYaml .Values.dex.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- with .Values.dex.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: - port: metrics - {{- with .Values.controller.metrics.serviceMonitor.interval }} + {{- with .Values.dex.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} path: /metrics + {{- with .Values.dex.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.dex.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . |nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 6 }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index bc807eb1..ff23a597 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -169,6 +169,8 @@ controller: serviceMonitor: enabled: false interval: 30s + relabelings: [] + metricRelabelings: [] # selector: # prometheus: kube-prometheus # namespace: monitoring @@ -230,6 +232,8 @@ dex: serviceMonitor: enabled: false interval: 30s + relabelings: [] + metricRelabelings: [] # selector: # prometheus: kube-prometheus # namespace: monitoring @@ -576,6 +580,8 @@ server: serviceMonitor: enabled: false interval: 30s + relabelings: [] + metricRelabelings: [] # selector: # prometheus: kube-prometheus # namespace: monitoring @@ -961,6 +967,8 @@ repoServer: serviceMonitor: enabled: false interval: 30s + relabelings: [] + metricRelabelings: [] # selector: # prometheus: kube-prometheus # namespace: monitoring From 31803c05d66b91b0581ffc9e413e2e56c09cb124 Mon Sep 17 00:00:00 2001 From: Emanuel Oliveira Date: Thu, 26 Aug 2021 10:42:47 -0300 Subject: [PATCH 111/122] feat(argo-cd): Finalize update to argocd 2.1.0 (#884) Signed-off-by: Emanuel Oliveira Co-authored-by: Mateus Miranda Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +- charts/argo-cd/README.md | 4 ++ charts/argo-cd/crds/crd-application.yaml | 41 ++++++++++- charts/argo-cd/templates/NOTES.txt | 6 ++ .../deployment.yaml | 7 ++ ...repository-credentials-secret-legacy.yaml} | 2 +- .../repository-credentials-secret.yaml | 14 ++++ .../argocd-configs/repository-secret.yaml | 14 ++++ charts/argo-cd/values.yaml | 70 +++++++++++++------ 9 files changed, 138 insertions(+), 27 deletions(-) rename charts/argo-cd/templates/{argocd-repo-server/repository-credentials-secret.yaml => argocd-configs/repository-credentials-secret-legacy.yaml} (97%) create mode 100644 charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml create mode 100644 charts/argo-cd/templates/argocd-configs/repository-secret.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ea642649..4392cbe8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.16.0 +version: 3.17.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Service monitor relabelings and metricsRelabelings" - - "[Fixed]: Service monitor interval configuration for all components" + - "[Changed]: Sync CRDs of ArgoCD v2.1.0" + - "[Added]: Enable use of separated secret just for repositories" + - "[Deprecated]: configs.repositoryCredentials is deprecated now. Instead, use configs.credentialTemplates and/or configs.repositories" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 57399e5e..d75802b3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -167,6 +167,9 @@ NAME: my-release | configs.secret.createSecret | Create the argocd-secret. | `true` | | configs.secret.githubSecret | GitHub incoming webhook secret | `""` | | configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` | +| configs.repositoryCredentials | DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories. | `{}` | +| configs.credentialTemplates | Repository credentials to be used as Templates for other repos. | `{}` | +| configs.repositories | Repositories list to be used by applications. | `{}` | | configs.tlsCertsAnnotations | TLS certificate configmap annotations | `{}` | | configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) | | configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` | @@ -301,6 +304,7 @@ NAME: my-release | server.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | | server.configAnnotations | ArgoCD configuration configmap annotations | `{}` | | server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) | +| server.config.repositories | [DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories.](https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | | server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` | diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index 74364ae4..714b363e 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -267,6 +267,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -365,6 +371,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -376,7 +386,6 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array @@ -543,6 +552,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -838,6 +853,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether toforce applying common labels to resources for Kustomizeapps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -1134,6 +1155,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -1412,6 +1439,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -1687,6 +1720,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index a5f59108..34cdaaca 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -1,3 +1,9 @@ +{{- if or .Values.configs.repositoryCredentials .Values.server.config.repositories }} +WARNING: You are using configs.repositoryCredentials and/or server.config.repositories parameter that are DEPRECATED +Instead, use configs.repositoryTemplates and/or configs.repositories parameters +Read More about here: https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour + +{{- end}} In order to access the server UI you have the following options: 1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443 diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index fac40ab7..a75c1af1 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -48,6 +48,8 @@ spec: - {{ .Values.controller.args.selfHealTimeout | quote }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --repo-server-timeout-seconds + - {{ .Values.controller.args.repoServerTimeoutSeconds | quote }} - --logformat - {{ .Values.controller.logFormat }} - --loglevel @@ -93,7 +95,10 @@ spec: timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} + workingDir: /home/argocd volumeMounts: + - name: argocd-home + mountPath: /home/argocd - mountPath: /app/config/controller/tls name: argocd-repo-server-tls {{- with .Values.controller.volumeMounts }} @@ -119,6 +124,8 @@ spec: {{ toYaml . | indent 6 }} {{- end }} volumes: + - emptyDir: {} + name: argocd-home - name: argocd-repo-server-tls secret: items: diff --git a/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret-legacy.yaml similarity index 97% rename from charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml rename to charts/argo-cd/templates/argocd-configs/repository-credentials-secret-legacy.yaml index 354e2ca9..a89bedcb 100644 --- a/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret-legacy.yaml @@ -10,4 +10,4 @@ data: {{- range $key, $value := .Values.configs.repositoryCredentials }} {{ $key }}: {{ $value | b64enc }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml new file mode 100644 index 00000000..fe21917c --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -0,0 +1,14 @@ +{{- range $repo_cred_key, $repo_cred_value := .Values.configs.credentialTemplates }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: argocd-repo-creds-{{ $repo_cred_key }} + labels: + argocd.argoproj.io/secret-type: repo-creds + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +data: + {{- range $key, $value := $repo_cred_value }} + {{ $key }}: {{ $value | toString | b64enc }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml new file mode 100644 index 00000000..b42eaefc --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -0,0 +1,14 @@ +{{- range $repo_key, $repo_value := .Values.configs.repositories }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: argocd-repo-{{ $repo_key }} + labels: + argocd.argoproj.io/secret-type: repository + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +data: + {{- range $key, $value := $repo_value }} + {{ $key }}: {{ $value | b64enc }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ff23a597..930827d8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -61,6 +61,7 @@ controller: operationProcessors: "10" appResyncPeriod: "180" selfHealTimeout: "5" + repoServerTimeoutSeconds: "60" ## Argo controller log format: text|json logFormat: text @@ -101,6 +102,7 @@ controller: # drop: # - all # readOnlyRootFilesystem: true + # runAsNonRoot: true ## Configures the controller port containerPort: 8082 @@ -395,10 +397,8 @@ redis: ## Redis Pod specific security context securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 runAsNonRoot: true + runAsUser: 999 serviceAccount: create: false @@ -696,6 +696,8 @@ server: url: https://argocd.example.com # Argo CD instance label key application.instanceLabelKey: argocd.argoproj.io/instance + + # DEPRECATED: Please instead use configs.credentialTemplates and configs.repositories # repositories: | # - url: git@github.com:group/repo.git # sshPrivateKeySecret: @@ -707,6 +709,7 @@ server: # - type: helm # url: https://argoproj.github.io/argo-helm # name: argo + # oidc.config: | # name: AzureAD # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 @@ -1115,25 +1118,48 @@ configs: # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK # XWyb96wrUlv+E8I= # -----END CERTIFICATE----- - # Creates a secret with optional repository credentials - repositoryCredentials: - {} - # sample-ssh-key: | - # -----BEGIN RSA PRIVATE KEY----- - # MIICXAIBAAKBgQCcmiVJXGUvL8zqWmRRETbCKgFadtjJ9WDQpSwiZzMiktpYBo0N - # z0cThzGQfWqvdiJYEy72MrKCaSYssV3eHP5zTffk4VBDktNfdl1kgkOpqnh7tQO4 - # nBONRLzcK6KEbKUsmiTbW8Jb4UFYDhyyyveby7y3vYePmaRQIrlEenVfKwIDAQAB - # AoGAbbg+WZjnt9jYzHWKhZX29LDzg8ty9oT6URT4yB3gIOAdJMFqQHuyg8cb/e0x - # O0AcrfK623oHwgEj4vpeFwnfaBdtM5GfH9zaj6pnXV7VZc3oBHrBnHUgFT3NEYUe - # tt6rtatIguBH61Aj/pyij9sOfF0xDj0s1nwFTbdHtZR/31kCQQDIwcVTqhKkDNW6 - # cvdz+Wt3v9x1wNg+VhZhyA/pKILz3+qtn3GogLrQqhpVi+Y7tdvEv9FvgKaCjUp8 - # 6Lfp6dDFAkEAx7HpQbXFdrtcveOi9kosKRDX1PT4zdhB08jAXGlV8jr0jkrZazVM - # hV5rVCuu35Vh6x1fiyGwwiVsqhgWE+KPLwJAWrDemasM/LsnmjDxhJy6ZcBwsWlK - # xu5Q8h9UwLmiXtVayNBsofh1bGpLtzWZ7oN7ImidDkgJ8JQvgDoJS0xrGQJBALPJ - # FkMFnrjtqGqBVkc8shNqyZY90v6oM2OzupO4dht2PpUZCDPAMZtlTWXjSjabbCPc - # NxexBk1UmkdtFftjHxsCQGjG+nhRYH92MsmrbvZyFzgxg9SIOu6xel7D3Dq9l5Le - # XG+bpHPF4SiCpAxthP5WNa17zuvk+CDsMZgZNuhYNMo= - # -----END RSA PRIVATE KEY----- +## # Creates a secret with optional repository credentials +## DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories + repositoryCredentials: {} + +## Creates a secret for each key/value specified below to create repository credentials + credentialTemplates: {} + # github-enterprise-creds-1: + # url: https://github.com/argoproj + # githubAppID: 1 + # githubAppInstallationID: 2 + # githubAppEnterpriseBaseUrl: https://ghe.example.com/api/v3 + # githubAppPrivateKey: | + # -----BEGIN OPENSSH PRIVATE KEY----- + # ... + # -----END OPENSSH PRIVATE KEY----- + # https-creds: + # url: https://github.com/argoproj + # password: my-password + # username: my-username + # ssh-creds: + # url: git@github.com:argoproj-labs + # sshPrivateKey: | + # -----BEGIN OPENSSH PRIVATE KEY----- + # ... + # -----END OPENSSH PRIVATE KEY----- + +## Creates a secret for each key/value specified below to create repositories +## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". + repositories: {} + # istio-helm-repo: + # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts + # name: istio.io + # type: helm + # private-helm-repo: + # url: https://my-private-chart-repo.internal + # name: private-repo + # type: helm + # password: my-password + # username: my-username + # private-repo: + # url: https://github.com/argoproj/private-repo + secret: createSecret: true ## Annotations to be added to argocd-secret From e099ab38b4bb926bd39c1a28310b73265cd58eee Mon Sep 17 00:00:00 2001 From: Takumi Sue <23391543+mikutas@users.noreply.github.com> Date: Thu, 26 Aug 2021 22:55:06 +0900 Subject: [PATCH 112/122] fix(argo-cd): Add missing parameter 'server.extraContainers' to README.md (#902) Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 1 + 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4392cbe8..868480bd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.0 +version: 3.17.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,6 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Sync CRDs of ArgoCD v2.1.0" - - "[Added]: Enable use of separated secret just for repositories" - - "[Deprecated]: configs.repositoryCredentials is deprecated now. Instead, use configs.credentialTemplates and/or configs.repositories" + - "[Fixed]: Add missing parameter 'server.extraContainers' to README.md" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d75802b3..062265e8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -307,6 +307,7 @@ NAME: my-release | server.config.repositories | [DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories.](https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | +| server.extraContainers | Additional containers for the server. A list of containers. | `[]` | | server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` | | server.env | Environment variables for the server. | `[]` | | server.envFrom | `envFrom` to pass to the server. | `[]` (See [values.yaml](values.yaml)) | From 1b7d63fde9e5f6c68ed659ad9a5285f495be6e83 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 26 Aug 2021 16:21:58 +0200 Subject: [PATCH 113/122] feat(argo-cd): Upgrade argo-cd image to 2.1.1 (#903) * reenable static assets for argo-cd server Signed-off-by: Geisler, James D * add fix to changelog Signed-off-by: Geisler, James D * feat(argo-cd): Upgrade argo-cd image to 2.1.1 Signed-off-by: Petr Drastil * Bump chart version Signed-off-by: Petr Drastil * Bump fix version Signed-off-by: Petr Drastil Co-authored-by: Geisler, James D --- charts/argo-cd/Chart.yaml | 7 ++++--- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ++++ charts/argo-cd/values.yaml | 6 +++++- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 868480bd..4f6a944b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.1.0 +appVersion: 2.1.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.1 +version: 3.17.