From f1a6fcc8af080ed1a824997ed6cfea3f40aeeaa5 Mon Sep 17 00:00:00 2001 From: jpbelanger-mtl Date: Wed, 26 Aug 2020 12:26:54 -0400 Subject: [PATCH 01/63] feat(argo-rollouts): Add configurable annotation to the metrics service (#421) Co-authored-by: Scott Cabrinha --- charts/argo-rollouts/Chart.yaml | 2 +- .../templates/argo-rollouts-metrics-service.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 8 ++++++-- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 1d05de0b..c12e756b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.8.3" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.4 +version: 0.3.5 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index cb673301..4301b7c8 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -6,6 +6,10 @@ metadata: app.kubernetes.io/component: server app.kubernetes.io/name: {{ .Release.Name }}-metrics app.kubernetes.io/part-of: {{ .Release.Name }} + annotations: + {{- range $key, $value := .Values.serviceAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: ports: - name: metrics diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index fda9bf7a..fbb2f68b 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -28,11 +28,15 @@ controller: serviceAccount: name: argo-rollouts -## Annotations to be added to the Redis server pods +## Annotations to be added to the Rollout pods ## podAnnotations: {} -## Labels to be added to the Redis server pods +## Annotations to be added to the Rollout service +## +serviceAnnotations: {} + +## Labels to be added to the Rollout pods ## podLabels: {} From 12c26701a54c8d7a898797f5acf46b0776fdc88c Mon Sep 17 00:00:00 2001 From: dherman Date: Thu, 27 Aug 2020 20:01:00 -0400 Subject: [PATCH 02/63] fix(argo): add missing rbac to support pdbs (#433) This adds support for the PodDisruptionBudget feature of Argo. Without this, PDBs will fail to be created/managed. Ref: https://github.com/argoproj/argo/blob/dae0f2df1ffcc8a2ff4f3dce1ea7da3f34587e2f/manifests/cluster-install/workflow-controller-rbac/workflow-controller-clusterrole.yaml#L84-L91 --- charts/argo/Chart.yaml | 2 +- .../argo/templates/workflow-controller-cluster-roles.yaml | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index de0c3833..112e2ae0 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.9.8 +version: 0.9.9 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-cluster-roles.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml index 1bee0b17..d5c3e74d 100644 --- a/charts/argo/templates/workflow-controller-cluster-roles.yaml +++ b/charts/argo/templates/workflow-controller-cluster-roles.yaml @@ -80,6 +80,14 @@ rules: verbs: - get - list +- apiGroups: + - "policy" + resources: + - poddisruptionbudgets + verbs: + - create + - get + - delete {{- if .Values.controller.persistence }} - apiGroups: - "" From bc14a12db5ec6c3836b570f1d99b629df0adc826 Mon Sep 17 00:00:00 2001 From: dherman Date: Thu, 27 Aug 2020 20:02:54 -0400 Subject: [PATCH 03/63] fix(argo): add missing cr privileges for `patch` (#399) In Argo 2.9+, the controller needs `patch` privileges on `events`. See https://github.com/argoproj/argo/commit/ff1627b71789c42f604c0f83a9a3328d7e6b8248 https://github.com/argoproj/argo/blob/65c2bd44e45c11e0a0b03adeef8d6800b72cd551/manifests/install.yaml#L253 Co-authored-by: Spencer Gilbert --- charts/argo/templates/workflow-controller-cluster-roles.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/argo/templates/workflow-controller-cluster-roles.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml index d5c3e74d..976d49f8 100644 --- a/charts/argo/templates/workflow-controller-cluster-roles.yaml +++ b/charts/argo/templates/workflow-controller-cluster-roles.yaml @@ -73,6 +73,7 @@ rules: - events verbs: - create + - patch - apiGroups: - "" resources: From 0a03ca0babb5231fd859821d8fbd813364e208e7 Mon Sep 17 00:00:00 2001 From: Richard Simpson Date: Fri, 28 Aug 2020 21:01:39 -0500 Subject: [PATCH 04/63] feat: add support for configuring bot port (#432) * feat: add support for configuring bot port Adds support for configuring the bot listening port for people who want it to listen on 443 (for example) * bump version * remove unnecessary protocol Co-authored-by: Andy Feller --- charts/argocd-notifications/Chart.yaml | 2 +- .../templates/bots/slack/deployment.yaml | 3 +++ .../argocd-notifications/templates/bots/slack/service.yaml | 6 +++--- charts/argocd-notifications/values.yaml | 1 + 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 1b497590..9d73681c 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 0.7.0 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.0.10 +version: 1.0.11 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argocd-notifications/templates/bots/slack/deployment.yaml b/charts/argocd-notifications/templates/bots/slack/deployment.yaml index 284d3c10..75883073 100644 --- a/charts/argocd-notifications/templates/bots/slack/deployment.yaml +++ b/charts/argocd-notifications/templates/bots/slack/deployment.yaml @@ -30,6 +30,9 @@ spec: command: - /app/argocd-notifications - bot + ports: + - containerPort: 8080 + name: http {{- with .Values.bots.slack.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argocd-notifications/templates/bots/slack/service.yaml b/charts/argocd-notifications/templates/bots/slack/service.yaml index 68881a36..c31ad935 100644 --- a/charts/argocd-notifications/templates/bots/slack/service.yaml +++ b/charts/argocd-notifications/templates/bots/slack/service.yaml @@ -9,10 +9,10 @@ metadata: {{- end }} spec: ports: - - name: server - port: 80 + - name: http + port: {{ .Values.bots.slack.service.port }} protocol: TCP - targetPort: 8080 + targetPort: http selector: {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 4 }} type: {{ .Values.bots.slack.service.type }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index e9a97421..93ce5390 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -211,6 +211,7 @@ bots: service: annotations: {} + port: 80 type: LoadBalancer serviceAccount: From f45bd52b0e51bb6fefdbbaaa43dca589cba7a377 Mon Sep 17 00:00:00 2001 From: Connor Hallett Date: Sat, 29 Aug 2020 16:37:57 -0400 Subject: [PATCH 05/63] feat(argo-cd): Add Support for syncWindows in additionalProjects (#398) * Add support for syncWindows in additionalProjects * Update values.yaml Add example of syncWindows * Update Chart.yaml Bump version Co-authored-by: Spencer Gilbert --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/projects.yaml | 4 ++++ charts/argo-cd/values.yaml | 7 +++++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b2142005..836988ca 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.6.2" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.6.0 +version: 2.6.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/projects.yaml b/charts/argo-cd/templates/argocd-server/projects.yaml index 3f768bf0..6b85889d 100644 --- a/charts/argo-cd/templates/argocd-server/projects.yaml +++ b/charts/argo-cd/templates/argocd-server/projects.yaml @@ -46,5 +46,9 @@ items: roles: {{- toYaml .roles | nindent 8 }} {{- end }} + {{- if .syncWindows }} + syncWindows: +{{- toYaml .syncWindows | nindent 8 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 21ef54a9..83741e83 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -604,6 +604,13 @@ server: # kind: StatefulSet # orphanedResources: {} # roles: [] + # syncWindows: + # - kind: allow + # schedule: '10 1 * * *' + # duration: 1h + # applications: + # - '*-prod' + # manualSync: true ## Enable Admin ClusterRole resources. ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. From bfb16d911b9973ba7927b9d57d6f600fef5580df Mon Sep 17 00:00:00 2001 From: Johnathan Falk Date: Sat, 29 Aug 2020 16:42:25 -0400 Subject: [PATCH 06/63] feat(argo-cd): Update CRD's to match upstream version. (#430) Signed-off-by: Johnathan Falk Co-authored-by: Spencer Gilbert --- charts/argo-cd/crds/crd-application.yaml | 681 ++++++++++------------- charts/argo-cd/crds/crd-project.yaml | 164 +++--- 2 files changed, 391 insertions(+), 454 deletions(-) diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index e51c04bb..b18d2058 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -23,14 +23,10 @@ spec: description: Application is a definition of Application resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -50,33 +46,50 @@ spec: type: object type: array initiatedBy: - description: OperationInitiator holds information about the operation - initiator + description: OperationInitiator holds information about the operation initiator properties: automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. + description: Automated is set to true if operation was initiated automatically by the application controller. type: boolean username: description: Name of a user who started operation. type: string type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object sync: description: SyncOperation contains sync operation details. properties: dryRun: - description: DryRun will perform a `kubectl apply --dry-run` without - actually performing the sync + description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync type: boolean manifests: - description: Manifests is an optional field that overrides sync - source with a local directory for development + description: Manifests is an optional field that overrides sync source with a local directory for development items: type: string type: array prune: - description: Prune deletes resources that are no longer tracked - in git + description: Prune deletes resources that are no longer tracked in git type: boolean resources: description: Resources describes which resources to sync @@ -89,19 +102,18 @@ spec: type: string name: type: string + namespace: + type: string required: - kind - name type: object type: array revision: - description: Revision is the revision in which to sync the application - to. If omitted, will use the revision specified in app spec. + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. type: string source: - description: Source overrides the source definition set in the application. - This is typically set in a Rollback operation and nil during a - Sync operation + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation properties: chart: description: Chart is a Helm chart name @@ -110,8 +122,7 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific - options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: description: ExtVars is a list of Jsonnet External Variables @@ -129,6 +140,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -153,11 +169,9 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm - template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to - a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter @@ -173,8 +187,7 @@ spec: description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -185,30 +198,25 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will use - the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined as - a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: description: KsonnetParameter is a ksonnet component parameter properties: @@ -238,12 +246,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -253,8 +259,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -274,13 +279,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch - in which to sync the application to. If omitted, will sync - to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -294,55 +296,42 @@ spec: description: SyncStrategy describes how to perform the sync properties: apply: - description: Apply wil perform a `kubectl apply` to perform - the sync. + description: Apply wil perform a `kubectl apply` to perform the sync. properties: force: - description: Force indicates whether or not to supply the - --force flag to `kubectl apply`. The --force flag deletes - and re-create the resource, when PATCH encounters conflict - and has retried for 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object hook: - description: Hook will submit any referenced resources to perform - the sync. This is the default strategy + description: Hook will submit any referenced resources to perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to supply the - --force flag to `kubectl apply`. The --force flag deletes - and re-create the resource, when PATCH encounters conflict - and has retried for 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object type: object type: object type: object spec: - description: ApplicationSpec represents desired application state. Contains - link to repository with application definition and additional parameters - link definition revision. + description: ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. properties: destination: - description: Destination overrides the kubernetes server and namespace - defined in the environment ksonnet app.yaml + description: Destination overrides the kubernetes server and namespace defined in the environment ksonnet app.yaml properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string namespace: - description: Namespace overrides the environment namespace value - in the ksonnet app.yaml + description: Namespace overrides the environment namespace value in the ksonnet app.yaml type: string server: - description: Server overrides the environment server value in the - ksonnet app.yaml + description: Server overrides the environment server value in the ksonnet app.yaml type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources fields which should - be ignored during comparison + description: IgnoreDifferences controls resources fields which should be ignored during comparison items: - description: ResourceIgnoreDifferences contains resource filter and - list of json paths which should be ignored during comparison with - live state. + description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. properties: group: type: string @@ -362,8 +351,7 @@ spec: type: object type: array info: - description: Infos contains a list of useful information (URLs, email - addresses, and plain text) that relates to the application + description: Infos contains a list of useful information (URLs, email addresses, and plain text) that relates to the application items: properties: name: @@ -376,20 +364,14 @@ spec: type: object type: array project: - description: Project is a application project name. Empty name means - that application belongs to 'default' project. + description: Project is a application project name. Empty name means that application belongs to 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept in the apps revision - history. This should only be changed in exceptional circumstances. - Setting to zero will store no history. This will reduce storage used. - Increasing will increase the space used to store the history, so we - do not recommend increasing it. Default is 10. + description: This limits this number of items kept in the apps revision history. This should only be changed in exceptional circumstances. Setting to zero will store no history. This will reduce storage used. Increasing will increase the space used to store the history, so we do not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location ksonnet application - definition + description: Source is a reference to the location ksonnet application definition properties: chart: description: Chart is a Helm chart name @@ -398,8 +380,7 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific - options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: description: ExtVars is a list of Jsonnet External Variables @@ -417,6 +398,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -441,11 +427,9 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm - template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to a helm - template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter @@ -461,8 +445,7 @@ spec: description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to tell Helm - to interpret booleans and numbers as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -473,12 +456,10 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will use the - application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to use - when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array @@ -490,12 +471,10 @@ spec: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component parameter - override values + description: Parameters are a list of ksonnet component parameter override values items: description: KsonnetParameter is a ksonnet component parameter properties: @@ -525,12 +504,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for - kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for - kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -540,8 +517,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management plugin - specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -564,8 +540,7 @@ spec: description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch in - which to sync the application to. If omitted, will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -574,17 +549,37 @@ spec: description: SyncPolicy controls when a sync will be performed properties: automated: - description: Automated will keep an application synced to the target - revision + description: Automated will keep an application synced to the target revision properties: prune: - description: 'Prune will prune resources automatically as part - of automated sync (default: false)' + description: 'Prune will prune resources automatically as part of automated sync (default: false)' type: boolean selfHeal: description: 'SelfHeal enables auto-syncing if (default: false)' type: boolean type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object syncOptions: description: Options allow you to specify whole app sync-options items: @@ -597,22 +592,18 @@ spec: - source type: object status: - description: ApplicationStatus contains information about application sync, - health status + description: ApplicationStatus contains information about application sync, health status properties: conditions: items: - description: ApplicationCondition contains details about current application - condition + description: ApplicationCondition contains details about current application condition properties: lastTransitionTime: - description: LastTransitionTime is the time the condition was - first observed. + description: LastTransitionTime is the time the condition was first observed. format: date-time type: string message: - description: Message contains human-readable message indicating - details about condition + description: Message contains human-readable message indicating details about condition type: string type: description: Type is an application condition type @@ -631,23 +622,27 @@ spec: type: string type: object history: - description: RevisionHistories is a array of history, oldest first and - newest last + description: RevisionHistories is a array of history, oldest first and newest last items: - description: RevisionHistory contains information relevant to an application - deployment + description: RevisionHistory contains information relevant to an application deployment properties: + deployStartedAt: + description: DeployStartedAt holds the time the deployment started + format: date-time + type: string deployedAt: + description: DeployedAt holds the time the deployment completed format: date-time type: string id: + description: ID is an auto incrementing identifier of the RevisionHistory format: int64 type: integer revision: + description: Revision holds the revision of the sync type: string source: - description: ApplicationSource contains information about github - repository, path within repository and target application environment. + description: ApplicationSource contains information about github repository, path within repository and target application environment. properties: chart: description: Chart is a Helm chart name @@ -656,12 +651,10 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific - options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -676,6 +669,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -700,30 +698,25 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the - helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter to - a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the helm - parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -734,33 +727,27 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will - use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -788,12 +775,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -803,8 +788,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -824,13 +808,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or branch - in which to sync the application to. If omitted, will sync - to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -842,21 +823,18 @@ spec: type: object type: array observedAt: - description: ObservedAt indicates when the application state was updated - without querying latest git state + description: ObservedAt indicates when the application state was updated without querying latest git state format: date-time type: string operationState: - description: OperationState contains information about state of currently - performing operation on application. + description: OperationState contains information about state of currently performing operation on application. properties: finishedAt: description: FinishedAt contains time of operation completion format: date-time type: string message: - description: Message hold any pertinent messages when attempting - to perform operation (typically errors). + description: Message hold any pertinent messages when attempting to perform operation (typically errors). type: string operation: description: Operation is the original requested operation @@ -874,39 +852,55 @@ spec: type: object type: array initiatedBy: - description: OperationInitiator holds information about the - operation initiator + description: OperationInitiator holds information about the operation initiator properties: automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. + description: Automated is set to true if operation was initiated automatically by the application controller. type: boolean username: description: Name of a user who started operation. type: string type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object sync: description: SyncOperation contains sync operation details. properties: dryRun: - description: DryRun will perform a `kubectl apply --dry-run` - without actually performing the sync + description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync type: boolean manifests: - description: Manifests is an optional field that overrides - sync source with a local directory for development + description: Manifests is an optional field that overrides sync source with a local directory for development items: type: string type: array prune: - description: Prune deletes resources that are no longer - tracked in git + description: Prune deletes resources that are no longer tracked in git type: boolean resources: description: Resources describes which resources to sync items: - description: SyncOperationResource contains resources - to sync. + description: SyncOperationResource contains resources to sync. properties: group: type: string @@ -914,35 +908,30 @@ spec: type: string name: type: string + namespace: + type: string required: - kind - name type: object type: array revision: - description: Revision is the revision in which to sync the - application to. If omitted, will use the revision specified - in app spec. + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. type: string source: - description: Source overrides the source definition set - in the application. This is typically set in a Rollback - operation and nil during a Sync operation + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation properties: chart: description: Chart is a Helm chart name type: string directory: - description: Directory holds path/directory specific - options + description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -957,9 +946,13 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments + description: TLAS is a list of Jsonnet Top-level Arguments items: description: JsonnetVar is a jsonnet variable properties: @@ -982,72 +975,56 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters - to the helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter - to a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: - description: Name is the name of the helm - parameter + description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the - helm parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm - template + description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a - helm template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: - description: Name is the name of the helm - parameter + description: Name is the name of the helm parameter type: string value: - description: Value is the value for the helm - parameter + description: Value is the value for the helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it - will use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application - environment name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -1067,8 +1044,7 @@ spec: commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels adds additional kustomize commonLabels type: object images: description: Images are kustomize image overrides @@ -1076,25 +1052,20 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to - resources for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to - resources for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: - description: Version contains optional Kustomize - version + description: Version contains optional Kustomize version type: string type: object path: - description: Path is a directory path within the Git - repository + description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -1114,20 +1085,16 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, - or branch in which to sync the application to. If - omitted, will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL type: object syncOptions: - description: SyncOptions provide per-sync sync-options, - e.g. Validate=false + description: SyncOptions provide per-sync sync-options, e.g. Validate=false items: type: string type: array @@ -1135,27 +1102,17 @@ spec: description: SyncStrategy describes how to perform the sync properties: apply: - description: Apply wil perform a `kubectl apply` to - perform the sync. + description: Apply wil perform a `kubectl apply` to perform the sync. properties: force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force - flag deletes and re-create the resource, when - PATCH encounters conflict and has retried for - 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object hook: - description: Hook will submit any referenced resources - to perform the sync. This is the default strategy + description: Hook will submit any referenced resources to perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force - flag deletes and re-create the resource, when - PATCH encounters conflict and has retried for - 5 times. + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. type: boolean type: object type: object @@ -1164,6 +1121,10 @@ spec: phase: description: Phase is the current phase of the operation type: string + retryCount: + description: RetryCount contains time of operation retries + format: int64 + type: integer startedAt: description: StartedAt contains time of operation start format: date-time @@ -1172,22 +1133,17 @@ spec: description: SyncResult is the result of a Sync operation properties: resources: - description: Resources holds the sync result of each individual - resource + description: Resources holds the sync result of each individual resource items: - description: ResourceResult holds the operation result details - of a specific resource + description: ResourceResult holds the operation result details of a specific resource properties: group: type: string hookPhase: - description: 'the state of any operation associated with - this resource OR hook note: can contain values for non-hook - resources' + description: 'the state of any operation associated with this resource OR hook note: can contain values for non-hook resources' type: string hookType: - description: the type of the hook, empty for non-hook - resources + description: the type of the hook, empty for non-hook resources type: string kind: type: string @@ -1199,13 +1155,10 @@ spec: namespace: type: string status: - description: the final result of the sync, this is be - empty if the resources is yet to be applied/pruned and - is always zero-value for hooks + description: the final result of the sync, this is be empty if the resources is yet to be applied/pruned and is always zero-value for hooks type: string syncPhase: - description: indicates the particular phase of the sync - that this is for + description: indicates the particular phase of the sync that this is for type: string version: type: string @@ -1221,8 +1174,7 @@ spec: description: Revision holds the revision of the sync type: string source: - description: Source records the application source information - of the sync, used for comparing auto-sync + description: Source records the application source information of the sync, used for comparing auto-sync properties: chart: description: Chart is a Helm chart name @@ -1231,12 +1183,10 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -1251,9 +1201,13 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments + description: TLAS is a list of Jsonnet Top-level Arguments items: description: JsonnetVar is a jsonnet variable properties: @@ -1276,31 +1230,25 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the - helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter - to a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the helm - parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -1311,33 +1259,27 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will - use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -1357,8 +1299,7 @@ spec: commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels adds additional kustomize commonLabels type: object images: description: Images are kustomize image overrides @@ -1366,12 +1307,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -1381,8 +1320,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -1402,13 +1340,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or - branch in which to sync the application to. If omitted, - will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -1422,14 +1357,12 @@ spec: - startedAt type: object reconciledAt: - description: ReconciledAt indicates when the application state was reconciled - using the latest git version + description: ReconciledAt indicates when the application state was reconciled using the latest git version format: date-time type: string resources: items: - description: ResourceStatus holds the current sync and health status - of a resource + description: ResourceStatus holds the current sync and health status of a resource properties: group: type: string @@ -1452,8 +1385,7 @@ spec: requiresPruning: type: boolean status: - description: SyncStatusCode is a type which represents possible - comparison results + description: SyncStatusCode is a type which represents possible comparison results type: string version: type: string @@ -1464,8 +1396,7 @@ spec: summary: properties: externalURLs: - description: ExternalURLs holds all external URLs of application - child resources. + description: ExternalURLs holds all external URLs of application child resources. items: type: string type: array @@ -1476,30 +1407,26 @@ spec: type: array type: object sync: - description: SyncStatus is a comparison result of application spec and - deployed application. + description: SyncStatus is a comparison result of application spec and deployed application. properties: comparedTo: - description: ComparedTo contains application source and target which - was used for resources comparison + description: ComparedTo contains application source and target which was used for resources comparison properties: destination: - description: ApplicationDestination contains deployment destination - information + description: ApplicationDestination contains deployment destination information properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string namespace: - description: Namespace overrides the environment namespace - value in the ksonnet app.yaml + description: Namespace overrides the environment namespace value in the ksonnet app.yaml type: string server: - description: Server overrides the environment server value - in the ksonnet app.yaml + description: Server overrides the environment server value in the ksonnet app.yaml type: string type: object source: - description: ApplicationSource contains information about github - repository, path within repository and target application - environment. + description: ApplicationSource contains information about github repository, path within repository and target application environment. properties: chart: description: Chart is a Helm chart name @@ -1508,12 +1435,10 @@ spec: description: Directory holds path/directory specific options properties: jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: ApplicationSourceJsonnet holds jsonnet specific options properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables + description: ExtVars is a list of Jsonnet External Variables items: description: JsonnetVar is a jsonnet variable properties: @@ -1528,9 +1453,13 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments + description: TLAS is a list of Jsonnet Top-level Arguments items: description: JsonnetVar is a jsonnet variable properties: @@ -1553,31 +1482,25 @@ spec: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the - helm template + description: FileParameters are file parameters to the helm template items: - description: HelmFileParameter is a file parameter - to a helm template + description: HelmFileParameter is a file parameter to a helm template properties: name: description: Name is the name of the helm parameter type: string path: - description: Path is the path value for the helm - parameter + description: Path is the path value for the helm parameter type: string type: object type: array parameters: description: Parameters are parameters to the helm template items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter to a helm template properties: forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the helm parameter @@ -1588,33 +1511,27 @@ spec: type: object type: array releaseName: - description: The Helm release name. If omitted it will - use the application name + description: The Helm release name. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template + description: ValuesFiles is a list of Helm value files to use when generating a template items: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values is Helm values, typically defined as a block type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment - name + description: Environment is a ksonnet application environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values + description: Parameters are a list of ksonnet component parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter + description: KsonnetParameter is a ksonnet component parameter properties: component: type: string @@ -1634,8 +1551,7 @@ spec: commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels adds additional kustomize commonLabels type: object images: description: Images are kustomize image overrides @@ -1643,12 +1559,10 @@ spec: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for kustomize apps + description: NamePrefix is a prefix appended to resources for kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for kustomize apps + description: NameSuffix is a suffix appended to resources for kustomize apps type: string version: description: Version contains optional Kustomize version @@ -1658,8 +1572,7 @@ spec: description: Path is a directory path within the Git repository type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: ConfigManagementPlugin holds config management plugin specific options properties: env: items: @@ -1679,13 +1592,10 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the repository URL of the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or - branch in which to sync the application to. If omitted, - will sync to HEAD + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD type: string required: - repoURL @@ -1697,8 +1607,7 @@ spec: revision: type: string status: - description: SyncStatusCode is a type which represents possible - comparison results + description: SyncStatusCode is a type which represents possible comparison results type: string required: - status @@ -1712,4 +1621,4 @@ spec: versions: - name: v1alpha1 served: true - storage: true + storage: true \ No newline at end of file diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 386dcb83..5ac16fa2 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -20,34 +20,37 @@ spec: scope: Namespaced validation: openAPIV3Schema: - description: 'AppProject provides a logical grouping of applications, providing - controls for: * where the apps may deploy to (cluster whitelist) * what may - be deployed (repository whitelist, resource whitelist/blacklist) * who can - access these applications (roles, OIDC group claims bindings) * and what they - can do (RBAC policies) * automation access to these roles (JWT tokens)' + description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)' properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: AppProjectSpec is the specification of an AppProject properties: - clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted cluster - level resources + clusterResourceBlacklist: + description: ClusterResourceBlacklist contains list of blacklisted cluster level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + clusterResourceWhitelist: + description: ClusterResourceWhitelist contains list of whitelisted cluster level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types properties: group: type: string @@ -62,29 +65,25 @@ spec: description: Description contains optional project description type: string destinations: - description: Destinations contains list of destinations available for - deployment + description: Destinations contains list of destinations available for deployment items: - description: ApplicationDestination contains deployment destination - information + description: ApplicationDestination contains deployment destination information properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string namespace: - description: Namespace overrides the environment namespace value - in the ksonnet app.yaml + description: Namespace overrides the environment namespace value in the ksonnet app.yaml type: string server: - description: Server overrides the environment server value in - the ksonnet app.yaml + description: Server overrides the environment server value in the ksonnet app.yaml type: string type: object type: array namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted - namespace level resources + description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types properties: group: type: string @@ -96,12 +95,9 @@ spec: type: object type: array namespaceResourceWhitelist: - description: NamespaceResourceWhitelist contains list of whitelisted - namespace level resources + description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types properties: group: type: string @@ -113,17 +109,25 @@ spec: type: object type: array orphanedResources: - description: OrphanedResources specifies if controller should monitor - orphaned resources of apps in this project + description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project properties: + ignore: + items: + properties: + group: + type: string + kind: + type: string + name: + type: string + type: object + type: array warn: - description: Warn indicates if warning condition should be created - for apps which have orphaned resources + description: Warn indicates if warning condition should be created for apps which have orphaned resources type: boolean type: object roles: - description: Roles are user defined RBAC roles associated with this - project + description: Roles are user defined RBAC roles associated with this project items: description: ProjectRole represents a role that has access to a project properties: @@ -131,17 +135,14 @@ spec: description: Description is a description of the role type: string groups: - description: Groups are a list of OIDC group claims bound to this - role + description: Groups are a list of OIDC group claims bound to this role items: type: string type: array jwtTokens: - description: JWTTokens are a list of generated JWT tokens bound - to this role + description: JWTTokens are a list of generated JWT tokens bound to this role items: - description: JWTToken holds the issuedAt and expiresAt values - of a token + description: JWTToken holds the issuedAt and expiresAt values of a token properties: exp: format: int64 @@ -159,8 +160,7 @@ spec: description: Name is a name for this role type: string policies: - description: Policies Stores a list of casbin formated strings - that define access policies for the role in the project + description: Policies Stores a list of casbin formated strings that define access policies for the role in the project items: type: string type: array @@ -168,55 +168,83 @@ spec: - name type: object type: array + signatureKeys: + description: List of PGP key IDs that commits to be synced to must be signed with + items: + description: SignatureKey is the specification of a key required to verify commit signatures with + properties: + keyID: + description: The ID of the key in hexadecimal notation + type: string + required: + - keyID + type: object + type: array sourceRepos: - description: SourceRepos contains list of repository URLs which can - be used for deployment + description: SourceRepos contains list of repository URLs which can be used for deployment items: type: string type: array syncWindows: - description: SyncWindows controls when syncs can be run for apps in - this project + description: SyncWindows controls when syncs can be run for apps in this project items: - description: SyncWindow contains the kind, time, duration and attributes - that are used to assign the syncWindows to apps + description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps properties: applications: - description: Applications contains a list of applications that - the window will apply to + description: Applications contains a list of applications that the window will apply to items: type: string type: array clusters: - description: Clusters contains a list of clusters that the window - will apply to + description: Clusters contains a list of clusters that the window will apply to items: type: string type: array duration: - description: Duration is the amount of time the sync window will - be open + description: Duration is the amount of time the sync window will be open type: string kind: description: Kind defines if the window allows or blocks syncs type: string manualSync: - description: ManualSync enables manual syncs when they would otherwise - be blocked + description: ManualSync enables manual syncs when they would otherwise be blocked type: boolean namespaces: - description: Namespaces contains a list of namespaces that the - window will apply to + description: Namespaces contains a list of namespaces that the window will apply to items: type: string type: array schedule: - description: Schedule is the time the window will begin, specified - in cron format + description: Schedule is the time the window will begin, specified in cron format type: string type: object type: array type: object + status: + description: AppProjectStatus contains information about appproj + properties: + jwtTokensByRole: + additionalProperties: + properties: + items: + items: + description: JWTToken holds the issuedAt and expiresAt values of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + type: object + type: object + type: object required: - metadata - spec @@ -225,4 +253,4 @@ spec: versions: - name: v1alpha1 served: true - storage: true + storage: true \ No newline at end of file From e1e2dd963171a022802a7f336bf1491e24d21822 Mon Sep 17 00:00:00 2001 From: Michael Barrientos Date: Sat, 29 Aug 2020 14:19:51 -0700 Subject: [PATCH 07/63] feat: Argo CD allow custom paths for ingress (#424) Similar to #317, this allows us to add extra paths to Argo CD. This adds compatibility with the ALB Ingress Controller when using EKS to be able to add the additional listener rule to perform a HTTP->HTTPS redirect on port 80. --- charts/argo-cd/Chart.yaml | 2 +- .../templates/argocd-server/ingress-grpc.yaml | 2 ++ charts/argo-cd/templates/argocd-server/ingress.yaml | 3 +++ charts/argo-cd/values.yaml | 12 ++++++++++++ 4 files changed, 18 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 836988ca..36849a20 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.6.2" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.6.1 +version: 2.6.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 42538d61..8ce8b8fc 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -33,6 +33,7 @@ spec: - host: {{ $host }} http: paths: + {{- toYaml .Values.server.ingressGrpc.extraPaths | nindent 10 }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -43,6 +44,7 @@ spec: {{- else }} - http: paths: + {{- toYaml .Values.server.ingressGrpc.extraPaths | nindent 10 }} {{- range $p := $paths }} - path: {{ $p }} backend: diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 056776a4..468de536 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -2,6 +2,7 @@ {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} +{{- $extraPaths := .Values.server.ingress.extraPaths -}} {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} apiVersion: networking.k8s.io/v1beta1 {{ else }} @@ -33,6 +34,7 @@ spec: - host: {{ $host }} http: paths: + {{- toYaml $extraPaths | nindent 10 }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -43,6 +45,7 @@ spec: {{- else }} - http: paths: + {{- toYaml $extraPaths | nindent 10 }} {{- range $p := $paths }} - path: {{ $p }} backend: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 83741e83..5a8abb51 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -454,6 +454,12 @@ server: # - argocd.example.com paths: - / + extraPaths: + [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation tls: [] # - secretName: argocd-example-tls @@ -476,6 +482,12 @@ server: # - argocd.example.com paths: - / + extraPaths: + [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation tls: [] # - secretName: argocd-example-tls From ffc9220f04e27a332d7db6df938d297978e008d3 Mon Sep 17 00:00:00 2001 From: Tim Hobbs Date: Sun, 30 Aug 2020 19:10:09 +0200 Subject: [PATCH 08/63] feat: imagePullSecrets for servers and controllers (#361) --- .gitignore | 1 + charts/argo-ci/Chart.yaml | 2 +- charts/argo-ci/templates/ci-deployment.yaml | 4 ++++ charts/argo-ci/values.yaml | 3 +++ charts/argo-events/Chart.yaml | 2 +- .../argo-events/templates/eventbus-controller-deployment.yaml | 4 ++++ charts/argo-events/templates/eventbus-crd.yaml | 3 +++ .../templates/eventsource-controller-deployment.yaml | 4 ++++ charts/argo-events/templates/eventsource-crd.yaml | 3 +++ .../argo-events/templates/sensor-controller-deployment.yaml | 4 ++++ charts/argo-events/templates/sensor-crd.yaml | 3 +++ charts/argo-events/values.yaml | 4 ++++ charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-rollouts/values.yaml | 2 ++ charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-deployment.yaml | 4 ++++ charts/argo/templates/workflow-controller-deployment.yaml | 4 ++++ charts/argo/values.yaml | 3 +++ 18 files changed, 50 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 2529e3b1..2786867c 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ output .DS_Store .idea **/*.tgz +**/charts/*/charts diff --git a/charts/argo-ci/Chart.yaml b/charts/argo-ci/Chart.yaml index 337de899..b658915d 100644 --- a/charts/argo-ci/Chart.yaml +++ b/charts/argo-ci/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart for Argo-CI name: argo-ci -version: 0.1.6 +version: 0.1.7 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png appVersion: v1.0.0-alpha2 home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-ci/templates/ci-deployment.yaml b/charts/argo-ci/templates/ci-deployment.yaml index 1995f29c..bf2e4121 100644 --- a/charts/argo-ci/templates/ci-deployment.yaml +++ b/charts/argo-ci/templates/ci-deployment.yaml @@ -33,3 +33,7 @@ spec: ports: - containerPort: 8001 - containerPort: 8002 + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-ci/values.yaml b/charts/argo-ci/values.yaml index cccff91b..86dadf98 100644 --- a/charts/argo-ci/values.yaml +++ b/charts/argo-ci/values.yaml @@ -2,6 +2,9 @@ imageNamespace: argoproj ciImage: argoci imageTag: v1.0.0-alpha2 imagePullPolicy: Always +# Secrets with credentials to pull images from a private registry +imagePullSecrets: [] +# - name: argo-pull-secret workflowNamespace: default argo: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f63ec1a8..9da7eea6 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.17.0 +version: 0.17.1 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index 8d0ec2b3..dc698b1b 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -37,3 +37,7 @@ spec: value: {{ .Values.eventbusController.natsStreamingImage }} - name: NATS_METRICS_EXPORTER_IMAGE value: {{ .Values.eventbusController.natsMetricsExporterImage }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/eventbus-crd.yaml b/charts/argo-events/templates/eventbus-crd.yaml index dfc7b2cb..175e2e60 100644 --- a/charts/argo-events/templates/eventbus-crd.yaml +++ b/charts/argo-events/templates/eventbus-crd.yaml @@ -3,6 +3,9 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: eventbus.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation spec: group: argoproj.io names: diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 3b050eda..99947ade 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -35,3 +35,7 @@ spec: fieldPath: metadata.namespace - name: EVENTSOURCE_IMAGE value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag }}" + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/eventsource-crd.yaml b/charts/argo-events/templates/eventsource-crd.yaml index c174ae56..e791608b 100644 --- a/charts/argo-events/templates/eventsource-crd.yaml +++ b/charts/argo-events/templates/eventsource-crd.yaml @@ -3,6 +3,9 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: eventsources.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation spec: group: argoproj.io scope: Namespaced diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 24986d82..425fd66b 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -35,3 +35,7 @@ spec: fieldPath: metadata.namespace - name: SENSOR_IMAGE value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag }}" + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-events/templates/sensor-crd.yaml b/charts/argo-events/templates/sensor-crd.yaml index 12e19e0f..cf3793c4 100644 --- a/charts/argo-events/templates/sensor-crd.yaml +++ b/charts/argo-events/templates/sensor-crd.yaml @@ -4,6 +4,9 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sensors.argoproj.io + annotations: + helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation spec: group: argoproj.io names: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 59fa2209..d963d9db 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -4,6 +4,10 @@ registry: argoproj # The image pull policy imagePullPolicy: Always +# Secrets with credentials to pull images from a private registry +imagePullSecrets: [] +# - name: argo-pull-secret + # If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation. installCRD: true diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c12e756b..418dd589 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.8.3" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.5 +version: 0.3.6 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index fbb2f68b..9e2011d2 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -40,4 +40,6 @@ serviceAnnotations: {} ## podLabels: {} +# Secrets with credentials to pull images from a private registry imagePullSecrets: [] +# - name: argo-pull-secret diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 112e2ae0..75980b73 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.9.9 +version: 0.9.10 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index 52acbc79..2593d07f 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -67,6 +67,10 @@ spec: volumeMounts: {{- toYaml . | nindent 12}} {{- end }} + {{- with .Values.images.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.server.volumes }} volumes: {{- toYaml . | nindent 8}} diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml index 852bad52..752183ea 100644 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ b/charts/argo/templates/workflow-controller-deployment.yaml @@ -63,6 +63,10 @@ spec: ports: - containerPort: 8080 {{- end }} + {{- with .Values.images.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 0dc5dd47..9662ea50 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -4,6 +4,9 @@ images: server: argocli executor: argoexec pullPolicy: Always + # Secrets with credentials to pull images from a private registry + pullSecrets: [] + # - name: argo-pull-secret tag: v2.7.6 crdVersion: v1alpha1 From b9af202660993e69ceba62dda51e943c1e6accb1 Mon Sep 17 00:00:00 2001 From: Ertugrul Karademir Date: Tue, 1 Sep 2020 23:41:22 +0100 Subject: [PATCH 09/63] fix: Helm giving linting error when no ingress or ingressGrpc extraPaths are given (#435) * Added conditionals for ingress extraPaths * Added conditionals for ingressGrpc extraPaths * Version bump --- charts/argo-cd/Chart.yaml | 2 +- .../argo-cd/templates/argocd-server/ingress-grpc.yaml | 11 ++++++++--- charts/argo-cd/templates/argocd-server/ingress.yaml | 6 +++++- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 36849a20..6414551e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.6.2" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.6.2 +version: 2.6.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 8ce8b8fc..d2894273 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -2,6 +2,7 @@ {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} +{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} apiVersion: networking.k8s.io/v1beta1 {{ else }} @@ -33,7 +34,9 @@ spec: - host: {{ $host }} http: paths: - {{- toYaml .Values.server.ingressGrpc.extraPaths | nindent 10 }} + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end -}} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -44,7 +47,9 @@ spec: {{- else }} - http: paths: - {{- toYaml .Values.server.ingressGrpc.extraPaths | nindent 10 }} + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end -}} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -56,4 +61,4 @@ spec: tls: {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 468de536..4be764a3 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -34,7 +34,9 @@ spec: - host: {{ $host }} http: paths: + {{- if $extraPaths }} {{- toYaml $extraPaths | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -45,7 +47,9 @@ spec: {{- else }} - http: paths: + {{- if $extraPaths }} {{- toYaml $extraPaths | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} backend: @@ -57,4 +61,4 @@ spec: tls: {{- toYaml .Values.server.ingress.tls | nindent 4 }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} From 196ab4f281bb11b4b854a7d1f60d152e1bd0733a Mon Sep 17 00:00:00 2001 From: Markus Lippert Date: Wed, 2 Sep 2020 18:04:05 +0200 Subject: [PATCH 10/63] feat(argo): Add linux node selectors by default (#403) --- charts/argo/Chart.yaml | 2 +- charts/argo/values.yaml | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 75980b73..39a1bbfd 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.9.10 +version: 0.10.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 9662ea50..8358572f 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -108,7 +108,8 @@ controller: ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux tolerations: [] affinity: {} @@ -160,7 +161,8 @@ server: ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux tolerations: [] affinity: {} From d32e27edc852c868a93cb158c375b720905ddc8f Mon Sep 17 00:00:00 2001 From: Chris Date: Wed, 2 Sep 2020 18:09:17 +0200 Subject: [PATCH 11/63] feat: allow for configuring security context of all components (#410) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-deployment.yaml | 4 ++++ charts/argo/templates/workflow-controller-config-map.yaml | 5 ++++- charts/argo/templates/workflow-controller-deployment.yaml | 4 ++++ charts/argo/values.yaml | 6 ++++++ 5 files changed, 19 insertions(+), 2 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 39a1bbfd..2a845430 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.10.0 +version: 0.10.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index 2593d07f..0d5c8af5 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -26,6 +26,10 @@ spec: {{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }} spec: serviceAccountName: {{ .Values.server.serviceAccount | quote }} + {{- if .Values.server.podSecurityContext }} + securityContext: + {{- toYaml .Values.server.podSecurityContext | nindent 8 }} + {{- end }} containers: - name: argo-server args: diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 5dde9ff3..54ba076e 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -16,7 +16,7 @@ data: {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} - {{- if or .Values.executor.resources .Values.executor.env }} + {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: {{- with .Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} @@ -24,6 +24,9 @@ data: {{- with .Values.executor.env }} env: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.executor.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} artifactRepository: diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml index 752183ea..ca80c816 100644 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ b/charts/argo/templates/workflow-controller-deployment.yaml @@ -26,6 +26,10 @@ spec: {{ toYaml .Values.controller.podAnnotations | indent 8}}{{- end }} spec: serviceAccountName: {{ .Values.controller.serviceAccount | quote }} + {{- if .Values.controller.podSecurityContext }} + securityContext: + {{- toYaml .Values.controller.podSecurityContext | nindent 8 }} + {{- end }} containers: - name: controller image: "{{ .Values.images.namespace }}/{{ .Values.images.controller }}:{{ default .Values.images.tag .Values.controller.image.tag }}" diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 8358572f..731b68ca 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -31,6 +31,8 @@ controller: podAnnotations: {} # Optional labels to add to the controller pods podLabels: {} + # SecurityContext to set on the controller pods + podSecurityContext: {} # podPortName: http metricsConfig: enabled: false @@ -121,6 +123,8 @@ executor: resources: {} # Adds environment variables for the executor. env: {} + # sets security context for the executor container + securityContext: {} server: enabled: true @@ -135,6 +139,8 @@ server: podAnnotations: {} # Optional labels to add to the UI pods podLabels: {} + # SecurityContext to set on the server pods + podSecurityContext: {} name: server serviceType: ClusterIP servicePort: 2746 From 4ba9e5228ab0887755a8df487006a9a6d8d37ee7 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 4 Sep 2020 23:23:16 +0100 Subject: [PATCH 12/63] feat: Support GCS artifactRepository (#428) --- charts/argo/Chart.yaml | 2 +- .../templates/workflow-controller-config-map.yaml | 5 +++++ charts/argo/values.yaml | 15 +++++++++++++++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 2a845430..7ec638e1 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.10.1 +version: 0.10.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 54ba076e..9563ac12 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -33,6 +33,10 @@ data: {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} {{- end }} + {{- if .Values.artifactRepository.gcs }} + gcs: +{{ toYaml .Values.artifactRepository.gcs | indent 8}} + {{- else }} s3: {{- if .Values.useStaticCredentials }} accessKeySecret: @@ -57,6 +61,7 @@ data: {{- if .Values.artifactRepository.s3.useSDKCreds }} useSDKCreds: {{ .Values.artifactRepository.s3.useSDKCreds }} {{- end }} + {{- end }} {{- end}} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 731b68ca..fc96e7f1 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -251,6 +251,21 @@ artifactRepository: # region: # roleARN: # useSDKCreds: true + # gcs: + # bucket: -argo + # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/" + # serviceAccountKeySecret is a secret selector. + # It references the k8s secret named 'my-gcs-credentials'. + # This secret is expected to have have the key 'serviceAccountKey', + # containing the base64 encoded credentials + # to the bucket. + # + # If it's running on GKE and Workload Identity is used, + # serviceAccountKeySecret is not needed. + # serviceAccountKeySecret: + # name: my-gcs-credentials + # key: serviceAccountKey + # NOTE: These are setting attributes for the `minio` optional dependency minio: From cc52713dbd760209e279768784c9fb04ea1abe65 Mon Sep 17 00:00:00 2001 From: Vaibhav Date: Fri, 4 Sep 2020 19:15:12 -0400 Subject: [PATCH 13/63] chore: bump to latest (#440) * chore: bump to latest * chore: bump to latest * update image versions --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/values.