Merge branch 'argoproj:main' into main
This commit is contained in:
Tim Collins
GitHub
commit
effba1246a
46 changed files with 801 additions and 801 deletions
2
.github/workflows/lint-and-test.yml
vendored
2
.github/workflows/lint-and-test.yml
vendored
|
|
@ -32,7 +32,7 @@ jobs:
|
||||||
version: v3.10.1 # Also update in publish.yaml
|
version: v3.10.1 # Also update in publish.yaml
|
||||||
|
|
||||||
- name: Set up python
|
- name: Set up python
|
||||||
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
|
uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
|
||||||
with:
|
with:
|
||||||
python-version: 3.9
|
python-version: 3.9
|
||||||
|
|
||||||
|
|
|
||||||
2
.github/workflows/pr-sizing.yml
vendored
2
.github/workflows/pr-sizing.yml
vendored
|
|
@ -25,6 +25,6 @@ jobs:
|
||||||
size-label:
|
size-label:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: pascalgn/size-label-action@bbbaa0d5ccce8e2e76254560df5c64b82dac2e12 # v0.5.2
|
- uses: pascalgn/size-label-action@be08a2d5f857dc99c5b9426cdb5a8ea1aa7f0399 # v0.5.4
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
||||||
|
|
|
||||||
2
.github/workflows/publish.yml
vendored
2
.github/workflows/publish.yml
vendored
|
|
@ -66,7 +66,7 @@ jobs:
|
||||||
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
||||||
|
|
||||||
- name: Login to GHCR
|
- name: Login to GHCR
|
||||||
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
|
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
|
||||||
with:
|
with:
|
||||||
registry: ghcr.io
|
registry: ghcr.io
|
||||||
username: ${{ github.actor }}
|
username: ${{ github.actor }}
|
||||||
|
|
|
||||||
6
.github/workflows/renovate.yaml
vendored
6
.github/workflows/renovate.yaml
vendored
|
|
@ -16,7 +16,7 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Get token
|
- name: Get token
|
||||||
uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1.10.3
|
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
|
||||||
id: get_token
|
id: get_token
|
||||||
with:
|
with:
|
||||||
app-id: ${{ vars.RENOVATE_APP_ID }}
|
app-id: ${{ vars.RENOVATE_APP_ID }}
|
||||||
|
|
@ -26,11 +26,11 @@ jobs:
|
||||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
||||||
|
|
||||||
- name: Self-hosted Renovate
|
- name: Self-hosted Renovate
|
||||||
uses: renovatebot/github-action@042670e39b8d7335e992c3fa526ecbfbd52ef57b # v40.2.2
|
uses: renovatebot/github-action@e1db501385ddcccbaae6fb9c06befae04f379f23 # v40.2.10
|
||||||
with:
|
with:
|
||||||
configurationFile: .github/configs/renovate-config.js
|
configurationFile: .github/configs/renovate-config.js
|
||||||
# renovate: datasource=docker depName=ghcr.io/renovatebot/renovate
|
# renovate: datasource=docker depName=ghcr.io/renovatebot/renovate
|
||||||
renovate-version: 37.421.4
|
renovate-version: 38.59.2
|
||||||
token: '${{ steps.get_token.outputs.token }}'
|
token: '${{ steps.get_token.outputs.token }}'
|
||||||
env:
|
env:
|
||||||
LOG_LEVEL: 'debug'
|
LOG_LEVEL: 'debug'
|
||||||
|
|
|
||||||
6
.github/workflows/scorecard.yml
vendored
6
.github/workflows/scorecard.yml
vendored
|
|
@ -38,7 +38,7 @@ jobs:
|
||||||
persist-credentials: false
|
persist-credentials: false
|
||||||
|
|
||||||
- name: "Run analysis"
|
- name: "Run analysis"
|
||||||
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
|
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
|
||||||
with:
|
with:
|
||||||
results_file: results.sarif
|
results_file: results.sarif
|
||||||
results_format: sarif
|
results_format: sarif
|
||||||
|
|
@ -60,7 +60,7 @@ jobs:
|
||||||
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
||||||
# format to the repository Actions tab.
|
# format to the repository Actions tab.
|
||||||
- name: "Upload artifact"
|
- name: "Upload artifact"
|
||||||
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
|
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
|
||||||
with:
|
with:
|
||||||
name: SARIF file
|
name: SARIF file
|
||||||
path: results.sarif
|
path: results.sarif
|
||||||
|
|
@ -68,6 +68,6 @@ jobs:
|
||||||
|
|
||||||
# Upload the results to GitHub's code scanning dashboard.
|
# Upload the results to GitHub's code scanning dashboard.
|
||||||
- name: "Upload to code-scanning"
|
- name: "Upload to code-scanning"
|
||||||
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
|
uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7
|
||||||
with:
|
with:
|
||||||
sarif_file: results.sarif
|
sarif_file: results.sarif
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: redis-ha
|
- name: redis-ha
|
||||||
repository: https://dandydeveloper.github.io/charts/
|
repository: https://dandydeveloper.github.io/charts/
|
||||||
version: 4.26.1
|
version: 4.27.6
|
||||||
digest: sha256:d72c308ab0eef4233e25bfc3f8fc97cf9b02a9c5d0186ea89e2f8fb332cb9c41
|
digest: sha256:69c6b20682f0a2a8044b71731b7c656a57118088a7b3611f59217b537167af2e
|
||||||
generated: "2024-02-18T19:42:53.135599+02:00"
|
generated: "2024-08-28T13:02:33.763307+02:00"
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
appVersion: v2.11.5
|
appVersion: v2.12.3
|
||||||
kubeVersion: ">=1.23.0-0"
|
kubeVersion: ">=1.25.0-0"
|
||||||
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
|
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
|
||||||
name: argo-cd
|
name: argo-cd
|
||||||
version: 7.3.8
|
version: 7.6.0
|
||||||
home: https://github.com/argoproj/argo-helm
|
home: https://github.com/argoproj/argo-helm
|
||||||
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
|
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
|
||||||
sources:
|
sources:
|
||||||
|
|
@ -18,7 +18,7 @@ maintainers:
|
||||||
url: https://argoproj.github.io/
|
url: https://argoproj.github.io/
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: redis-ha
|
- name: redis-ha
|
||||||
version: 4.26.1
|
version: 4.27.6
|
||||||
repository: https://dandydeveloper.github.io/charts/
|
repository: https://dandydeveloper.github.io/charts/
|
||||||
condition: redis-ha.enabled
|
condition: redis-ha.enabled
|
||||||
annotations:
|
annotations:
|
||||||
|
|
@ -26,5 +26,5 @@ annotations:
|
||||||
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
|
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
|
||||||
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
||||||
artifacthub.io/changes: |
|
artifacthub.io/changes: |
|
||||||
- kind: fixed
|
- kind: added
|
||||||
description: Add Redis Sentinel variables to application controller deployment
|
description: Ability to set runtime class for all components
|
||||||
|
|
|
||||||
|
|
@ -278,6 +278,31 @@ For full list of changes please check ArtifactHub [changelog].
|
||||||
|
|
||||||
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
|
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
|
||||||
|
|
||||||
|
### 7.0.0
|
||||||
|
|
||||||
|
We changed the type of `.Values.configs.clusterCredentials` from `list` to `object`.
|
||||||
|
If you used the value, please migrate like below.
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
# before
|
||||||
|
configs:
|
||||||
|
clusterCredentials:
|
||||||
|
- mycluster:
|
||||||
|
server: https://mycluster.example.com
|
||||||
|
labels: {}
|
||||||
|
annotations: {}
|
||||||
|
# ...
|
||||||
|
|
||||||
|
# after
|
||||||
|
configs:
|
||||||
|
clusterCredentials:
|
||||||
|
mycluster:
|
||||||
|
server: https://mycluster.example.com
|
||||||
|
labels: {}
|
||||||
|
annotations: {}
|
||||||
|
# ...
|
||||||
|
```
|
||||||
|
|
||||||
### 6.10.0
|
### 6.10.0
|
||||||
|
|
||||||
This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr.
|
This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr.
|
||||||
|
|
@ -290,7 +315,7 @@ Upstream steps in the [FAQ] are not enough, since we chose a different approach.
|
||||||
Steps to roteate the secret when using the helm chart (bold step is additional to upstream):
|
Steps to roteate the secret when using the helm chart (bold step is additional to upstream):
|
||||||
* Delete `argocd-redis` secret in the namespace where Argo CD is installed.
|
* Delete `argocd-redis` secret in the namespace where Argo CD is installed.
|
||||||
```bash
|
```bash
|
||||||
kubectl delete secret argocd-redis -n <argocd namesapce>
|
kubectl delete secret argocd-redis -n <argocd namespace>
|
||||||
```
|
```
|
||||||
* **Perform a helm upgrade**
|
* **Perform a helm upgrade**
|
||||||
```bash
|
```bash
|
||||||
|
|
@ -622,7 +647,7 @@ server:
|
||||||
|
|
||||||
## Prerequisites
|
## Prerequisites
|
||||||
|
|
||||||
- Kubernetes: `>=1.23.0-0`
|
- Kubernetes: `>=1.25.0-0`
|
||||||
- We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach.
|
- We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach.
|
||||||
- Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info.
|
- Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info.
