ea28da27d1
* chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.14.0 * feat(argocd-image-updater): upgrade as following upstream Signed-off-by: yu-croco <yu.croco@gmail.com> * feat(argocd-image-updater): configure gitCommitSigningKey and gitCommitSignOff Signed-off-by: yu-croco <yu.croco@gmail.com> * fix(argocd-image-updater): add missing attribute Signed-off-by: yu-croco <yu.croco@gmail.com> --------- Signed-off-by: yu-croco <yu.croco@gmail.com> Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com> Co-authored-by: yu-croco <yu.croco@gmail.com>
271 lines
8.3 KiB
YAML
271 lines
8.3 KiB
YAML
# -- Replica count for the deployment. It is not advised to run more than one replica.
|
|
replicaCount: 1
|
|
image:
|
|
# -- Default image repository
|
|
repository: quay.io/argoprojlabs/argocd-image-updater
|
|
# -- Default image pull policy
|
|
pullPolicy: Always
|
|
# -- Overrides the image tag whose default is the chart appVersion
|
|
tag: ""
|
|
|
|
# -- The deployment strategy to use to replace existing pods with new ones
|
|
updateStrategy:
|
|
type: Recreate
|
|
# -- ImagePullSecrets for the image updater deployment
|
|
imagePullSecrets: []
|
|
# -- Global name (argocd-image-updater.name in _helpers.tpl) override
|
|
nameOverride: ""
|
|
# -- Global fullname (argocd-image-updater.fullname in _helpers.tpl) override
|
|
fullnameOverride: ""
|
|
# -- Global namespace (argocd-image-updater.namespace in _helpers.tpl) override
|
|
namespaceOverride: ""
|
|
|
|
# -- Extra arguments for argocd-image-updater not defined in `config.argocd`.
|
|
# If a flag contains both key and value, they need to be split to a new entry
|
|
extraArgs: []
|
|
# - --disable-kubernetes
|
|
# - --dry-run
|
|
# - --health-port
|
|
# - 8080
|
|
# - --interval
|
|
# - 2m
|
|
# - --kubeconfig
|
|
# - ~/.kube/config
|
|
# - --match-application-name
|
|
# - staging-*
|
|
# - --max-concurrency
|
|
# - 5
|
|
# - --once
|
|
# - --registries-conf-path
|
|
# - /app/config/registries.conf
|
|
|
|
# -- Extra environment variables for argocd-image-updater
|
|
extraEnv: []
|
|
# - name: AWS_REGION
|
|
# value: "us-west-1"
|
|
|
|
# -- Extra envFrom to pass to argocd-image-updater
|
|
extraEnvFrom: []
|
|
# - configMapRef:
|
|
# name: config-map-name
|
|
# - secretRef:
|
|
# name: secret-name
|
|
|
|
# -- Extra K8s manifests to deploy for argocd-image-updater
|
|
## Note: Supports use of custom Helm templates
|
|
extraObjects: []
|
|
# - apiVersion: secrets-store.csi.x-k8s.io/v1
|
|
# kind: SecretProviderClass
|
|
# metadata:
|
|
# name: argocd-image-updater-secrets-store
|
|
# spec:
|
|
# provider: aws
|
|
# parameters:
|
|
# objects: |
|
|
# - objectName: "argocd-image-updater"
|
|
# objectType: "secretsmanager"
|
|
# jmesPath:
|
|
# - path: "client_id"
|
|
# objectAlias: "client_id"
|
|
# - path: "client_secret"
|
|
# objectAlias: "client_secret"
|
|
# secretObjects:
|
|
# - data:
|
|
# - key: client_id
|
|
# objectName: client_id
|
|
# - key: client_secret
|
|
# objectName: client_secret
|
|
# secretName: argocd-image-updater-secrets-store
|
|
# type: Opaque
|
|
# labels:
|
|
# app.kubernetes.io/part-of: argocd
|
|
|
|
# -- Init containers to add to the image updater pod
|
|
initContainers: []
|
|
# - name: download-tools
|
|
# image: alpine:3.8
|
|
# command: [sh, -c]
|
|
# args:
|
|
# - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - &&
|
|
# mv linux-amd64/helm /custom-tools/
|
|
# volumeMounts:
|
|
# - mountPath: /custom-tools
|
|
# name: custom-tools
|
|
|
|
# -- Additional volumeMounts to the image updater main container
|
|
volumeMounts: []
|
|
|
|
# -- Additional volumes to the image updater pod
|
|
volumes: []
|
|
## Use init containers to configure custom tooling
|
|
## https://argo-cd.readthedocs.io/en/stable/operator-manual/custom_tools/
|
|
## When using the volumes & volumeMounts section bellow, please comment out those above.
|
|
# - name: custom-tools
|
|
# emptyDir: {}
|
|
|
|
config:
|
|
# -- API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`)
|
|
applicationsAPIKind: ""
|
|
|
|
# Described in detail here https://argocd-image-updater.readthedocs.io/en/stable/install/reference/#flags
|
|
# Note: this is only relevant if config.applicationsAPIKind == 'argocd'
|
|
argocd:
|
|
# -- Use the gRPC-web protocol to connect to the Argo CD API
|
|
grpcWeb: true
|
|
# -- Connect to the Argo CD API server at server address
|
|
serverAddress: ""