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 9da7eea6..4f5960c4 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.17.1 +version: 1.0.0 keywords: - argo-events - sensor-controller @@ -12,6 +12,6 @@ sources: maintainers: - name: VaibhavPage - name: whynowy -appVersion: 0.17.0 +appVersion: 1.0.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index d963d9db..1da1335f 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -46,21 +46,21 @@ singleNamespace: true sensorController: name: sensor-controller image: sensor-controller - tag: v0.17.0 + tag: v1.0.0 replicaCount: 1 sensorImage: sensor eventsourceController: name: eventsource-controller image: eventsource-controller - tag: v0.17.0 + tag: v1.0.0 replicaCount: 1 eventsourceImage: eventsource eventbusController: name: eventbus-controller image: eventbus-controller - tag: v0.17.0 + tag: v1.0.0 replicaCount: 1 natsStreamingImage: nats-streaming:0.17.0 natsMetricsExporterImage: synadia/prometheus-nats-exporter:0.6.2 From cddd6a6048a4308241124725d3a2c2af7a9a5c67 Mon Sep 17 00:00:00 2001 From: Markus Lippert Date: Tue, 8 Sep 2020 18:18:26 +0200 Subject: [PATCH 14/63] feat(argo): Allow setting up ServiceAccount and RBAC resources for running workflows (#402) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/workflow-rb.yaml | 19 ++++++++++++++++++ charts/argo/templates/workflow-role.yaml | 25 ++++++++++++++++++++++++ charts/argo/templates/workflow-sa.yaml | 13 ++++++++++++ charts/argo/values.yaml | 9 +++++++++ 5 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 charts/argo/templates/workflow-rb.yaml create mode 100644 charts/argo/templates/workflow-role.yaml create mode 100644 charts/argo/templates/workflow-sa.yaml diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 7ec638e1..b98b6d96 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.10.2 +version: 0.11.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-rb.yaml b/charts/argo/templates/workflow-rb.yaml new file mode 100644 index 00000000..17785257 --- /dev/null +++ b/charts/argo/templates/workflow-rb.yaml @@ -0,0 +1,19 @@ +{{- if .Values.workflow.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ .Release.Name }}-workflow +{{- if .Values.workflow.namespace }} + namespace: {{ .Values.workflow.namespace }} +{{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ .Release.Name }}-workflow +subjects: +- kind: ServiceAccount + name: {{ .Values.workflow.serviceAccount.name }} + {{- if .Values.workflow.namespace }} + namespace: {{ .Values.workflow.namespace }} + {{- end }} +{{- end }} diff --git a/charts/argo/templates/workflow-role.yaml b/charts/argo/templates/workflow-role.yaml new file mode 100644 index 00000000..37365f21 --- /dev/null +++ b/charts/argo/templates/workflow-role.yaml @@ -0,0 +1,25 @@ +{{- if .Values.workflow.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ .Release.Name }}-workflow + {{- if .Values.workflow.namespace }} + namespace: {{ .Values.workflow.namespace }} + {{- end }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - patch +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - watch +{{- end }} diff --git a/charts/argo/templates/workflow-sa.yaml b/charts/argo/templates/workflow-sa.yaml new file mode 100644 index 00000000..45d97cf0 --- /dev/null +++ b/charts/argo/templates/workflow-sa.yaml @@ -0,0 +1,13 @@ +{{- if .Values.workflow.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.workflow.serviceAccount.name }} + {{- if .Values.workflow.namespace }} + namespace: {{ .Values.workflow.namespace }} + {{- end }} + {{- with .Values.workflow.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index fc96e7f1..718d4b55 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -23,6 +23,15 @@ createAggregateRoles: true # and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. singleNamespace: false +workflow: + namespace: "" # Speficy namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. + serviceAccount: + create: false # Specifies whether a service account should be created + annotations: {} + name: "argo-workflow" # Service account which is used to run workflows + rbac: + create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows + controller: image: # Overrides .images.tag if defined. From 2f36128868a8afb295b7201bc350395f54202e44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20R=C3=BCegg?= Date: Thu, 10 Sep 2020 02:43:22 +0200 Subject: [PATCH 15/63] chore(argocd): Upgrade to v1.7.4 (#444) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Simon Rüegg --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6414551e..b0c76865 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "1.6.2" +appVersion: 1.7.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.6.3 +version: 2.7.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5a8abb51..67b5503f 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.6.2 + tag: v1.7.4 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -28,7 +28,7 @@ controller: image: repository: # argoproj/argocd - tag: # v1.6.2 + tag: # v1.7.4 imagePullPolicy: # IfNotPresent ## Argo controller commandline flags @@ -330,7 +330,7 @@ server: image: repository: # argoproj/argocd - tag: # v1.6.1 + tag: # v1.7.4 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server @@ -654,7 +654,7 @@ repoServer: image: repository: # argoproj/argocd - tag: # v1.6.1 + tag: # v1.7.4 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server From eaf8c629bf417375d4c8090566235423b69ad81b Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Wed, 16 Sep 2020 12:46:13 -0700 Subject: [PATCH 16/63] feat(argo): Add support for workflow restrictions. (#447) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/workflow-controller-config-map.yaml | 3 +++ charts/argo/values.yaml | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index b98b6d96..b9684c1d 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.11.0 +version: 0.12.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 9563ac12..2c182c60 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -78,3 +78,6 @@ data: {{- with .Values.server.sso }} sso: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.workflowRestrictions }} + workflowRestrictions: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 718d4b55..5914600c 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -73,6 +73,8 @@ controller: # secondsAfterCompletion: 84600 # workflowWorkers: 32 # podWorkers: 32 + workflowRestrictions: {} # Only valid for 2.9+ + # templateReferencing: Strict|Secure telemetryConfig: enabled: false path: /telemetry From 49a7fc9340a4b195e523bc60f592f7cf64d22ce0 Mon Sep 17 00:00:00 2001 From: rpeter Date: Fri, 18 Sep 2020 17:01:01 -0700 Subject: [PATCH 17/63] chore: bump argocd to version v1.7.5 (#448) Co-authored-by: rpeter --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b0c76865..f4efa35f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: 1.7.4 +appVersion: 1.7.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.0 +version: 2.7.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 67b5503f..73c1253d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.7.4 + tag: v1.7.5 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -28,7 +28,7 @@ controller: image: repository: # argoproj/argocd - tag: # v1.7.4 + tag: # v1.7.5 imagePullPolicy: # IfNotPresent ## Argo controller commandline flags @@ -330,7 +330,7 @@ server: image: repository: # argoproj/argocd - tag: # v1.7.4 + tag: # v1.7.5 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server @@ -654,7 +654,7 @@ repoServer: image: repository: # argoproj/argocd - tag: # v1.7.4 + tag: # v1.7.5 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server From 3c6629263c0938ba626f03659fc01059e311f759 Mon Sep 17 00:00:00 2001 From: rpeets Date: Sat, 19 Sep 2020 17:25:31 -0700 Subject: [PATCH 18/63] chore: bump argocd to version v1.7.6 (#449) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f4efa35f..2b0ce419 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: 1.7.5 +appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.1 +version: 2.7.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 73c1253d..24eae7c6 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,7 +10,7 @@ installCRDs: true global: image: repository: argoproj/argocd - tag: v1.7.5 + tag: v1.7.6 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -28,7 +28,7 @@ controller: image: repository: # argoproj/argocd - tag: # v1.7.5 + tag: # v1.7.6 imagePullPolicy: # IfNotPresent ## Argo controller commandline flags @@ -330,7 +330,7 @@ server: image: repository: # argoproj/argocd - tag: # v1.7.5 + tag: # v1.7.6 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server @@ -654,7 +654,7 @@ repoServer: image: repository: # argoproj/argocd - tag: # v1.7.5 + tag: # v1.7.6 imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server From 4c4121ce188d977602ca17b7bb6b38e6c379ef8b Mon Sep 17 00:00:00 2001 From: Hayden Fuss Date: Mon, 21 Sep 2020 18:28:21 -0400 Subject: [PATCH 19/63] fix: Adding EmptyDir Volume for Repo Server on OpenShift (#450) --- charts/argo-cd/Chart.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2b0ce419..8e4872ec 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.2 +version: 2.7.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 8aed308e..846b542d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -82,6 +82,10 @@ spec: {{- if .Values.repoServer.volumeMounts }} {{- toYaml .Values.repoServer.volumeMounts | nindent 8}} {{- end }} + {{- if .Values.openshift.enabled }} + - mountPath: /app/config/gpg/keys + name: gpg-keyring + {{- end }} {{- if .Values.configs.knownHosts }} - mountPath: /app/config/ssh name: ssh-known-hosts @@ -138,6 +142,10 @@ spec: {{- if .Values.repoServer.volumes }} {{- toYaml .Values.repoServer.volumes | nindent 6}} {{- end }} + {{- if .Values.openshift.enabled }} + - emptyDir: {} + name: gpg-keyring + {{- end }} {{- if .Values.configs.knownHosts }} - configMap: name: argocd-ssh-known-hosts-cm From 1c83d371a565385b77c27f81554074c8f51580b1 Mon Sep 17 00:00:00 2001 From: Bruno Clermont Date: Tue, 22 Sep 2020 09:50:19 +0800 Subject: [PATCH 20/63] feat: add metrics for argo-cd/dex (#452) --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 5 +++ charts/argo-cd/templates/dex/deployment.yaml | 5 +++ charts/argo-cd/templates/dex/service.yaml | 6 ++++ .../argo-cd/templates/dex/servicemonitor.yaml | 35 +++++++++++++++++++ charts/argo-cd/values.yaml | 10 ++++++ 6 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 charts/argo-cd/templates/dex/servicemonitor.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8e4872ec..87cfab70 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.3 +version: 2.7.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 44a907a0..813e08e1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -273,6 +273,11 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | dex.initImage.repository | Argo CD init image repository. | `global.image.repository` | | dex.initImage.imagePullPolicy | Argo CD init image imagePullPolicy | `global.image.imagePullPolicy` | | dex.initImage.tag | Argo CD init image tag | `global.image.tag` | +| dex.metrics.enabled | Deploy metrics service | `false` | +| dex.metrics.service.annotations | Metrics service annotations | `{}` | +| dex.metrics.service.labels | Metrics service labels | `{}` | +| dex.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | +| dex.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | | dex.name | Dex name | `"dex-server"` | | dex.env | Environment variables for the Dex server. | `[]` | | dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5bae8b18..03f033c0 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -80,6 +80,11 @@ spec: - name: grpc containerPort: {{ .Values.dex.containerPortGrpc }} protocol: TCP + {{- if .Values.dex.metrics.enabled }} + - name: metrics + containerPort: {{ .Values.dex.containerPortMetrics }} + protocol: TCP + {{- end }} {{- if .Values.dex.volumeMounts }} volumeMounts: {{- toYaml .Values.dex.volumeMounts | nindent 10 }} diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index cb5ec3f6..b0567ead 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -20,6 +20,12 @@ spec: protocol: TCP port: {{ .Values.dex.servicePortGrpc }} targetPort: grpc +{{- if .Values.dex.metrics.enabled }} + - name: metrics + protocol: TCP + port: {{ .Values.dex.servicePortMetrics }} + targetPort: metrics +{{- end }} selector: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml new file mode 100644 index 00000000..eb72a573 --- /dev/null +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -0,0 +1,35 @@ +{{- if and .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.dex.fullname" . }} + {{- if .Values.dex.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.dex.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.dex.name }} + {{- if .Values.dex.metrics.serviceMonitor.selector }} +{{- toYaml .Values.dex.metrics.serviceMonitor.selector | nindent 4 }} + {{- end }} + {{- if .Values.dex.metrics.serviceMonitor.additionalLabels }} +{{- toYaml .Values.dex.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + interval: 30s + path: /metrics + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} + app.kubernetes.io/component: {{ .Values.dex.name }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 24eae7c6..5500f01d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -172,6 +172,14 @@ dex: enabled: true name: dex-server + metrics: + enabled: false + service: + annotations: {} + labels: {} + serviceMonitor: + enabled: false + image: repository: quay.io/dexidp/dex tag: v2.22.0 @@ -212,6 +220,8 @@ dex: servicePortHttp: 5556 containerPortGrpc: 5557 servicePortGrpc: 5557 + containerPortMetrics: 5558 + servicePortMetrics: 5558 ## Node selectors and tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ From e3371f333fe57733261033eb385f3cd3eed4482a Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Tue, 22 Sep 2020 14:35:26 -0700 Subject: [PATCH 21/63] feat(argo): Allow Argo server read access to events. (#454) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-cluster-roles.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index b9684c1d..f6df8715 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.12.0 +version: 0.12.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml index 8da10df2..0c8f0763 100644 --- a/charts/argo/templates/server-cluster-roles.yaml +++ b/charts/argo/templates/server-cluster-roles.yaml @@ -8,6 +8,7 @@ rules: - "" resources: - configmaps + - events verbs: - get - watch From 83e9e19e2da4819f1d522c8ce943fe1d47eed3d0 Mon Sep 17 00:00:00 2001 From: Roman Date: Thu, 1 Oct 2020 06:37:26 +0300 Subject: [PATCH 22/63] fix: default argocd version in documentation (#456) * Fix default argocd version in documentation * Bump chart version --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 87cfab70..75fc9ae3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.4 +version: 2.7.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 813e08e1..b58434e2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -62,7 +62,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.6.1"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.7.6"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | From 50a66fd7ab21e625fb8a0065e0c2294615076217 Mon Sep 17 00:00:00 2001 From: Yann Soubeyrand Date: Fri, 2 Oct 2020 05:09:25 +0200 Subject: [PATCH 23/63] chore: update certificate apiVersion (#458) * chore: update certificate apiVersion * chore: bump chart version --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/certificate.yaml | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 75fc9ae3..c8e9ca39 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.5 +version: 2.7.6 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index be778be8..b2f227b5 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,5 +1,7 @@ {{- if .Values.server.certificate.enabled -}} -{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }} +{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1" }} +apiVersion: cert-manager.io/v1 +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }} apiVersion: cert-manager.io/v1alpha3 {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" }} apiVersion: cert-manager.io/v1alpha2 From 41ddad4aba2f57865b3e0aa0f42e02ff0ca7a662 Mon Sep 17 00:00:00 2001 From: Mike Bryant Date: Fri, 2 Oct 2020 04:12:35 +0100 Subject: [PATCH 24/63] feat: Allow setting the log format to json for Argo CD (#463) --- charts/argo-cd/Chart.yaml | 2 +- .../templates/argocd-application-controller/deployment.yaml | 2 ++ charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 ++ charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 6 ++++++ 5 files changed, 13 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c8e9ca39..2da7db6a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.7.6 +version: 2.8.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index c9f45142..3067e969 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -56,6 +56,8 @@ spec: - {{ .Values.controller.args.appResyncPeriod | quote }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --logformat + - {{ .Values.controller.logFormat }} - --loglevel - {{ .Values.controller.logLevel }} {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 846b542d..de6c21a3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -60,6 +60,8 @@ spec: - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} {{- end }} + - --logformat + - {{ .Values.repoServer.logFormat }} - --loglevel - {{ .Values.repoServer.logLevel }} {{- with .Values.repoServer.extraArgs }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ca7c9ba4..b54b947f 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -61,6 +61,8 @@ spec: - --dex-server - http://{{ template "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }} {{- end }} + - --logformat + - {{ .Values.server.logFormat }} - --loglevel - {{ .Values.server.logLevel }} {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5500f01d..c87d0c79 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -37,6 +37,8 @@ controller: operationProcessors: "10" appResyncPeriod: "180" + ## Argo controller log format: text|json + logFormat: text ## Argo controller log level logLevel: info @@ -352,6 +354,8 @@ server: ## env: [] + ## Argo server log format: text|json + logFormat: text ## Argo server log level logLevel: info @@ -675,6 +679,8 @@ repoServer: ## env: [] + ## Argo repoServer log format: text|json + logFormat: text ## Argo repoServer log level logLevel: info From 44de70c7419f580085c319a9eed87c0bb0e6a03f Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Mon, 5 Oct 2020 09:45:49 -0700 Subject: [PATCH 25/63] feat(Argo): Make Argo Server service account creation conditional. (#460) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-crb.yaml | 2 +- charts/argo/templates/server-sa.yaml | 2 +- charts/argo/values.yaml | 3 +++ 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index f6df8715..3f2fb613 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.8.0 description: A Helm chart for Argo Workflows name: argo -version: 0.12.1 +version: 0.12.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-crb.yaml b/charts/argo/templates/server-crb.yaml index a919e573..d1ad5ea4 100644 --- a/charts/argo/templates/server-crb.yaml +++ b/charts/argo/templates/server-crb.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.enabled -}} +{{- if and .Values.server.enabled .Values.server.createServiceAccount -}} apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding diff --git a/charts/argo/templates/server-sa.yaml b/charts/argo/templates/server-sa.yaml index c0d332e1..5b419a65 100644 --- a/charts/argo/templates/server-sa.yaml +++ b/charts/argo/templates/server-sa.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.enabled -}} +{{- if and .Values.server.enabled .Values.server.createServiceAccount -}} apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 5914600c..bc031487 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -157,6 +157,9 @@ server: servicePort: 2746 # servicePortName: http serviceAccount: argo-server + # Whether to create the service account with the name specified in + # server.serviceAccount and bind it to the server role. + createServiceAccount: true # Service account annotations serviceAccountAnnotations: {} # Annotations to be applied to the UI Service From ed19bc61e5e3831edce1327b75c86eb96307bc36 Mon Sep 17 00:00:00 2001 From: w33dw0r7d Date: Mon, 5 Oct 2020 20:14:50 +0300 Subject: [PATCH 26/63] feat: bump to v0.9.1 (#464) --- charts/argo-rollouts/Chart.yaml | 4 +- charts/argo-rollouts/README.md | 2 +- .../templates/argo-rollouts-clusterrole.yaml | 37 +- .../templates/argo-rollouts-role.yaml | 38 +- .../templates/crds/analysis-run-crd.yaml | 72 +- .../templates/crds/analysis-template-crd.yaml | 72 +- .../crds/cluster-analysis-template-crd.yaml | 2734 +++++++++++++++++ .../templates/crds/experiment-crd.yaml | 62 +- .../templates/crds/rollout-crd.yaml | 146 +- charts/argo-rollouts/values.yaml | 2 +- 10 files changed, 2933 insertions(+), 236 deletions(-) create mode 100644 charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 418dd589..26d47ab3 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "0.8.3" +appVersion: "0.9.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.6 +version: 0.3.7 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 6a775bba..3d484594 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -2,7 +2,7 @@ Argo Rollouts Chart ============= A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. -Current chart version is `0.3.0` +Current chart version is `0.3.7` Source code can be found [here](https://github.com/argoproj/argo-rollouts) diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index f670104b..8cfcdcc8 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -47,6 +47,12 @@ rules: - watch - update - patch +- apiGroups: + - argoproj.io + resources: + - rollouts/finalizers + verbs: + - update - apiGroups: - argoproj.io resources: @@ -60,10 +66,18 @@ rules: - update - patch - delete +- apiGroups: + - argoproj.io + resources: + - analysisruns/finalizers + - experiments/finalizers + verbs: + - update - apiGroups: - argoproj.io resources: - analysistemplates + - clusteranalysistemplates verbs: - get - list @@ -106,11 +120,22 @@ rules: - watch - get - update -- apiGroups: - - "" - resources: - - pods - verbs: - list - - delete +- apiGroups: + - split.smi-spec.io + resources: + - trafficsplits + verbs: + - create + - watch + - get + - update + - patch +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-role.yaml b/charts/argo-rollouts/templates/argo-rollouts-role.yaml index df4e2b26..dee6f168 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml @@ -28,6 +28,14 @@ rules: - list - watch - patch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch - apiGroups: - argoproj.io resources: @@ -38,6 +46,12 @@ rules: - watch - update - patch +- apiGroups: + - argoproj.io + resources: + - rollouts/finalizers + verbs: + - update - apiGroups: - argoproj.io resources: @@ -51,10 +65,18 @@ rules: - update - patch - delete +- apiGroups: + - argoproj.io + resources: + - analysisruns/finalizers + - experiments/finalizers + verbs: + - update - apiGroups: - argoproj.io resources: - analysistemplates + - clusteranalysistemplates verbs: - get - list @@ -90,17 +112,9 @@ rules: - update - patch - apiGroups: - - "" + - "" resources: - - secrets + - pods verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - list - - delete + - list + - delete diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 5263d47d..3a4caef4 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -84,6 +84,15 @@ spec: job: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -127,6 +136,15 @@ spec: template: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -748,23 +766,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1304,23 +1305,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1864,23 +1848,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -2740,6 +2707,8 @@ spec: - value type: object type: array + insecure: + type: boolean jsonPath: type: string timeoutSeconds: @@ -2747,7 +2716,6 @@ spec: url: type: string required: - - jsonPath - url type: object type: object diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index d88cce46..c559fae1 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -78,6 +78,15 @@ spec: job: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -121,6 +130,15 @@ spec: template: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -742,23 +760,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1298,23 +1299,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1858,23 +1842,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -2734,6 +2701,8 @@ spec: - value type: object type: array + insecure: + type: boolean jsonPath: type: string timeoutSeconds: @@ -2741,7 +2710,6 @@ spec: url: type: string required: - - jsonPath - url type: object type: object diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml new file mode 100644 index 00000000..9a768072 --- /dev/null +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -0,0 +1,2734 @@ +{{- if .Values.installCRDs }} +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.5 + name: clusteranalysistemplates.argoproj.io +spec: + group: argoproj.io + names: + kind: ClusterAnalysisTemplate + listKind: ClusterAnalysisTemplateList + plural: clusteranalysistemplates + shortNames: + - cat + singular: clusteranalysistemplate + scope: Cluster + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + args: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + - name + type: object + type: object + required: + - name + type: object + type: array + metrics: + items: + properties: + consecutiveErrorLimit: + format: int32 + type: integer + count: + format: int32 + type: integer + failureCondition: + type: string + failureLimit: + format: int32 + type: integer + inconclusiveLimit: + format: int32 + type: integer + initialDelay: + type: string + interval: + type: string + name: + type: string + provider: + properties: + job: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + backoffLimit: + format: int32 + type: integer + completions: + format: int32 + type: integer + manualSelector: + type: boolean + parallelism: + format: int32 + type: integer + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + securityContext: + properties: + fsGroup: + format: int64 + type: integer + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + maxSkew: + format: int32 + type: integer + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + ttlSecondsAfterFinished: + format: int32 + type: integer + required: + - template + type: object + required: + - spec + type: object + kayenta: + properties: + address: + type: string + application: + type: string + canaryConfigName: + type: string + configurationAccountName: + type: string + metricsAccountName: + type: string + scopes: + items: + properties: + controlScope: + properties: + end: + type: string + region: + type: string + scope: + type: string + start: + type: string + step: + type: integer + required: + - end + - region + - scope + - start + - step + type: object + experimentScope: + properties: + end: + type: string + region: + type: string + scope: + type: string + start: + type: string + step: + type: integer + required: + - end + - region + - scope + - start + - step + type: object + name: + type: string + required: + - controlScope + - experimentScope + - name + type: object + type: array + storageAccountName: + type: string + threshold: + properties: + marginal: + type: integer + pass: + type: integer + required: + - marginal + - pass + type: object + required: + - address + - application + - canaryConfigName + - configurationAccountName + - metricsAccountName + - scopes + - storageAccountName + - threshold + type: object + prometheus: + properties: + address: + type: string + query: + type: string + type: object + wavefront: + properties: + address: + type: string + query: + type: string + type: object + web: + properties: + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean + jsonPath: + type: string + timeoutSeconds: + type: integer + url: + type: string + required: + - url + type: object + type: object + successCondition: + type: string + required: + - name + - provider + type: object + type: array + required: + - metrics + type: object + required: + - spec + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +{{- end }} diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index ceaf3b83..bd435156 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -59,6 +59,8 @@ spec: - name type: object type: array + clusterScope: + type: boolean name: type: string requiredForCompletion: @@ -112,6 +114,15 @@ spec: template: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -733,23 +744,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1289,23 +1283,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1849,23 +1826,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 0f276b16..18afb92b 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -132,15 +132,17 @@ spec: - name type: object type: array + clusterScope: + type: boolean templateName: type: string templates: items: properties: + clusterScope: + type: boolean templateName: type: string - required: - - templateName type: object type: array type: object @@ -162,15 +164,17 @@ spec: - name type: object type: array + clusterScope: + type: boolean templateName: type: string templates: items: properties: + clusterScope: + type: boolean templateName: type: string - required: - - templateName type: object type: array type: object @@ -208,6 +212,8 @@ spec: - name type: object type: array + clusterScope: + type: boolean startingStep: format: int32 type: integer @@ -216,10 +222,10 @@ spec: templates: items: properties: + clusterScope: + type: boolean templateName: type: string - required: - - templateName type: object type: array type: object @@ -271,15 +277,17 @@ spec: - name type: object type: array + clusterScope: + type: boolean templateName: type: string templates: items: properties: + clusterScope: + type: boolean templateName: type: string - required: - - templateName type: object type: array type: object @@ -304,6 +312,8 @@ spec: - name type: object type: array + clusterScope: + type: boolean name: type: string templateName: @@ -388,6 +398,8 @@ spec: type: string ingress: type: string + rootService: + type: string servicePort: format: int32 type: integer @@ -425,12 +437,28 @@ spec: required: - stableIngress type: object + smi: + properties: + rootService: + type: string + trafficSplitName: + type: string + type: object type: object type: object type: object template: properties: metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object spec: properties: @@ -1052,23 +1080,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -1608,23 +1619,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -2168,23 +2162,6 @@ spec: type: integer type: object resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object type: object securityContext: properties: @@ -2935,6 +2912,9 @@ spec: type: integer abort: type: boolean + abortedAt: + format: date-time + type: string availableReplicas: format: int32 type: integer @@ -2944,8 +2924,32 @@ spec: type: string postPromotionAnalysisRun: type: string + postPromotionAnalysisRunStatus: + properties: + message: + type: string + name: + type: string + status: + type: string + required: + - name + - status + type: object prePromotionAnalysisRun: type: string + prePromotionAnalysisRunStatus: + properties: + message: + type: string + name: + type: string + status: + type: string + required: + - name + - status + type: object previewSelector: type: string previousActiveSelector: @@ -2960,10 +2964,34 @@ spec: properties: currentBackgroundAnalysisRun: type: string + currentBackgroundAnalysisRunStatus: + properties: + message: + type: string + name: + type: string + status: + type: string + required: + - name + - status + type: object currentExperiment: type: string currentStepAnalysisRun: type: string + currentStepAnalysisRunStatus: + properties: + message: + type: string + name: + type: string + status: + type: string + required: + - name + - status + type: object stableRS: type: string type: object diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 9e2011d2..ed242ff1 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -13,7 +13,7 @@ controller: affinity: {} image: repository: argoproj/argo-rollouts - tag: v0.8.3 + tag: v0.9.1 pullPolicy: IfNotPresent resources: {} From 03aecd7af94172b04e94a967662c62cb3b83103f Mon Sep 17 00:00:00 2001 From: Lars Fenneberg Date: Thu, 8 Oct 2020 06:18:44 +0000 Subject: [PATCH 27/63] fix(argocd): Unconditionally start reposerver with uid_entrypoint.sh (#466) * fix(argocd): Unconditionally start reposerver with uid_entrypoint.sh While uid_entrypoint.sh contains the OpenShift specific manipulation of /etc/passwd it also starts the reposerver via tini and so ensures that any zombies produced by reposerver and its decendants are collected. This matches the behaviour from the manifests included with the main ArgoCD project. See: * https://github.com/argoproj/argo-cd/blob/f93da5346c3dfe0ec75549fd78b2d30ce7d5cfad/manifests/base/repo-server/argocd-repo-server-deployment.yaml#L24 * https://github.com/argoproj/argo-cd/pull/3721 * https://github.com/argoproj/argo-cd/issues/3611 * chore: Bumping minor semver as this feels like a bit more than a patch change. --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2da7db6a..23544511 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.8.0 +version: 2.9.