|
||||||
- Helm v3.0.0+
|
- Helm v3.0.0+
|
||||||
|
|
@ -688,6 +713,7 @@ NAME: my-release
|
||||||
| global.podLabels | object | `{}` | Labels for the all deployed pods |
|
| global.podLabels | object | `{}` | Labels for the all deployed pods |
|
||||||
| global.priorityClassName | string | `""` | Default priority class for all components |
|
| global.priorityClassName | string | `""` | Default priority class for all components |
|
||||||
| global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. |
|
| global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. |
|
||||||
|
| global.runtimeClassName | string | `""` | Runtime class name for all components |
|
||||||
| global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. |
|
| global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. |
|
||||||
| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets |
|
| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets |
|
||||||
| global.tolerations | list | `[]` | Default tolerations for all components |
|
| global.tolerations | list | `[]` | Default tolerations for all components |
|
||||||
|
|
@ -831,6 +857,7 @@ NAME: my-release
|
||||||
| controller.replicas | int | `1` | The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. |
|
| controller.replicas | int | `1` | The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. |
|
||||||
| controller.resources | object | `{}` | Resource limits and requests for the application controller pods |
|
| controller.resources | object | `{}` | Resource limits and requests for the application controller pods |
|
||||||
| controller.revisionHistoryLimit | int | `5` | Maximum number of controller revisions that will be maintained in StatefulSet history |
|
| controller.revisionHistoryLimit | int | `5` | Maximum number of controller revisions that will be maintained in StatefulSet history |
|
||||||
|
| controller.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the application controller |
|
||||||
| controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
|
| controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
|
||||||
| controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
|
| controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
|
||||||
| controller.serviceAccount.create | bool | `true` | Create a service account for the application controller |
|
| controller.serviceAccount.create | bool | `true` | Create a service account for the application controller |
|
||||||
|
|
@ -925,6 +952,7 @@ NAME: my-release
|
||||||
| repoServer.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
|
| repoServer.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
|
||||||
| repoServer.replicas | int | `1` | The number of repo server pods to run |
|
| repoServer.replicas | int | `1` | The number of repo server pods to run |
|
||||||
| repoServer.resources | object | `{}` | Resource limits and requests for the repo server pods |
|
| repoServer.resources | object | `{}` | Resource limits and requests for the repo server pods |
|
||||||
|
| repoServer.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the repo server |
|
||||||
| repoServer.service.annotations | object | `{}` | Repo server service annotations |
|
| repoServer.service.annotations | object | `{}` | Repo server service annotations |
|
||||||
| repoServer.service.labels | object | `{}` | Repo server service labels |
|
| repoServer.service.labels | object | `{}` | Repo server service labels |
|
||||||
| repoServer.service.port | int | `8081` | Repo server service port |
|
| repoServer.service.port | int | `8081` | Repo server service port |
|
||||||
|
|
@ -1078,6 +1106,7 @@ NAME: my-release
|
||||||
| server.route.hostname | string | `""` | Hostname of OpenShift Route |
|
| server.route.hostname | string | `""` | Hostname of OpenShift Route |
|
||||||
| server.route.termination_policy | string | `"None"` | Termination policy of Openshift Route |
|
| server.route.termination_policy | string | `"None"` | Termination policy of Openshift Route |
|
||||||
| server.route.termination_type | string | `"passthrough"` | Termination type of Openshift Route |
|
| server.route.termination_type | string | `"passthrough"` | Termination type of Openshift Route |
|
||||||
|
| server.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the Argo CD server |
|
||||||
| server.service.annotations | object | `{}` | Server service annotations |
|
| server.service.annotations | object | `{}` | Server service annotations |
|
||||||
| server.service.externalIPs | list | `[]` | Server service external IPs |
|
| server.service.externalIPs | list | `[]` | Server service external IPs |
|
||||||
| server.service.externalTrafficPolicy | string | `"Cluster"` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints |
|
| server.service.externalTrafficPolicy | string | `"Cluster"` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints |
|
||||||
|
|
@ -1185,6 +1214,7 @@ NAME: my-release
|
||||||
| dex.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
|
| dex.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
|
||||||
| dex.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
|
| dex.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
|
||||||
| dex.resources | object | `{}` | Resource limits and requests for dex |
|
| dex.resources | object | `{}` | Resource limits and requests for dex |
|
||||||
|
| dex.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for Dex |
|
||||||
| dex.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
|
| dex.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
|
||||||
| dex.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
|
| dex.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account |
|
||||||
| dex.serviceAccount.create | bool | `true` | Create dex service account |
|
| dex.serviceAccount.create | bool | `true` | Create dex service account |
|
||||||
|
|
@ -1283,6 +1313,7 @@ NAME: my-release
|
||||||
| redis.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
|
| redis.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
|
||||||
| redis.readinessProbe.timeoutSeconds | int | `15` | Number of seconds after which the [probe] times out |
|
| redis.readinessProbe.timeoutSeconds | int | `15` | Number of seconds after which the [probe] times out |
|
||||||
| redis.resources | object | `{}` | Resource limits and requests for redis |
|
| redis.resources | object | `{}` | Resource limits and requests for redis |
|
||||||
|
| redis.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for redis |
|
||||||
| redis.securityContext | object | See [values.yaml] | Redis pod-level security context |
|
| redis.securityContext | object | See [values.yaml] | Redis pod-level security context |
|
||||||
| redis.service.annotations | object | `{}` | Redis service annotations |
|
| redis.service.annotations | object | `{}` | Redis service annotations |
|
||||||
| redis.service.labels | object | `{}` | Additional redis service labels |
|
| redis.service.labels | object | `{}` | Additional redis service labels |
|
||||||
|
|
@ -1475,6 +1506,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
|
||||||
| applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
|
| applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
|
||||||
| applicationSet.replicas | int | `1` | The number of ApplicationSet controller pods to run |
|
| applicationSet.replicas | int | `1` | The number of ApplicationSet controller pods to run |
|
||||||
| applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. |
|
| applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. |
|
||||||
|
| applicationSet.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the ApplicationSet controller |
|
||||||
| applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations |
|
| applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations |
|
||||||
| applicationSet.service.labels | object | `{}` | ApplicationSet service labels |
|
| applicationSet.service.labels | object | `{}` | ApplicationSet service labels |
|
||||||
| applicationSet.service.port | int | `7000` | ApplicationSet service port |
|
| applicationSet.service.port | int | `7000` | ApplicationSet service port |
|
||||||
|
|
@ -1517,6 +1549,12 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
|
||||||
| notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller |
|
| notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller |
|
||||||
| notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
|
| notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
|
||||||
| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod |
|
| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod |
|
||||||
|
| notifications.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for notifications controller Pods |
|
||||||
|
| notifications.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
|
||||||
|
| notifications.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
|
||||||
|
| notifications.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
|
||||||
|
| notifications.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
|
||||||
|
| notifications.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
|
||||||
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` |
|
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` |
|
||||||
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` |
|
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` |
|
||||||
| notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server |
|
| notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server |
|
||||||
|
|
@ -1545,7 +1583,14 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
|
||||||
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods |
|
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods |
|
||||||
| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods |
|
| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods |
|
||||||
| notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods |
|
| notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods |
|
||||||
|
| notifications.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for notifications controller Pods |
|
||||||
|
| notifications.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
|
||||||
|
| notifications.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
|
||||||
|
| notifications.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
|
||||||
|
| notifications.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
|
||||||
|
| notifications.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
|
||||||
| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller |
|
| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller |
|
||||||
|
| notifications.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the notifications controller |
|
||||||
| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret |
|
| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret |
|
||||||
| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret |
|
| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret |
|
||||||
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret |
|
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret |
|
||||||
|
|
|
||||||
|
|
@ -278,6 +278,31 @@ For full list of changes please check ArtifactHub [changelog].
|
||||||
|
|
||||||
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
|
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
|
||||||
|
|
||||||
|
### 7.0.0
|
||||||
|
|
||||||
|
We changed the type of `.Values.configs.clusterCredentials` from `list` to `object`.
|
||||||
|
If you used the value, please migrate like below.
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
# before
|
||||||
|
configs:
|
||||||
|
clusterCredentials:
|
||||||
|
- mycluster:
|
||||||
|
server: https://mycluster.example.com
|
||||||
|
labels: {}
|
||||||
|
annotations: {}
|
||||||
|
# ...
|
||||||
|
|
||||||
|
# after
|
||||||
|
configs:
|
||||||
|
clusterCredentials:
|
||||||
|
mycluster:
|
||||||
|
server: https://mycluster.example.com
|
||||||
|
labels: {}
|
||||||
|
annotations: {}
|
||||||
|
# ...
|
||||||
|
```
|
||||||
|
|
||||||
### 6.10.0
|
### 6.10.0
|
||||||
|
|
||||||
This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr.
|
This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr.
|
||||||
|
|
@ -290,7 +315,7 @@ Upstream steps in the [FAQ] are not enough, since we chose a different approach.
|
||||||
Steps to roteate the secret when using the helm chart (bold step is additional to upstream):
|
Steps to roteate the secret when using the helm chart (bold step is additional to upstream):
|
||||||
* Delete `argocd-redis` secret in the namespace where Argo CD is installed.
|
* Delete `argocd-redis` secret in the namespace where Argo CD is installed.
|
||||||
```bash
|
```bash
|
||||||
kubectl delete secret argocd-redis -n <argocd namesapce>
|
kubectl delete secret argocd-redis -n <argocd namespace>
|
||||||
```
|
```
|
||||||
* **Perform a helm upgrade**
|
* **Perform a helm upgrade**
|
||||||
```bash
|
```bash
|
||||||
|
|
|
||||||
|
|
@ -183,7 +183,7 @@ Argo Configuration Preset Values (Influenced by Values configuration)
|
||||||
{{- define "argo-cd.config.cm.presets" -}}
|
{{- define "argo-cd.config.cm.presets" -}}
|
||||||
{{- $presets := dict -}}
|
{{- $presets := dict -}}
|
||||||
{{- $_ := set $presets "url" (printf "https://%s" .Values.global.domain) -}}
|
{{- $_ := set $presets "url" (printf "https://%s" .Values.global.domain) -}}
|
||||||
{{- if index .Values.configs.cm "statusbadge.enabled" | eq true -}}
|
{{- if eq (toString (index .Values.configs.cm "statusbadge.enabled")) "true" -}}
|
||||||
{{- $_ := set $presets "statusbadge.url" (printf "https://%s/" .Values.global.domain) -}}
|
{{- $_ := set $presets "statusbadge.url" (printf "https://%s/" .Values.global.domain) -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if .Values.configs.styles -}}
|
{{- if .Values.configs.styles -}}
|
||||||
|
|
|
||||||
|
|
@ -36,6 +36,9 @@ spec:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
{{- with .Values.controller.runtimeClassName | default .Values.global.runtimeClassName }}
|
||||||
|
runtimeClassName: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
{{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|
|
||||||
|
|
@ -37,6 +37,9 @@ spec:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
{{- with .Values.controller.runtimeClassName | default .Values.global.runtimeClassName }}
|
||||||
|
runtimeClassName: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
{{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|
@ -207,10 +210,10 @@ spec:
|
||||||
name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
|
name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
|
||||||
{{- if .Values.externalRedis.host }}
|
{{- if .Values.externalRedis.host }}
|
||||||
key: redis-password
|
key: redis-password
|
||||||
|
optional: true
|
||||||
{{- else }}
|
{{- else }}
|
||||||
key: auth
|
key: auth
|
||||||
{{- end }}
|
{{- end }}
|
||||||
optional: true
|
|
||||||
- name: REDIS_SENTINEL_USERNAME
|
- name: REDIS_SENTINEL_USERNAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
|
|
|
||||||
|
|
@ -35,6 +35,8 @@ rules:
|
||||||
- appprojects
|
- appprojects
|
||||||
verbs:
|
verbs:
|
||||||
- get
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- ""
|
- ""
|
||||||
resources:
|
resources:
|
||||||
|
|
|
||||||
|
|
@ -36,6 +36,9 @@ spec:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
{{- with .Values.applicationSet.runtimeClassName | default .Values.global.runtimeClassName }}
|
||||||
|
runtimeClassName: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.applicationSet.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
{{- with .Values.applicationSet.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|
|
||||||
|
|
@ -34,6 +34,8 @@ rules:
|
||||||
- appprojects
|
- appprojects
|
||||||
verbs:
|
verbs:
|
||||||
- get
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- ""
|
- ""
|
||||||
resources:
|
resources:
|
||||||
|
|
|
||||||
|
|
@ -36,6 +36,9 @@ spec:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
{{- with .Values.notifications.runtimeClassName | default .Values.global.runtimeClassName }}
|
||||||
|
runtimeClassName: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.notifications.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
{{- with .Values.notifications.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|
@ -107,6 +110,26 @@ spec:
|
||||||
- name: metrics
|
- name: metrics
|
||||||
containerPort: {{ .Values.notifications.containerPorts.metrics }}
|
containerPort: {{ .Values.notifications.containerPorts.metrics }}
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
{{- if .Values.notifications.livenessProbe.enabled }}
|
||||||
|
livenessProbe:
|
||||||
|
tcpSocket:
|
||||||
|
port: metrics
|
||||||
|
initialDelaySeconds: {{ .Values.notifications.livenessProbe.initialDelaySeconds }}
|
||||||
|
periodSeconds: {{ .Values.notifications.livenessProbe.periodSeconds }}
|
||||||
|
timeoutSeconds: {{ .Values.notifications.livenessProbe.timeoutSeconds }}
|
||||||
|
successThreshold: {{ .Values.notifications.livenessProbe.successThreshold }}
|
||||||
|
failureThreshold: {{ .Values.notifications.livenessProbe.failureThreshold }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.notifications.readinessProbe.enabled }}
|
||||||
|
readinessProbe:
|
||||||
|
tcpSocket:
|
||||||
|
port: metrics
|
||||||
|
initialDelaySeconds: {{ .Values.notifications.readinessProbe.initialDelaySeconds }}
|
||||||
|
periodSeconds: {{ .Values.notifications.readinessProbe.periodSeconds }}
|
||||||
|
timeoutSeconds: {{ .Values.notifications.readinessProbe.timeoutSeconds }}
|
||||||
|
successThreshold: {{ .Values.notifications.readinessProbe.successThreshold }}
|
||||||
|
failureThreshold: {{ .Values.notifications.readinessProbe.failureThreshold }}
|
||||||
|
{{- end }}
|
||||||
resources:
|
resources:
|
||||||
{{- toYaml .Values.notifications.resources | nindent 12 }}
|
{{- toYaml .Values.notifications.resources | nindent 12 }}
|
||||||
{{- with .Values.notifications.containerSecurityContext }}
|
{{- with .Values.notifications.containerSecurityContext }}
|
||||||
|
|
|
||||||
|
|
@ -47,6 +47,9 @@ spec:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
{{- with .Values.repoServer.runtimeClassName | default .Values.global.runtimeClassName }}
|
||||||
|
runtimeClassName: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.repoServer.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
{{- with .Values.repoServer.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|
@ -182,9 +185,9 @@ spec:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
|
name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
|
||||||
optional: true
|
|
||||||
{{- if .Values.externalRedis.host }}
|
{{- if .Values.externalRedis.host }}
|
||||||
key: redis-password
|
key: redis-password
|
||||||
|
optional: true
|
||||||
{{- else }}
|
{{- else }}
|
||||||
key: auth
|
key: auth
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
@ -290,6 +293,12 @@ spec:
|
||||||
key: reposerver.revision.cache.lock.timeout
|
key: reposerver.revision.cache.lock.timeout
|
||||||
name: argocd-cmd-params-cm
|
name: argocd-cmd-params-cm
|
||||||
optional: true
|
optional: true
|
||||||
|
- name: ARGOCD_REPO_SERVER_INCLUDE_HIDDEN_DIRECTORIES
|
||||||
|
valueFrom:
|
||||||
|
configMapKeyRef:
|
||||||
|
key: reposerver.include.hidden.directories
|
||||||
|
name: argocd-cmd-params-cm
|
||||||
|
optional: true
|
||||||
{{- if .Values.repoServer.useEphemeralHelmWorkingDir }}
|
{{- if .Values.repoServer.useEphemeralHelmWorkingDir }}
|
||||||
- name: HELM_CACHE_HOME
|
- name: HELM_CACHE_HOME
|
||||||
value: /helm-working-dir
|
value: /helm-working-dir
|
||||||
|
|
|
||||||
|
|
@ -13,8 +13,8 @@ metadata:
|
||||||
labels:
|
labels:
|
||||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
|
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
secretTemplate:
|
|
||||||
{{- with .Values.server.certificate.secretTemplateAnnotations }}
|
{{- with .Values.server.certificate.secretTemplateAnnotations }}
|
||||||
|
secretTemplate:
|
||||||
annotations:
|
annotations:
|
||||||
{{- range $key, $value := . }}
|
{{- range $key, $value := . }}
|
||||||
{{ $key }}: {{ $value | quote }}
|
{{ $key }}: {{ $value | quote }}
|
||||||
|
|
|
||||||
|
|
@ -41,6 +41,9 @@ spec:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
{{- with .Values.server.runtimeClassName | default .Values.global.runtimeClassName }}
|
||||||
|
runtimeClassName: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.server.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
{{- with .Values.server.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|
@ -250,9 +253,9 @@ spec:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
|
name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }}
|
||||||
optional: true
|
|
||||||
{{- if .Values.externalRedis.host }}
|
{{- if .Values.externalRedis.host }}
|
||||||
key: redis-password
|
key: redis-password
|
||||||
|
optional: true
|
||||||
{{- else }}
|
{{- else }}
|
||||||
key: auth
|
key: auth
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
||||||
|
|
@ -39,20 +39,29 @@ spec:
|
||||||
name: Revision
|
name: Revision
|
||||||
priority: 10
|
priority: 10
|
||||||
type: string
|
type: string
|
||||||
|
- jsonPath: .spec.project
|
||||||
|
name: Project
|
||||||
|
priority: 10
|
||||||
|
type: string
|
||||||
name: v1alpha1
|
name: v1alpha1
|
||||||
schema:
|
schema:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: Application is a definition of Application resource.