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing parameter 'server.extraContainers' to README.md" + - "[Changed]: Upgrade argo-cd image to 2.1.1" + - "[Fixed]: Reenabling static assets for the argo-cd server" diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 9f941c96..05d1a5ae 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -40,6 +40,10 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server + {{ if .Values.server.staticAssets.enabled }} + - --staticassets + - /shared/app + {{ end }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- if .Values.dex.enabled }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 930827d8..d6ebddbe 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.1.0 + tag: v2.1.1 imagePullPolicy: IfNotPresent ## Annotations applied to all pods podAnnotations: {} @@ -462,6 +462,10 @@ server: extraArgs: [] # - --insecure + # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app + staticAssets: + enabled: true + ## Environment variables to pass to argocd-server ## env: [] From 93a74912dc6dcbfbc84264272931cd565119afb1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Pinson?= Date: Thu, 26 Aug 2021 17:10:49 +0200 Subject: [PATCH 114/122] fix(argo-cd): use $ as context for repository secret labels (#904) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Raphaël Pinson --- charts/argo-cd/Chart.yaml | 5 ++--- .../argocd-configs/repository-credentials-secret.yaml | 2 +- .../argo-cd/templates/argocd-configs/repository-secret.yaml | 2 +- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4f6a944b..d5e17438 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.2 +version: 3.17.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade argo-cd image to 2.1.1" - - "[Fixed]: Reenabling static assets for the argo-cd server" + - "[Fixed]: use $ as context for repository secret labels" diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index fe21917c..f9165d5d 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -6,7 +6,7 @@ metadata: name: argocd-repo-creds-{{ $repo_cred_key }} labels: argocd.argoproj.io/secret-type: repo-creds - {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} + {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} data: {{- range $key, $value := $repo_cred_value }} {{ $key }}: {{ $value | toString | b64enc }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index b42eaefc..2c0d4f08 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -6,7 +6,7 @@ metadata: name: argocd-repo-{{ $repo_key }} labels: argocd.argoproj.io/secret-type: repository - {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} + {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} data: {{- range $key, $value := $repo_value }} {{ $key }}: {{ $value | b64enc }} From 81ec515e54d03d798c9ab198688b0c77ca59f1e4 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 27 Aug 2021 12:05:55 +0200 Subject: [PATCH 115/122] chore(argo-cd): Upgrade dex server to 2.30.0 (#905) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d5e17438..debedb0b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.3 +version: 3.17.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: use $ as context for repository secret labels" + - "[Changed]: Upgrade dex server to 2.30.0" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d6ebddbe..d87db087 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -243,7 +243,7 @@ dex: image: repository: ghcr.io/dexidp/dex - tag: v2.28.1 + tag: v2.30.0 imagePullPolicy: IfNotPresent initImage: repository: From 91d2a56ca80a24be083b224f2dfdc742dcb21dfe Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 27 Aug 2021 14:33:17 +0200 Subject: [PATCH 116/122] Add Pod label configuration for argocd-applicationset (#906) Signed-off-by: Petr Drastil --- charts/argocd-applicationset/Chart.yaml | 4 ++-- charts/argocd-applicationset/README.md | 1 + charts/argocd-applicationset/templates/deployment.yaml | 3 +++ charts/argocd-applicationset/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index ebe52679..ba9b62cd 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.3.1 +version: 1.4.0 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Changed]: Update README and convert it to helm-docs" + - "[Added]: Configuration for Pod labels" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index 35c57240..1683c33b 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -79,6 +79,7 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | nameOverride | string | `""` | Provide a name in place of `argocd-applicationset` | | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | | podAnnotations | object | `{}` | Annotations for the controller pods | +| podLabels | object | `{}` | Labels for the controller pods | | podSecurityContext | object | `{}` | Pod Security Context | | priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | | rbac.pspEnabled | bool | `true` | Enable Pod Security Policy | diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index beb34680..a577854b 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -17,6 +17,9 @@ spec: {{- end }} labels: {{- include "argo-applicationset.selectorLabels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index b0820368..5c9f8225 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -50,6 +50,9 @@ serviceAccount: # -- Annotations