DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into pvc-438

Browse source
This commit is contained in:
Michele Sacchetti 2024-01-08 09:49:53 +01:00 committed by GitHub
commit ef59fe64d8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 42 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
charts/argo-rollouts/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
appVersion: v1.6.4
description: A Helm chart for Argo Rollouts
name: argo-rollouts
version: 2.34.0
version: 2.34.1
home: https://github.com/argoproj/argo-helm
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
keywords:
@ -18,5 +18,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: changed
description: Allow setting log config for rollouts dashboard
- kind: added
description: Added Gloo Platform provider RBAC rules

1
charts/argo-rollouts/README.md
View file

@ -66,6 +66,7 @@ For full list of changes please check ArtifactHub [changelog].
| providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider |
| providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider |
| providerRBAC.providers.contour | bool | `true` | Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` |
| providerRBAC.providers.glooPlatform | bool | `true` | Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md` |
| providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider |
| providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider |
| providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider |

9
charts/argo-rollouts/templates/controller/clusterrole.yaml
View file

@ -267,5 +267,14 @@ rules:
- watch
- update
{{- end }}
{{- if .Values.providerRBAC.providers.glooPlatform }}
# Access needed when using the Gloo Platform provider
- apiGroups:
- networking.gloo.solo.io
resources:
- routetables
verbs:
- '*'
{{- end }}
{{- end }}
{{- end }}

9
charts/argo-rollouts/templates/controller/role.yaml
View file

@ -256,5 +256,14 @@ rules:
- get
- update
{{- end }}
{{- if .Values.providerRBAC.providers.glooPlatform }}
# Access needed when using the Gloo Platform provider
- apiGroups:
- networking.gloo.solo.io
resources:
- routetables
verbs:
- '*'
{{- end }}
{{- end }}
{{- end }}

2
charts/argo-rollouts/values.yaml
View file

@ -271,6 +271,8 @@ providerRBAC:
apisix: true
# -- Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md`
contour: true
# -- Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md`
glooPlatform: true
dashboard:
# -- Deploy dashboard server

6
charts/argo-workflows/Chart.yaml
View file

@ -3,7 +3,7 @@ appVersion: v3.5.2
name: argo-workflows
description: A Helm chart for Argo Workflows
type: application
version: 0.40.3
version: 0.40.4
icon: https://argoproj.github.io/argo-workflows/assets/logo.png
home: https://github.com/argoproj/argo-helm
sources:
@ -16,5 +16,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: added
description: Add instruction for SSO
- kind: changed
description: Update doc for Argo Workflows server authentication

15
charts/argo-workflows/README.md
View file

@ -56,11 +56,6 @@ spec:
args: [ "hello world" ]
```
### Argo Workflows Server SSO
In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`.
In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details.
## Installing the Chart
To install the chart with the release name `my-release`:
@ -89,9 +84,12 @@ Please see the upstream [Operator Manual's High Availability page](https://argop
This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs.
### Workflow server authentication
### Argo Workflows server authentication
By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting.
Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means.
Please refer to [Argo Server Auth Mode] for more details.
Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details.
## Values
@ -392,4 +390,5 @@ Fields to note:
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog
[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac
[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/
[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/

16
charts/argo-workflows/README.md.gotmpl
View file

@ -56,11 +56,6 @@ spec:
args: [ "hello world" ]
```
### Argo Workflows Server SSO
In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`.
In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details.
## Installing the Chart
To install the chart with the release name `my-release`:
@ -89,9 +84,13 @@ Please see the upstream [Operator Manual's High Availability page](https://argop
This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs.
### Workflow server authentication
### Argo Workflows server authentication
Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means.
Please refer to [Argo Server Auth Mode] for more details.
Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details.
By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting.
## Values
@ -209,4 +208,5 @@ Fields to note:
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog
[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac
[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/
[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/