|
description: Application is a definition of Application resource.
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: 'APIVersion defines the versioned schema of this representation
|
description: |-
|
||||||
of an object. Servers should convert recognized schemas to the latest
|
APIVersion defines the versioned schema of this representation of an object.
|
||||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
Servers should convert recognized schemas to the latest internal value, and
|
||||||
|
may reject unrecognized values.
|
||||||
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||||
type: string
|
type: string
|
||||||
kind:
|
kind:
|
||||||
description: 'Kind is a string value representing the REST resource this
|
description: |-
|
||||||
object represents. Servers may infer this from the endpoint the client
|
Kind is a string value representing the REST resource this object represents.
|
||||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
Servers may infer this from the endpoint the client submits requests to.
|
||||||
|
Cannot be updated.
|
||||||
|
In CamelCase.
|
||||||
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||||
type: string
|
type: string
|
||||||
metadata:
|
metadata:
|
||||||
type: object
|
type: object
|
||||||
|
|
@ -150,22 +159,21 @@ spec:
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
revision:
|
revision:
|
||||||
description: Revision is the revision (Git) or chart version (Helm)
|
description: |-
|
||||||
which to sync the application to If omitted, will use the revision
|
Revision is the revision (Git) or chart version (Helm) which to sync the application to
|
||||||
specified in app spec.
|
If omitted, will use the revision specified in app spec.
|
||||||
type: string
|
type: string
|
||||||
revisions:
|
revisions:
|
||||||
description: Revisions is the list of revision (Git) or chart
|
description: |-
|
||||||
version (Helm) which to sync each source in sources field for
|
Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to
|
||||||
the application to If omitted, will use the revision specified
|
If omitted, will use the revision specified in app spec.
|
||||||
in app spec.
|
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
source:
|
source:
|
||||||
description: Source overrides the source definition set in the
|
description: |-
|
||||||
application. This is typically set in a Rollback operation and
|
Source overrides the source definition set in the application.
|
||||||
is nil during a Sync operation
|
This is typically set in a Rollback operation and is nil during a Sync operation
|
||||||
properties:
|
properties:
|
||||||
chart:
|
chart:
|
||||||
description: Chart is a Helm chart name, and must be specified
|
description: Chart is a Helm chart name, and must be specified
|
||||||
|
|
@ -486,18 +494,18 @@ spec:
|
||||||
Helm) that contains the application manifests
|
Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of the source
|
description: |-
|
||||||
to sync the application to. In case of Git, this can be
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
commit, tag, or branch. If omitted, will equal to HEAD.
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
In case of Helm, this is a semver tag for the Chart's version.
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
type: object
|
type: object
|
||||||
sources:
|
sources:
|
||||||
description: Sources overrides the source definition set in the
|
description: |-
|
||||||
application. This is typically set in a Rollback operation and
|
Sources overrides the source definition set in the application.
|
||||||
is nil during a Sync operation
|
This is typically set in a Rollback operation and is nil during a Sync operation
|
||||||
items:
|
items:
|
||||||
description: ApplicationSource contains all required information
|
description: ApplicationSource contains all required information
|
||||||
about the source of an application
|
about the source of an application
|
||||||
|
|
@ -825,11 +833,10 @@ spec:
|
||||||
Helm) that contains the application manifests
|
Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of the
|
description: |-
|
||||||
source to sync the application to. In case of Git, this
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
can be commit, tag, or branch. If omitted, will equal
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
to HEAD. In case of Helm, this is a semver tag for the
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
Chart's version.
|
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
@ -848,10 +855,10 @@ spec:
|
||||||
the sync.
|
the sync.
|
||||||
properties:
|
properties:
|
||||||
force:
|
force:
|
||||||
description: Force indicates whether or not to supply
|
description: |-
|
||||||
the --force flag to `kubectl apply`. The --force flag
|
Force indicates whether or not to supply the --force flag to `kubectl apply`.
|
||||||
deletes and re-create the resource, when PATCH encounters
|
The --force flag deletes and re-create the resource, when PATCH encounters conflict and has
|
||||||
conflict and has retried for 5 times.
|
retried for 5 times.
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
hook:
|
hook:
|
||||||
|
|
@ -859,10 +866,10 @@ spec:
|
||||||
perform the sync. This is the default strategy
|
perform the sync. This is the default strategy
|
||||||
properties:
|
properties:
|
||||||
force:
|
force:
|
||||||
description: Force indicates whether or not to supply
|
description: |-
|
||||||
the --force flag to `kubectl apply`. The --force flag
|
Force indicates whether or not to supply the --force flag to `kubectl apply`.
|
||||||
deletes and re-create the resource, when PATCH encounters
|
The --force flag deletes and re-create the resource, when PATCH encounters conflict and has
|
||||||
conflict and has retried for 5 times.
|
retried for 5 times.
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
|
@ -883,9 +890,9 @@ spec:
|
||||||
not set.
|
not set.
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: Namespace specifies the target namespace for the
|
description: |-
|
||||||
application's resources. The namespace will only be set for
|
Namespace specifies the target namespace for the application's resources.
|
||||||
namespace-scoped resources that have not set a value for .metadata.namespace
|
The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace
|
||||||
type: string
|
type: string
|
||||||
server:
|
server:
|
||||||
description: Server specifies the URL of the target cluster's
|
description: Server specifies the URL of the target cluster's
|
||||||
|
|
@ -914,10 +921,9 @@ spec:
|
||||||
kind:
|
kind:
|
||||||
type: string
|
type: string
|
||||||
managedFieldsManagers:
|
managedFieldsManagers:
|
||||||
description: ManagedFieldsManagers is a list of trusted managers.
|
description: |-
|
||||||
Fields mutated by those managers will take precedence over
|
ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the
|
||||||
the desired state defined in the SCM and won't be displayed
|
desired state defined in the SCM and won't be displayed in diffs
|
||||||
in diffs
|
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
|
@ -944,18 +950,17 @@ spec:
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
project:
|
project:
|
||||||
description: Project is a reference to the project this application
|
description: |-
|
||||||
belongs to. The empty string means that application belongs to the
|
Project is a reference to the project this application belongs to.
|
||||||
'default' project.
|
The empty string means that application belongs to the 'default' project.
|
||||||
type: string
|
type: string
|
||||||
revisionHistoryLimit:
|
revisionHistoryLimit:
|
||||||
description: RevisionHistoryLimit limits the number of items kept
|
description: |-
|
||||||
in the application's revision history, which is used for informational
|
RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions.
|
||||||
purposes as well as for rollbacks to previous versions. This should
|
This should only be changed in exceptional circumstances.
|
||||||
only be changed in exceptional circumstances. Setting to zero will
|
Setting to zero will store no history. This will reduce storage used.
|
||||||
store no history. This will reduce storage used. Increasing will
|
Increasing will increase the space used to store the history, so we do not recommend increasing it.
|
||||||
increase the space used to store the history, so we do not recommend
|
Default is 10.
|
||||||
increasing it. Default is 10.
|
|
||||||
format: int64
|
format: int64
|
||||||
type: integer
|
type: integer
|
||||||
source:
|
source:
|
||||||
|
|
@ -1274,10 +1279,10 @@ spec:
|
||||||
that contains the application manifests
|
that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of the source
|
description: |-
|
||||||
to sync the application to. In case of Git, this can be commit,
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
tag, or branch. If omitted, will equal to HEAD. In case of Helm,
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
this is a semver tag for the Chart's version.
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
@ -1606,10 +1611,10 @@ spec:
|
||||||
that contains the application manifests
|
that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of the source
|
description: |-
|
||||||
to sync the application to. In case of Git, this can be commit,
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
tag, or branch. If omitted, will equal to HEAD. In case of
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
Helm, this is a semver tag for the Chart's version.