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index de6c21a3..a75c1283 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -52,9 +52,7 @@ spec: image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} command: - {{- if .Values.openshift.enabled }} - uid_entrypoint.sh - {{- end }} - argocd-repo-server {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis From 12b4764afa91fbd3da0c08585c0d9c1cff9305b3 Mon Sep 17 00:00:00 2001 From: John Kost <41963650+johnkost@users.noreply.github.com> Date: Thu, 8 Oct 2020 13:24:46 -0400 Subject: [PATCH 28/63] fix: Add Ocp clusterrole (#341) * Update perms --- .../argo-rollouts/templates/argo-rollouts-clusterrole.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index 8cfcdcc8..abc1a113 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -138,4 +138,10 @@ rules: verbs: - list - delete +- apiGroups: + - "*" + resources: + - "*/finalizers" + verbs: + - "*" {{- end }} From 6cf32933ffc7897231090528be965486b90a260e Mon Sep 17 00:00:00 2001 From: simonfr Date: Fri, 9 Oct 2020 00:11:01 +0200 Subject: [PATCH 29/63] feat: add extraContainers argument to deployment (#465) * add extraContainers argument * Update Chart.yaml * Update values.yaml * Update deployment.yaml --- charts/argo-cd/Chart.yaml | 2 +- .../templates/argocd-server/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 24 +++++++++++++++++++ 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 23544511..fee54a18 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.9.0 +version: 2.9.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index b54b947f..aeec1579 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -120,6 +120,9 @@ spec: failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.server.resources | nindent 10 }} + {{- if .Values.server.extraContainers }} +{{- toYaml .Values.server.extraContainers | nindent 6 }} + {{- end }} {{- if .Values.server.nodeSelector }} nodeSelector: {{- toYaml .Values.server.nodeSelector | nindent 8 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c87d0c79..70e146b0 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -653,6 +653,30 @@ server: # oauthclientCredentials: # secretName: argocd-secret + extraContainers: [] + ## Additional containers to be added to the controller pod. + ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + # - name: my-sidecar + # image: nginx:latest + # - name: lemonldap-ng-controller + # image: lemonldapng/lemonldap-ng-controller:0.2.0 + # args: + # - /lemonldap-ng-controller + # - --alsologtostderr + # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration + # env: + # - name: POD_NAME + # valueFrom: + # fieldRef: + # fieldPath: metadata.name + # - name: POD_NAMESPACE + # valueFrom: + # fieldRef: + # fieldPath: metadata.namespace + # volumeMounts: + # - name: copy-portal-skins + # mountPath: /srv/var/lib/lemonldap-ng/portal/skins + ## Repo Server repoServer: name: repo-server From dd6a16bb1562ca35ee7fb74e1ba1a9cd4f4d0c4c Mon Sep 17 00:00:00 2001 From: Tom S Date: Thu, 8 Oct 2020 23:30:53 +0100 Subject: [PATCH 30/63] fix(argocd): Make dex init container not overwrite argocd-util (#468) * Make dex init container not overwrite argocd-util * Bump chart version --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/dex/deployment.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fee54a18..2c338f4d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.9.1 +version: 2.9.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 03f033c0..29802398 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -54,6 +54,7 @@ spec: {{- end }} command: - cp + - -n - /usr/local/bin/argocd-util - /shared volumeMounts: From 9ed4650b9f397414e9e88ca16b0653833be0e963 Mon Sep 17 00:00:00 2001 From: Michael Weibel <307427+mweibel@users.noreply.github.com> Date: Fri, 9 Oct 2020 19:29:16 +0200 Subject: [PATCH 31/63] feat: upgrade argo to v2.11 (#451) --- charts/argo/Chart.yaml | 4 ++-- .../crds/cluster-workflow-template-crd.yaml | 6 ++++++ charts/argo/crds/cron-workflow-crd.yaml | 10 ++++++++-- charts/argo/crds/workflow-crd.yaml | 7 +++++++ .../argo/crds/workflow-eventbinding-crd.yaml | 19 +++++++++++++++++++ charts/argo/crds/workflow-template-crd.yaml | 6 ++++++ .../argo/templates/server-cluster-roles.yaml | 10 ++++++++++ charts/argo/values.yaml | 2 +- 8 files changed, 59 insertions(+), 5 deletions(-) create mode 100644 charts/argo/crds/workflow-eventbinding-crd.yaml diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 3f2fb613..0d42500e 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: v2.8.0 +appVersion: v2.11.3 description: A Helm chart for Argo Workflows name: argo -version: 0.12.2 +version: 0.13.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/crds/cluster-workflow-template-crd.yaml b/charts/argo/crds/cluster-workflow-template-crd.yaml index df26a0ae..a189f17c 100644 --- a/charts/argo/crds/cluster-workflow-template-crd.yaml +++ b/charts/argo/crds/cluster-workflow-template-crd.yaml @@ -11,7 +11,13 @@ spec: scope: Cluster names: kind: ClusterWorkflowTemplate + listKind: ClusterWorkflowTemplateList plural: clusterworkflowtemplates shortNames: - clusterwftmpl - cwft + singular: clusterworkflowtemplate + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo/crds/cron-workflow-crd.yaml b/charts/argo/crds/cron-workflow-crd.yaml index 8f4bb7c2..abd50b30 100644 --- a/charts/argo/crds/cron-workflow-crd.yaml +++ b/charts/argo/crds/cron-workflow-crd.yaml @@ -9,9 +9,15 @@ spec: group: argoproj.io names: kind: CronWorkflow + listKind: CronWorkflowList plural: cronworkflows shortNames: - - cronwf - cwf + - cronwf + singular: cronworkflow scope: Namespaced - version: v1alpha1 \ No newline at end of file + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo/crds/workflow-crd.yaml b/charts/argo/crds/workflow-crd.yaml index 269d032f..24f6abc2 100644 --- a/charts/argo/crds/workflow-crd.yaml +++ b/charts/argo/crds/workflow-crd.yaml @@ -19,8 +19,15 @@ spec: group: argoproj.io names: kind: Workflow + listKind: WorkflowList plural: workflows shortNames: - wf + singular: workflow scope: Namespaced + subresources: {} version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo/crds/workflow-eventbinding-crd.yaml b/charts/argo/crds/workflow-eventbinding-crd.yaml new file mode 100644 index 00000000..a58de8e7 --- /dev/null +++ b/charts/argo/crds/workflow-eventbinding-crd.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: workfloweventbindings.argoproj.io +spec: + group: argoproj.io + names: + kind: WorkflowEventBinding + listKind: WorkflowEventBindingList + plural: workfloweventbindings + shortNames: + - wfeb + singular: workfloweventbinding + scope: Namespaced + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo/crds/workflow-template-crd.yaml b/charts/argo/crds/workflow-template-crd.yaml index 11d008db..0be13451 100644 --- a/charts/argo/crds/workflow-template-crd.yaml +++ b/charts/argo/crds/workflow-template-crd.yaml @@ -11,6 +11,12 @@ spec: scope: Namespaced names: kind: WorkflowTemplate + listKind: WorkflowTemplateList plural: workflowtemplates shortNames: - wftmpl + singular: workflowtemplate + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml index 0c8f0763..eb7b71a4 100644 --- a/charts/argo/templates/server-cluster-roles.yaml +++ b/charts/argo/templates/server-cluster-roles.yaml @@ -30,11 +30,18 @@ rules: - list - watch - delete +- apiGroups: + - "" + resources: + - events + verbs: + - watch {{- if .Values.controller.persistence }} - apiGroups: - "" resources: - secrets + - serviceaccounts resourceNames: {{- if .Values.controller.persistence.postgresql }} - {{ .Values.controller.persistence.postgresql.userNameSecret.name }} @@ -51,8 +58,11 @@ rules: - argoproj.io resources: - workflows + - workfloweventbindings - workflowtemplates - cronworkflows + - cronworkflows/finalizers + - clusterworkflowtemplates verbs: - create - get diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index bc031487..710f67ce 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -7,7 +7,7 @@ images: # Secrets with credentials to pull images from a private registry pullSecrets: [] # - name: argo-pull-secret - tag: v2.7.6 + tag: v2.11.3 crdVersion: v1alpha1 installCRD: true From 209b7798d72b3cd34771e9a926ce2fe69a2a07bd Mon Sep 17 00:00:00 2001 From: Daniel Megyesi Date: Wed, 14 Oct 2020 00:48:07 +0200 Subject: [PATCH 32/63] feat(argo): add PriorityClass support (#470) --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-deployment.yaml | 3 +++ charts/argo/templates/workflow-controller-deployment.yaml | 3 +++ charts/argo/values.yaml | 8 ++++++++ 4 files changed, 15 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 0d42500e..94cad6c1 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.11.3 description: A Helm chart for Argo Workflows name: argo -version: 0.13.0 +version: 0.13.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index 0d5c8af5..bfaa3e97 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -91,5 +91,8 @@ spec: affinity: {{- toYaml . | nindent 8 }} {{- end }} + {{- if .Values.server.priorityClassName }} + priorityClassName: {{ .Values.server.priorityClassName }} + {{- end }} {{- end -}} diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml index ca80c816..74828caa 100644 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ b/charts/argo/templates/workflow-controller-deployment.yaml @@ -83,3 +83,6 @@ spec: affinity: {{- toYaml . | nindent 8 }} {{- end }} + {{- if .Values.controller.priorityClassName }} + priorityClassName: {{ .Values.controller.priorityClassName }} + {{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 710f67ce..8ece66d5 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -125,6 +125,10 @@ controller: kubernetes.io/os: linux tolerations: [] affinity: {} + # Leverage a PriorityClass to ensure your pods survive resource shortages + # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + # PriorityClass: system-cluster-critical + priorityClassName: "" # executor controls how the init and wait container should be customized executor: @@ -185,6 +189,10 @@ server: kubernetes.io/os: linux tolerations: [] affinity: {} + # Leverage a PriorityClass to ensure your pods survive resource shortages + # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + # PriorityClass: system-cluster-critical + priorityClassName: "" # Extra arguments to provide to the Argo server binary. extraArgs: [] From df3b2cf96a3f3ef775f611fa22d2c80b94444f7a Mon Sep 17 00:00:00 2001 From: Chris Vest Date: Fri, 16 Oct 2020 04:31:26 +0200 Subject: [PATCH 33/63] fix: Add annotations and labels to dex service [argo-cd] (#473) * Add annotations to dex service Currently `.Values.dex.metrics.service.annotations` is not used anywhere - this adds that to the template. * Add labels to dex service * Update chart version --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/dex/service.yaml | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2c338f4d..7ecd4ab6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.9.2 +version: 2.9.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index b0567ead..f10a6d88 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -3,6 +3,12 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.dex.fullname" . }} +{{- if .Values.dex.metrics.service.annotations }} + annotations: + {{- range $key, $value := .Values.dex.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} labels: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} helm.sh/chart: {{ include "argo-cd.chart" . }} @@ -10,6 +16,9 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} +{{- if .Values.dex.metrics.service.labels }} +{{- toYaml .Values.dex.metrics.service.labels | nindent 4 }} +{{- end }} spec: ports: - name: http @@ -29,4 +38,4 @@ spec: selector: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} \ No newline at end of file +{{- end }} From a41ea8cd0ba5a84e1b422e9a6431810fd84c40f2 Mon Sep 17 00:00:00 2001 From: Michiel De Mey Date: Fri, 16 Oct 2020 18:03:48 +0200 Subject: [PATCH 34/63] docs: Fixed typo in values comment (#469) --- charts/argo/Chart.yaml | 2 +- charts/argo/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 94cad6c1..744996b6 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.11.3 description: A Helm chart for Argo Workflows name: argo -version: 0.13.1 +version: 0.13.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 8ece66d5..a6cceec0 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -24,7 +24,7 @@ createAggregateRoles: true singleNamespace: false workflow: - namespace: "" # Speficy namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. + namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. serviceAccount: create: false # Specifies whether a service account should be created annotations: {} From eb88e900b24a1a44e2a25634a0b34a9ffde52b37 Mon Sep 17 00:00:00 2001 From: Mike Bryant Date: Sun, 25 Oct 2020 04:55:44 +0000 Subject: [PATCH 35/63] chore: Sync upstream CRDs (#478) --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/crds/crd-application.yaml | 39 ++++++++++++++++++++++-- charts/argo-cd/crds/crd-project.yaml | 25 --------------- 3 files changed, 37 insertions(+), 29 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7ecd4ab6..a248fff8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.9.3 +version: 2.9.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index b18d2058..5a08d884 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -8,6 +8,17 @@ metadata: annotations: helm.sh/hook: crd-install spec: + additionalPrinterColumns: + - JSONPath: .status.sync.status + name: Sync Status + type: string + - JSONPath: .status.health.status + name: Health Status + type: string + - JSONPath: .status.sync.revision + name: Revision + priority: 10 + type: string group: argoproj.io names: kind: Application @@ -18,6 +29,7 @@ spec: - apps singular: application scope: Namespaced + subresources: {} validation: openAPIV3Schema: description: Application is a definition of Application resource. @@ -208,6 +220,9 @@ spec: values: description: Values is Helm values, typically defined as a block type: string + version: + description: Version is the Helm version to use for templating with + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -296,7 +311,7 @@ spec: description: SyncStrategy describes how to perform the sync properties: apply: - description: Apply wil perform a `kubectl apply` to perform the sync. + description: Apply will perform a `kubectl apply` to perform the sync. properties: force: description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. @@ -466,6 +481,9 @@ spec: values: description: Values is Helm values, typically defined as a block type: string + version: + description: Version is the Helm version to use for templating with + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -551,6 +569,9 @@ spec: automated: description: Automated will keep an application synced to the target revision properties: + allowEmpty: + description: 'AllowEmpty allows apps have zero live resources (default: false)' + type: boolean prune: description: 'Prune will prune resources automatically as part of automated sync (default: false)' type: boolean @@ -737,6 +758,9 @@ spec: values: description: Values is Helm values, typically defined as a block type: string + version: + description: Version is the Helm version to use for templating with + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -823,7 +847,7 @@ spec: type: object type: array observedAt: - description: ObservedAt indicates when the application state was updated without querying latest git state + description: 'ObservedAt indicates when the application state was updated without querying latest git state Deprecated: controller no longer updates ObservedAt field' format: date-time type: string operationState: @@ -1014,6 +1038,9 @@ spec: values: description: Values is Helm values, typically defined as a block type: string + version: + description: Version is the Helm version to use for templating with + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -1102,7 +1129,7 @@ spec: description: SyncStrategy describes how to perform the sync properties: apply: - description: Apply wil perform a `kubectl apply` to perform the sync. + description: Apply will perform a `kubectl apply` to perform the sync. properties: force: description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. @@ -1269,6 +1296,9 @@ spec: values: description: Values is Helm values, typically defined as a block type: string + version: + description: Version is the Helm version to use for templating with + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options @@ -1521,6 +1551,9 @@ spec: values: description: Values is Helm values, typically defined as a block type: string + version: + description: Version is the Helm version to use for templating with + type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 5ac16fa2..35d9dde9 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -220,31 +220,6 @@ spec: type: object type: array type: object - status: - description: AppProjectStatus contains information about appproj - properties: - jwtTokensByRole: - additionalProperties: - properties: - items: - items: - description: JWTToken holds the issuedAt and expiresAt values of a token - properties: - exp: - format: int64 - type: integer - iat: - format: int64 - type: integer - id: - type: string - required: - - iat - type: object - type: array - type: object - type: object - type: object required: - metadata - spec From fbec017cfbd4845bd188269f1e69af6251633b8e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Saulius=20Ma=C5=A1nauskas?= Date: Tue, 27 Oct 2020 04:27:36 +0200 Subject: [PATCH 36/63] fix(argocd): optional named target port (#479) --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/service.yaml | 4 ++-- charts/argo-cd/values.yaml | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a248fff8..8b70c98b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.9.4 +version: 2.9.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 0d3b6c49..46bb264f 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -24,11 +24,11 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: {{ .Values.server.name }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: {{ .Values.server.name }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} selector: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 70e146b0..57095815 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -431,6 +431,7 @@ server: servicePortHttps: 443 servicePortHttpName: http servicePortHttpsName: https + namedTargetPort: true loadBalancerIP: "" loadBalancerSourceRanges: [] From 1f67a85a587182a5f741cb3f846eeb6f2ec887ce Mon Sep 17 00:00:00 2001 From: Alan Tang Date: Tue, 27 Oct 2020 17:31:38 +0000 Subject: [PATCH 37/63] feat(argo-rollouts): Add service monitor (#474) Co-authored-by: Scott Cabrinha --- charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-rollouts/README.md | 1 + .../argo-rollouts-service-monitor.yaml | 28 +++++++++++++++++++ charts/argo-rollouts/values.yaml | 6 ++++ 4 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 26d47ab3..dfc42e56 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.9.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.7 +version: 0.3.8 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 3d484594..37ea661b 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -39,6 +39,7 @@ $ helm install --name my-release argo/argo-rollouts | controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | | controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | +| controller.metrics.serviceMonitor.enabled | bool | `false` | | | imagePullSecrets | list | `[]` | | | installCRDs | bool | `true` | | | podAnnotations | object | `{}` | | diff --git a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml new file mode 100644 index 00000000..ea67f356 --- /dev/null +++ b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml @@ -0,0 +1,28 @@ +{{- if .Values.controller.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ .Release.Name }} + labels: + app.kubernetes.io/component: server + app.kubernetes.io/name: {{ .Release.Name }}-metrics + app.kubernetes.io/part-of: {{ .Release.Name }} + {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} +{{ toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- end }} + {{- if .Values.controller.metrics.serviceMonitor.additionalAnnotations }} + annotations: +{{ toYaml .Values.controller.metrics.serviceMonitor.additionalAnnotations | indent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app.kubernetes.io/component: server + app.kubernetes.io/name: {{ .Release.Name }}-metrics + app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index ed242ff1..a488e6ec 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -24,6 +24,12 @@ controller: # cpu: 50m # memory: 64Mi + metrics: + serviceMonitor: + enabled: false + additionalLabels: {} + additionalAnnotations: {} + serviceAccount: name: argo-rollouts From 9939da51cfabe465ccb730a88976ce2a6b26112e Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Fri, 13 Nov 2020 14:42:39 -0800 Subject: [PATCH 38/63] fix(argo): Map the /tmp directory into server pods. (#498) --- charts/argo/Chart.yaml | 4 ++-- charts/argo/templates/server-deployment.yaml | 9 ++++++--- charts/argo/values.yaml | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 744996b6..ceabe44b 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: v2.11.3 +appVersion: v2.11.7 description: A Helm chart for Argo Workflows name: argo -version: 0.13.2 +version: 0.13.3 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index bfaa3e97..6fc6aa45 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -67,16 +67,20 @@ spec: value: {{ .Values.server.baseHref | quote }} resources: {{- toYaml .Values.server.resources | nindent 12 }} - {{- with .Values.server.volumeMounts }} volumeMounts: + - name: tmp + mountPath: /tmp + {{- with .Values.server.volumeMounts }} {{- toYaml . | nindent 12}} {{- end }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.volumes }} volumes: + - name: tmp + emptyDir: {} + {{- with .Values.server.volumes }} {{- toYaml . | nindent 8}} {{- end }} {{- with .Values.server.nodeSelector }} @@ -94,5 +98,4 @@ spec: {{- if .Values.server.priorityClassName }} priorityClassName: {{ .Values.server.priorityClassName }} {{- end }} - {{- end -}} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index a6cceec0..4ab21912 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -7,7 +7,7 @@ images: # Secrets with credentials to pull images from a private registry pullSecrets: [] # - name: argo-pull-secret - tag: v2.11.3 + tag: v2.11.7 crdVersion: v1alpha1 installCRD: true From c99716bc2036efc74a46bdd76da5a9630ccd786b Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Mon, 16 Nov 2020 11:07:02 -0800 Subject: [PATCH 39/63] fix(argo): Volume indents. (#500) Signed-off-by: Vlad Losev --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-deployment.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index ceabe44b..6c46cbfe 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.11.7 description: A Helm chart for Argo Workflows name: argo -version: 0.13.3 +version: 0.13.4 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index 6fc6aa45..bae59607 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -71,7 +71,7 @@ spec: - name: tmp mountPath: /tmp {{- with .Values.server.volumeMounts }} - {{- toYaml . | nindent 12}} + {{- toYaml . | nindent 10}} {{- end }} {{- with .Values.images.pullSecrets }} imagePullSecrets: @@ -81,7 +81,7 @@ spec: - name: tmp emptyDir: {} {{- with .Values.server.volumes }} - {{- toYaml . | nindent 8}} + {{- toYaml . | nindent 6}} {{- end }} {{- with .Values.server.nodeSelector }} nodeSelector: From e4d67ae6e9460204f7a40ede6cb9de3a2b5b4b80 Mon Sep 17 00:00:00 2001 From: Michael Seiwald Date: Mon, 16 Nov 2020 22:49:59 +0100 Subject: [PATCH 40/63] feat: Add support for Argo links (#497) Signed-off-by: Michael Seiwald --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/workflow-controller-config-map.yaml | 3 +++ charts/argo/values.yaml | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 6c46cbfe..2fbb2cfb 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.11.7 description: A Helm chart for Argo Workflows name: argo -version: 0.13.4 +version: 0.13.5 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 2c182c60..2f2faf93 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -81,3 +81,6 @@ data: {{- with .Values.controller.workflowRestrictions }} workflowRestrictions: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.links }} + links: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 4ab21912..1a4c5f28 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -129,6 +129,8 @@ controller: # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ # PriorityClass: system-cluster-critical priorityClassName: "" + # https://argoproj.github.io/argo/links/ + links: [] # executor controls how the init and wait container should be customized executor: From d265f7dd75a9b45a25d832a2bdf653a4925e618d Mon Sep 17 00:00:00 2001 From: dbseel Date: Tue, 17 Nov 2020 13:32:02 -0500 Subject: [PATCH 41/63] feat: Add parallelism to argo-helm chart (#482) * feat: Add parallelism to argo-helm chart Signed-off-by: David Seel * Parallelism null by default Signed-off-by: David Seel --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/workflow-controller-config-map.yaml | 3 +++ charts/argo/values.yaml | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 2fbb2cfb..7ac88c50 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.11.7 description: A Helm chart for Argo Workflows name: argo -version: 0.13.5 +version: 0.13.6 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 2f2faf93..94b0bad6 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -16,6 +16,9 @@ data: {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} + {{- if .Values.controller.parallelism }} + parallelism: {{ .Values.controller.parallelism }} + {{- end }} {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: {{- with .Values.executor.resources }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 1a4c5f28..4fa4cd7a 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -36,6 +36,8 @@ controller: image: # Overrides .images.tag if defined. tag: "" + # parallelism dictates how many workflows can be running at the same time + parallelism: # podAnnotations is an optional map of annotations to be applied to the controller Pods podAnnotations: {} # Optional labels to add to the controller pods From af9a14a1ec4a445bb001d1de4c7851aa9b4a797d Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Wed, 18 Nov 2020 11:59:17 -0800 Subject: [PATCH 42/63] feat(Argo): Add secret access whitelist for server. (#499) Signed-off-by: Vlad Losev --- charts/argo/Chart.yaml | 2 +- .../argo/templates/server-cluster-roles.yaml | 34 ++++++++++++------- charts/argo/values.yaml | 3 ++ 3 files changed, 25 insertions(+), 14 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 7ac88c50..ccc7fa7f 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.11.7 description: A Helm chart for Argo Workflows name: argo -version: 0.13.6 +version: 0.13.7 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml index eb7b71a4..ac51e455 100644 --- a/charts/argo/templates/server-cluster-roles.yaml +++ b/charts/argo/templates/server-cluster-roles.yaml @@ -13,12 +13,6 @@ rules: - get - watch - list -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - apiGroups: - "" resources: @@ -30,6 +24,21 @@ rules: - list - watch - delete +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get +- apiGroups: + - "" + resources: + - secrets + verbs: + - get +{{- with .Values.server.rbac.secretWhitelist }} + resourceNames: {{- toYaml . | nindent 4 }} +{{- end }} - apiGroups: - "" resources: @@ -41,15 +50,14 @@ rules: - "" resources: - secrets - - serviceaccounts resourceNames: - {{- if .Values.controller.persistence.postgresql }} - - {{ .Values.controller.persistence.postgresql.userNameSecret.name }} - - {{ .Values.controller.persistence.postgresql.passwordSecret.name }} + {{- with .Values.controller.persistence.postgresql }} + - {{ .userNameSecret.name }} + - {{ .passwordSecret.name }} {{- end}} - {{- if .Values.controller.persistence.mysql }} - - {{ .Values.controller.persistence.mysql.userNameSecret.name }} - - {{ .Values.controller.persistence.mysql.passwordSecret.name }} + {{- with .Values.controller.persistence.mysql }} + - {{ .userNameSecret.name }} + - {{ .passwordSecret.name }} {{- end}} verbs: - get diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 4fa4cd7a..5a9a452b 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -164,6 +164,9 @@ server: serviceType: ClusterIP servicePort: 2746 # servicePortName: http + rbac: + # When present, restricts secrets the server can read to a given list. + secretWhitelist: [] serviceAccount: argo-server # Whether to create the service account with the name specified in # server.serviceAccount and bind it to the server role. From ab8f54d3c2ad920414e4520f4e6b8eb53905fa1a Mon Sep 17 00:00:00 2001 From: abuckenheimer Date: Wed, 18 Nov 2020 15:53:44 -0500 Subject: [PATCH 43/63] fix --pod-workers helm context (#481) Signed-off-by: Alec Buckenheimer --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/workflow-controller-deployment.