for the controller pods podAnnotations: {} +# -- Labels for the controller pods +podLabels: {} + rbac: # -- Enable Pod Security Policy pspEnabled: true From 2beca15feb709e16f01e415ee2030bf18e48ed35 Mon Sep 17 00:00:00 2001 From: Karsten Siemer Date: Fri, 27 Aug 2021 14:59:29 +0200 Subject: [PATCH 117/122] feat(argo-workflows): Add controller namespaceParallelism param to configmap (#908) Signed-off-by: Karsten Siemer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 2 ++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6a8e00b8..57659f23 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.4.2 +version: 0.5.0 appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Bump appVersion to 3.1.8" + - "[Added]: Add controller namespaceParallelism param to configmap" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index dd2af42e..ce6f166b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -17,6 +17,9 @@ data: {{- if .Values.controller.parallelism }} parallelism: {{ .Values.controller.parallelism }} {{- end }} + {{- with .Values.controller.namespaceParallelism }} + namespaceParallelism: {{ . }} + {{- end }} {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: {{- with .Values.executor.resources }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index c19562d0..cbbe9491 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -42,6 +42,8 @@ controller: tag: "" # parallelism dictates how many workflows can be running at the same time parallelism: + # Limits the maximum number of incomplete workflows in a namespace + namespaceParallelism: # podAnnotations is an optional map of annotations to be applied to the controller Pods podAnnotations: {} # Optional labels to add to the controller pods From 2fd39754de4e5a7e89afc669d2cb99a029600e6d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 27 Aug 2021 15:12:29 +0200 Subject: [PATCH 118/122] Add Pod label configuration for argocd-notifications (#907) Signed-off-by: Petr Drastil Co-authored-by: Marco Kilchhofer --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/templates/deployment.yaml | 3 +++ charts/argocd-notifications/values.yaml | 2 ++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 26d37b85..fe9b6f45 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.4 +version: 1.5.0 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Fixed]: Use correct names for ConfigMap and Secret" + - "[Added]: Configuration for Pod labels" diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml index 0e18f698..f1d9ab5e 100644 --- a/charts/argocd-notifications/templates/deployment.yaml +++ b/charts/argocd-notifications/templates/deployment.yaml @@ -20,6 +20,9 @@ spec: {{- end }} labels: {{- include "argocd-notifications.selectorLabels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index fe6857b7..6eeb97a0 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -73,6 +73,8 @@ notifiers: podAnnotations: {} +podLabels: {} + ## Pod Security Context securityContext: runAsNonRoot: true From 5c03c916be16f3228ad1745410fb82e9b75a2822 Mon Sep 17 00:00:00 2001 From: Sander van Schie Date: Fri, 27 Aug 2021 15:47:01 +0200 Subject: [PATCH 119/122] feat(argo-cd): Make AWS ALB GRPC backend protocol version configurable (#909) Signed-off-by: Sander van Schie --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + .../templates/argocd-server/alb-grpc-service.yaml | 2 +- charts/argo-cd/values.yaml | 13 +++++++------ 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index debedb0b..4efb92dd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.4 +version: 3.17.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade dex server to 2.30.0" + - "[Changed]: Make AWS ALB GRPC backend protocol version configurable" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 062265e8..8679a009 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -329,6 +329,7 @@ NAME: my-release | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | | server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | | server.ingressGrpc.awsALB.serviceType | Service type for the AWS ALB GRPC service | `NodePort` | +| server.ingressGrpc.awsALB.backendProtocolVersion | Backend protocol version for the AWS ALB GRPC service | `HTTP2` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.lifecycle | PostStart and PreStop hooks configuration | `{}` | diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml index dd725fef..4adcd82d 100644 --- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + alb.ingress.kubernetes.io/backend-protocol-version: {{ .Values.server.ingressGrpc.awsALB.backendProtocolVersion }} labels: {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-grpc diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d87db087..8bf991c6 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -644,14 +644,15 @@ server: labels: {} ingressClassName: "" - ## Service Type if isAWSALB is set to true - ## Can be of type NodePort