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
@ -2102,11 +2107,10 @@ spec:
|
||||||
Helm) that contains the application manifests
|
Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of the
|
description: |-
|
||||||
source to sync the application to. In case of Git, this
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
can be commit, tag, or branch. If omitted, will equal
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
to HEAD. In case of Helm, this is a semver tag for the
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
Chart's version.
|
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
@ -2448,11 +2452,10 @@ spec:
|
||||||
or Helm) that contains the application manifests
|
or Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of the
|
description: |-
|
||||||
source to sync the application to. In case of Git, this
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
can be commit, tag, or branch. If omitted, will equal
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
to HEAD. In case of Helm, this is a semver tag for the
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
Chart's version.
|
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
@ -2464,9 +2467,9 @@ spec:
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
observedAt:
|
observedAt:
|
||||||
description: 'ObservedAt indicates when the application state was
|
description: |-
|
||||||
updated without querying latest git state Deprecated: controller
|
ObservedAt indicates when the application state was updated without querying latest git state
|
||||||
no longer updates ObservedAt field'
|
Deprecated: controller no longer updates ObservedAt field
|
||||||
format: date-time
|
format: date-time
|
||||||
type: string
|
type: string
|
||||||
operationState:
|
operationState:
|
||||||
|
|
@ -2579,22 +2582,21 @@ spec:
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
revision:
|
revision:
|
||||||
description: Revision is the revision (Git) or chart version
|
description: |-
|
||||||
(Helm) which to sync the application to If omitted,
|
Revision is the revision (Git) or chart version (Helm) which to sync the application to
|
||||||
will use the revision specified in app spec.
|
If omitted, will use the revision specified in app spec.
|
||||||
type: string
|
type: string
|
||||||
revisions:
|
revisions:
|
||||||
description: Revisions is the list of revision (Git) or
|
description: |-
|
||||||
chart version (Helm) which to sync each source in sources
|
Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to
|
||||||
field for the application to If omitted, will use the
|
If omitted, will use the revision specified in app spec.
|
||||||
revision specified in app spec.
|
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
source:
|
source:
|
||||||
description: Source overrides the source definition set
|
description: |-
|
||||||
in the application. This is typically set in a Rollback
|
Source overrides the source definition set in the application.
|
||||||
operation and is nil during a Sync operation
|
This is typically set in a Rollback operation and is nil during a Sync operation
|
||||||
properties:
|
properties:
|
||||||
chart:
|
chart:
|
||||||
description: Chart is a Helm chart name, and must
|
description: Chart is a Helm chart name, and must
|
||||||
|
|
@ -2937,19 +2939,18 @@ spec:
|
||||||
(Git or Helm) that contains the application manifests
|
(Git or Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of
|
description: |-
|
||||||
the source to sync the application to. In case of
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
Git, this can be commit, tag, or branch. If omitted,
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
will equal to HEAD. In case of Helm, this is a semver
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
tag for the Chart's version.
|
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
type: object
|
type: object
|
||||||
sources:
|
sources:
|
||||||
description: Sources overrides the source definition set
|
description: |-
|
||||||
in the application. This is typically set in a Rollback
|
Sources overrides the source definition set in the application.
|
||||||
operation and is nil during a Sync operation
|
This is typically set in a Rollback operation and is nil during a Sync operation
|
||||||
items:
|
items:
|
||||||
description: ApplicationSource contains all required
|
description: ApplicationSource contains all required
|
||||||
information about the source of an application
|
information about the source of an application
|
||||||
|
|
@ -3300,11 +3301,10 @@ spec:
|
||||||
(Git or Helm) that contains the application manifests
|
(Git or Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision
|
description: |-
|
||||||
of the source to sync the application to. In case
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
of Git, this can be commit, tag, or branch. If
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
omitted, will equal to HEAD. In case of Helm,
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
this is a semver tag for the Chart's version.
|
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
@ -3325,11 +3325,10 @@ spec:
|
||||||
to perform the sync.
|
to perform the sync.
|
||||||
properties:
|
properties:
|
||||||
force:
|
force:
|
||||||
description: Force indicates whether or not to
|
description: |-
|
||||||
supply the --force flag to `kubectl apply`.
|
Force indicates whether or not to supply the --force flag to `kubectl apply`.
|
||||||
The --force flag deletes and re-create the resource,
|
The --force flag deletes and re-create the resource, when PATCH encounters conflict and has
|
||||||
when PATCH encounters conflict and has retried
|
retried for 5 times.
|
||||||
for 5 times.
|
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
hook:
|
hook:
|
||||||
|
|
@ -3337,11 +3336,10 @@ spec:
|
||||||
to perform the sync. This is the default strategy
|
to perform the sync. This is the default strategy
|
||||||
properties:
|
properties:
|
||||||
force:
|
force:
|
||||||
description: Force indicates whether or not to
|
description: |-
|
||||||
supply the --force flag to `kubectl apply`.
|
Force indicates whether or not to supply the --force flag to `kubectl apply`.
|
||||||
The --force flag deletes and re-create the resource,
|
The --force flag deletes and re-create the resource, when PATCH encounters conflict and has
|
||||||
when PATCH encounters conflict and has retried
|
retried for 5 times.
|
||||||
for 5 times.
|
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
|
@ -3385,9 +3383,9 @@ spec:
|
||||||
description: Group specifies the API group of the resource
|
description: Group specifies the API group of the resource
|
||||||
type: string
|
type: string
|
||||||
hookPhase:
|
hookPhase:
|
||||||
description: HookPhase contains the state of any operation
|
description: |-
|
||||||
associated with this resource OR hook This can also
|
HookPhase contains the state of any operation associated with this resource OR hook
|
||||||
contain values for non-hook resources.
|
This can also contain values for non-hook resources.
|
||||||
type: string
|
type: string
|
||||||
hookType:
|
hookType:
|
||||||
description: HookType specifies the type of the hook.
|
description: HookType specifies the type of the hook.
|
||||||
|
|
@ -3772,11 +3770,10 @@ spec:
|
||||||
or Helm) that contains the application manifests
|
or Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of the
|
description: |-
|
||||||
source to sync the application to. In case of Git, this
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
can be commit, tag, or branch. If omitted, will equal
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
to HEAD. In case of Helm, this is a semver tag for the
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
Chart's version.
|
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
@ -4127,11 +4124,10 @@ spec:
|
||||||
or Helm) that contains the application manifests
|
or Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of
|
description: |-
|
||||||
the source to sync the application to. In case of
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
Git, this can be commit, tag, or branch. If omitted,
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
will equal to HEAD. In case of Helm, this is a semver
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
tag for the Chart's version.
|
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
@ -4158,8 +4154,9 @@ spec:
|
||||||
description: Resources is a list of Kubernetes resources managed by
|
description: Resources is a list of Kubernetes resources managed by
|
||||||
this application
|
this application
|
||||||
items:
|
items:
|
||||||
description: 'ResourceStatus holds the current sync and health status
|
description: |-
|
||||||
of a resource TODO: describe members of this type'
|
ResourceStatus holds the current sync and health status of a resource
|
||||||
|
TODO: describe members of this type
|
||||||
properties:
|
properties:
|
||||||
group:
|
group:
|
||||||
type: string
|
type: string
|
||||||
|
|
@ -4242,10 +4239,9 @@ spec:
|
||||||
if Server is not set.
|
if Server is not set.
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: Namespace specifies the target namespace
|
description: |-
|
||||||
for the application's resources. The namespace will
|
Namespace specifies the target namespace for the application's resources.
|
||||||
only be set for namespace-scoped resources that have
|
The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace
|
||||||
not set a value for .metadata.namespace
|
|
||||||
type: string
|
type: string
|
||||||
server:
|
server:
|
||||||
description: Server specifies the URL of the target cluster's
|
description: Server specifies the URL of the target cluster's
|
||||||
|
|
@ -4274,10 +4270,9 @@ spec:
|
||||||
kind:
|
kind:
|
||||||
type: string
|
type: string
|
||||||
managedFieldsManagers:
|
managedFieldsManagers:
|
||||||
description: ManagedFieldsManagers is a list of trusted
|
description: |-
|
||||||
managers. Fields mutated by those managers will take
|
ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the
|
||||||
precedence over the desired state defined in the SCM
|
desired state defined in the SCM and won't be displayed in diffs
|
||||||
and won't be displayed in diffs
|
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
|
@ -4623,11 +4618,10 @@ spec:
|
||||||
or Helm) that contains the application manifests
|
or Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of the
|
description: |-
|
||||||
source to sync the application to. In case of Git, this
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
can be commit, tag, or branch. If omitted, will equal
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
to HEAD. In case of Helm, this is a semver tag for the
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
Chart's version.
|
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
@ -4978,11 +4972,10 @@ spec:
|
||||||
or Helm) that contains the application manifests
|
or Helm) that contains the application manifests
|
||||||
type: string
|
type: string
|
||||||
targetRevision:
|
targetRevision:
|
||||||
description: TargetRevision defines the revision of
|
description: |-
|
||||||
the source to sync the application to. In case of
|
TargetRevision defines the revision of the source to sync the application to.
|
||||||
Git, this can be commit, tag, or branch. If omitted,
|
In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
||||||
will equal to HEAD. In case of Helm, this is a semver
|
In case of Helm, this is a semver tag for the Chart's version.
|
||||||
tag for the Chart's version.
|
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- repoURL
|
- repoURL
|
||||||
|
|
|
||||||
|
|
@ -72,6 +72,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
name:
|
name:
|
||||||
type: string
|
type: string
|
||||||
requeueAfterSeconds:
|
requeueAfterSeconds:
|
||||||
|
|
@ -668,6 +669,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
template:
|
template:
|
||||||
properties:
|
properties:
|
||||||
metadata:
|
metadata:
|
||||||
|
|
@ -2430,6 +2432,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
name:
|
name:
|
||||||
type: string
|
type: string
|
||||||
requeueAfterSeconds:
|
requeueAfterSeconds:
|
||||||
|
|
@ -3026,6 +3029,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
template:
|
template:
|
||||||
properties:
|
properties:
|
||||||
metadata:
|
metadata:
|
||||||
|
|
@ -6891,6 +6895,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
template:
|
template:
|
||||||
|
|
@ -7487,6 +7492,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
name:
|
name:
|
||||||
type: string
|
type: string
|
||||||
requeueAfterSeconds:
|
requeueAfterSeconds:
|
||||||
|
|
@ -8083,6 +8089,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
template:
|
template:
|
||||||
properties:
|
properties:
|
||||||
metadata:
|
metadata:
|
||||||
|
|
@ -11948,6 +11955,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
mergeKeys:
|
mergeKeys:
|
||||||
|
|
@ -14648,6 +14656,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
goTemplate:
|
goTemplate:
|
||||||
|
|
@ -15306,11 +15315,16 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
step:
|
step:
|
||||||
type: string
|
type: string
|
||||||
|
targetRevisions:
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
required:
|
required:
|
||||||
- application
|
- application
|
||||||
- message
|
- message
|
||||||
- status
|
- status
|
||||||
- step
|
- step
|
||||||
|
- targetRevisions
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
conditions:
|
conditions:
|
||||||
|
|
@ -15334,6 +15348,37 @@ spec:
|
||||||
- type
|
- type
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
|
resources:
|
||||||
|
items:
|
||||||
|
properties:
|
||||||
|
group:
|
||||||
|
type: string
|
||||||
|
health:
|
||||||
|
properties:
|
||||||
|
message:
|
||||||
|
type: string
|
||||||
|
status:
|
||||||
|
type: string
|
||||||
|
type: object
|
||||||
|
hook:
|
||||||
|
type: boolean
|
||||||
|
kind:
|
||||||
|
type: string
|
||||||
|
name:
|
||||||
|
type: string
|
||||||
|
namespace:
|
||||||
|
type: string
|
||||||
|
requiresPruning:
|
||||||
|
type: boolean
|
||||||
|
status:
|
||||||
|
type: string
|
||||||
|
syncWave:
|
||||||
|
format: int64
|
||||||
|
type: integer
|
||||||
|
version:
|
||||||
|
type: string
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
- metadata
|
- metadata
|
||||||
|
|
|
||||||
|
|
@ -31,22 +31,28 @@ spec:
|
||||||
- name: v1alpha1
|
- name: v1alpha1
|
||||||
schema:
|
schema:
|
||||||
openAPIV3Schema:
|
openAPIV3Schema:
|
||||||
description: 'AppProject provides a logical grouping of applications, providing
|
description: |-
|
||||||
controls for: * where the apps may deploy to (cluster whitelist) * what
|
AppProject provides a logical grouping of applications, providing controls for:
|
||||||
may be deployed (repository whitelist, resource whitelist/blacklist) * who
|
* where the apps may deploy to (cluster whitelist)
|
||||||
can access these applications (roles, OIDC group claims bindings) * and
|
* what may be deployed (repository whitelist, resource whitelist/blacklist)
|
||||||
what they can do (RBAC policies) * automation access to these roles (JWT
|
* who can access these applications (roles, OIDC group claims bindings)
|
||||||
tokens)'
|
* and what they can do (RBAC policies)
|
||||||
|
* automation access to these roles (JWT tokens)
|
||||||
properties:
|
properties:
|
||||||
apiVersion:
|
apiVersion:
|
||||||
description: 'APIVersion defines the versioned schema of this representation
|
description: |-
|
||||||
of an object. Servers should convert recognized schemas to the latest
|
APIVersion defines the versioned schema of this representation of an object.
|
||||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
Servers should convert recognized schemas to the latest internal value, and
|
||||||
|
may reject unrecognized values.
|
||||||
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||||
type: string
|
type: string
|
||||||
kind:
|
kind:
|
||||||
description: 'Kind is a string value representing the REST resource this
|
description: |-
|
||||||
object represents. Servers may infer this from the endpoint the client
|
Kind is a string value representing the REST resource this object represents.
|
||||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
Servers may infer this from the endpoint the client submits requests to.
|
||||||
|
Cannot be updated.
|
||||||
|
In CamelCase.