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 charts/argo/templates/workflow-controller-deployment.yaml diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index ccc7fa7f..63fbbdbb 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.11.7 description: A Helm chart for Argo Workflows name: argo -version: 0.13.7 +version: 0.13.8 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml old mode 100644 new mode 100755 index 74828caa..dda3df94 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ b/charts/argo/templates/workflow-controller-deployment.yaml @@ -51,7 +51,7 @@ spec: - "--workflow-workers" - {{ . | quote }} {{- end }} - {{- if .Values.controller.podWorkers }} + {{- with .Values.controller.podWorkers }} - "--pod-workers" - {{ . | quote }} {{- end }} From 15a76e56d01ffafef0b3193b45a58857120c6778 Mon Sep 17 00:00:00 2001 From: Christopher Sauer Date: Mon, 23 Nov 2020 19:29:19 -0600 Subject: [PATCH 44/63] feat: allow controller replicas to be set (#496) Signed-off-by: mr-sour Co-authored-by: mr-sour --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 1 + .../argocd-application-controller/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 7 +++++++ 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8b70c98b..f6b967a1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.9.5 +version: 2.10.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b58434e2..07b72e20 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -119,6 +119,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | controller.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | | controller.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | | controller.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | +| controller.replicas | The number of controller pods to run | `1` |\ | controller.resources | Resource limits and requests for the controller pods. | `{}` | | controller.service.annotations | Controller service annotations. | `{}` | | controller.service.labels | Controller service labels. | `{}` | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 3067e969..3dde5e51 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -17,7 +17,7 @@ spec: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller app.kubernetes.io/instance: {{ .Release.Name }} revisionHistoryLimit: 5 - replicas: 1 + replicas: {{ .Values.controller.replicas }} template: metadata: {{- if .Values.controller.podAnnotations }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 57095815..745b270b 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -31,6 +31,10 @@ controller: tag: # v1.7.6 imagePullPolicy: # IfNotPresent + # If changing the number of replicas you must pass the number as ARGOCD_CONTROLLER_REPLICAS as an environment variable + replicas: 1 + + ## Argo controller commandline flags args: statusProcessors: "20" @@ -49,6 +53,9 @@ controller: ## Environment variables to pass to argocd-controller ## env: [] + # - name: "ARGOCD_CONTROLLER_REPLICAS" + # value: "" + ## Annotations to be added to controller pods ## From e7258346cc3c90ae31529521470a0903c2f25afa Mon Sep 17 00:00:00 2001 From: caseyclarkjamf <46542458+caseyclarkjamf@users.noreply.github.com> Date: Tue, 1 Dec 2020 17:26:17 -0600 Subject: [PATCH 45/63] fix: (argo-rollouts) Add clusterInstall conditional around aggregate ClusterRoles (#484) * add clusterinstall conditional around aggregate clusterroles Signed-off-by: Casey Clark * bump chart version to 0.3.9 Signed-off-by: Casey Clark Co-authored-by: Scott Cabrinha --- charts/argo-rollouts/Chart.yaml | 2 +- .../argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index dfc42e56..4bf8c39b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.9.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.8 +version: 0.3.9 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml b/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml index 7f94befa..2cc55d1f 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml @@ -1,3 +1,4 @@ +{{- if .Values.clusterInstall }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -75,3 +76,4 @@ rules: - patch - update - watch +{{- end }} From e6babc874b0ab6f43a670f682b56cd4116c4c035 Mon Sep 17 00:00:00 2001 From: Joe McGovern Date: Wed, 2 Dec 2020 10:26:21 -0600 Subject: [PATCH 46/63] fix(argo): Use https for readiness probe in secure mode (#506) Signed-off-by: Joseph McGovern Co-authored-by: Stefan Sedich --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-deployment.yaml | 7 +++++++ charts/argo/values.yaml | 6 ++++++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 63fbbdbb..76a5299a 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.11.7 description: A Helm chart for Argo Workflows name: argo -version: 0.13.8 +version: 0.13.10 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-deployment.yaml b/charts/argo/templates/server-deployment.yaml index bae59607..832fd37d 100644 --- a/charts/argo/templates/server-deployment.yaml +++ b/charts/argo/templates/server-deployment.yaml @@ -38,6 +38,9 @@ spec: {{- if .Values.server.extraArgs }} {{- toYaml .Values.server.extraArgs | nindent 10 }} {{- end }} + {{- if .Values.server.secure }} + - "--secure" + {{- end }} {{- if .Values.singleNamespace }} - "--namespaced" {{- end }} @@ -52,7 +55,11 @@ spec: httpGet: path: / port: 2746 + {{- if .Values.server.secure }} + scheme: HTTPS + {{- else }} scheme: HTTP + {{- end }} initialDelaySeconds: 10 periodSeconds: 20 env: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 5a9a452b..67c9af29 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -201,6 +201,12 @@ server: # PriorityClass: system-cluster-critical priorityClassName: "" + # Run the argo server in "secure" mode. Configure this value instead of + # "--secure" in extraArgs. See the following documentation for more details + # on secure mode: + # https://argoproj.github.io/argo/tls/#encrypted + secure: false + # Extra arguments to provide to the Argo server binary. extraArgs: [] From 40e52f62ac82a3bc3f92584b8594add9d73b8994 Mon Sep 17 00:00:00 2001 From: amit-handda <56566242+amit-handda@users.noreply.github.com> Date: Sun, 6 Dec 2020 09:37:53 -0800 Subject: [PATCH 47/63] fix: apply podannotations to the controller pod template (#510) * fix: apply podannotations to controller pod template Signed-off-by: amit handa * bump chart version Signed-off-by: amit handa Co-authored-by: Scott Cabrinha --- charts/argo-rollouts/Chart.yaml | 2 +- .../templates/argo-rollouts-deployment.yaml | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 4bf8c39b..2acfa9cc 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.9.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.9 +version: 0.3.10 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index 595fe120..c2c2df64 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -2,12 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }} - {{- if .Values.podAnnotations }} - annotations: - {{- range $key, $value := .Values.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} app.kubernetes.io/name: {{ .Release.Name }} @@ -21,6 +15,12 @@ spec: app.kubernetes.io/name: {{ .Release.Name }} template: metadata: + {{- if .Values.podAnnotations }} + annotations: + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} labels: app.kubernetes.io/name: {{ .Release.Name }} spec: From 5e0755f2f601f21faf19674b3ae1ecc80a0665f2 Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Fri, 11 Dec 2020 12:54:59 -0800 Subject: [PATCH 48/63] feat(argo): Add support for setting env vars for workflow controller. (#517) Signed-off-by: Vlad Losev --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/workflow-controller-deployment.yaml | 3 +++ charts/argo/values.yaml | 3 +++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 76a5299a..97e2f28c 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v2.11.7 description: A Helm chart for Argo Workflows name: argo -version: 0.13.10 +version: 0.13.11 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/workflow-controller-deployment.yaml b/charts/argo/templates/workflow-controller-deployment.yaml index dda3df94..82b36bf6 100755 --- a/charts/argo/templates/workflow-controller-deployment.yaml +++ b/charts/argo/templates/workflow-controller-deployment.yaml @@ -61,6 +61,9 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{- with .Values.controller.extraEnv }} + {{ toYaml . | nindent 10 }} + {{- end }} resources: {{- toYaml .Values.controller.resources | nindent 12 }} {{- if .Values.controller.metricsConfig.enabled }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 67c9af29..cd7d7603 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -115,6 +115,9 @@ controller: # service type `LoadBalancer` loadBalancerSourceRanges: [] resources: {} + # The list of environment variable definitions to be added to the controller + # manages container verbatim. + extraEnv: [] replicas: 1 pdb: enabled: false From a6a9d0bf7a91fae540cac49ecfedd0e5307d7eda Mon Sep 17 00:00:00 2001 From: Christopher Sauer Date: Tue, 15 Dec 2020 00:15:13 -0600 Subject: [PATCH 49/63] feat(argo-cd): change application-controller to StatefulSet (#512) * update deployment to statefulset * Update chart version Signed-off-by: Chris Sauer * chore: Bumping minor semver as this has a resource change * chore: Add feature flag for enabling StatefulSet Signed-off-by: seanson@users.noreply.github.com --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 5 ++ .../deployment.yaml | 5 +- charts/argo-cd/values.yaml | 70 +++++++++++-------- 4 files changed, 49 insertions(+), 33 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f6b967a1..45acffdd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.10.0 +version: 2.11.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 07b72e20..cebd0923 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -14,6 +14,10 @@ This chart currently installs the non-HA version of ArgoCD. ## Upgrading +### 2.10.x to 2.11.0 + +The application controller is now available as a `StatefulSet` when the `controller.enableStatefulSet` flag is set to true. Depending on your Helm deployment this may be a downtime or breaking change if enabled when using HA and will become the default in 3.x. + ### 1.8.7 to 2.x.x `controller.extraArgs`, `repoServer.extraArgs` and `server.extraArgs` are now arrays of strings intead of a map @@ -93,6 +97,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | | controller.containerPort | Controller listening port. | `8082` | | controller.extraArgs | Additional arguments for the controller. A list of flags | `[]` | +| controller.enableStatefulSet | Enable deploying the controller as a StatefulSet instead of a Deployment. Used for HA installations. | `false` | | controller.env | Environment variables for the controller. | `[]` | | controller.image.repository | Repository to use for the controller | `global.image.repository` | | controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 3dde5e51..c2260c78 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -1,6 +1,6 @@ {{- $redisHa := (index .Values "redis-ha") -}} apiVersion: apps/v1 -kind: Deployment +kind: {{ .Values.controller.enableStatefulSet | ternary "StatefulSet" "Deployment" }} metadata: name: {{ template "argo-cd.controller.fullname" . }} labels: @@ -16,6 +16,9 @@ spec: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller app.kubernetes.io/instance: {{ .Release.Name }} + {{- if .Values.controller.enableStatefulSet }} + serviceName: {{ template "argo-cd.controller.fullname" . }} + {{- end }} revisionHistoryLimit: 5 replicas: {{ .Values.controller.replicas }} template: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 745b270b..5331d96b 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -34,6 +34,9 @@ controller: # If changing the number of replicas you must pass the number as ARGOCD_CONTROLLER_REPLICAS as an environment variable replicas: 1 + # Deploy the application as a StatefulSet instead of a Deployment, this is required for HA capability. + # This is a feature flag that will become the default in chart version 3.x + enableStatefulSet: false ## Argo controller commandline flags args: @@ -52,10 +55,10 @@ controller: ## Environment variables to pass to argocd-controller ## - env: [] - # - name: "ARGOCD_CONTROLLER_REPLICAS" - # value: "" - + env: + [] + # - name: "ARGOCD_CONTROLLER_REPLICAS" + # value: "" ## Annotations to be added to controller pods ## @@ -66,7 +69,8 @@ controller: podLabels: {} ## Labels to set container specific security contexts - containerSecurityContext: {} + containerSecurityContext: + {} # capabilities: # drop: # - all @@ -242,12 +246,12 @@ dex: priorityClassName: "" ## Labels to set container specific security contexts - containerSecurityContext: {} + containerSecurityContext: + {} # capabilities: # drop: # - all - resources: {} # limits: # cpu: 50m @@ -291,7 +295,8 @@ redis: priorityClassName: "" ## Labels to set container specific security contexts - containerSecurityContext: {} + containerSecurityContext: + {} # capabilities: # drop: # - all @@ -326,7 +331,7 @@ redis-ha: redis: masterGroupName: argocd config: - save: "\"\"" + save: '""' haproxy: enabled: true metrics: @@ -409,7 +414,8 @@ server: priorityClassName: "" ## Labels to set container specific security contexts - containerSecurityContext: {} + containerSecurityContext: + {} # capabilities: # drop: # - all @@ -759,7 +765,8 @@ repoServer: priorityClassName: "" ## Labels to set container specific security contexts - containerSecurityContext: {} + containerSecurityContext: + {} # capabilities: # drop: # - all @@ -815,24 +822,24 @@ repoServer: ## Use init containers to configure custom tooling ## https://argoproj.github.io/argo-cd/operator-manual/custom_tools/ ## When using the volumes & volumeMounts section bellow, please comment out those above. - # volumes: - # - name: custom-tools - # emptyDir: {} - # - # initContainers: - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm + # volumes: + # - name: custom-tools + # emptyDir: {} + # + # initContainers: + # - name: download-tools + # image: alpine:3.8 + # command: [sh, -c] + # args: + # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && + # mv linux-amd64/helm /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + # volumeMounts: + # - mountPath: /usr/local/bin/helm + # name: custom-tools + # subPath: helm ## Argo Configs configs: @@ -921,10 +928,11 @@ configs: # Custom secrets. Useful for injecting SSO secrets into environment variables. # Ref: https://argoproj.github.io/argo-cd/operator-manual/sso/ # Note that all values must be non-empty. - extra: {} + extra: + {} # LDAP_PASSWORD: "mypassword" - # Argo TLS Data. + # Argo TLS Data. argocdServerTlsConfig: {} # key: From 182ef88c67c1ac58d0a922b7101a23e2f91ab2f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= <16559029+clementlecorre@users.noreply.github.com> Date: Tue, 15 Dec 2020 21:47:58 +0100 Subject: [PATCH 50/63] feat(argo): bump apiVersion and support helm3 (#494) Signed-off-by: clement --- charts/argo/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 97e2f28c..0a90e20f 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -1,8 +1,8 @@ -apiVersion: v1 +apiVersion: v2 appVersion: v2.11.7 description: A Helm chart for Argo Workflows name: argo -version: 0.13.11 +version: 0.14.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: From 391c439de69073a74b38571b96d37ff56f996b81 Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Tue, 12 Jan 2021 10:27:30 -0800 Subject: [PATCH 51/63] fix(argo): Add RBAC permissions for v2.12. (#541) Signed-off-by: Vlad Losev --- .circleci/chart-testing.yaml | 1 + .circleci/config.yml | 10 ++++++---- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/crds/crd-application.yaml | 4 ++-- charts/argo-cd/crds/crd-project.yaml | 4 ++-- charts/argo-cd/requirements.lock | 6 +++--- charts/argo-cd/requirements.yaml | 4 ++-- charts/argo/Chart.yaml | 4 ++-- charts/argo/requirements.lock | 8 ++++---- charts/argo/requirements.yaml | 4 ++-- .../cluster-workflow-template-crd.yaml | 2 +- charts/argo/templates/cron-workflow-crd.yaml | 4 ++-- .../argo/templates/server-cluster-roles.yaml | 20 +++++++++++++++++++ .../workflow-controller-cluster-roles.yaml | 19 ++++++++++++++++++ charts/argo/templates/workflow-crd.yaml | 2 +- .../argo/templates/workflow-template-crd.yaml | 2 +- charts/argo/values.yaml | 2 +- scripts/publish.sh | 1 - 18 files changed, 70 insertions(+), 29 deletions(-) diff --git a/.circleci/chart-testing.yaml b/.circleci/chart-testing.yaml index f9b5e85a..88308c21 100644 --- a/.circleci/chart-testing.yaml +++ b/.circleci/chart-testing.yaml @@ -1,2 +1,3 @@ chart-repos: - argo=https://argoproj.github.io/argo-helm + - minio=https://helm.min.io/ diff --git a/.circleci/config.yml b/.circleci/config.yml index 4156df56..eef2b982 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,23 +2,25 @@ version: 2.1 jobs: lint: docker: - - image: gcr.io/kubernetes-charts-ci/test-image:v3.1.0 + - image: quay.io/helmpack/chart-testing:v3.3.1 steps: - checkout + - run: helm repo add stable https://charts.helm.sh/stable - run: ct lint --config .circleci/chart-testing.yaml --lint-conf .circleci/lintconf.yaml # Technically this only needs to be run on master, but it's good to have it run on every PR # so that it is regularly tested. publish: docker: # We just need an image with `helm` on it. Handily we know of one already. - - image: gcr.io/kubernetes-charts-ci/test-image:v3.1.0 + - image: quay.io/helmpack/chart-testing:v3.3.1 steps: # install the additional keys needed to push to Github. Alex Collins owns these keys. - add_ssh_keys - run: git config --global user.email "nobody@circleci.com" - run: git config --global user.name "Circle CI Build" - checkout - - run: helm init --client-only + - run: helm repo add stable https://charts.helm.sh/stable + - run: helm repo add minio https://helm.min.io/ # Only actually publish charts on master. - run: | set -x @@ -35,4 +37,4 @@ workflows: - lint - publish: requires: - - lint \ No newline at end of file + - lint diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 45acffdd..b280627d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.11.0 +version: 2.11.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index 5a08d884..9a708978 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: @@ -1654,4 +1654,4 @@ spec: versions: - name: v1alpha1 served: true - storage: true \ No newline at end of file + storage: true diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 35d9dde9..a911370c 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: @@ -228,4 +228,4 @@ spec: versions: - name: v1alpha1 served: true - storage: true \ No newline at end of file + storage: true diff --git a/charts/argo-cd/requirements.lock b/charts/argo-cd/requirements.lock index 61752ccb..6b9da354 100644 --- a/charts/argo-cd/requirements.lock +++ b/charts/argo-cd/requirements.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha - repository: https://kubernetes-charts.storage.googleapis.com + repository: https://charts.helm.sh/stable version: 4.4.2 -digest: sha256:70fdd035c3aa3b7185882f12a73143c58ab32f04262dda2cf34a2b1a52116d96 -generated: "2020-03-29T14:37:59.349371452+01:00" +digest: sha256:21780522f7047d49ccad6d79f79ee3e28b4839df044beea293e2e4fd69610f52 +generated: "2021-01-11T16:15:21.274802-08:00" diff --git a/charts/argo-cd/requirements.yaml b/charts/argo-cd/requirements.yaml index eb6313dd..64a897e3 100644 --- a/charts/argo-cd/requirements.yaml +++ b/charts/argo-cd/requirements.yaml @@ -1,5 +1,5 @@ dependencies: - name: redis-ha version: 4.4.2 - repository: https://kubernetes-charts.storage.googleapis.com - condition: redis-ha.enabled \ No newline at end of file + repository: https://charts.helm.sh/stable + condition: redis-ha.enabled diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 0a90e20f..504be025 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.11.7 +appVersion: v2.12.3 description: A Helm chart for Argo Workflows name: argo -version: 0.14.0 +version: 0.15.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/requirements.lock b/charts/argo/requirements.lock index 39f5ecae..37a55e66 100644 --- a/charts/argo/requirements.lock +++ b/charts/argo/requirements.lock @@ -1,6 +1,6 @@ dependencies: - name: minio - repository: https://kubernetes-charts.storage.googleapis.com/ - version: 5.0.6 -digest: sha256:373b459c6232e9fd4dd86fa0af01e024372f686a0cdfbfed69d3cd41859e8ad4 -generated: "2020-02-06T00:16:52.211425292Z" + repository: https://helm.min.io/ + version: 8.0.9 +digest: sha256:0f43ad0a4b4e9af47615ef3da85054712eb28f154418d96b7b974a095cc19260 +generated: "2021-01-11T15:01:01.169105-08:00" diff --git a/charts/argo/requirements.yaml b/charts/argo/requirements.yaml index 869e1975..bd643139 100644 --- a/charts/argo/requirements.yaml +++ b/charts/argo/requirements.yaml @@ -1,5 +1,5 @@ dependencies: - name: minio - version: 5.0.6 - repository: https://kubernetes-charts.storage.googleapis.com/ + version: 8.0.9 + repository: https://helm.min.io/ condition: minio.install diff --git a/charts/argo/templates/cluster-workflow-template-crd.yaml b/charts/argo/templates/cluster-workflow-template-crd.yaml index c9c1cb52..be688da3 100644 --- a/charts/argo/templates/cluster-workflow-template-crd.yaml +++ b/charts/argo/templates/cluster-workflow-template-crd.yaml @@ -1,5 +1,5 @@ {{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: clusterworkflowtemplates.argoproj.io diff --git a/charts/argo/templates/cron-workflow-crd.yaml b/charts/argo/templates/cron-workflow-crd.yaml index 8bf36ab3..923abdf2 100644 --- a/charts/argo/templates/cron-workflow-crd.yaml +++ b/charts/argo/templates/cron-workflow-crd.yaml @@ -1,5 +1,5 @@ {{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: cronworkflows.argoproj.io @@ -16,4 +16,4 @@ spec: - cwf scope: Namespaced version: v1alpha1 -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml index ac51e455..e946dcc7 100644 --- a/charts/argo/templates/server-cluster-roles.yaml +++ b/charts/argo/templates/server-cluster-roles.yaml @@ -24,12 +24,32 @@ rules: - list - watch - delete +{{- if .Values.server.sso }} +- apiGroups: + - "" + resources: + - secrets + resourceNames: + - sso + verbs: + - get + - update +- apiGroups: + - "" + resources: + - secrets + verbs: + - create +{{- end}} +{{- if .Values.server.rbac }} - apiGroups: - "" resources: - serviceaccounts verbs: - get + - list +{{- end }} - apiGroups: - "" resources: diff --git a/charts/argo/templates/workflow-controller-cluster-roles.yaml b/charts/argo/templates/workflow-controller-cluster-roles.yaml index 976d49f8..e51f5f4b 100644 --- a/charts/argo/templates/workflow-controller-cluster-roles.yaml +++ b/charts/argo/templates/workflow-controller-cluster-roles.yaml @@ -106,6 +106,25 @@ rules: verbs: - get {{- end}} +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create +- apiGroups: + - coordination.k8s.io + resources: + - leases + resourceNames: + - workflow-controller + - workflow-controller-lease + verbs: + - get + - watch + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/charts/argo/templates/workflow-crd.yaml b/charts/argo/templates/workflow-crd.yaml index dca2e1bc..44a6fa98 100644 --- a/charts/argo/templates/workflow-crd.yaml +++ b/charts/argo/templates/workflow-crd.yaml @@ -1,5 +1,5 @@ {{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: workflows.argoproj.io diff --git a/charts/argo/templates/workflow-template-crd.yaml b/charts/argo/templates/workflow-template-crd.yaml index 55c940d5..757fa098 100644 --- a/charts/argo/templates/workflow-template-crd.yaml +++ b/charts/argo/templates/workflow-template-crd.yaml @@ -1,5 +1,5 @@ {{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: workflowtemplates.argoproj.io diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index cd7d7603..084e92c4 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -7,7 +7,7 @@ images: # Secrets with credentials to pull images from a private registry pullSecrets: [] # - name: argo-pull-secret - tag: v2.11.7 + tag: v2.12.3 crdVersion: v1alpha1 installCRD: true diff --git a/scripts/publish.sh b/scripts/publish.sh index be918fe4..016b59f8 100755 --- a/scripts/publish.sh +++ b/scripts/publish.sh @@ -6,7 +6,6 @@ GIT_PUSH=${GIT_PUSH:-false} rm -rf $SRCROOT/output && git clone -b gh-pages git@github.com:argoproj/argo-helm.git $SRCROOT/output -helm repo add stable https://kubernetes-charts.storage.googleapis.com helm repo add argoproj https://argoproj.github.io/argo-helm for dir in $(find $SRCROOT/charts -mindepth 1 -maxdepth 1 -type d); From 4f7fe688cf80b5e76e87ee1384da1f7a1fda8d67 Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Wed, 13 Jan 2021 10:07:56 -0800 Subject: [PATCH 52/63] fix(Argo): Unify settings for activating rbac. (#544) Signed-off-by: Vlad Losev --- charts/argo/Chart.yaml | 2 +- charts/argo/templates/server-cluster-roles.yaml | 10 ++++++++-- charts/argo/values.yaml | 15 ++++++++++++--- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 504be025..340dc1d4 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.12.3 description: A Helm chart for Argo Workflows name: argo -version: 0.15.0 +version: 0.15.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml index e946dcc7..10c730c1 100644 --- a/charts/argo/templates/server-cluster-roles.yaml +++ b/charts/argo/templates/server-cluster-roles.yaml @@ -41,7 +41,8 @@ rules: verbs: - create {{- end}} -{{- if .Values.server.rbac }} +{{- if .Values.server.sso }} + {{- if .Values.server.sso.rbac }} - apiGroups: - "" resources: @@ -49,6 +50,7 @@ rules: verbs: - get - list + {{- end }} {{- end }} - apiGroups: - "" @@ -56,8 +58,12 @@ rules: - secrets verbs: - get -{{- with .Values.server.rbac.secretWhitelist }} +{{- if .Values.server.sso }} + {{- if .Values.server.sso.rbac }} + {{- with .Values.server.sso.rbac.secretWhitelist }} resourceNames: {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} {{- end }} - apiGroups: - "" diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 084e92c4..b1491b14 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -167,9 +167,6 @@ server: serviceType: ClusterIP servicePort: 2746 # servicePortName: http - rbac: - # When present, restricts secrets the server can read to a given list. - secretWhitelist: [] serviceAccount: argo-server # Whether to create the service account with the name specified in # server.serviceAccount and bind it to the server role. @@ -267,6 +264,18 @@ server: # key: client-secret ## The OIDC redirect URL. Should be in the form /oauth2/callback. # redirectUrl: https://argo/oauth2/callback + # rbac: + # enabled: true + ## When present, restricts secrets the server can read to a given list. + ## You can use it to restrict the server to only be able to access the + ## service account token secrets that are associated with service accounts + ## used for authorization. + # secretWhitelist: [] + ## Scopes requested from the SSO ID provider. The 'groups' scope requests + ## group membership information, which is usually used for authorization + ## decisions. + # scopes: + # - groups # Influences the creation of the ConfigMap for the workflow-controller itself. useDefaultArtifactRepo: false From e8ca7ce63b59b0e2677e5dfe7c6b7436566d92dc Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Thu, 14 Jan 2021 10:52:52 -0800 Subject: [PATCH 53/63] fix(argo): Move dependencies into Chart.yaml. (#546) Signed-off-by: Vlad Losev --- charts/argo/{requirements.lock => Chart.lock} | 2 +- charts/argo/Chart.yaml | 7 ++++++- charts/argo/requirements.yaml | 5 ----- 3 files changed, 7 insertions(+), 7 deletions(-) rename charts/argo/{requirements.lock => Chart.lock} (77%) delete mode 100644 charts/argo/requirements.yaml diff --git a/charts/argo/requirements.lock b/charts/argo/Chart.lock similarity index 77% rename from charts/argo/requirements.lock rename to charts/argo/Chart.lock index 37a55e66..4b57ae05 100644 --- a/charts/argo/requirements.lock +++ b/charts/argo/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://helm.min.io/ version: 8.0.9 digest: sha256:0f43ad0a4b4e9af47615ef3da85054712eb28f154418d96b7b974a095cc19260 -generated: "2021-01-11T15:01:01.169105-08:00" +generated: "2021-01-13T15:31:40.823086-08:00" diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 340dc1d4..44c812c7 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.12.3 description: A Helm chart for Argo Workflows name: argo -version: 0.15.1 +version: 0.15.