|
|
# -- If specified, the certificate of the Argo CD API server is not verified.
|
|
insecure: false
|
|
# -- If specified, use an unencrypted HTTP connection to the Argo CD API instead of TLS.
|
|
plaintext: false
|
|
# -- If specified, the secret with Argo CD API key will be created.
|
|
token: ""
|
|
|
|
# -- Disable kubernetes events
|
|
disableKubeEvents: false
|
|
|
|
# -- Username to use for Git commits
|
|
gitCommitUser: ""
|
|
|
|
# -- E-Mail address to use for Git commits
|
|
gitCommitMail: ""
|
|
|
|
# -- Changing the Git commit message
|
|
gitCommitTemplate: ""
|
|
|
|
# -- Path to public SSH key mounted in container, or GPG key ID used to sign commits
|
|
gitCommitSigningKey: ""
|
|
|
|
# -- Enables sign off on commits
|
|
gitCommitSignOff: false
|
|
|
|
# -- Method used to sign Git commits. `openpgp` or `ssh`
|
|
gitCommitSigningMethod: ""
|
|
|
|
# -- Argo CD Image Update log level
|
|
logLevel: "info"
|
|
|
|
# -- Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)
|
|
registries: []
|
|
# - name: Docker Hub
|
|
# api_url: https://registry-1.docker.io
|
|
# ping: yes
|
|
# credentials: secret:foo/bar#creds
|
|
# defaultns: library
|
|
# - name: Google Container Registry
|
|
# api_url: https://gcr.io
|
|
# prefix: gcr.io
|
|
# ping: no
|
|
# credentials: pullsecret:foo/bar
|
|
# - name: RedHat Quay
|
|
# api_url: https://quay.io
|
|
# ping: no
|
|
# prefix: quay.io
|
|
# credentials: env:REGISTRY_SECRET
|
|
# - name: ECR
|
|
# api_url: https://123456789.dkr.ecr.eu-west-1.amazonaws.com
|
|
# prefix: 123456789.dkr.ecr.eu-west-1.amazonaws.com
|
|
# ping: yes
|
|
# insecure: no
|
|
# credentials: ext:/scripts/auth1.sh
|
|
# credsexpire: 10h
|
|
|
|
# -- Argo CD Image Updater ssh client parameter configuration.
|
|
sshConfig:
|
|
{}
|
|
# config: |
|
|
# Host *
|
|
# PubkeyAcceptedAlgorithms +ssh-rsa
|
|
# HostkeyAlgorithms +ssh-rsa
|
|
|
|
# whether to mount authentication scripts, if enabled, the authentication scripts will be mounted on /scripts that can be used to authenticate with registries (ECR)
|
|
# refer to https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/#specifying-credentials-for-accessing-container-registries for more info
|
|
authScripts:
|
|
# -- Whether to mount the defined scripts that can be used to authenticate with a registry, the scripts will be mounted at `/scripts`
|
|
enabled: false
|
|
# -- Map of key-value pairs where the key consists of the name of the script and the value the contents
|
|
scripts: {}
|
|
# auth1.sh: |
|
|
# #!/bin/sh
|
|
# echo "auth script 1 here"
|
|
# auth2.sh: |
|
|
# #!/bin/sh
|
|
# echo "auth script 2 here"
|
|
|
|
serviceAccount:
|
|
# -- Specifies whether a service account should be created
|
|
create: true
|
|
# -- Annotations to add to the service account
|
|
annotations: {}
|
|
# -- Labels to add to the service account
|
|
labels: {}
|
|
# -- The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
|
|
# -- Pod Annotations for the deployment
|
|
podAnnotations: {}
|
|
|
|
# -- Pod Labels for the deployment
|
|
podLabels: {}
|
|
|
|
# -- Pod security context settings for the deployment
|
|
podSecurityContext: {}
|
|
# fsGroup: 2000
|
|
|
|
# -- Security context settings for the deployment
|
|
# @default -- See [values.yaml]
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
|
|
rbac:
|
|
# -- Enable RBAC creation
|
|
enabled: true
|
|
|
|
# -- Pod memory and cpu resource settings for the deployment
|
|
resources: {}
|
|
|
|
# -- Kubernetes nodeSelector settings for the deployment
|
|
nodeSelector: {}
|
|
|
|
# -- Kubernetes toleration settings for the deployment
|
|
tolerations: []
|
|
|
|
# -- Kubernetes affinity settings for the deployment
|
|
affinity: {}
|
|
|
|
# Metrics configuration
|
|
metrics:
|
|
# -- Deploy metrics service
|
|
enabled: false
|
|
service:
|
|
# -- Metrics service annotations
|
|
annotations: {}
|
|
# -- Metrics service labels
|
|
labels: {}
|
|
# -- Metrics service port
|
|
servicePort: 8081
|
|
serviceMonitor:
|
|
# -- Enable a prometheus ServiceMonitor
|
|
enabled: false
|
|
# -- Prometheus ServiceMonitor interval
|
|
interval: 30s
|
|
# -- Prometheus [RelabelConfigs] to apply to samples before scraping
|
|
relabelings: []
|
|
# -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion
|
|
metricRelabelings: []
|
|
# -- Prometheus ServiceMonitor selector
|
|
selector: {}
|
|
# promtheus: kube-prometheus
|
|
|
|
# -- Prometheus ServiceMonitor namespace
|
|
namespace: ""
|
|
# -- Prometheus ServiceMonitor labels
|
|
additionalLabels: {}
|