|
||||||
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||||
type: string
|
type: string
|
||||||
metadata:
|
metadata:
|
||||||
type: object
|
type: object
|
||||||
|
|
@ -57,9 +63,9 @@ spec:
|
||||||
description: ClusterResourceBlacklist contains list of blacklisted
|
description: ClusterResourceBlacklist contains list of blacklisted
|
||||||
cluster level resources
|
cluster level resources
|
||||||
items:
|
items:
|
||||||
description: GroupKind specifies a Group and a Kind, but does not
|
description: |-
|
||||||
force a version. This is useful for identifying concepts during
|
GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying
|
||||||
lookup stages without having partially valid types
|
concepts during lookup stages without having partially valid types
|
||||||
properties:
|
properties:
|
||||||
group:
|
group:
|
||||||
type: string
|
type: string
|
||||||
|
|
@ -74,9 +80,9 @@ spec:
|
||||||
description: ClusterResourceWhitelist contains list of whitelisted
|
description: ClusterResourceWhitelist contains list of whitelisted
|
||||||
cluster level resources
|
cluster level resources
|
||||||
items:
|
items:
|
||||||
description: GroupKind specifies a Group and a Kind, but does not
|
description: |-
|
||||||
force a version. This is useful for identifying concepts during
|
GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying
|
||||||
lookup stages without having partially valid types
|
concepts during lookup stages without having partially valid types
|
||||||
properties:
|
properties:
|
||||||
group:
|
group:
|
||||||
type: string
|
type: string
|
||||||
|
|
@ -103,9 +109,9 @@ spec:
|
||||||
not set.
|
not set.
|
||||||
type: string
|
type: string
|
||||||
namespace:
|
namespace:
|
||||||
description: Namespace specifies the target namespace for the
|
description: |-
|
||||||
application's resources. The namespace will only be set for
|
Namespace specifies the target namespace for the application's resources.
|
||||||
namespace-scoped resources that have not set a value for .metadata.namespace
|
The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace
|
||||||
type: string
|
type: string
|
||||||
server:
|
server:
|
||||||
description: Server specifies the URL of the target cluster's
|
description: Server specifies the URL of the target cluster's
|
||||||
|
|
@ -118,9 +124,9 @@ spec:
|
||||||
description: NamespaceResourceBlacklist contains list of blacklisted
|
description: NamespaceResourceBlacklist contains list of blacklisted
|
||||||
namespace level resources
|
namespace level resources
|
||||||
items:
|
items:
|
||||||
description: GroupKind specifies a Group and a Kind, but does not
|
description: |-
|
||||||
force a version. This is useful for identifying concepts during
|
GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying
|
||||||
lookup stages without having partially valid types
|
concepts during lookup stages without having partially valid types
|
||||||
properties:
|
properties:
|
||||||
group:
|
group:
|
||||||
type: string
|
type: string
|
||||||
|
|
@ -135,9 +141,9 @@ spec:
|
||||||
description: NamespaceResourceWhitelist contains list of whitelisted
|
description: NamespaceResourceWhitelist contains list of whitelisted
|
||||||
namespace level resources
|
namespace level resources
|
||||||
items:
|
items:
|
||||||
description: GroupKind specifies a Group and a Kind, but does not
|
description: |-
|
||||||
force a version. This is useful for identifying concepts during
|
GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying
|
||||||
lookup stages without having partially valid types
|
concepts during lookup stages without having partially valid types
|
||||||
properties:
|
properties:
|
||||||
group:
|
group:
|
||||||
type: string
|
type: string
|
||||||
|
|
|
||||||
|
|
@ -43,6 +43,9 @@ spec:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
{{- with .Values.dex.runtimeClassName | default .Values.global.runtimeClassName }}
|
||||||
|
runtimeClassName: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.dex.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
{{- with .Values.dex.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,7 @@ metadata:
|
||||||
labels:
|
labels:
|
||||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }}
|
{{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
|
ttlSecondsAfterFinished: 60
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,9 @@ spec:
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
{{- with .Values.redis.runtimeClassName | default .Values.global.runtimeClassName }}
|
||||||
|
runtimeClassName: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.redis.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
{{- with .Values.redis.imagePullSecrets | default .Values.global.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|
|
||||||
|
|
@ -44,6 +44,9 @@ global:
|
||||||
## Used for ingresses, certificates, SSO, notifications, etc.
|
## Used for ingresses, certificates, SSO, notifications, etc.
|
||||||
domain: argocd.example.com
|
domain: argocd.example.com
|
||||||
|
|
||||||
|
# -- Runtime class name for all components
|
||||||
|
runtimeClassName: ""
|
||||||
|
|
||||||
# -- Common labels for the all resources
|
# -- Common labels for the all resources
|
||||||
additionalLabels: {}
|
additionalLabels: {}
|
||||||
# app: argo-cd
|
# app: argo-cd
|
||||||
|
|
@ -619,6 +622,10 @@ controller:
|
||||||
## like round-robin, then the shards will be well-balanced.
|
## like round-robin, then the shards will be well-balanced.
|
||||||
dynamicClusterDistribution: false
|
dynamicClusterDistribution: false
|
||||||
|
|
||||||
|
# -- Runtime class name for the application controller
|
||||||
|
# @default -- `""` (defaults to global.runtimeClassName)
|
||||||
|
runtimeClassName: ""
|
||||||
|
|
||||||
# -- Application controller heartbeat time
|
# -- Application controller heartbeat time
|
||||||
# Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution/#working-of-dynamic-distribution
|
# Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution/#working-of-dynamic-distribution
|
||||||
heartbeatTime: 10
|
heartbeatTime: 10
|
||||||
|
|
@ -919,6 +926,10 @@ dex:
|
||||||
# -- Additional command line arguments to pass to the Dex server
|
# -- Additional command line arguments to pass to the Dex server
|
||||||
extraArgs: []
|
extraArgs: []
|
||||||
|
|
||||||
|
# -- Runtime class name for Dex
|
||||||
|
# @default -- `""` (defaults to global.runtimeClassName)
|
||||||
|
runtimeClassName: ""
|
||||||
|
|
||||||
metrics:
|
metrics:
|
||||||
# -- Deploy metrics service
|
# -- Deploy metrics service
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
@ -1213,6 +1224,10 @@ redis:
|
||||||
# -- Redis name
|
# -- Redis name
|
||||||
name: redis
|
name: redis
|
||||||
|
|
||||||
|
# -- Runtime class name for redis
|
||||||
|
# @default -- `""` (defaults to global.runtimeClassName)
|
||||||
|
runtimeClassName: ""
|
||||||
|
|
||||||
## Redis Pod Disruption Budget
|
## Redis Pod Disruption Budget
|
||||||
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
|
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
|
||||||
pdb:
|
pdb:
|
||||||
|
|
@ -1701,6 +1716,10 @@ server:
|
||||||
# -- The number of server pods to run
|
# -- The number of server pods to run
|
||||||
replicas: 1
|
replicas: 1
|
||||||
|
|
||||||
|
# -- Runtime class name for the Argo CD server
|
||||||
|
# @default -- `""` (defaults to global.runtimeClassName)
|
||||||
|
runtimeClassName: ""
|
||||||
|
|
||||||
## Argo CD server Horizontal Pod Autoscaler
|
## Argo CD server Horizontal Pod Autoscaler
|
||||||
autoscaling:
|
autoscaling:
|
||||||
# -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server
|
# -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server
|
||||||
|
|
@ -2364,6 +2383,10 @@ repoServer:
|
||||||
# -- The number of repo server pods to run
|
# -- The number of repo server pods to run
|
||||||
replicas: 1
|
replicas: 1
|
||||||
|
|
||||||
|
# -- Runtime class name for the repo server
|
||||||
|
# @default -- `""` (defaults to global.runtimeClassName)
|
||||||
|
runtimeClassName: ""
|
||||||
|
|
||||||
## Repo server Horizontal Pod Autoscaler
|
## Repo server Horizontal Pod Autoscaler
|
||||||
autoscaling:
|
autoscaling:
|
||||||
# -- Enable Horizontal Pod Autoscaler ([HPA]) for the repo server
|
# -- Enable Horizontal Pod Autoscaler ([HPA]) for the repo server
|
||||||
|
|
@ -2752,6 +2775,10 @@ applicationSet:
|
||||||
# -- The number of ApplicationSet controller pods to run
|
# -- The number of ApplicationSet controller pods to run
|
||||||
replicas: 1
|
replicas: 1
|
||||||
|
|
||||||
|
# -- Runtime class name for the ApplicationSet controller
|
||||||
|
# @default -- `""` (defaults to global.runtimeClassName)
|
||||||
|
runtimeClassName: ""
|
||||||
|
|
||||||
## ApplicationSet controller Pod Disruption Budget
|
## ApplicationSet controller Pod Disruption Budget
|
||||||
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
|
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
|
||||||
pdb:
|
pdb:
|
||||||
|
|
@ -3119,6 +3146,10 @@ notifications:
|
||||||
# @default -- `""` (defaults to https://`global.domain`)
|
# @default -- `""` (defaults to https://`global.domain`)
|
||||||
argocdUrl: ""
|
argocdUrl: ""
|
||||||
|
|
||||||
|
# -- Runtime class name for the notifications controller
|
||||||
|
# @default -- `""` (defaults to global.runtimeClassName)
|
||||||
|
runtimeClassName: ""
|
||||||
|
|
||||||
## Notifications controller Pod Disruption Budget
|
## Notifications controller Pod Disruption Budget
|
||||||
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
|
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
|
||||||
pdb:
|
pdb:
|
||||||
|
|
@ -3307,6 +3338,36 @@ notifications:
|
||||||
drop:
|
drop:
|
||||||
- ALL
|
- ALL
|
||||||
|
|
||||||
|
## Probes for notifications controller Pods (optional)
|
||||||
|
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
|
||||||
|
readinessProbe:
|
||||||
|
# -- Enable Kubernetes liveness probe for notifications controller Pods
|
||||||
|
enabled: false
|
||||||
|
# -- Number of seconds after the container has started before [probe] is initiated
|
||||||
|
initialDelaySeconds: 10
|
||||||
|
# -- How often (in seconds) to perform the [probe]
|
||||||
|
periodSeconds: 10
|
||||||
|
# -- Number of seconds after which the [probe] times out
|
||||||
|
timeoutSeconds: 1
|
||||||
|
# -- Minimum consecutive successes for the [probe] to be considered successful after having failed
|
||||||
|
successThreshold: 1
|
||||||
|
# -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded
|
||||||
|
failureThreshold: 3
|
||||||
|
|
||||||
|
livenessProbe:
|
||||||
|
# -- Enable Kubernetes liveness probe for notifications controller Pods
|
||||||
|
enabled: false
|
||||||
|
# -- Number of seconds after the container has started before [probe] is initiated
|
||||||
|
initialDelaySeconds: 10
|
||||||
|
# -- How often (in seconds) to perform the [probe]
|
||||||
|
periodSeconds: 10
|
||||||
|
# -- Number of seconds after which the [probe] times out
|
||||||
|
timeoutSeconds: 1
|
||||||
|
# -- Minimum consecutive successes for the [probe] to be considered successful after having failed
|
||||||
|
successThreshold: 1
|
||||||
|
# -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded
|
||||||
|
failureThreshold: 3
|
||||||
|
|
||||||
# -- terminationGracePeriodSeconds for container lifecycle hook
|
# -- terminationGracePeriodSeconds for container lifecycle hook
|
||||||
terminationGracePeriodSeconds: 30
|
terminationGracePeriodSeconds: 30
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||||
appVersion: v1.9.2
|
appVersion: v1.9.2
|
||||||
description: A Helm chart for Argo Events, the event-driven workflow automation framework
|
description: A Helm chart for Argo Events, the event-driven workflow automation framework
|
||||||
name: argo-events
|
name: argo-events
|
||||||
version: 2.4.7
|
version: 2.4.8
|
||||||
home: https://github.com/argoproj/argo-helm
|
home: https://github.com/argoproj/argo-helm
|
||||||
icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4
|
icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4
|
||||||
keywords:
|
keywords:
|
||||||
|
|
@ -19,4 +19,4 @@ annotations:
|
||||||
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
||||||
artifacthub.io/changes: |
|
artifacthub.io/changes: |
|
||||||
- kind: fixed
|
- kind: fixed
|
||||||
description: Update Jetstream versions as following upstream
|
description: events-webhook Service using non-default port
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,7 @@ metadata:
|
||||||
{{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }}
|
{{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- port: 443
|
- port: {{ int .Values.webhook.port }}
|
||||||
targetPort: webhook
|
targetPort: webhook
|
||||||
selector:
|
selector:
|
||||||
{{- include "argo-events.selectorLabels" (dict "context" $ "name" $.Values.webhook.name) | nindent 4 }}
|
{{- include "argo-events.selectorLabels" (dict "context" $ "name" $.Values.webhook.name) | nindent 4 }}
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
appVersion: v1.7.1
|
appVersion: v1.7.2
|
||||||
description: A Helm chart for Argo Rollouts
|
description: A Helm chart for Argo Rollouts
|
||||||
name: argo-rollouts
|
name: argo-rollouts
|
||||||
version: 2.37.2
|
version: 2.37.7
|
||||||
home: https://github.com/argoproj/argo-helm
|
home: https://github.com/argoproj/argo-helm
|
||||||
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
|
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
|
||||||
keywords:
|
keywords:
|
||||||
|
|
@ -19,4 +19,4 @@ annotations:
|
||||||
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
||||||
artifacthub.io/changes: |
|
artifacthub.io/changes: |
|
||||||
- kind: added
|
- kind: added
|
||||||
description: Added traefik.io apiGroup to Role and ClusterRole
|
description: add description for manual secret creation
|
||||||
|
|
|
||||||
|
|
@ -57,9 +57,10 @@ For full list of changes please check ArtifactHub [changelog].