or ClusterIP depending on which mode you are - ## are running. Instance mode needs type NodePort, IP mode needs type - ## ClusterIP - ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic - ## awsALB: + ## Service Type if isAWSALB is set to true + ## Can be of type NodePort or ClusterIP depending on which mode you are + ## are running. Instance mode needs type NodePort, IP mode needs type + ## ClusterIP + ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic serviceType: NodePort + # This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + backendProtocolVersion: HTTP2 ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. From 32a6aa70ed65d4ef2108ea55d0bf214a4852de03 Mon Sep 17 00:00:00 2001 From: Donovan Muller Date: Mon, 30 Aug 2021 08:46:26 +0200 Subject: [PATCH 120/122] fix(argo-rollouts): Also use 'controller.component' parameter in ServiceMonitor (#912) * fix(argo-rollouts): Use 'controller.component' parameter consistently Signed-off-by: Donovan Muller * Fix second occurrence of controller.component Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- .../templates/argo-rollouts-service-monitor.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 7bdb6ea9..74431538 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.0.0 +version: 2.0.1 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Dashboard manifests" + - "[Fixed]: ServiceMonitor selector labels match metrics Service" diff --git a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml index f94a25b8..72d9a691 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml @@ -4,7 +4,7 @@ kind: ServiceMonitor metadata: name: {{ include "argo-rollouts.fullname" . }} labels: - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} {{- range $key, $value := .Values.controller.metrics.serviceMonitor.additionalLabels }} {{ $key }}: {{ $value | quote }} @@ -21,6 +21,6 @@ spec: - {{ .Release.Namespace }} selector: matchLabels: - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} {{- end }} From 372fc24e5e3fd989b2ddacc79fdcc3fe66ad9114 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Thu, 2 Sep 2021 17:58:50 -0400 Subject: [PATCH 121/122] feat(argo-cd): Upgrade argocd to v2.1.2 (#921) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4efb92dd..58cd634e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.1.1 +appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.5 +version: 3.17.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Make AWS ALB GRPC backend protocol version configurable" + - "[Changed]: Upgrade argocd to 2.1.2" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 8679a009..99114a91 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -141,7 +141,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.1.2"` | | global.podAnnotations | Annotations for the all deployed pods | | global.podLabels | Labels for the all deployed pods | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8bf991c6..022ecfb2 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.1.1 + tag: v2.1.2 imagePullPolicy: IfNotPresent ## Annotations applied to all pods podAnnotations: {} From 44acc3cde7d04bc2bfa8b8613defcff49bbd32f4 Mon Sep 17 00:00:00 2001 From: Elliot Maincourt Date: Mon, 13 Sep 2021 18:21:04 +0200 Subject: [PATCH 122/122] feat(argo-workflows): Add controller containerRuntimeExecutors param to configmap (#924) * feat(argo-workflows): Add controller containerRuntimeExecutors param to configmap Signed-off-by: Elliot Maincourt * fix(chart): changes are not cumulative Signed-off-by: Elliot Maincourt --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 4 ++++ charts/argo-workflows/values.yaml | 5 +++++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 57659f23..cb5f3fe9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.5.0 +version: 0.5.1 appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add controller namespaceParallelism param to configmap" + - "[Added]: Add controller containerRuntimeExecutors param to configmap" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index ce6f166b..36ecf638 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -14,6 +14,10 @@ data: {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} + {{- with .Values.controller.containerRuntimeExecutors }} + containerRuntimeExecutors: + {{- toYaml . | nindent 6 }} + {{- end }} {{- if .Values.controller.parallelism }} parallelism: {{ .Values.controller.parallelism }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cbbe9491..8e195b47 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -113,6 +113,11 @@ controller: workflowNamespaces: - default containerRuntimeExecutor: docker + # containerRuntimeExecutors: + # - name: emissary + # selector: + # matchLabels: + # workflows.argoproj.io/container-runtime-executor: emissary instanceID: # `instanceID.enabled` configures the controller to filter workflow submissions # to only those which have a matching instanceID attribute.