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -10,3 +10,8 @@ maintainers: - name: alexmt - name: jessesuen - name: benjaminws +dependencies: +- name: minio + version: 8.0.9 + repository: https://helm.min.io/ + condition: minio.install diff --git a/charts/argo/requirements.yaml b/charts/argo/requirements.yaml deleted file mode 100644 index bd643139..00000000 --- a/charts/argo/requirements.yaml +++ /dev/null @@ -1,5 +0,0 @@ -dependencies: -- name: minio - version: 8.0.9 - repository: https://helm.min.io/ - condition: minio.install From b7679a89680d8161834d337ec3327d44bb1c78a0 Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Fri, 15 Jan 2021 11:44:31 -0800 Subject: [PATCH 54/63] fix(argo-cd): Fixes CRD schema. (#545) * fix(argo-cd): Fixes CRD schema. Signed-off-by: Vlad Losev * Bumps chart version. Signed-off-by: Vlad Losev --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/crds/crd-application.yaml | 2495 +++++++++++----------- charts/argo-cd/crds/crd-project.yaml | 413 ++-- 3 files changed, 1454 insertions(+), 1456 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b280627d..761255f0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.11.1 +version: 2.11.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index 9a708978..4884f714 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -8,17 +8,6 @@ metadata: annotations: helm.sh/hook: crd-install spec: - additionalPrinterColumns: - - JSONPath: .status.sync.status - name: Sync Status - type: string - - JSONPath: .status.health.status - name: Health Status - type: string - - JSONPath: .status.sync.revision - name: Revision - priority: 10 - type: string group: argoproj.io names: kind: Application @@ -29,641 +18,118 @@ spec: - apps singular: application scope: Namespaced - subresources: {} - validation: - openAPIV3Schema: - description: Application is a definition of Application resource. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - operation: - description: Operation contains requested operation parameters. - properties: - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - initiatedBy: - description: OperationInitiator holds information about the operation initiator - properties: - automated: - description: Automated is set to true if operation was initiated automatically by the application controller. - type: boolean - username: - description: Name of a user who started operation. - type: string - type: object - retry: - description: Retry controls failed sync retry behavior - properties: - backoff: - description: Backoff is a backoff strategy + versions: + - name: v1alpha1 + served: true + storage: true + additionalPrinterColumns: + - jsonPath: .status.sync.status + name: Sync Status + type: string + - jsonPath: .status.health.status + name: Health Status + type: string + - jsonPath: .status.sync.revision + name: Revision + priority: 10 + type: string + subresources: {} + schema: + openAPIV3Schema: + description: Application is a definition of Application resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + operation: + description: Operation contains requested operation parameters. + properties: + info: + items: properties: - duration: - description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + name: type: string - factor: - description: Factor is a factor to multiply the base duration after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time allowed for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts when retrying a container - format: int64 - type: integer - type: object - sync: - description: SyncOperation contains sync operation details. - properties: - dryRun: - description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync - type: boolean - manifests: - description: Manifests is an optional field that overrides sync source with a local directory for development - items: - type: string - type: array - prune: - description: Prune deletes resources that are no longer tracked in git - type: boolean - resources: - description: Resources describes which resources to sync - items: - description: SyncOperationResource contains resources to sync. - properties: - group: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - - name - type: object - type: array - revision: - description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. - type: string - source: - description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation - properties: - chart: - description: Chart is a Helm chart name - type: string - directory: - description: Directory holds path/directory specific options - properties: - jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar is a jsonnet variable - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar is a jsonnet variable - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm template - items: - description: HelmFileParameter is a file parameter to a helm template - properties: - name: - description: Name is the name of the helm parameter - type: string - path: - description: Path is the path value for the helm parameter - type: string - type: object - type: array - parameters: - description: Parameters are parameters to the helm template - items: - description: HelmParameter is a parameter to a helm template - properties: - forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the helm parameter - type: string - value: - description: Value is the value for the helm parameter - type: string - type: object - type: array - releaseName: - description: The Helm release name. If omitted it will use the application name - type: string - valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template - items: - type: string - type: array - values: - description: Values is Helm values, typically defined as a block - type: string - version: - description: Version is the Helm version to use for templating with - type: string - type: object - ksonnet: - description: Ksonnet holds ksonnet specific options - properties: - environment: - description: Environment is a ksonnet application environment name - type: string - parameters: - description: Parameters are a list of ksonnet component parameter override values - items: - description: KsonnetParameter is a ksonnet component parameter - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonLabels: - additionalProperties: - type: string - description: CommonLabels adds additional kustomize commonLabels - type: object - images: - description: Images are kustomize image overrides - items: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps - type: string - version: - description: Version contains optional Kustomize version - type: string - type: object - path: - description: Path is a directory path within the Git repository - type: string - plugin: - description: ConfigManagementPlugin holds config management plugin specific options - properties: - env: - items: - properties: - name: - description: the name, usually uppercase - type: string - value: - description: the value - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - description: RepoURL is the repository URL of the application manifests - type: string - targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + value: type: string required: - - repoURL + - name + - value type: object - syncOptions: - description: SyncOptions provide per-sync sync-options, e.g. Validate=false - items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the sync - properties: - apply: - description: Apply will perform a `kubectl apply` to perform the sync. - properties: - force: - description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources to perform the sync. This is the default strategy - properties: - force: - description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. - type: boolean - type: object - type: object - type: object - type: object - spec: - description: ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. - properties: - destination: - description: Destination overrides the kubernetes server and namespace defined in the environment ksonnet app.yaml - properties: - name: - description: Name of the destination cluster which can be used instead of server (url) field - type: string - namespace: - description: Namespace overrides the environment namespace value in the ksonnet app.yaml - type: string - server: - description: Server overrides the environment server value in the ksonnet app.yaml - type: string - type: object - ignoreDifferences: - description: IgnoreDifferences controls resources fields which should be ignored during comparison - items: - description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. + type: array + initiatedBy: + description: OperationInitiator holds information about the operation initiator properties: - group: + automated: + description: Automated is set to true if operation was initiated automatically by the application controller. + type: boolean + username: + description: Name of a user who started operation. type: string - jsonPointers: + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object + sync: + description: SyncOperation contains sync operation details. + properties: + dryRun: + description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides sync source with a local directory for development items: type: string type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - jsonPointers - - kind - type: object - type: array - info: - description: Infos contains a list of useful information (URLs, email addresses, and plain text) that relates to the application - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - description: Project is a application project name. Empty name means that application belongs to 'default' project. - type: string - revisionHistoryLimit: - description: This limits this number of items kept in the apps revision history. This should only be changed in exceptional circumstances. Setting to zero will store no history. This will reduce storage used. Increasing will increase the space used to store the history, so we do not recommend increasing it. Default is 10. - format: int64 - type: integer - source: - description: Source is a reference to the location ksonnet application definition - properties: - chart: - description: Chart is a Helm chart name - type: string - directory: - description: Directory holds path/directory specific options - properties: - jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options + prune: + description: Prune deletes resources that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources to sync + items: + description: SyncOperationResource contains resources to sync. properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar is a jsonnet variable - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar is a jsonnet variable - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm template - items: - description: HelmFileParameter is a file parameter to a helm template - properties: - name: - description: Name is the name of the helm parameter - type: string - path: - description: Path is the path value for the helm parameter - type: string - type: object - type: array - parameters: - description: Parameters are parameters to the helm template - items: - description: HelmParameter is a parameter to a helm template - properties: - forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the helm parameter - type: string - value: - description: Value is the value for the helm parameter - type: string - type: object - type: array - releaseName: - description: The Helm release name. If omitted it will use the application name - type: string - valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template - items: - type: string - type: array - values: - description: Values is Helm values, typically defined as a block - type: string - version: - description: Version is the Helm version to use for templating with - type: string - type: object - ksonnet: - description: Ksonnet holds ksonnet specific options - properties: - environment: - description: Environment is a ksonnet application environment name - type: string - parameters: - description: Parameters are a list of ksonnet component parameter override values - items: - description: KsonnetParameter is a ksonnet component parameter - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonLabels: - additionalProperties: - type: string - description: CommonLabels adds additional kustomize commonLabels - type: object - images: - description: Images are kustomize image overrides - items: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps - type: string - version: - description: Version contains optional Kustomize version - type: string - type: object - path: - description: Path is a directory path within the Git repository - type: string - plugin: - description: ConfigManagementPlugin holds config management plugin specific options - properties: - env: - items: - properties: - name: - description: the name, usually uppercase - type: string - value: - description: the value - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - description: RepoURL is the repository URL of the application manifests - type: string - targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD - type: string - required: - - repoURL - type: object - syncPolicy: - description: SyncPolicy controls when a sync will be performed - properties: - automated: - description: Automated will keep an application synced to the target revision - properties: - allowEmpty: - description: 'AllowEmpty allows apps have zero live resources (default: false)' - type: boolean - prune: - description: 'Prune will prune resources automatically as part of automated sync (default: false)' - type: boolean - selfHeal: - description: 'SelfHeal enables auto-syncing if (default: false)' - type: boolean - type: object - retry: - description: Retry controls failed sync retry behavior - properties: - backoff: - description: Backoff is a backoff strategy - properties: - duration: - description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + group: type: string - factor: - description: Factor is a factor to multiply the base duration after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time allowed for the backoff strategy + kind: type: string + name: + type: string + namespace: + type: string + required: + - kind + - name type: object - limit: - description: Limit is the maximum number of attempts when retrying a container - format: int64 - type: integer - type: object - syncOptions: - description: Options allow you to specify whole app sync-options - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - status: - description: ApplicationStatus contains information about application sync, health status - properties: - conditions: - items: - description: ApplicationCondition contains details about current application condition - properties: - lastTransitionTime: - description: LastTransitionTime is the time the condition was first observed. - format: date-time - type: string - message: - description: Message contains human-readable message indicating details about condition - type: string - type: - description: Type is an application condition type - type: string - required: - - message - - type - type: object - type: array - health: - properties: - message: - type: string - status: - description: Represents resource health status - type: string - type: object - history: - description: RevisionHistories is a array of history, oldest first and newest last - items: - description: RevisionHistory contains information relevant to an application deployment - properties: - deployStartedAt: - description: DeployStartedAt holds the time the deployment started - format: date-time - type: string - deployedAt: - description: DeployedAt holds the time the deployment completed - format: date-time - type: string - id: - description: ID is an auto incrementing identifier of the RevisionHistory - format: int64 - type: integer + type: array revision: - description: Revision holds the revision of the sync + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. type: string source: - description: ApplicationSource contains information about github repository, path within repository and target application environment. + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation properties: chart: description: Chart is a Helm chart name @@ -840,621 +306,366 @@ spec: required: - repoURL type: object - required: - - deployedAt - - id - - revision - type: object - type: array - observedAt: - description: 'ObservedAt indicates when the application state was updated without querying latest git state Deprecated: controller no longer updates ObservedAt field' - format: date-time - type: string - operationState: - description: OperationState contains information about state of currently performing operation on application. - properties: - finishedAt: - description: FinishedAt contains time of operation completion - format: date-time - type: string - message: - description: Message hold any pertinent messages when attempting to perform operation (typically errors). - type: string - operation: - description: Operation is the original requested operation - properties: - info: - items: + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: Apply will perform a `kubectl apply` to perform the sync. properties: - name: - type: string - value: - type: string - required: - - name - - value + force: + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + type: boolean type: object + hook: + description: Hook will submit any referenced resources to perform the sync. This is the default strategy + properties: + force: + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + spec: + description: ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. + properties: + destination: + description: Destination overrides the kubernetes server and namespace defined in the environment ksonnet app.yaml + properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string + namespace: + description: Namespace overrides the environment namespace value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment server value in the ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences controls resources fields which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. + properties: + group: + type: string + jsonPointers: + items: + type: string type: array - initiatedBy: - description: OperationInitiator holds information about the operation initiator - properties: - automated: - description: Automated is set to true if operation was initiated automatically by the application controller. - type: boolean - username: - description: Name of a user who started operation. - type: string - type: object - retry: - description: Retry controls failed sync retry behavior - properties: - backoff: - description: Backoff is a backoff strategy - properties: - duration: - description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base duration after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time allowed for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts when retrying a container - format: int64 - type: integer - type: object - sync: - description: SyncOperation contains sync operation details. - properties: - dryRun: - description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync - type: boolean - manifests: - description: Manifests is an optional field that overrides sync source with a local directory for development - items: - type: string - type: array - prune: - description: Prune deletes resources that are no longer tracked in git - type: boolean - resources: - description: Resources describes which resources to sync - items: - description: SyncOperationResource contains resources to sync. - properties: - group: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - - name - type: object - type: array - revision: - description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. - type: string - source: - description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation - properties: - chart: - description: Chart is a Helm chart name - type: string - directory: - description: Directory holds path/directory specific options + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Infos contains a list of useful information (URLs, email addresses, and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a application project name. Empty name means that application belongs to 'default' project. + type: string + revisionHistoryLimit: + description: This limits this number of items kept in the apps revision history. This should only be changed in exceptional circumstances. Setting to zero will store no history. This will reduce storage used. Increasing will increase the space used to store the history, so we do not recommend increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location ksonnet application definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + jsonnet: + description: ApplicationSourceJsonnet holds jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar is a jsonnet variable properties: - jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar is a jsonnet variable - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar is a jsonnet variable - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: + code: type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm template - items: - description: HelmFileParameter is a file parameter to a helm template - properties: - name: - description: Name is the name of the helm parameter - type: string - path: - description: Path is the path value for the helm parameter - type: string - type: object - type: array - parameters: - description: Parameters are parameters to the helm template - items: - description: HelmParameter is a parameter to a helm template - properties: - forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the helm parameter - type: string - value: - description: Value is the value for the helm parameter - type: string - type: object - type: array - releaseName: - description: The Helm release name. If omitted it will use the application name - type: string - valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template - items: - type: string - type: array - values: - description: Values is Helm values, typically defined as a block - type: string - version: - description: Version is the Helm version to use for templating with - type: string - type: object - ksonnet: - description: Ksonnet holds ksonnet specific options - properties: - environment: - description: Environment is a ksonnet application environment name - type: string - parameters: - description: Parameters are a list of ksonnet component parameter override values - items: - description: KsonnetParameter is a ksonnet component parameter - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonLabels: - additionalProperties: - type: string - description: CommonLabels adds additional kustomize commonLabels - type: object - images: - description: Images are kustomize image overrides - items: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps - type: string - version: - description: Version contains optional Kustomize version - type: string - type: object - path: - description: Path is a directory path within the Git repository - type: string - plugin: - description: ConfigManagementPlugin holds config management plugin specific options - properties: - env: - items: - properties: - name: - description: the name, usually uppercase - type: string - value: - description: the value - type: string - required: - - name - - value - type: object - type: array name: type: string + value: + type: string + required: + - name + - value type: object - repoURL: - description: RepoURL is the repository URL of the application manifests + type: array + libs: + description: Additional library search dirs + items: type: string - targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter to a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to the helm template + items: + description: HelmParameter is a parameter to a helm template + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: type: string required: - - repoURL + - name + - value type: object - syncOptions: - description: SyncOptions provide per-sync sync-options, e.g. Validate=false - items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the sync - properties: - apply: - description: Apply will perform a `kubectl apply` to perform the sync. - properties: - force: - description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources to perform the sync. This is the default strategy - properties: - force: - description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. - type: boolean - type: object - type: object - type: object - type: object - phase: - description: Phase is the current phase of the operation - type: string - retryCount: - description: RetryCount contains time of operation retries - format: int64 - type: integer - startedAt: - description: StartedAt contains time of operation start - format: date-time - type: string - syncResult: - description: SyncResult is the result of a Sync operation - properties: - resources: - description: Resources holds the sync result of each individual resource - items: - description: ResourceResult holds the operation result details of a specific resource - properties: - group: - type: string - hookPhase: - description: 'the state of any operation associated with this resource OR hook note: can contain values for non-hook resources' - type: string - hookType: - description: the type of the hook, empty for non-hook resources - type: string - kind: - type: string - message: - description: message for the last sync OR operation - type: string - name: - type: string - namespace: - type: string - status: - description: the final result of the sync, this is be empty if the resources is yet to be applied/pruned and is always zero-value for hooks - type: string - syncPhase: - description: indicates the particular phase of the sync that this is for - type: string - version: - type: string - required: - - group - - kind - - name - - namespace - - version + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional kustomize commonLabels type: object - type: array + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize version + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will be performed + properties: + automated: + description: Automated will keep an application synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have zero live resources (default: false)' + type: boolean + prune: + description: 'Prune will prune resources automatically as part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal enables auto-syncing if (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + status: + description: ApplicationStatus contains information about application sync, health status + properties: + conditions: + items: + description: ApplicationCondition contains details about current application condition + properties: + lastTransitionTime: + description: LastTransitionTime is the time the condition was first observed. + format: date-time + type: string + message: + description: Message contains human-readable message indicating details about condition + type: string + type: + description: Type is an application condition type + type: string + required: + - message + - type + type: object + type: array + health: + properties: + message: + type: string + status: + description: Represents resource health status + type: string + type: object + history: + description: RevisionHistories is a array of history, oldest first and newest last + items: + description: RevisionHistory contains information relevant to an application deployment + properties: + deployStartedAt: + description: DeployStartedAt holds the time the deployment started + format: date-time + type: string + deployedAt: + description: DeployedAt holds the time the deployment completed + format: date-time + type: string + id: + description: ID is an auto incrementing identifier of the RevisionHistory + format: int64 + type: integer revision: description: Revision holds the revision of the sync type: string - source: - description: Source records the application source information of the sync, used for comparing auto-sync - properties: - chart: - description: Chart is a Helm chart name - type: string - directory: - description: Directory holds path/directory specific options - properties: - jsonnet: - description: ApplicationSourceJsonnet holds jsonnet specific options - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar is a jsonnet variable - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar is a jsonnet variable - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm template - items: - description: HelmFileParameter is a file parameter to a helm template - properties: - name: - description: Name is the name of the helm parameter - type: string - path: - description: Path is the path value for the helm parameter - type: string - type: object - type: array - parameters: - description: Parameters are parameters to the helm template - items: - description: HelmParameter is a parameter to a helm template - properties: - forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the helm parameter - type: string - value: - description: Value is the value for the helm parameter - type: string - type: object - type: array - releaseName: - description: The Helm release name. If omitted it will use the application name - type: string - valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template - items: - type: string - type: array - values: - description: Values is Helm values, typically defined as a block - type: string - version: - description: Version is the Helm version to use for templating with - type: string - type: object - ksonnet: - description: Ksonnet holds ksonnet specific options - properties: - environment: - description: Environment is a ksonnet application environment name - type: string - parameters: - description: Parameters are a list of ksonnet component parameter override values - items: - description: KsonnetParameter is a ksonnet component parameter - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonLabels: - additionalProperties: - type: string - description: CommonLabels adds additional kustomize commonLabels - type: object - images: - description: Images are kustomize image overrides - items: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources for kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources for kustomize apps - type: string - version: - description: Version contains optional Kustomize version - type: string - type: object - path: - description: Path is a directory path within the Git repository - type: string - plugin: - description: ConfigManagementPlugin holds config management plugin specific options - properties: - env: - items: - properties: - name: - description: the name, usually uppercase - type: string - value: - description: the value - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - description: RepoURL is the repository URL of the application manifests - type: string - targetRevision: - description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD - type: string - required: - - repoURL - type: object - required: - - revision - type: object - required: - - operation - - phase - - startedAt - type: object - reconciledAt: - description: ReconciledAt indicates when the application state was reconciled using the latest git version - format: date-time - type: string - resources: - items: - description: ResourceStatus holds the current sync and health status of a resource - properties: - group: - type: string - health: - properties: - message: - type: string - status: - description: Represents resource health status - type: string - type: object - hook: - type: boolean - kind: - type: string - name: - type: string - namespace: - type: string - requiresPruning: - type: boolean - status: - description: SyncStatusCode is a type which represents possible comparison results - type: string - version: - type: string - type: object - type: array - sourceType: - type: string - summary: - properties: - externalURLs: - description: ExternalURLs holds all external URLs of application child resources. - items: - type: string - type: array - images: - description: Images holds all images of application child resources. - items: - type: string - type: array - type: object - sync: - description: SyncStatus is a comparison result of application spec and deployed application. - properties: - comparedTo: - description: ComparedTo contains application source and target which was used for resources comparison - properties: - destination: - description: ApplicationDestination contains deployment destination information - properties: - name: - description: Name of the destination cluster which can be used instead of server (url) field - type: string - namespace: - description: Namespace overrides the environment namespace value in the ksonnet app.yaml - type: string - server: - description: Server overrides the environment server value in the ksonnet app.yaml - type: string - type: object source: description: ApplicationSource contains information about github repository, path within repository and target application environment. properties: @@ -1634,24 +845,812 @@ spec: - repoURL type: object required: - - destination - - source + - deployedAt + - id + - revision type: object - revision: - type: string - status: - description: SyncStatusCode is a type which represents possible comparison results - type: string - required: - - status - type: object - type: object - required: - - metadata - - spec - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true + type: array + observedAt: + description: 'ObservedAt indicates when the application state was updated without querying latest git state Deprecated: controller no longer updates ObservedAt field' + format: date-time + type: string + operationState: + description: OperationState contains information about state of currently performing operation on application. + properties: + finishedAt: + description: FinishedAt contains time of operation completion + format: date-time + type: string + message: + description: Message hold any pertinent messages when attempting to perform operation (typically errors). + type: string + operation: + description: Operation is the original requested operation + properties: + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: OperationInitiator holds information about the operation initiator + properties: + automated: + description: Automated is set to true if operation was initiated automatically by the application controller. + type: boolean + username: + description: Name of a user who started operation. + type: string + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying a container + format: int64 + type: integer + type: object + sync: + description: SyncOperation contains sync operation details. + properties: + dryRun: + description: DryRun will perform a `kubectl apply --dry-run` without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides sync source with a local directory for development + items: + type: string + type: array + prune: + description: Prune deletes resources that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources to sync + items: + description: SyncOperationResource contains resources to sync. + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: Revision is the revision in which to sync the application to. If omitted, will use the revision specified in app spec. + type: string + source: + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + jsonnet: + description: ApplicationSourceJsonnet holds jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter to a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to the helm template + items: + description: HelmParameter is a parameter to a helm template + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional kustomize commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize version + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: Apply will perform a `kubectl apply` to perform the sync. + properties: + force: + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources to perform the sync. This is the default strategy + properties: + force: + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + phase: + description: Phase is the current phase of the operation + type: string + retryCount: + description: RetryCount contains time of operation retries + format: int64 + type: integer + startedAt: + description: StartedAt contains time of operation start + format: date-time + type: string + syncResult: + description: SyncResult is the result of a Sync operation + properties: + resources: + description: Resources holds the sync result of each individual resource + items: + description: ResourceResult holds the operation result details of a specific resource + properties: + group: + type: string + hookPhase: + description: 'the state of any operation associated with this resource OR hook note: can contain values for non-hook resources' + type: string + hookType: + description: the type of the hook, empty for non-hook resources + type: string + kind: + type: string + message: + description: message for the last sync OR operation + type: string + name: + type: string + namespace: + type: string + status: + description: the final result of the sync, this is be empty if the resources is yet to be applied/pruned and is always zero-value for hooks + type: string + syncPhase: + description: indicates the particular phase of the sync that this is for + type: string + version: + type: string + required: + - group + - kind + - name + - namespace + - version + type: object + type: array + revision: + description: Revision holds the revision of the sync + type: string + source: + description: Source records the application source information of the sync, used for comparing auto-sync + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + jsonnet: + description: ApplicationSourceJsonnet holds jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter to a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to the helm template + items: + description: HelmParameter is a parameter to a helm template + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional kustomize commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize version + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + required: + - revision + type: object + required: + - operation + - phase + - startedAt + type: object + reconciledAt: + description: ReconciledAt indicates when the application state was reconciled using the latest git version + format: date-time + type: string + resources: + items: + description: ResourceStatus holds the current sync and health status of a resource + properties: + group: + type: string + health: + properties: + message: + type: string + status: + description: Represents resource health status + type: string + type: object + hook: + type: boolean + kind: + type: string + name: + type: string + namespace: + type: string + requiresPruning: + type: boolean + status: + description: SyncStatusCode is a type which represents possible comparison results + type: string + version: + type: string + type: object + type: array + sourceType: + type: string + summary: + properties: + externalURLs: + description: ExternalURLs holds all external URLs of application child resources. + items: + type: string + type: array + images: + description: Images holds all images of application child resources. + items: + type: string + type: array + type: object + sync: + description: SyncStatus is a comparison result of application spec and deployed application. + properties: + comparedTo: + description: ComparedTo contains application source and target which was used for resources comparison + properties: + destination: + description: ApplicationDestination contains deployment destination information + properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string + namespace: + description: Namespace overrides the environment namespace value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment server value in the ksonnet app.yaml + type: string + type: object + source: + description: ApplicationSource contains information about github repository, path within repository and target application environment. + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + jsonnet: + description: ApplicationSourceJsonnet holds jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter to a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to the helm template + items: + description: HelmParameter is a parameter to a helm template + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional kustomize commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize version + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, tag, or branch in which to sync the application to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + required: + - destination + - source + type: object + revision: + type: string + status: + description: SyncStatusCode is a type which represents possible comparison results + type: string + required: + - status + type: object + type: object + required: + - metadata + - spec + type: object diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index a911370c..370ab873 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -18,214 +18,213 @@ spec: - appprojs singular: appproject scope: Namespaced - validation: - openAPIV3Schema: - description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AppProjectSpec is the specification of an AppProject - properties: - clusterResourceBlacklist: - description: ClusterResourceBlacklist contains list of blacklisted cluster level resources - items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted cluster level resources - items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - description: - description: Description contains optional project description - type: string - destinations: - description: Destinations contains list of destinations available for deployment - items: - description: ApplicationDestination contains deployment destination information - properties: - name: - description: Name of the destination cluster which can be used instead of server (url) field - type: string - namespace: - description: Namespace overrides the environment namespace value in the ksonnet app.yaml - type: string - server: - description: Server overrides the environment server value in the ksonnet app.yaml - type: string - type: object - type: array - namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources - items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - namespaceResourceWhitelist: - description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources - items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - orphanedResources: - description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project - properties: - ignore: - items: - properties: - group: - type: string - kind: - type: string - name: - type: string - type: object - type: array - warn: - description: Warn indicates if warning condition should be created for apps which have orphaned resources - type: boolean - type: object - roles: - description: Roles are user defined RBAC roles associated with this project - items: - description: ProjectRole represents a role that has access to a project - properties: - description: - description: Description is a description of the role - type: string - groups: - description: Groups are a list of OIDC group claims bound to this role - items: - type: string - type: array - jwtTokens: - description: JWTTokens are a list of generated JWT tokens bound to this role - items: - description: JWTToken holds the issuedAt and expiresAt values of a token - properties: - exp: - format: int64 - type: integer - iat: - format: int64 - type: integer - id: - type: string - required: - - iat - type: object - type: array - name: - description: Name is a name for this role - type: string - policies: - description: Policies Stores a list of casbin formated strings that define access policies for the role in the project - items: - type: string - type: array - required: - - name - type: object - type: array - signatureKeys: - description: List of PGP key IDs that commits to be synced to must be signed with - items: - description: SignatureKey is the specification of a key required to verify commit signatures with - properties: - keyID: - description: The ID of the key in hexadecimal notation - type: string - required: - - keyID - type: object - type: array - sourceRepos: - description: SourceRepos contains list of repository URLs which can be used for deployment - items: - type: string - type: array - syncWindows: - description: SyncWindows controls when syncs can be run for apps in this project - items: - description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps - properties: - applications: - description: Applications contains a list of applications that the window will apply to - items: - type: string - type: array - clusters: - description: Clusters contains a list of clusters that the window will apply to - items: - type: string - type: array - duration: - description: Duration is the amount of time the sync window will be open - type: string - kind: - description: Kind defines if the window allows or blocks syncs - type: string - manualSync: - description: ManualSync enables manual syncs when they would otherwise be blocked - type: boolean - namespaces: - description: Namespaces contains a list of namespaces that the window will apply to - items: - type: string - type: array - schedule: - description: Schedule is the time the window will begin, specified in cron format - type: string - type: object - type: array - type: object - required: - - metadata - - spec - type: object - version: v1alpha1 versions: - name: v1alpha1 served: true storage: true + schema: + openAPIV3Schema: + description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AppProjectSpec is the specification of an AppProject + properties: + clusterResourceBlacklist: + description: ClusterResourceBlacklist contains list of blacklisted cluster level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + clusterResourceWhitelist: + description: ClusterResourceWhitelist contains list of whitelisted cluster level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + description: + description: Description contains optional project description + type: string + destinations: + description: Destinations contains list of destinations available for deployment + items: + description: ApplicationDestination contains deployment destination information + properties: + name: + description: Name of the destination cluster which can be used instead of server (url) field + type: string + namespace: + description: Namespace overrides the environment namespace value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment server value in the ksonnet app.yaml + type: string + type: object + type: array + namespaceResourceBlacklist: + description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + namespaceResourceWhitelist: + description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + orphanedResources: + description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project + properties: + ignore: + items: + properties: + group: + type: string + kind: + type: string + name: + type: string + type: object + type: array + warn: + description: Warn indicates if warning condition should be created for apps which have orphaned resources + type: boolean + type: object + roles: + description: Roles are user defined RBAC roles associated with this project + items: + description: ProjectRole represents a role that has access to a project + properties: + description: + description: Description is a description of the role + type: string + groups: + description: Groups are a list of OIDC group claims bound to this role + items: + type: string + type: array + jwtTokens: + description: JWTTokens are a list of generated JWT tokens bound to this role + items: + description: JWTToken holds the issuedAt and expiresAt values of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + name: + description: Name is a name for this role + type: string + policies: + description: Policies Stores a list of casbin formated strings that define access policies for the role in the project + items: + type: string + type: array + required: + - name + type: object + type: array + signatureKeys: + description: List of PGP key IDs that commits to be synced to must be signed with + items: + description: SignatureKey is the specification of a key required to verify commit signatures with + properties: + keyID: + description: The ID of the key in hexadecimal notation + type: string + required: + - keyID + type: object + type: array + sourceRepos: + description: SourceRepos contains list of repository URLs which can be used for deployment + items: + type: string + type: array + syncWindows: + description: SyncWindows controls when syncs can be run for apps in this project + items: + description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps + properties: + applications: + description: Applications contains a list of applications that the window will apply to + items: + type: string + type: array + clusters: + description: Clusters contains a list of clusters that the window will apply to + items: + type: string + type: array + duration: + description: Duration is the amount of time the sync window will be open + type: string + kind: + description: Kind defines if the window allows or blocks syncs + type: string + manualSync: + description: ManualSync enables manual syncs when they would otherwise be blocked + type: boolean + namespaces: + description: Namespaces contains a list of namespaces that the window will apply to + items: + type: string + type: array + schedule: + description: Schedule is the time the window will begin, specified in cron format + type: string + type: object + type: array + type: object + required: + - metadata + - spec + type: object From 8baf0d4465e8784fdd0c769d3db000e221e1aab9 Mon Sep 17 00:00:00 2001 From: stephen-harris <54176138+stephen-harris@users.noreply.github.com> Date: Thu, 21 Jan 2021 17:48:29 +0000 Subject: [PATCH 55/63] Feat(argo-rollouts): Update argo-rollouts to v0.10.2 (#538) * feat(argo-rollouts): Update argo-rollouts to v0.10.2 Signed-off-by: Stephen Harris * chore: apiextensions.k8s.io/v1beta1 CustomResourceDefinition is deprecated in favor of apiextensions.k8s.io/v1 CustomResourceDefinition Signed-off-by: Stephen Harris --- charts/argo-rollouts/Chart.yaml | 4 +- charts/argo-rollouts/README.md | 4 +- .../argo-rollouts-aggregate-roles.yaml | 8 + .../templates/argo-rollouts-clusterrole.yaml | 138 +++++++++--------- .../templates/argo-rollouts-deployment.yaml | 12 +- .../templates/argo-rollouts-role.yaml | 131 ++++++++++------- .../templates/crds/analysis-run-crd.yaml | 31 +++- .../templates/crds/analysis-template-crd.yaml | 31 +++- .../crds/cluster-analysis-template-crd.yaml | 31 +++- .../templates/crds/experiment-crd.yaml | 13 +- .../templates/crds/rollout-crd.yaml | 87 ++++++++++- charts/argo-rollouts/values.yaml | 2 +- 12 files changed, 343 insertions(+), 149 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 2acfa9cc..eed61c87 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "0.9.1" +appVersion: "0.10.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.3.10 +version: 0.4.0 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 37ea661b..38bef6ea 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -2,7 +2,7 @@ Argo Rollouts Chart ============= A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. -Current chart version is `0.3.7` +Current chart version is `0.4.0` Source code can be found [here](https://github.com/argoproj/argo-rollouts) @@ -33,7 +33,7 @@ $ helm install --name my-release argo/argo-rollouts | controller.component | string | `"rollouts-controller"` | | | controller.image.pullPolicy | string | `"IfNotPresent"` | | | controller.image.repository | string | `"argoproj/argo-rollouts"` | | -| controller.image.tag | string | `"v0.8.0"` | | +| controller.image.tag | string | `"v0.10.2"` | | | controller.name | string | `"argo-rollouts"` | | | controller.resources | Resource limits and requests for the controller pods. | `{}` | | controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | diff --git a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml b/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml index 2cc55d1f..715aa001 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml @@ -13,8 +13,10 @@ rules: - argoproj.io resources: - rollouts + - rollouts/scale - experiments - analysistemplates + - clusteranalysistemplates - analysisruns verbs: - get @@ -36,8 +38,11 @@ rules: - argoproj.io resources: - rollouts + - rollouts/scale + - rollouts/status - experiments - analysistemplates + - clusteranalysistemplates - analysisruns verbs: - create @@ -64,8 +69,11 @@ rules: - argoproj.io resources: - rollouts + - rollouts/scale + - rollouts/status - experiments - analysistemplates + - clusteranalysistemplates - analysisruns verbs: - create diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index abc1a113..b9595710 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -8,6 +8,43 @@ metadata: app.kubernetes.io/name: {{ .Release.Name }}-clusterrole app.kubernetes.io/part-of: {{ .Release.Name }} rules: +- apiGroups: + - argoproj.io + resources: + - rollouts + - rollouts/status + - rollouts/finalizers + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - argoproj.io + resources: + - analysisruns + - analysisruns/finalizers + - experiments + - experiments/finalizers + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - argoproj.io + resources: + - analysistemplates + - clusteranalysistemplates + verbs: + - get + - list + - watch +# replicaset access needed for managing ReplicaSets - apiGroups: - apps resources: @@ -20,6 +57,7 @@ rules: - update - patch - delete +# services patch needed to update selector of canary/stable/active/preview services - apiGroups: - "" resources: @@ -29,59 +67,52 @@ rules: - list - watch - patch +# secret read access to run analysis templates which reference secrets - apiGroups: - - "" + - "" resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts + - secrets verbs: - get - list - watch +# pod list/update needed for updating ephemeral data +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - update +# pods eviction needed for restart +- apiGroups: + - "" + resources: + - pods/eviction + verbs: + - create +# event write needed for emitting events +- apiGroups: + - "" + resources: + - events + verbs: + - create - update - patch +# ingress patch needed for managing ingress annotations, create needed for nginx canary - apiGroups: - - argoproj.io + - networking.k8s.io + - extensions resources: - - rollouts/finalizers - verbs: - - update -- apiGroups: - - argoproj.io - resources: - - analysisruns - - experiments + - ingresses verbs: - create - get - list - watch - - update - patch - - delete -- apiGroups: - - argoproj.io - resources: - - analysisruns/finalizers - - experiments/finalizers - verbs: - - update -- apiGroups: - - argoproj.io - resources: - - analysistemplates - - clusteranalysistemplates - verbs: - - get - - list - - watch +# job access needed for analysis template job metrics - apiGroups: - batch resources: @@ -94,24 +125,7 @@ rules: - update - patch - delete -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - create - - get - - list - - watch - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - patch +# virtualservice access needed for using the Istio provider - apiGroups: - networking.istio.io resources: @@ -121,6 +135,7 @@ rules: - get - update - list +# trafficsplit access needed for using the SMI provider - apiGroups: - split.smi-spec.io resources: @@ -131,17 +146,4 @@ rules: - get - update - patch -- apiGroups: - - "" - resources: - - pods - verbs: - - list - - delete -- apiGroups: - - "*" - resources: - - "*/finalizers" - verbs: - - "*" {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index c2c2df64..b78b1402 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -30,14 +30,13 @@ spec: {{- end }} serviceAccountName: {{ .Values.serviceAccount.name }} containers: - - command: - - "/bin/rollouts-controller" image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" + {{- if not .Values.clusterInstall }} + args: + - --namespaced + {{- end }} imagePullPolicy: {{ .Values.controller.image.pullPolicy }} name: {{ .Values.controller.name }} - volumeMounts: - - name: tmp - mountPath: /tmp resources: {{- toYaml .Values.controller.resources | nindent 10 }} {{- if .Values.controller.nodeSelector }} @@ -52,8 +51,5 @@ spec: affinity: {{- toYaml .Values.controller.affinity | nindent 8 }} {{- end }} - volumes: - - name: tmp - emptyDir: {} strategy: type: Recreate diff --git a/charts/argo-rollouts/templates/argo-rollouts-role.yaml b/charts/argo-rollouts/templates/argo-rollouts-role.yaml index dee6f168..4c80d507 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml @@ -7,6 +7,43 @@ metadata: app.kubernetes.io/name: {{ .Release.Name }}-role app.kubernetes.io/part-of: {{ .Release.Name }} rules: +- apiGroups: + - argoproj.io + resources: + - rollouts + - rollouts/status + - rollouts/finalizers + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - argoproj.io + resources: + - analysisruns + - analysisruns/finalizers + - experiments + - experiments/finalizers + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - argoproj.io + resources: + - analysistemplates + - clusteranalysistemplates + verbs: + - get + - list + - watch +# replicaset access needed for managing ReplicaSets - apiGroups: - apps resources: @@ -19,6 +56,7 @@ rules: - update - patch - delete +# services patch needed to update selector of canary/stable/active/preview services - apiGroups: - "" resources: @@ -28,59 +66,52 @@ rules: - list - watch - patch +# secret read access to run analysis templates which reference secrets - apiGroups: - - "" + - "" resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts + - secrets verbs: - get - list - watch +# pod list/update needed for updating ephemeral data +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - update +# pods eviction needed for restart +- apiGroups: + - "" + resources: + - pods/eviction + verbs: + - create +# event write needed for emitting events +- apiGroups: + - "" + resources: + - events + verbs: + - create - update - patch +# ingress patch needed for managing ingress annotations, create needed for nginx canary - apiGroups: - - argoproj.io + - networking.k8s.io + - extensions resources: - - rollouts/finalizers - verbs: - - update -- apiGroups: - - argoproj.io - resources: - - analysisruns - - experiments + - ingresses verbs: - create - get - list - watch - - update - patch - - delete -- apiGroups: - - argoproj.io - resources: - - analysisruns/finalizers - - experiments/finalizers - verbs: - - update -- apiGroups: - - argoproj.io - resources: - - analysistemplates - - clusteranalysistemplates - verbs: - - get - - list - - watch +# job access needed for analysis template job metrics - apiGroups: - batch resources: @@ -93,28 +124,24 @@ rules: - update - patch - delete +# virtualservice access needed for using the Istio provider - apiGroups: - - extensions + - networking.istio.io resources: - - ingresses + - virtualservices verbs: - - create - - get - - list - watch - - patch + - get + - update + - list +# trafficsplit access needed for using the SMI provider - apiGroups: - - "" + - split.smi-spec.io resources: - - events + - trafficsplits verbs: - create + - watch + - get - update - patch -- apiGroups: - - "" - resources: - - pods - verbs: - - list - - delete diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 3a4caef4..e5a78219 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -1,9 +1,9 @@ {{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.4.0 name: analysisruns.argoproj.io spec: additionalPrinterColumns: @@ -41,6 +41,13 @@ spec: type: string valueFrom: properties: + fieldRef: + properties: + fieldPath: + type: string + required: + - fieldPath + type: object secretKeyRef: properties: key: @@ -81,6 +88,15 @@ spec: type: string provider: properties: + datadog: + properties: + interval: + type: string + query: + type: string + required: + - query + type: object job: properties: metadata: @@ -2053,6 +2069,8 @@ spec: fsGroup: format: int64 type: integer + fsGroupChangePolicy: + type: string runAsGroup: format: int64 type: integer @@ -2679,6 +2697,15 @@ spec: - storageAccountName - threshold type: object + newRelic: + properties: + profile: + type: string + query: + type: string + required: + - query + type: object prometheus: properties: address: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index c559fae1..7e67249d 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -1,9 +1,9 @@ {{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.4.0 name: analysistemplates.argoproj.io spec: group: argoproj.io @@ -35,6 +35,13 @@ spec: type: string valueFrom: properties: + fieldRef: + properties: + fieldPath: + type: string + required: + - fieldPath + type: object secretKeyRef: properties: key: @@ -75,6 +82,15 @@ spec: type: string provider: properties: + datadog: + properties: + interval: + type: string + query: + type: string + required: + - query + type: object job: properties: metadata: @@ -2047,6 +2063,8 @@ spec: fsGroup: format: int64 type: integer + fsGroupChangePolicy: + type: string runAsGroup: format: int64 type: integer @@ -2673,6 +2691,15 @@ spec: - storageAccountName - threshold type: object + newRelic: + properties: + profile: + type: string + query: + type: string + required: + - query + type: object prometheus: properties: address: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 9a768072..4682d90c 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -1,9 +1,9 @@ {{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.4.0 name: clusteranalysistemplates.argoproj.io spec: group: argoproj.io @@ -35,6 +35,13 @@ spec: type: string valueFrom: properties: + fieldRef: + properties: + fieldPath: + type: string + required: + - fieldPath + type: object secretKeyRef: properties: key: @@ -75,6 +82,15 @@ spec: type: string provider: properties: + datadog: + properties: + interval: + type: string + query: + type: string + required: + - query + type: object job: properties: metadata: @@ -2047,6 +2063,8 @@ spec: fsGroup: format: int64 type: integer + fsGroupChangePolicy: + type: string runAsGroup: format: int64 type: integer @@ -2673,6 +2691,15 @@ spec: - storageAccountName - threshold type: object + newRelic: + properties: + profile: + type: string + query: + type: string + required: + - query + type: object prometheus: properties: address: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index bd435156..1133a9c8 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -1,9 +1,9 @@ {{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.4.0 name: experiments.argoproj.io spec: additionalPrinterColumns: @@ -44,6 +44,13 @@ spec: type: string valueFrom: properties: + fieldRef: + properties: + fieldPath: + type: string + required: + - fieldPath + type: object secretKeyRef: properties: key: @@ -2031,6 +2038,8 @@ spec: fsGroup: format: int64 type: integer + fsGroupChangePolicy: + type: string runAsGroup: format: int64 type: integer diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 18afb92b..74fb4ad9 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -1,9 +1,9 @@ {{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.4.0 name: rollouts.argoproj.io spec: additionalPrinterColumns: @@ -16,13 +16,11 @@ spec: name: Current type: integer - JSONPath: .status.updatedReplicas - description: Total number of non-terminated pods targeted by this rollout that - have the desired template spec + description: Total number of non-terminated pods targeted by this rollout that have the desired template spec name: Up-to-date type: integer - JSONPath: .status.availableReplicas - description: Total number of available pods (ready for at least minReadySeconds) - targeted by this rollout + description: Total number of available pods (ready for at least minReadySeconds) targeted by this rollout name: Available type: integer group: argoproj.io @@ -39,6 +37,7 @@ spec: labelSelectorPath: .status.selector specReplicasPath: .spec.replicas statusReplicasPath: .status.HPAReplicas + status: {} validation: openAPIV3Schema: properties: @@ -125,6 +124,13 @@ spec: type: string valueFrom: properties: + fieldRef: + properties: + fieldPath: + type: string + required: + - fieldPath + type: object podTemplateHashValue: type: string type: object @@ -157,6 +163,13 @@ spec: type: string valueFrom: properties: + fieldRef: + properties: + fieldPath: + type: string + required: + - fieldPath + type: object podTemplateHashValue: type: string type: object @@ -205,6 +218,13 @@ spec: type: string valueFrom: properties: + fieldRef: + properties: + fieldPath: + type: string + required: + - fieldPath + type: object podTemplateHashValue: type: string type: object @@ -242,6 +262,17 @@ spec: requiredDuringSchedulingIgnoredDuringExecution: type: object type: object + canaryMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object canaryService: type: string maxSurge: @@ -254,6 +285,17 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + stableMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object stableService: type: string steps: @@ -270,6 +312,13 @@ spec: type: string valueFrom: properties: + fieldRef: + properties: + fieldPath: + type: string + required: + - fieldPath + type: object podTemplateHashValue: type: string type: object @@ -305,6 +354,13 @@ spec: type: string valueFrom: properties: + fieldRef: + properties: + fieldPath: + type: string + required: + - fieldPath + type: object podTemplateHashValue: type: string type: object @@ -316,6 +372,8 @@ spec: type: boolean name: type: string + requiredForCompletion: + type: boolean templateName: type: string required: @@ -385,6 +443,17 @@ spec: - type: string x-kubernetes-int-or-string: true type: object + setCanaryScale: + properties: + matchTrafficWeight: + type: boolean + replicas: + format: int32 + type: integer + weight: + format: int32 + type: integer + type: object setWeight: format: int32 type: integer @@ -2367,6 +2436,8 @@ spec: fsGroup: format: int64 type: integer + fsGroupChangePolicy: + type: string runAsGroup: format: int64 type: integer @@ -2992,8 +3063,6 @@ spec: - name - status type: object - stableRS: - type: string type: object collisionCount: format: int32 @@ -3048,6 +3117,8 @@ spec: - startTime type: object type: array + promoteFull: + type: boolean readyReplicas: format: int32 type: integer diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index a488e6ec..4e11b693 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -13,7 +13,7 @@ controller: affinity: {} image: repository: argoproj/argo-rollouts - tag: v0.9.1 + tag: v0.10.2 pullPolicy: IfNotPresent resources: {} From 5e46d0eba0374c80156ea0e8ad470400e50457bb Mon Sep 17 00:00:00 2001 From: Alex Collins Date: Thu, 21 Jan 2021 10:55:51 -0800 Subject: [PATCH 56/63] enable stale bot --- .github/stale.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 .github/stale.yaml diff --git a/.github/stale.yaml b/.github/stale.yaml new file mode 100644 index 00000000..d9f65632 --- /dev/null +++ b/.github/stale.yaml @@ -0,0 +1,17 @@ +# Number of days of inactivity before an issue becomes stale +daysUntilStale: 60 +# Number of days of inactivity before a stale issue is closed +daysUntilClose: 7 +# Issues with these labels will never be considered stale +exemptLabels: + - pinned + - security +# Label to use when marking an issue as stale +staleLabel: wontfix +# Comment to post when marking an issue as stale. Set to `false` to disable +markComment: > + This issue has been automatically marked as stale because it has not had + recent activity. It will be closed if no further activity occurs. Thank you + for your contributions. +# Comment to post when closing a stale issue. Set to `false` to disable +closeComment: false \ No newline at end of file From bb0e3e67c7df35eb75f5544c8fc3830fc6c94cbe Mon Sep 17 00:00:00 2001 From: Alex Collins Date: Fri, 22 Jan 2021 03:19:42 -0800 Subject: [PATCH 57/63] chore: Add/invite new code-owners (#551) * chore: Add/invite new code-owners * remove @vladlosev from argo-events --- CODEOWNERS | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 3fa1142c..0d75ccc8 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,13 +1,13 @@ # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners # Argo Workflows -/charts/argo @benjaminws @stefansedich @paguos +/charts/argo @benjaminws @stefansedich @paguos @vladlosev @yann-soubeyrand # Argo CD -/charts/argo-cd @seanson @spencergilbert +/charts/argo-cd @seanson @spencergilbert @davidkarlsen @mr-sour @yann-soubeyrand # Argo Events -/charts/argo-events @jbehling +/charts/argo-events @jbehling @VaibhavPage # Argo Rollouts /charts/argo-rollouts @cabrinha From ef64e585fe90d88055f0cf052bfd74d863fcec73 Mon Sep 17 00:00:00 2001 From: Chulki Lee Date: Fri, 22 Jan 2021 20:23:36 +0900 Subject: [PATCH 58/63] fix(argo-cd): quote version annotation (#534) Signed-off-by: Chulki Lee Co-authored-by: David J. M. Karlsen --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/dex/deployment.yaml | 4 ++-- charts/argo-cd/templates/redis/deployment.yaml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 761255f0..025028e5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.11.2 +version: 2.11.3 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 29802398..c595a014 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -10,7 +10,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} - app.kubernetes.io/version: {{ .Values.dex.image.tag }} + app.kubernetes.io/version: {{ .Values.dex.image.tag | quote }} spec: selector: matchLabels: @@ -31,7 +31,7 @@ spec: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.dex.name }} - app.kubernetes.io/version: {{ .Values.dex.image.tag }} + app.kubernetes.io/version: {{ .Values.dex.image.tag | quote }} {{- if .Values.dex.podLabels }} {{- toYaml .Values.dex.podLabels | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 58934683..3ab7ac0c 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -11,7 +11,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.redis.name }} - app.kubernetes.io/version: {{ .Values.redis.image.tag }} + app.kubernetes.io/version: {{ .Values.redis.image.tag | quote }} spec: selector: matchLabels: @@ -31,7 +31,7 @@ spec: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.redis.name }} - app.kubernetes.io/version: {{ .Values.redis.image.tag }} + app.kubernetes.io/version: {{ .Values.redis.image.tag | quote }} {{- if .Values.redis.podLabels }} {{- toYaml .Values.redis.podLabels | nindent 8 }} {{- end }} From 6b6254ef77d44a3185bda56aa229c0b2a7d7c161 Mon Sep 17 00:00:00 2001 From: Sergey Shaykhullin <46970457+sergeyshaykhullin@users.noreply.github.com> Date: Fri, 22 Jan 2021 14:47:08 +0300 Subject: [PATCH 59/63] fix(argo-rollouts): Fix critical deployment schema bug (#552) * Fix map -> array in containers Signed-off-by: sergeyshaykhullin * Bump chart version Signed-off-by: sergeyshaykhullin Co-authored-by: David J. M. Karlsen --- charts/argo-rollouts/Chart.yaml | 2 +- charts/argo-rollouts/templates/argo-rollouts-deployment.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index eed61c87..a6f74059 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.10.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 0.4.0 +version: 0.4.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index b78b1402..dd04516a 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -30,7 +30,7 @@ spec: {{- end }} serviceAccountName: {{ .Values.serviceAccount.name }} containers: - image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" + - image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" {{- if not .Values.clusterInstall }} args: - --namespaced From a497e0ddaffd6b824f4ec88b331dd395abc49ed8 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Mon, 25 Jan 2021 13:47:48 -0500 Subject: [PATCH 60/63] chore(argo): update argo to 2.12.5 (#554) * update argo to 2.12.5 Signed-off-by: smcavallo * updated Signed-off-by: smcavallo --- charts/argo/Chart.yaml | 4 ++-- charts/argo/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml index 44c812c7..ee83daf9 100644 --- a/charts/argo/Chart.yaml +++ b/charts/argo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.12.3 +appVersion: v2.12.5 description: A Helm chart for Argo Workflows name: argo -version: 0.15.2 +version: 0.15.3 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index b1491b14..a15938db 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -7,7 +7,7 @@ images: # Secrets with credentials to pull images from a private registry pullSecrets: [] # - name: argo-pull-secret - tag: v2.12.3 + tag: v2.12.5 crdVersion: v1alpha1 installCRD: true From 20b750a04533527c1e8faa331e17cb99a3a6ea10 Mon Sep 17 00:00:00 2001 From: Wylie Hobbs Date: Mon, 25 Jan 2021 23:36:53 -0700 Subject: [PATCH 61/63] fix(argo-cd): bump dex image for secretEnv in staticClients to work (#519) * Bump dex image for secretEnv in staticClients to work Signed-off-by: Wylie Hobbs * Bump chart again Signed-off-by: Wylie Hobbs --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 025028e5..127b6400 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.11.3 +version: 2.11.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5331d96b..f665e173 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -195,7 +195,7 @@ dex: image: repository: quay.io/dexidp/dex - tag: v2.22.0 + tag: v2.26.0 imagePullPolicy: IfNotPresent initImage: repository: From cce87f5163a9c6eeaef885f1e70bf35c349a16b1 Mon Sep 17 00:00:00 2001 From: Lucas Bickel Date: Tue, 26 Jan 2021 18:03:14 +0100 Subject: [PATCH 62/63] fix(argo-cd): remove charts/argo-cd/charts/redis-ha/ from git tree (#539) * fix(argo-cd): remove charts/argo-cd/charts/redis-ha/ from git tree Signed-off-by: Lucas Bickel * fix(ci): unpack dep from tarball instead instead of git Signed-off-by: Lucas Bickel --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/charts/redis-ha/Chart.yaml | 21 - charts/argo-cd/charts/redis-ha/OWNERS | 6 - charts/argo-cd/charts/redis-ha/README.md | 230 ----------- .../redis-ha/ci/haproxy-enabled-values.yaml | 10 - .../charts/redis-ha/templates/NOTES.txt | 25 -- .../charts/redis-ha/templates/_configs.tpl | 275 ------------- .../charts/redis-ha/templates/_helpers.tpl | 83 ---- .../redis-ha/templates/redis-auth-secret.yaml | 12 - .../templates/redis-ha-announce-service.yaml | 41 -- .../templates/redis-ha-configmap.yaml | 25 -- .../redis-ha-exporter-script-configmap.yaml | 11 - .../redis-ha/templates/redis-ha-pdb.yaml | 15 - .../redis-ha/templates/redis-ha-role.yaml | 19 - .../templates/redis-ha-rolebinding.yaml | 19 - .../redis-ha/templates/redis-ha-service.yaml | 35 -- .../templates/redis-ha-serviceaccount.yaml | 12 - .../templates/redis-ha-servicemonitor.yaml | 35 -- .../templates/redis-ha-statefulset.yaml | 319 --------------- .../templates/redis-haproxy-deployment.yaml | 151 -------- .../templates/redis-haproxy-service.yaml | 42 -- .../redis-haproxy-serviceaccount.yaml | 12 - .../redis-haproxy-servicemonitor.yaml | 34 -- .../tests/test-redis-ha-configmap.yaml | 27 -- .../templates/tests/test-redis-ha-pod.yaml | 20 - charts/argo-cd/charts/redis-ha/values.yaml | 362 ------------------ scripts/publish.sh | 6 +- 27 files changed, 4 insertions(+), 1845 deletions(-) delete mode 100644 charts/argo-cd/charts/redis-ha/Chart.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/OWNERS delete mode 100644 charts/argo-cd/charts/redis-ha/README.md delete mode 100644 charts/argo-cd/charts/redis-ha/ci/haproxy-enabled-values.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/NOTES.txt delete mode 100644 charts/argo-cd/charts/redis-ha/templates/_configs.tpl delete mode 100644 charts/argo-cd/charts/redis-ha/templates/_helpers.tpl delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-auth-secret.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-announce-service.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-configmap.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-exporter-script-configmap.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-pdb.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-role.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-rolebinding.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-service.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-serviceaccount.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-servicemonitor.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-ha-statefulset.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-haproxy-deployment.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-haproxy-service.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-haproxy-serviceaccount.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/redis-haproxy-servicemonitor.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/tests/test-redis-ha-configmap.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/templates/tests/test-redis-ha-pod.yaml delete mode 100644 charts/argo-cd/charts/redis-ha/values.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 127b6400..210a61bb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.7.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 2.11.4 +version: 2.11.5 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/charts/redis-ha/Chart.yaml b/charts/argo-cd/charts/redis-ha/Chart.yaml deleted file mode 100644 index 04a04fdf..00000000 --- a/charts/argo-cd/charts/redis-ha/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -appVersion: 5.0.6 -description: Highly available Kubernetes implementation of Redis -engine: gotpl -home: http://redis.io/ -icon: https://upload.wikimedia.org/wikipedia/en/thumb/6/6b/Redis_Logo.svg/1200px-Redis_Logo.svg.png -keywords: -- redis -- keyvalue -- database -maintainers: -- email: salimsalaues@gmail.com - name: ssalaues -- email: aaron.layfield@gmail.com - name: dandydeveloper -name: redis-ha -sources: -- https://redis.io/download -- https://github.com/scality/Zenko/tree/development/1.0/kubernetes/zenko/charts/redis-ha -- https://github.com/oliver006/redis_exporter -version: 4.4.2 diff --git a/charts/argo-cd/charts/redis-ha/OWNERS b/charts/argo-cd/charts/redis-ha/OWNERS deleted file mode 100644 index cf4f87d5..00000000 --- a/charts/argo-cd/charts/redis-ha/OWNERS +++ /dev/null @@ -1,6 +0,0 @@ -approvers: -- ssalaues -- dandydeveloper -reviewers: -- ssalaues -- dandydeveloper \ No newline at end of file diff --git a/charts/argo-cd/charts/redis-ha/README.md b/charts/argo-cd/charts/redis-ha/README.md deleted file mode 100644 index ba93ce0f..00000000 --- a/charts/argo-cd/charts/redis-ha/README.md +++ /dev/null @@ -1,230 +0,0 @@ -# Redis - -[Redis](http://redis.io/) is an advanced key-value cache and store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs. - -## TL;DR; - -```bash -$ helm install stable/redis-ha -``` - -By default this chart install 3 pods total: - * one pod containing a redis master and sentinel container (optional prometheus metrics exporter sidecar available) - * two pods each containing a redis slave and sentinel containers (optional prometheus metrics exporter sidecars available) - -## Introduction - -This chart bootstraps a [Redis](https://redis.io) highly available master/slave statefulset in a [Kubernetes](http://kubernetes.io) cluster using the Helm package manager. - -## Prerequisites - -- Kubernetes 1.8+ with Beta APIs enabled -- PV provisioner support in the underlying infrastructure - -## Upgrading the Chart - -Please note that there have been a number of changes simplifying the redis management strategy (for better failover and elections) in the 3.x version of this chart. These changes allow the use of official [redis](https://hub.docker.com/_/redis/) images that do not require special RBAC or ServiceAccount roles. As a result when upgrading from version >=2.0.1 to >=3.0.0 of this chart, `Role`, `RoleBinding`, and `ServiceAccount` resources should be deleted manually. - -### Upgrading the chart from 3.x to 4.x - -Starting from version `4.x` HAProxy sidecar prometheus-exporter removed and replaced by the embedded [HAProxy metrics endpoint](https://github.com/haproxy/haproxy/tree/master/contrib/prometheus-exporter), as a result when upgrading from version 3.x to 4.x section `haproxy.exporter` should be removed and the `haproxy.metrics` need to be configured for fit your needs. - -## Installing the Chart - -To install the chart - -```bash -$ helm install stable/redis-ha -``` - -The command deploys Redis on the Kubernetes cluster in the default configuration. By default this chart install one master pod containing redis master container and sentinel container along with 2 redis slave pods each containing their own sentinel sidecars. The [configuration](#configuration) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Uninstalling the Chart - -To uninstall/delete the deployment: - -```bash -$ helm delete -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. - -## Configuration - -The following table lists the configurable parameters of the Redis chart and their default values. - -| Parameter | Description | Default | -|:--------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------------------------------------------------------------------------------| -| `image` | Redis image | `redis` | -| `imagePullSecrets` | Reference to one or more secrets to be used when pulling redis images | [] | -| `tag` | Redis tag | `5.0.6-alpine` | -| `replicas` | Number of redis master/slave pods | `3` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the redis-ha.fullname template | -| `rbac.create` | Create and use RBAC resources | `true` | -| `redis.port` | Port to access the redis service | `6379` | -| `redis.masterGroupName` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | `mymaster` | -| `redis.config` | Any valid redis config options in this section will be applied to each server (see below) | see values.yaml | -| `redis.customConfig` | Allows for custom redis.conf files to be applied. If this is used then `redis.config` is ignored | `` | -| `redis.resources` | CPU/Memory for master/slave nodes resource requests/limits | `{}` | -| `sentinel.port` | Port to access the sentinel service | `26379` | -| `sentinel.quorum` | Minimum number of servers necessary to maintain quorum | `2` | -| `sentinel.config` | Valid sentinel config options in this section will be applied as config options to each sentinel (see below) | see values.yaml | -| `sentinel.customConfig` | Allows for custom sentinel.conf files to be applied. If this is used then `sentinel.config` is ignored | `` | -| `sentinel.resources` | CPU/Memory for sentinel node resource requests/limits | `{}` | -| `init.resources` | CPU/Memory for init Container node resource requests/limits | `{}` | -| `auth` | Enables or disables redis AUTH (Requires `redisPassword` to be set) | `false` | -| `redisPassword` | A password that configures a `requirepass` and `masterauth` in the conf parameters (Requires `auth: enabled`) | `` | -| `authKey` | The key holding the redis password in an existing secret. | `auth` | -| `existingSecret` | An existing secret containing a key defined by `authKey` that configures `requirepass` and `masterauth` in the conf parameters (Requires `auth: enabled`, cannot be used in conjunction with `.Values.redisPassword`) | `` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Toleration labels for pod assignment | `[]` | -| `hardAntiAffinity` | Whether the Redis server pods should be forced to run on separate nodes. | `true` | -| `additionalAffinities` | Additional affinities to add to the Redis server pods. | `{}` | -| `securityContext` | Security context to be added to the Redis server pods. | `{runAsUser: 1000, fsGroup: 1000, runAsNonRoot: true}` | -| `affinity` | Override all other affinity settings with a string. | `""` | -| `persistentVolume.size` | Size for the volume | 10Gi | -| `persistentVolume.annotations` | Annotations for the volume | `{}` | -| `persistentVolume.reclaimPolicy` | Method used to reclaim an obsoleted volume. `Delete` or `Retain` | `""` | -| `emptyDir` | Configuration of `emptyDir`, used only if persistentVolume is disabled and no hostPath specified | `{}` | -| `exporter.enabled` | If `true`, the prometheus exporter sidecar is enabled | `false` | -| `exporter.image` | Exporter image | `oliver006/redis_exporter` | -| `exporter.tag` | Exporter tag | `v0.31.0` | -| `exporter.port` | Exporter port | `9121` | -| `exporter.annotations` | Prometheus scrape annotations | `{prometheus.io/path: /metrics, prometheus.io/port: "9121", prometheus.io/scrape: "true"}` | -| `exporter.extraArgs` | Additional args for the exporter | `{}` | -| `exporter.script` | A custom custom Lua script that will be mounted to exporter for collection of custom metrics. Creates a ConfigMap and sets env var `REDIS_EXPORTER_SCRIPT`. | | -| `exporter.serviceMonitor.enabled` | Use servicemonitor from prometheus operator | `false` | -| `exporter.serviceMonitor.namespace` | Namespace the service monitor is created in | `default` | -| `exporter.serviceMonitor.interval` | Scrape interval, If not set, the Prometheus default scrape interval is used | `nil` | -| `exporter.serviceMonitor.telemetryPath` | Path to redis-exporter telemetry-path | `/metrics` | -| `exporter.serviceMonitor.labels` | Labels for the servicemonitor passed to Prometheus Operator | `{}` | -| `exporter.serviceMonitor.timeout` | How long until a scrape request times out. If not set, the Prometheus default scape timeout is used | `nil` | -| `haproxy.enabled` | Enabled HAProxy LoadBalancing/Proxy | `false` | -| `haproxy.replicas` | Number of HAProxy instances | `3` | -| `haproxy.image.repository`| HAProxy Image Repository | `haproxy` | -| `haproxy.image.tag` | HAProxy Image Tag | `2.0.1` | -| `haproxy.image.pullPolicy`| HAProxy Image PullPolicy | `IfNotPresent` | -| `haproxy.imagePullSecrets`| Reference to one or more secrets to be used when pulling haproxy images | [] | -| `haproxy.annotations` | HAProxy template annotations | `{}` | -| `haproxy.customConfig` | Allows for custom config-haproxy.cfg file to be applied. If this is used then default config will be overwriten | `` | -| `haproxy.extraConfig` | Allows to place any additional configuration section to add to the default config-haproxy.cfg | `` | -| `haproxy.resources` | HAProxy resources | `{}` | -| `haproxy.emptyDir` | Configuration of `emptyDir` | `{}` | -| `haproxy.service.type` | HAProxy service type "ClusterIP", "LoadBalancer" or "NodePort" | `ClusterIP` | -| `haproxy.service.nodePort` | HAProxy service nodePort value (haproxy.service.type must be NodePort) | not set | -| `haproxy.service.annotations` | HAProxy service annotations | `{}` | -| `haproxy.stickyBalancing` | HAProxy sticky load balancing to Redis nodes. Helps with connections shutdown. | `false` | -| `haproxy.hapreadport.enable` | Enable a read only port for redis slaves | `false` | -| `haproxy.hapreadport.port` | Haproxy port for read only redis slaves | `6380` | -| `haproxy.metrics.enabled` | HAProxy enable prometheus metric scraping | `false` | -| `haproxy.metrics.port` | HAProxy prometheus metrics scraping port | `9101` | -| `haproxy.metrics.portName` | HAProxy metrics scraping port name | `exporter-port` | -| `haproxy.metrics.scrapePath` | HAProxy prometheus metrics scraping port | `/metrics` | -| `haproxy.metrics.serviceMonitor.enabled` | Use servicemonitor from prometheus operator for HAProxy metrics | `false` | -| `haproxy.metrics.serviceMonitor.namespace` | Namespace the service monitor for HAProxy metrics is created in | `default` | -| `haproxy.metrics.serviceMonitor.interval` | Scrape interval, If not set, the Prometheus default scrape interval is used | `nil` | -| `haproxy.metrics.serviceMonitor.telemetryPath` | Path to HAProxy metrics telemetry-path | `/metrics` | -| `haproxy.metrics.serviceMonitor.labels` | Labels for the HAProxy metrics servicemonitor passed to Prometheus Operator | `{}` | -| `haproxy.metrics.serviceMonitor.timeout` | How long until a scrape request times out. If not set, the Prometheus default scape timeout is used | `nil` | -| `haproxy.init.resources` | Extra init resources | `{}` | -| `haproxy.timeout.connect` | haproxy.cfg `timeout connect` setting | `4s` | -| `haproxy.timeout.server` | haproxy.cfg `timeout server` setting | `30s` | -| `haproxy.timeout.client` | haproxy.cfg `timeout client` setting | `30s` | -| `haproxy.timeout.check` | haproxy.cfg `timeout check` setting | `2s` | -| `haproxy.priorityClassName` | priorityClassName for `haproxy` deployment | not set | -| `haproxy.securityContext` | Security context to be added to the HAProxy deployment. | `{runAsUser: 1000, fsGroup: 1000, runAsNonRoot: true}` | -| `haproxy.hardAntiAffinity` | Whether the haproxy pods should be forced to run on separate nodes. | `true` | -| `haproxy.affinity` | Override all other haproxy affinity settings with a string. | `""` | -| `haproxy.additionalAffinities` | Additional affinities to add to the haproxy server pods. | `{}` | -| `podDisruptionBudget` | Pod Disruption Budget rules | `{}` | -| `priorityClassName` | priorityClassName for `redis-ha-statefulset` | not set | -| `hostPath.path` | Use this path on the host for data storage | not set | -| `hostPath.chown` | Run an init-container as root to set ownership on the hostPath | `true` | -| `sysctlImage.enabled` | Enable an init container to modify Kernel settings | `false` | -| `sysctlImage.command` | sysctlImage command to execute | [] | -| `sysctlImage.registry` | sysctlImage Init container registry | `docker.io` | -| `sysctlImage.repository` | sysctlImage Init container name | `busybox` | -| `sysctlImage.tag` | sysctlImage Init container tag | `1.31.1` | -| `sysctlImage.pullPolicy` | sysctlImage Init container pull policy | `Always` | -| `sysctlImage.mountHostSys`| Mount the host `/sys` folder to `/host-sys` | `false` | -| `sysctlImage.resources` | sysctlImage resources | `{}` | -| `schedulerName` | Alternate scheduler name | `nil` | - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```bash -$ helm install \ - --set image=redis \ - --set tag=5.0.5-alpine \ - stable/redis-ha -``` - -The above command sets the Redis server within `default` namespace. - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```bash -$ helm install -f values.yaml stable/redis-ha -``` - -> **Tip**: You can use the default [values.yaml](values.yaml) - -## Custom Redis and Sentinel config options - -This chart allows for most redis or sentinel config options to be passed as a key value pair through the `values.yaml` under `redis.config` and `sentinel.config`. See links below for all available options. - -[Example redis.conf](http://download.redis.io/redis-stable/redis.conf) -[Example sentinel.conf](http://download.redis.io/redis-stable/sentinel.conf) - -For example `repl-timeout 60` would be added to the `redis.config` section of the `values.yaml` as: - -```yml - repl-timeout: "60" -``` - -Note: - -1. Some config options should be renamed by redis version,e.g.: - - ``` - # In redis 5.x,see https://raw.githubusercontent.com/antirez/redis/5.0/redis.conf - min-replicas-to-write: 1 - min-replicas-max-lag: 5 - - # In redis 4.x and redis 3.x,see https://raw.githubusercontent.com/antirez/redis/4.0/redis.conf and https://raw.githubusercontent.com/antirez/redis/3.0/redis.conf - min-slaves-to-write 1 - min-slaves-max-lag 5 - ``` - -Sentinel options supported must be in the the `sentinel