|
||||||
| keepCRDs | bool | `true` | Keep CRD's on helm uninstall |
|
| keepCRDs | bool | `true` | Keep CRD's on helm uninstall |
|
||||||
| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests |
|
| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests |
|
||||||
| nameOverride | string | `nil` | String to partially override "argo-rollouts.fullname" template |
|
| nameOverride | string | `nil` | String to partially override "argo-rollouts.fullname" template |
|
||||||
|
| notifications.configmap.create | bool | `true` | Whether to create notifications configmap |
|
||||||
| notifications.notifiers | object | `{}` | Configures notification services |
|
| notifications.notifiers | object | `{}` | Configures notification services |
|
||||||
| notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret |
|
| notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret |
|
||||||
| notifications.secret.create | bool | `false` | Whether to create notifications secret |
|
| notifications.secret.create | bool | `false` | Whether to create notifications secret. |
|
||||||
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret |
|
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret |
|
||||||
| notifications.subscriptions | list | `[]` | The subscriptions define the subscriptions to the triggers in a general way for all rollouts |
|
| notifications.subscriptions | list | `[]` | The subscriptions define the subscriptions to the triggers in a general way for all rollouts |
|
||||||
| notifications.templates | object | `{}` | Notification templates |
|
| notifications.templates | object | `{}` | Notification templates |
|
||||||
|
|
@ -181,6 +182,7 @@ For full list of changes please check ArtifactHub [changelog].
|
||||||
| dashboard.service.annotations | object | `{}` | Service annotations |
|
| dashboard.service.annotations | object | `{}` | Service annotations |
|
||||||
| dashboard.service.externalIPs | list | `[]` | Dashboard service external IPs |
|
| dashboard.service.externalIPs | list | `[]` | Dashboard service external IPs |
|
||||||
| dashboard.service.labels | object | `{}` | Service labels |
|
| dashboard.service.labels | object | `{}` | Service labels |
|
||||||
|
| dashboard.service.loadBalancerClass | string | `""` | The class of the load balancer implementation |
|
||||||
| dashboard.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field |
|
| dashboard.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field |
|
||||||
| dashboard.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from |
|
| dashboard.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from |
|
||||||
| dashboard.service.nodePort | int | `nil` | Service nodePort |
|
| dashboard.service.nodePort | int | `nil` | Service nodePort |
|
||||||
|
|
|
||||||
|
|
@ -109,3 +109,311 @@ Return the appropriate apiVersion for pod disruption budget
|
||||||
{{- print "policy/v1" -}}
|
{{- print "policy/v1" -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Return the rules for controller's Role and ClusterRole
|
||||||
|
*/}}
|
||||||
|
{{- define "argo-rollouts.controller.roleRules" -}}
|
||||||
|
- apiGroups:
|
||||||
|
- argoproj.io
|
||||||
|
resources:
|
||||||
|
- rollouts
|
||||||
|
- rollouts/status
|
||||||
|
- rollouts/finalizers
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
|
- apiGroups:
|
||||||
|
- argoproj.io
|
||||||
|
resources:
|
||||||
|
- analysisruns
|
||||||
|
- analysisruns/finalizers
|
||||||
|
- experiments
|
||||||
|
- experiments/finalizers
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
|
- delete
|
||||||
|
- apiGroups:
|
||||||
|
- argoproj.io
|
||||||
|
resources:
|
||||||
|
- analysistemplates
|
||||||
|
- clusteranalysistemplates
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
# replicaset access needed for managing ReplicaSets
|
||||||
|
- apiGroups:
|
||||||
|
- apps
|
||||||
|
resources:
|
||||||
|
- replicasets
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
|
- delete
|
||||||
|
# deployments and podtemplates read access needed for workload reference support
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
- apps
|
||||||
|
resources:
|
||||||
|
- deployments
|
||||||
|
- podtemplates
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- update
|
||||||
|
# services patch needed to update selector of canary/stable/active/preview services
|
||||||
|
# services create needed to create and delete services for experiments
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- services
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- patch
|
||||||
|
- create
|
||||||
|
- delete
|
||||||
|
# leases create/get/update needed for leader election
|
||||||
|
- apiGroups:
|
||||||
|
- coordination.k8s.io
|
||||||
|
resources:
|
||||||
|
- leases
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- get
|
||||||
|
- update
|
||||||
|
# secret read access to run analysis templates which reference secrets
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- secrets
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- configmaps
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
{{- if .Values.providerRBAC.providers.gatewayAPI }}
|
||||||
|
- create
|
||||||
|
- update
|
||||||
|
{{- end }}
|
||||||
|
# pod list/update needed for updating ephemeral data
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- pods
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- update
|
||||||
|
- watch
|
||||||
|
# pods eviction needed for restart
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- pods/eviction
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
# event write needed for emitting events
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- events
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
|
# ingress patch needed for managing ingress annotations, create needed for nginx canary
|
||||||
|
- apiGroups:
|
||||||
|
- networking.k8s.io
|
||||||
|
- extensions
|
||||||
|
resources:
|
||||||
|
- ingresses
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
|
# job access needed for analysis template job metrics
|
||||||
|
- apiGroups:
|
||||||
|
- batch
|
||||||
|
resources:
|
||||||
|
- jobs
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
|
- delete
|
||||||
|
{{- if .Values.providerRBAC.enabled }}
|
||||||
|
{{- if .Values.providerRBAC.providers.istio }}
|
||||||
|
# virtualservice/destinationrule access needed for using the Istio provider
|
||||||
|
- apiGroups:
|
||||||
|
- networking.istio.io
|
||||||
|
resources:
|
||||||
|
- virtualservices
|
||||||
|
- destinationrules
|
||||||
|
verbs:
|
||||||
|
- watch
|
||||||
|
- get
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
|
- list
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.providerRBAC.providers.smi }}
|
||||||
|
# trafficsplit access needed for using the SMI provider
|
||||||
|
- apiGroups:
|
||||||
|
- split.smi-spec.io
|
||||||
|
resources:
|
||||||
|
- trafficsplits
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- watch
|
||||||
|
- get
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.providerRBAC.providers.ambassador }}
|
||||||
|
# ambassador access needed for Ambassador provider
|
||||||
|
- apiGroups:
|
||||||
|
- getambassador.io
|
||||||
|
- x.getambassador.io
|
||||||
|
resources:
|
||||||
|
- mappings
|
||||||
|
- ambassadormappings
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- watch
|
||||||
|
- get
|
||||||
|
- update
|
||||||
|
- list
|
||||||
|
- delete
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.providerRBAC.providers.awsLoadBalancerController }}
|
||||||
|
# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- endpoints
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- apiGroups:
|
||||||
|
- elbv2.k8s.aws
|
||||||
|
resources:
|
||||||
|
- targetgroupbindings
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- get
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.providerRBAC.providers.awsAppMesh }}
|
||||||
|
# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider
|
||||||
|
- apiGroups:
|
||||||
|
- appmesh.k8s.aws
|
||||||
|
resources:
|
||||||
|
- virtualservices
|
||||||
|
verbs:
|
||||||
|
- watch
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider
|
||||||
|
- apiGroups:
|
||||||
|
- appmesh.k8s.aws
|
||||||
|
resources:
|
||||||
|
- virtualnodes
|
||||||
|
- virtualrouters
|
||||||
|
verbs:
|
||||||
|
- watch
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.providerRBAC.providers.traefik }}
|
||||||
|
# Traefik access needed when using the Traefik provider
|
||||||
|
- apiGroups:
|
||||||
|
- traefik.containo.us
|
||||||
|
- traefik.io
|
||||||
|
resources:
|
||||||
|
- traefikservices
|
||||||
|
verbs:
|
||||||
|
- watch
|
||||||
|
- get
|
||||||
|
- update
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.providerRBAC.providers.apisix }}
|
||||||
|
# Access needed when using the Apisix provider
|
||||||
|
- apiGroups:
|
||||||
|
- apisix.apache.org
|
||||||
|
resources:
|
||||||
|
- apisixroutes
|
||||||
|
verbs:
|
||||||
|
- watch
|
||||||
|
- get
|
||||||
|
- update
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.providerRBAC.providers.contour }}
|
||||||
|
# Access needed when using the Contour provider
|
||||||
|
- apiGroups:
|
||||||
|
- projectcontour.io
|
||||||
|
resources:
|
||||||
|
- httpproxies
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- update
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.providerRBAC.providers.glooPlatform }}
|
||||||
|
# Access needed when using the Gloo Platform provider
|
||||||
|
- apiGroups:
|
||||||
|
- networking.gloo.solo.io
|
||||||
|
resources:
|
||||||
|
- routetables
|
||||||
|
verbs:
|
||||||
|
- '*'
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.providerRBAC.providers.gatewayAPI }}
|
||||||
|
# Access needed when using the Gateway API provider
|
||||||
|
- apiGroups:
|
||||||
|
- gateway.networking.k8s.io
|
||||||
|
resources:
|
||||||
|
- httproutes
|
||||||
|
- tcproutes
|
||||||
|
- tlsroutes
|
||||||
|
- udproutes
|
||||||
|
- grpcroutes
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- update
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.providerRBAC.additionalRules }}
|
||||||
|
{{ toYaml . }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end -}}
|
||||||
|
|
|
||||||
|
|
@ -7,305 +7,5 @@ metadata:
|
||||||
app.kubernetes.io/component: {{ .Values.controller.component }}
|
app.kubernetes.io/component: {{ .Values.controller.component }}
|
||||||
{{- include "argo-rollouts.labels" . | nindent 4 }}
|
{{- include "argo-rollouts.labels" . | nindent 4 }}
|
||||||
rules:
|
rules:
|
||||||
- apiGroups:
|
{{- include "argo-rollouts.controller.roleRules" . | nindent 2 }}
|
||||||
- argoproj.io
|
|
||||||
resources:
|
|
||||||
- rollouts
|
|
||||||
- rollouts/status
|
|
||||||
- rollouts/finalizers
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- apiGroups:
|
|
||||||
- argoproj.io
|
|
||||||
resources:
|
|
||||||
- analysisruns
|
|
||||||
- analysisruns/finalizers
|
|
||||||
- experiments
|
|
||||||
- experiments/finalizers
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
- apiGroups:
|
|
||||||
- argoproj.io
|
|
||||||
resources:
|
|
||||||
- analysistemplates
|
|
||||||
- clusteranalysistemplates
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
# replicaset access needed for managing ReplicaSets
|
|
||||||
- apiGroups:
|
|
||||||
- apps
|
|
||||||
resources:
|
|
||||||
- replicasets
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
# deployments and podtemplates read access needed for workload reference support
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
- apps
|
|
||||||
resources:
|
|
||||||
- deployments
|
|
||||||
- podtemplates
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
# services patch needed to update selector of canary/stable/active/preview services
|
|
||||||
# services create needed to create and delete services for experiments
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- services
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- patch
|
|
||||||
- create
|
|
||||||
- delete
|
|
||||||
# leases create/get/update needed for leader election
|
|
||||||
- apiGroups:
|
|
||||||
- coordination.k8s.io
|
|
||||||
resources:
|
|
||||||
- leases
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
# secret read access to run analysis templates which reference secrets
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- secrets
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- configmaps
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
{{- if .Values.providerRBAC.providers.gatewayAPI }}
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
{{- end }}
|
|
||||||
# pod list/update needed for updating ephemeral data
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- pods
|
|
||||||
verbs:
|
|
||||||
- list
|
|
||||||
- update
|
|
||||||
- watch
|
|
||||||
# pods eviction needed for restart
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- pods/eviction
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
# event write needed for emitting events
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- events
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
# ingress patch needed for managing ingress annotations, create needed for nginx canary
|
|
||||||
- apiGroups:
|
|
||||||
- networking.k8s.io
|
|
||||||
- extensions
|
|
||||||
resources:
|
|
||||||
- ingresses
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
# job access needed for analysis template job metrics
|
|
||||||
- apiGroups:
|
|
||||||
- batch
|
|
||||||
resources:
|
|
||||||
- jobs
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
{{- if .Values.providerRBAC.enabled }}
|
|
||||||
{{- if .Values.providerRBAC.providers.istio }}
|
|
||||||
# virtualservice/destinationrule access needed for using the Istio provider
|
|
||||||
- apiGroups:
|
|
||||||
- networking.istio.io
|
|
||||||
resources:
|
|
||||||
- virtualservices
|
|
||||||
- destinationrules
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- list
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.smi }}
|
|
||||||
# trafficsplit access needed for using the SMI provider
|
|
||||||
- apiGroups:
|
|
||||||
- split.smi-spec.io
|
|
||||||
resources:
|
|
||||||
- trafficsplits
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.ambassador }}
|
|
||||||
# ambassador access needed for Ambassador provider
|
|
||||||
- apiGroups:
|
|
||||||
- getambassador.io
|
|
||||||
- x.getambassador.io
|
|
||||||
resources:
|
|
||||||
- mappings
|
|
||||||
- ambassadormappings
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
- list
|
|
||||||
- delete
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.awsLoadBalancerController }}
|
|
||||||
# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- endpoints
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- apiGroups:
|
|
||||||
- elbv2.k8s.aws
|
|
||||||
resources:
|
|
||||||
- targetgroupbindings
|
|
||||||
verbs:
|
|
||||||
- list
|
|
||||||
- get
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.awsAppMesh }}
|
|
||||||
# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider
|
|
||||||
- apiGroups:
|
|
||||||
- appmesh.k8s.aws
|
|
||||||
resources:
|
|
||||||
- virtualservices
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider
|
|
||||||
- apiGroups:
|
|
||||||
- appmesh.k8s.aws
|
|
||||||
resources:
|
|
||||||
- virtualnodes
|
|
||||||
- virtualrouters
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.traefik }}
|
|
||||||
# Traefik access needed when using the Traefik provider
|
|
||||||
- apiGroups:
|
|
||||||
- traefik.containo.us
|
|
||||||
- traefik.io
|
|
||||||
resources:
|
|
||||||
- traefikservices
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.apisix }}
|
|
||||||
# Access needed when using the Apisix provider
|
|
||||||
- apiGroups:
|
|
||||||
- apisix.apache.org
|
|
||||||
resources:
|
|
||||||
- apisixroutes
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.contour }}
|
|
||||||
# Access needed when using the Contour provider
|
|
||||||
- apiGroups:
|
|
||||||
- projectcontour.io
|
|
||||||
resources:
|
|
||||||
- httpproxies
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.glooPlatform }}
|
|
||||||
# Access needed when using the Gloo Platform provider
|
|
||||||
- apiGroups:
|
|
||||||
- networking.gloo.solo.io
|
|
||||||
resources:
|
|
||||||
- routetables
|
|
||||||
verbs:
|
|
||||||
- '*'
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.gatewayAPI }}
|
|
||||||
# Access needed when using the Gateway API provider
|
|
||||||
- apiGroups:
|
|
||||||
- gateway.networking.k8s.io
|
|
||||||
resources:
|
|
||||||
- httproutes
|
|
||||||
- tcproutes
|
|
||||||
- tlsroutes
|
|
||||||
- udproutes
|
|
||||||
- grpcroutes
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
{{- end }}
|
|
||||||
{{- with .Values.providerRBAC.additionalRules }}
|
|
||||||
{{ toYaml . }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
|
{{ if .Values.notifications.configmap.create }}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
metadata:
|
metadata:
|
||||||
|
|
@ -20,3 +21,4 @@ data:
|
||||||
subscriptions: |
|
subscriptions: |
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
@ -8,290 +8,5 @@ metadata:
|
||||||
app.kubernetes.io/component: {{ .Values.controller.component }}
|
app.kubernetes.io/component: {{ .Values.controller.component }}
|
||||||
{{- include "argo-rollouts.labels" . | nindent 4 }}
|
{{- include "argo-rollouts.labels" . | nindent 4 }}
|
||||||
rules:
|
rules:
|
||||||
- apiGroups:
|
{{- include "argo-rollouts.controller.roleRules" . | nindent 2 }}
|
||||||
- argoproj.io
|
|
||||||
resources:
|
|
||||||
- rollouts
|
|
||||||
- rollouts/status
|
|
||||||
- rollouts/finalizers
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- apiGroups:
|
|
||||||
- argoproj.io
|
|
||||||
resources:
|
|
||||||
- analysisruns
|
|
||||||
- analysisruns/finalizers
|
|
||||||
- experiments
|
|
||||||
- experiments/finalizers
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
- apiGroups:
|
|
||||||
- argoproj.io
|
|
||||||
resources:
|
|
||||||
- analysistemplates
|
|
||||||
- clusteranalysistemplates
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
# replicaset access needed for managing ReplicaSets
|
|
||||||
- apiGroups:
|
|
||||||
- apps
|
|
||||||
resources:
|
|
||||||
- replicasets
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
# deployments and podtemplates read access needed for workload reference support
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
- apps
|
|
||||||
resources:
|
|
||||||
- deployments
|
|
||||||
- podtemplates
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
# services patch needed to update selector of canary/stable/active/preview services
|
|
||||||
# services create needed to create and delete services for experiments
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- services
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- patch
|
|
||||||
- create
|
|
||||||
- delete
|
|
||||||
# leases create/get/update needed for leader election
|
|
||||||
- apiGroups:
|
|
||||||
- coordination.k8s.io
|
|
||||||
resources:
|
|
||||||
- leases
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
# secret read access to run analysis templates which reference secrets
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- secrets
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- configmaps
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
{{- if .Values.providerRBAC.providers.gatewayAPI }}
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
{{- end }}
|
|
||||||
# pod list/update needed for updating ephemeral data
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- pods
|
|
||||||
verbs:
|
|
||||||
- list
|
|
||||||
- update
|
|
||||||
- watch
|
|
||||||
# pods eviction needed for restart
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- pods/eviction
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
# event write needed for emitting events
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- events
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
# ingress patch needed for managing ingress annotations, create needed for nginx canary
|
|
||||||
- apiGroups:
|
|
||||||
- networking.k8s.io
|
|
||||||
- extensions
|
|
||||||
resources:
|
|
||||||
- ingresses
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
# job access needed for analysis template job metrics
|
|
||||||
- apiGroups:
|
|
||||||
- batch
|
|
||||||
resources:
|
|
||||||
- jobs
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
{{- if .Values.providerRBAC.enabled }}
|
|
||||||
{{- if .Values.providerRBAC.providers.istio }}
|
|
||||||
# virtualservice/destinationrule access needed for using the Istio provider
|
|
||||||
- apiGroups:
|
|
||||||
- networking.istio.io
|
|
||||||
resources:
|
|
||||||
- virtualservices
|
|
||||||
- destinationrules
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- list
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.smi }}
|
|
||||||
# trafficsplit access needed for using the SMI provider
|
|
||||||
- apiGroups:
|
|
||||||
- split.smi-spec.io
|
|
||||||
resources:
|
|
||||||
- trafficsplits
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.ambassador }}
|
|
||||||
# ambassador access needed for Ambassador provider
|
|
||||||
- apiGroups:
|
|
||||||
- getambassador.io
|
|
||||||
- x.getambassador.io
|
|
||||||
resources:
|
|
||||||
- mappings
|
|
||||||
- ambassadormappings
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
- list
|
|
||||||
- delete
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.awsLoadBalancerController }}
|
|
||||||
# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- endpoints
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- apiGroups:
|
|
||||||
- elbv2.k8s.aws
|
|
||||||
resources:
|
|
||||||
- targetgroupbindings
|
|
||||||
verbs:
|
|
||||||
- list
|
|
||||||
- get
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.awsAppMesh }}
|
|
||||||
# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider
|
|
||||||
- apiGroups:
|
|
||||||
- appmesh.k8s.aws
|
|
||||||
resources:
|
|
||||||
- virtualservices
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider
|
|
||||||
- apiGroups:
|
|
||||||
- appmesh.k8s.aws
|
|
||||||
resources:
|
|
||||||
- virtualnodes
|
|
||||||
- virtualrouters
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.traefik }}
|
|
||||||
# Traefik access needed when using the Traefik provider
|
|
||||||
- apiGroups:
|
|
||||||
- traefik.containo.us
|
|
||||||
- traefik.io
|
|
||||||
resources:
|
|
||||||
- traefikservices
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.apisix }}
|
|
||||||
# Access needed when using the Apisix provider
|
|
||||||
- apiGroups:
|
|
||||||
- apisix.apache.org
|
|
||||||
resources:
|
|
||||||
- apisixroutes
|
|
||||||
verbs:
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.glooPlatform }}
|
|
||||||
# Access needed when using the Gloo Platform provider
|
|
||||||
- apiGroups:
|
|
||||||
- networking.gloo.solo.io
|
|
||||||
resources:
|
|
||||||
- routetables
|
|
||||||
verbs:
|
|
||||||
- '*'
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.providerRBAC.providers.gatewayAPI }}
|
|
||||||
# Access needed when using the Gateway API provider
|
|
||||||
- apiGroups:
|
|
||||||
- gateway.networking.k8s.io
|
|
||||||
resources:
|
|
||||||
- httproutes
|
|
||||||
- tcproutes
|
|
||||||
- tlsroutes
|
|
||||||
- udproutes
|
|
||||||
- grpcroutes
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- update
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
||||||
|
|
@ -22,6 +22,9 @@ spec:
|
||||||
externalIPs: {{- toYaml . | nindent 4 }}
|
externalIPs: {{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if eq .Values.dashboard.service.type "LoadBalancer" }}
|
{{- if eq .Values.dashboard.service.type "LoadBalancer" }}
|
||||||
|
{{- with .Values.dashboard.service.loadBalancerClass }}
|
||||||
|
loadBalancerClass: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.dashboard.service.loadBalancerIP }}
|
{{- with .Values.dashboard.service.loadBalancerIP }}
|
||||||
loadBalancerIP: {{ . | quote }}
|
loadBalancerIP: {{ . | quote }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
||||||
|
|
@ -356,6 +356,8 @@ dashboard:
|
||||||
service:
|
service:
|
||||||
# -- Sets the type of the Service
|
# -- Sets the type of the Service
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
|
# -- The class of the load balancer implementation
|
||||||
|
loadBalancerClass: ""
|
||||||
# -- LoadBalancer will get created with the IP specified in this field
|
# -- LoadBalancer will get created with the IP specified in this field
|
||||||
loadBalancerIP: ""
|
loadBalancerIP: ""
|
||||||
# -- Source IP ranges to allow access to service from
|
# -- Source IP ranges to allow access to service from
|
||||||
|
|
@ -449,8 +451,13 @@ dashboard:
|
||||||
volumeMounts: []
|
volumeMounts: []
|
||||||
|
|
||||||
notifications:
|
notifications:
|
||||||
|
configmap:
|
||||||
|
# -- Whether to create notifications configmap
|
||||||
|
create: true
|
||||||
|
|
||||||
secret:
|
secret:
|
||||||
# -- Whether to create notifications secret
|
# -- Whether to create notifications secret.
|
||||||
|
## If you want to manually create secret, do not forget to add proper label to it: "app.kubernetes.io/component: {{ .Values.controller.component }}".
|
||||||
create: false
|
create: false
|
||||||
# -- Generic key:value pairs to be inserted into the notifications secret
|
# -- Generic key:value pairs to be inserted into the notifications secret
|
||||||
items: {}
|
items: {}
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
appVersion: v3.5.8
|
appVersion: v3.5.10
|
||||||
name: argo-workflows
|
name: argo-workflows
|
||||||
description: A Helm chart for Argo Workflows
|
description: A Helm chart for Argo Workflows
|
||||||
type: application
|
type: application
|
||||||
version: 0.41.11
|
version: 0.42.2
|
||||||
icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png
|
icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png
|
||||||
home: https://github.com/argoproj/argo-helm
|
home: https://github.com/argoproj/argo-helm
|
||||||
sources:
|
sources:
|
||||||
|
|
@ -16,5 +16,5 @@ annotations:
|
||||||
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
|
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
|
||||||
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
||||||
artifacthub.io/changes: |
|
artifacthub.io/changes: |
|
||||||
- kind: fixed
|
- kind: changed
|
||||||
description: Add `app:` label to components to match upstream
|
description: add honorLabels config for ServiceMonitor resource
|
||||||
|
|
|
||||||
|
|
@ -149,6 +149,7 @@ Fields to note:
|
||||||
| controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. |
|
| controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. |
|
||||||
| controller.clusterWorkflowTemplates.serviceAccounts | list | `[]` | Extra service accounts to be added to the ClusterRoleBinding |
|
| controller.clusterWorkflowTemplates.serviceAccounts | list | `[]` | Extra service accounts to be added to the ClusterRoleBinding |
|
||||||
| controller.columns | list | `[]` | Configure Argo Server to show custom [columns] |
|
| controller.columns | list | `[]` | Configure Argo Server to show custom [columns] |
|
||||||
|
| controller.configMap.annotations | object | `{}` | ConfigMap annotations |
|
||||||
| controller.configMap.create | bool | `true` | Create a ConfigMap for the controller |
|
| controller.configMap.create | bool | `true` | Create a ConfigMap for the controller |
|
||||||
| controller.configMap.name | string | `""` | ConfigMap name |
|
| controller.configMap.name | string | `""` | ConfigMap name |
|
||||||
| controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ |
|
| controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ |
|
||||||
|
|
@ -167,12 +168,14 @@ Fields to note:
|
||||||
| controller.kubeConfig | object | `{}` (See [values.yaml]) | Configure when workflow controller runs in a different k8s cluster with the workflow workloads, or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. |
|
| controller.kubeConfig | object | `{}` (See [values.yaml]) | Configure when workflow controller runs in a different k8s cluster with the workflow workloads, or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. |
|
||||||
| controller.links | list | `[]` | Configure Argo Server to show custom [links] |
|
| controller.links | list | `[]` | Configure Argo Server to show custom [links] |
|
||||||
| controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller |
|
| controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller |
|
||||||
|
| controller.loadBalancerClass | string | `""` | The class of the load balancer implementation |
|
||||||
| controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
|
| controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
|
||||||
| controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) |
|
| controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) |
|
||||||
| controller.logging.globallevel | string | `"0"` | Set the glog logging level |
|
| controller.logging.globallevel | string | `"0"` | Set the glog logging level |
|
||||||
| controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) |
|
| controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) |
|
||||||
| controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server |
|
| controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server |
|
||||||
| controller.metricsConfig.headlessService | bool | `false` | Flag to enable headless service |
|
| controller.metricsConfig.headlessService | bool | `false` | Flag to enable headless service |
|
||||||
|
| controller.metricsConfig.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. |
|
||||||
| controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. |
|
| controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. |
|
||||||
| controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion |
|
| controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion |
|
||||||
| controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory |
|
| controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory |
|
||||||
|
|
@ -301,6 +304,7 @@ Fields to note:
|
||||||
| server.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` |
|
| server.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` |
|
||||||
| server.ingress.paths | list | `["/"]` | List of ingress paths |
|
| server.ingress.paths | list | `["/"]` | List of ingress paths |
|
||||||
| server.ingress.tls | list | `[]` | Ingress TLS configuration |
|
| server.ingress.tls | list | `[]` | Ingress TLS configuration |
|
||||||
|
| server.loadBalancerClass | string | `""` | The class of the load balancer implementation |
|
||||||
| server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` |
|
| server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` |
|
||||||
| server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
|
| server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` |
|
||||||
| server.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) |
|
| server.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) |
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,10 @@ metadata:
|
||||||
namespace: {{ include "argo-workflows.namespace" . | quote }}
|
namespace: {{ include "argo-workflows.namespace" . | quote }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }}
|
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }}
|
||||||
|
{{- with .Values.controller.configMap.annotations }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
data:
|
data:
|
||||||
config: |
|
config: |
|
||||||
{{- if .Values.controller.instanceID.enabled }}
|
{{- if .Values.controller.instanceID.enabled }}
|
||||||
|
|
|
||||||
|
|
@ -35,8 +35,13 @@ spec:
|
||||||
{{- if and (eq .Values.controller.serviceType "ClusterIP") .Values.controller.metricsConfig.headlessService }}
|
{{- if and (eq .Values.controller.serviceType "ClusterIP") .Values.controller.metricsConfig.headlessService }}
|
||||||
clusterIP: None
|
clusterIP: None
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }}
|
{{- if eq .Values.controller.serviceType "LoadBalancer" }}
|
||||||
|
{{- with .Values.controller.loadBalancerClass }}
|
||||||
|
loadBalancerClass: {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.controller.loadBalancerSourceRanges }}
|
||||||
loadBalancerSourceRanges:
|
loadBalancerSourceRanges:
|
||||||
{{- toYaml .Values.controller.loadBalancerSourceRanges | nindent 4 }}
|
{{- toYaml .Values.controller.loadBalancerSourceRanges | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
|
||||||
|
|
@ -24,6 +24,7 @@ spec:
|
||||||
metricRelabelings:
|
metricRelabelings:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
honorLabels: {{ .Values.controller.metricsConfig.honorLabels }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.controller.telemetryConfig.enabled }}
|
{{- if .Values.controller.telemetryConfig.enabled }}
|
||||||
- port: telemetry
|
- port: telemetry
|
||||||
|
|
@ -37,6 +38,7 @@ spec:
|
||||||
metricRelabelings:
|
metricRelabelings:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
honorLabels: {{ .Values.controller.metricsConfig.honorLabels }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- with .Values.controller.metricsConfig.targetLabels }}
|
{{- with .Values.controller.metricsConfig.targetLabels }}
|
||||||
targetLabels:
|
targetLabels:
|
||||||
|
|
|
||||||
|
|
@ -17,7 +17,9 @@ roleRef:
|
||||||
subjects:
|
subjects:
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: {{ $.Values.workflow.serviceAccount.name }}
|
name: {{ $.Values.workflow.serviceAccount.name }}
|
||||||
namespace: {{ $namespace }}
|
{{- with $namespace }}
|
||||||
|
namespace: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- range $.Values.workflow.rbac.serviceAccounts }}
|
{{- range $.Values.workflow.rbac.serviceAccounts }}
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: {{ .name }}
|
name: {{ .name }}
|
||||||
|
|
|
||||||
|
|
@ -28,11 +28,16 @@ spec:
|
||||||
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }}
|
{{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }}
|
||||||
sessionAffinity: None
|
sessionAffinity: None
|
||||||
type: {{ .Values.server.serviceType }}
|
type: {{ .Values.server.serviceType }}
|
||||||
{{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerIP }}
|
{{- if eq .Values.server.serviceType "LoadBalancer" }}
|
||||||
loadBalancerIP: {{ .Values.server.loadBalancerIP | quote }}
|
{{- with .Values.controller.loadBalancerClass }}
|
||||||
|
loadBalancerClass: {{ . }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerSourceRanges }}
|
{{- with .Values.server.loadBalancerIP }}
|
||||||
|
loadBalancerIP: {{ . | quote }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.server.loadBalancerSourceRanges }}
|
||||||
loadBalancerSourceRanges:
|
loadBalancerSourceRanges:
|
||||||
{{- toYaml .Values.server.loadBalancerSourceRanges | nindent 4 }}
|
{{- toYaml .Values.server.loadBalancerSourceRanges | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
|
||||||
|
|
@ -106,6 +106,8 @@ controller:
|
||||||
create: true
|
create: true
|
||||||
# -- ConfigMap name
|
# -- ConfigMap name
|
||||||
name: ""
|
name: ""
|
||||||
|
# -- ConfigMap annotations
|
||||||
|
annotations: {}
|
||||||
|
|
||||||
# -- Limits the maximum number of incomplete workflows in a namespace
|
# -- Limits the maximum number of incomplete workflows in a namespace
|
||||||
namespaceParallelism:
|
namespaceParallelism:
|
||||||
|
|
@ -141,6 +143,9 @@ controller:
|
||||||
servicePortName: metrics
|
servicePortName: metrics
|
||||||
# -- Flag to enable headless service
|
# -- Flag to enable headless service
|
||||||
headlessService: false
|
headlessService: false
|
||||||
|
# -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels.
|
||||||
|
## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#honorlabels
|
||||||
|
honorLabels: false
|
||||||
# -- ServiceMonitor relabel configs to apply to samples before scraping
|
# -- ServiceMonitor relabel configs to apply to samples before scraping
|
||||||
## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
|
## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
|
||||||
relabelings: []
|
relabelings: []
|
||||||
|
|
@ -295,6 +300,8 @@ controller:
|
||||||
serviceAnnotations: {}
|
serviceAnnotations: {}
|
||||||
# -- Optional labels to add to the controller Service
|
# -- Optional labels to add to the controller Service
|
||||||
serviceLabels: {}
|
serviceLabels: {}
|
||||||
|
# -- The class of the load balancer implementation
|
||||||
|
loadBalancerClass: ""
|
||||||
# -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer`
|
# -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer`
|
||||||
loadBalancerSourceRanges: []
|
loadBalancerSourceRanges: []
|
||||||
|
|
||||||
|
|
@ -506,6 +513,8 @@ server:
|
||||||
serviceAnnotations: {}
|
serviceAnnotations: {}
|
||||||
# -- Optional labels to add to the UI Service
|
# -- Optional labels to add to the UI Service
|
||||||
serviceLabels: {}
|
serviceLabels: {}
|
||||||
|
# -- The class of the load balancer implementation
|
||||||
|
loadBalancerClass: ""
|
||||||
# -- Static IP address to assign to loadBalancer service type `LoadBalancer`
|
# -- Static IP address to assign to loadBalancer service type `LoadBalancer`
|
||||||
loadBalancerIP: ""
|
loadBalancerIP: ""
|
||||||
# -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer`
|
# -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer`
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||||
name: argocd-apps
|
name: argocd-apps
|
||||||
description: A Helm chart for managing additional Argo CD Applications and Projects
|
description: A Helm chart for managing additional Argo CD Applications and Projects
|
||||||
type: application
|
type: application
|
||||||
version: 2.0.0
|
version: 2.0.1
|
||||||
home: https://github.com/argoproj/argo-helm
|
home: https://github.com/argoproj/argo-helm
|
||||||
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
|
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
|
||||||
keywords:
|
keywords:
|
||||||
|
|
@ -17,5 +17,5 @@ annotations:
|
||||||
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
|
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
|
||||||
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
|
||||||
artifacthub.io/changes: |
|
artifacthub.io/changes: |
|
||||||
- kind: added
|
- kind: fixed
|
||||||
description: make the chart use maps instead of lists
|
description: not rendering empty app description
|
||||||
|
|
|
||||||
|
|
@ -25,7 +25,9 @@ spec:
|
||||||
{{- with $projectData.permitOnlyProjectScopedClusters }}
|
{{- with $projectData.permitOnlyProjectScopedClusters }}
|
||||||
permitOnlyProjectScopedClusters: {{ . }}
|
permitOnlyProjectScopedClusters: {{ . }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
description: {{ $projectData.description }}
|
{{- with $projectData.description }}
|
||||||
|
description: {{ . }}
|
||||||
|
{{- end }}
|
||||||
{{- with $projectData.sourceRepos }}
|
{{- with $projectData.sourceRepos }}
|
||||||
sourceRepos:
|
sourceRepos:
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue